From 8e8cbb0c5eaf75bdb64e4978bf549fd1252743e9 Mon Sep 17 00:00:00 2001
From: Alex Cabal <alex@alexcabal.com>
Date: Thu, 19 Dec 2024 14:40:38 -0600
Subject: [PATCH] Move delete form and more multi select fixes

---
 config/apache/rewrites/ebooks.conf |  2 +-
 lib/Ebook.php                      | 18 ++++++--
 lib/Project.php                    |  2 +-
 templates/EbookMetadata.php        | 16 +++----
 www/ebook-placeholders/delete.php  | 69 ++++++++++++++++++++++++++++++
 www/ebook-placeholders/edit.php    | 10 +++--
 www/ebooks/delete.php              | 35 +++++++++++++++
 www/ebooks/edit.php                |  2 +-
 www/ebooks/get.php                 |  4 +-
 www/ebooks/post.php                |  2 +-
 10 files changed, 136 insertions(+), 24 deletions(-)
 create mode 100644 www/ebook-placeholders/delete.php
 create mode 100644 www/ebooks/delete.php

diff --git a/config/apache/rewrites/ebooks.conf b/config/apache/rewrites/ebooks.conf
index 7b1632b1..a1b2280c 100644
--- a/config/apache/rewrites/ebooks.conf
+++ b/config/apache/rewrites/ebooks.conf
@@ -19,8 +19,8 @@ RewriteRule	^/collections/([^\./]+?)$		/collections/get.php?collection=$1 [QSA]
 RewriteRule	^/collections/([^/]+?)/downloads$	/bulk-downloads/get.php?collection=$1
 RewriteRule	^/collections/([^/]+?)/feeds$		/feeds/get.php?collection=$1
 
-# Edit rewrites
 RewriteRule	^/ebooks/(.+?)/edit$			/ebooks/edit.php?url-path=$1 [L]
+RewriteRule	^/ebooks/(.+?)/delete$			/ebooks/delete.php?url-path=$1 [L]
 
 RewriteCond	expr "tolower(%{REQUEST_METHOD}) =~ /^post$/"
 RewriteRule	^/ebooks/([^\.]+?)$			/ebooks/post.php?url-path=$1 [L]
diff --git a/lib/Ebook.php b/lib/Ebook.php
index 9579815f..424fb780 100644
--- a/lib/Ebook.php
+++ b/lib/Ebook.php
@@ -22,6 +22,7 @@ use function Safe\shell_exec;
  * @property ?array<string> $TocEntries A list of non-Roman ToC entries *only if* the work has the `se:is-a-collection` metadata element; `null` otherwise.
  * @property string $Url
  * @property string $EditUrl
+ * @property string $DeleteUrl
  * @property bool $HasDownloads
  * @property string $UrlSafeIdentifier
  * @property string $HeroImageUrl
@@ -105,6 +106,7 @@ final class Ebook{
 	protected ?array $_TocEntries = null;
 	protected string $_Url;
 	protected string $_EditUrl;
+	protected string $_DeleteUrl;
 	protected bool $_HasDownloads;
 	protected string $_UrlSafeIdentifier;
 	protected string $_HeroImageUrl;
@@ -158,13 +160,13 @@ final class Ebook{
 	 */
 	protected function GetProjects(): array{
 		if(!isset($this->_Projects)){
-			$this->_Projects = Db::Query('
+			$this->_Projects = Db::MultiTableSelect('
 							SELECT *
 							from Projects
 							inner join Ebooks
 							using(EbookId)
 							where EbookId = ?
-							order by Created desc
+							order by Projects.Created desc
 						', [$this->EbookId], Project::class);
 		}
 
@@ -177,7 +179,7 @@ final class Ebook{
 				$this->_ProjectInProgress = null;
 			}
 			else{
-				$this->_ProjectInProgress = Db::Query('
+				$this->_ProjectInProgress = Db::MultiTableSelect('
 								SELECT *
 								from Projects
 								inner join Ebooks
@@ -200,7 +202,7 @@ final class Ebook{
 				$this->_PastProjects = [];
 			}
 			else{
-				$this->_PastProjects = Db::Query('
+				$this->_PastProjects = Db::MultiTableSelect('
 								SELECT *
 								from Projects
 								inner join Ebooks
@@ -425,6 +427,14 @@ final class Ebook{
 		return $this->_EditUrl;
 	}
 
