public ActionResult DeletePost(int id, int page, string confirmbutton)
{
using (ForumRespository db = new ForumRespository())
{
Forum_Post ToDelete = db.GetPostByID(id);
var model = new MasterViewModel();
model.AddNavigation(ToDelete.Forum_Thread);
model.AddNavigation("Delete Post");
if (ToDelete == null)
return NotFoundView("Post");
if (ToDelete.Forum_Thread.Forum_Posts[0] == ToDelete)
return RedirectToAction("ViewThread", new { id = ToDelete.ThreadID });
if (ToDelete.Forum_Thread.Locked)
return AuthenticationHelper.AccessDeniedView(model);
var Category = ToDelete.Forum_Thread.Forum_Category;
var Deleter = GetCurrentUser(db);
if (!db.CheckCategoryPermissions(Category, Deleter, P => (P.AllowDeleteOwnPost && ToDelete.PosterID == Deleter.UserID && ToDelete.PosterID != (int)BuildInUser.Guest) || P.AllowDeleteAllPosts))
return AuthenticationHelper.AccessDeniedView(model);
if (IsHttpPost)
{
if (!AntiForgeryTokenValid)
{
ModelState.AddModelError("AntiForgery", "The antiforgery token was invalid.");
}
else
{
int ThreadID = ToDelete.ThreadID;
db.DeletePost(ToDelete);
db.Save();
return RedirectToAction("ViewThread", new { id = ThreadID, page = page });
}
}
return View(model);
}
}
public ActionResult Settings()
{
var model = new MasterViewModel();
model.AddNavigation("User Panel");
if (!Request.IsAuthenticated)
return AuthenticationHelper.AccessDeniedView(model); // Regardless of permissions, requires an account by neccecity
return View(model);
}