acheta
10-20-2005, 04:18 PM
Hello, I've got the following problem/question:
I have a weblog based on java. The weblog is completely public. So visitors can post comments and stories of their own. Every contributor can edit/delete his own stories/comments. The admins can edit and delete any story/comment. They can do this via a edit/delete-button.
What I would like to change is, that only admins or not even they can edit or delete stories or comments. (it's kind of a literary project.)
I deleted the edit/delete-button already, but you can still get to the edit/delete-pages by entering the according address into the browser's address bar.
for example: there's a story (no. 1) and five comments to this story (no.1-5).
If I want to edit the 4th comment of this story I'd simply enter:
http://www.blah.org/stories/1/comments/4/edit
to delete the 4th comment I'd enter:
http://www.blah.org/stories/1/comments/4/delete
to edit the first story:
http://www.blah.org/stories/1/edit
to delete the first story:
http://www.blah.org/stories/1/delete
Now I want to make sure, that people can't enter that into the address bar and get to the edit/delete page.
I thought, that maybe this was possible by using a java redirect, where everytime someone enters an above mentioned address with "delete" or "edit" in it is redirected to the main page, no matter what number the story or comment has.
Is that possible with a redirect? any other idea? and, ahem, any idea how the java script would have to look like?
Thanks in advance!
I have a weblog based on java. The weblog is completely public. So visitors can post comments and stories of their own. Every contributor can edit/delete his own stories/comments. The admins can edit and delete any story/comment. They can do this via a edit/delete-button.
What I would like to change is, that only admins or not even they can edit or delete stories or comments. (it's kind of a literary project.)
I deleted the edit/delete-button already, but you can still get to the edit/delete-pages by entering the according address into the browser's address bar.
for example: there's a story (no. 1) and five comments to this story (no.1-5).
If I want to edit the 4th comment of this story I'd simply enter:
http://www.blah.org/stories/1/comments/4/edit
to delete the 4th comment I'd enter:
http://www.blah.org/stories/1/comments/4/delete
to edit the first story:
http://www.blah.org/stories/1/edit
to delete the first story:
http://www.blah.org/stories/1/delete
Now I want to make sure, that people can't enter that into the address bar and get to the edit/delete page.
I thought, that maybe this was possible by using a java redirect, where everytime someone enters an above mentioned address with "delete" or "edit" in it is redirected to the main page, no matter what number the story or comment has.
Is that possible with a redirect? any other idea? and, ahem, any idea how the java script would have to look like?
Thanks in advance!