+	protected function GetDeleteUrl(): string{
+		if(!isset($this->_DeleteUrl)){
+			$this->_DeleteUrl = $this->Url . '/delete';
+		}
+
+		return $this->_DeleteUrl;
+	}
+
 	protected function GetHasDownloads(): bool{
 		if(!isset($this->_HasDownloads)){
 			$this->_HasDownloads = $this->EpubUrl || $this->AdvancedEpubUrl || $this->KepubUrl || $this->Azw3Url;
diff --git a/lib/Project.php b/lib/Project.php
index 839d5fd2..4bcc132f 100644
--- a/lib/Project.php
+++ b/lib/Project.php
@@ -677,7 +677,7 @@ final class Project{
 	public static function FromMultiTableRow(array $row): Project{
 		$object = Project::FromRow($row['Projects']);
 
-		if($row['Ebooks']->EbookId !== null){
+		if($row['Projects']->EbookId !== null){
 			$row['Ebooks']->EbookId = $object->EbookId;
 			$object->Ebook = Ebook::FromRow($row['Ebooks']);
 		}
diff --git a/templates/EbookMetadata.php b/templates/EbookMetadata.php
index b668c106..2d70a673 100644
--- a/templates/EbookMetadata.php
+++ b/templates/EbookMetadata.php
@@ -20,17 +20,11 @@ $showPlaceholderMetadata = $showPlaceholderMetadata ?? false;
 <? if($showPlaceholderMetadata && $ebook->IsPlaceholder() && $ebook->EbookPlaceholder !== null){ ?>
 	<section id="placeholder-metadata">
 		<h2>Placeholder metadata</h2>
-		<p><a href="<?= $ebook->EditUrl ?>">Edit placeholder</a></p>
-		<details>
-			<summary>Delete placeholder</summary>
-			<form method="<?= Enums\HttpMethod::Post->value ?>" action="<?= $ebook->Url ?>">
-				<input type="hidden" name="_method" value="<?= Enums\HttpMethod::Delete->value ?>" />
-				<p>Delete the <code>Ebook</code>, <code>EbookPlaceholder</code>, <code>Project</code>, and other related objects.</p>
-				<div class="footer">
-					<button class="delete">Delete</button>
-				</div>
-			</form>
-		</details>
+		<p>
+			<a href="<?= $ebook->EditUrl ?>">Edit placeholder</a>
+			•
+			<a href="<?= $ebook->DeleteUrl ?>">Delete placeholder</a>
+		</p>
 		<table class="admin-table">
 			<tbody>
 				<tr>
diff --git a/www/ebook-placeholders/delete.php b/www/ebook-placeholders/delete.php
new file mode 100644
index 00000000..b17b0ff6
--- /dev/null
+++ b/www/ebook-placeholders/delete.php
@@ -0,0 +1,69 @@
+<?
+use function Safe\session_unset;
+
+session_start();
+
+/** @var string $identifier Passed from script this is included from. */
+$ebook = HttpInput::SessionObject('ebook', Ebook::class);
+$exception = HttpInput::SessionObject('exception', Exceptions\AppException::class);
+
+try{
+	if($ebook === null){
+		$ebook = Ebook::GetByIdentifier($identifier);
+	}
+
+	if(!$ebook->IsPlaceholder() || $ebook->EbookPlaceholder === null){
+		throw new Exceptions\EbookNotFoundException();
+	}
+
+	if(Session::$User === null){
+		throw new Exceptions\LoginRequiredException();
+	}
+
+	if(!Session::$User->Benefits->CanEditEbookPlaceholders){
+		throw new Exceptions\InvalidPermissionsException();
+	}
+
+	if($exception){
+		http_response_code(Enums\HttpCode::UnprocessableContent->value);
+		session_unset();
+	}
+}
+catch(Exceptions\EbookNotFoundException){
+	Template::ExitWithCode(Enums\HttpCode::NotFound);
+}
+catch(Exceptions\LoginRequiredException){
+	Template::RedirectToLogin();
+}
+catch(Exceptions\InvalidPermissionsException){
+	Template::ExitWithCode(Enums\HttpCode::Forbidden);
+}
+?>
+<?= Template::Header(
+	[
+		'title' => 'Delete ' . $ebook->Title,
+		'css' => ['/css/ebook-placeholder.css'],
+		'highlight' => '',
+		'description' => 'Delete ' . $ebook->Title
+	]
+) ?>
+<main>
+	<section class="narrow">
+		<nav class="breadcrumbs">
+			<a href="<?= $ebook->AuthorsUrl ?>"><?= $ebook->AuthorsString ?></a> →
+			<a href="<?= $ebook->Url ?>"><?= Formatter::EscapeHtml($ebook->Title) ?></a> →
+		</nav>
+		<h1>Delete</h1>
+
+		<?= Template::Error(['exception' => $exception]) ?>
+
+		<form method="<?= Enums\HttpMethod::Post->value ?>" action="<?= $ebook->Url ?>">
+			<input type="hidden" name="_method" value="<?= Enums\HttpMethod::Delete->value ?>" />
+			<p>Are you sure you want to permanently delete <i><?= Formatter::EscapeHtml($ebook->Title) ?></i>?</p>
+			<div class="footer">
+				<button class="delete">Delete</button>
+			</div>
+		</form>
+	</section>
+</main>
+<?= Template::Footer() ?>
diff --git a/www/ebook-placeholders/edit.php b/www/ebook-placeholders/edit.php
index ba660f44..b5969404 100644
--- a/www/ebook-placeholders/edit.php
+++ b/www/ebook-placeholders/edit.php
@@ -41,15 +41,19 @@ catch(Exceptions\InvalidPermissionsException){
 ?>
 <?= Template::Header(
 	[
-		'title' => 'Edit Ebook Placeholder for ' . $ebook->Title,
+		'title' => 'Edit ' . $ebook->Title,
 		'css' => ['/css/ebook-placeholder.css'],
 		'highlight' => '',
-		'description' => 'Edit the ebook placeholder for ' . $ebook->Title
+		'description' => 'Edit ' . $ebook->Title
 	]
 ) ?>
 <main>
 	<section class="narrow">
-		<h1>Edit Ebook Placeholder</h1>
+		<nav class="breadcrumbs">
+			<a href="<?= $ebook->AuthorsUrl ?>"><?= $ebook->AuthorsString ?></a> →
+			<a href="<?= $ebook->Url ?>"><?= Formatter::EscapeHtml($ebook->Title) ?></a> →
+		</nav>
+		<h1>Edit</h1>
 
