function _heartbeat_comments_delete_access in Heartbeat 7
Same name and namespace in other branches
- 6.4 modules/heartbeat_comments/heartbeat_comments.module \_heartbeat_comments_delete_access()
Delete a heartbeat comment checking permissions.
Parameters
$hcid Integer Heartbeat comment ID:
1 string reference to '_heartbeat_comments_delete_access'
- heartbeat_comments_menu in modules/
heartbeat_comments/ heartbeat_comments.module - Implements hook_menu().
File
- modules/
heartbeat_comments/ heartbeat_comments.module, line 896 - Heartbeat comments for activity.
Code
function _heartbeat_comments_delete_access($hcid) {
if (arg(6) == 'node') {
if (user_access('administer comments') || user_access('delete any comment')) {
return TRUE;
}
else {
$result = db_query("SELECT uid FROM {comment} WHERE cid = :cid ", array(
':cid' => $hcid,
));
return $result
->fetchField('uid') == $GLOBALS['user']->uid && user_access('delete own comments');
}
}
else {
// users with the administer permission should always be allowed to access our deletion form
if (user_access('administer heartbeat comments')) {
return TRUE;
}
else {
$uid = db_select('heartbeat_comments', 'hc')
->fields('hc', array(
'uid',
))
->condition('hcid', $hcid)
->execute()
->fetchField();
return $uid == $GLOBALS['user']->uid;
}
}
}