 		<?= Template::Error(['exception' => $exception]) ?>
 
diff --git a/www/ebooks/delete.php b/www/ebooks/delete.php
new file mode 100644
index 00000000..625af513
--- /dev/null
+++ b/www/ebooks/delete.php
@@ -0,0 +1,35 @@
+<?
+
+$ebook = null;
+
+try{
+	if(Session::$User === null){
+		throw new Exceptions\LoginRequiredException();
+	}
+
+	if(!Session::$User->Benefits->CanEditEbookPlaceholders){
+		throw new Exceptions\InvalidPermissionsException();
+	}
+
+	$identifier = EBOOKS_IDENTIFIER_PREFIX .  trim(str_replace('.', '', HttpInput::Str(GET, 'url-path') ?? ''), '/');
+
+	$ebook = Ebook::GetByIdentifier($identifier);
+
+	if($ebook->IsPlaceholder()){
+		require(WEB_ROOT . '/ebook-placeholders/delete.php');
+		exit();
+	}
+
+	// Deleting published `Ebooks` is not supported.
+	Template::ExitWithCode(Enums\HttpCode::NotFound);
+}
+catch(Exceptions\EbookNotFoundException){
+	Template::ExitWithCode(Enums\HttpCode::NotFound);
+}
+catch(Exceptions\LoginRequiredException){
+	Template::RedirectToLogin();
+}
+catch(Exceptions\InvalidPermissionsException){
+	Template::ExitWithCode(Enums\HttpCode::Forbidden);
+}
+
diff --git a/www/ebooks/edit.php b/www/ebooks/edit.php
index 72cfe67a..0194aa00 100644
--- a/www/ebooks/edit.php
+++ b/www/ebooks/edit.php
@@ -16,7 +16,7 @@ try{
 	$ebook = Ebook::GetByIdentifier($identifier);
 
 	if($ebook->IsPlaceholder()){
-		require('/standardebooks.org/web/www/ebook-placeholders/edit.php');
+		require(WEB_ROOT . '/ebook-placeholders/edit.php');
 		exit();
 	}
 
diff --git a/www/ebooks/get.php b/www/ebooks/get.php
index 875e1d3e..ab3351ef 100644
--- a/www/ebooks/get.php
+++ b/www/ebooks/get.php
@@ -20,7 +20,7 @@ try{
 	$ebook = Ebook::GetByIdentifier($identifier);
 
 	if($ebook->IsPlaceholder()){
-		require('/standardebooks.org/web/www/ebook-placeholders/get.php');
+		require(WEB_ROOT . '/ebook-placeholders/get.php');
 		exit();
 	}
 
@@ -71,7 +71,7 @@ catch(Exceptions\EbookNotFoundException){
 
 	// Are we accessing a placeholder for a Public Domain Day book that is not yet released?
 	if(array_key_exists($identifier, PD_DAY_EBOOKS)){
-		require('/standardebooks.org/web/www/ebooks/public-domain-day-placeholder.php');
+		require(WEB_ROOT . '/ebooks/public-domain-day-placeholder.php');
 		exit();
 	}
 
diff --git a/www/ebooks/post.php b/www/ebooks/post.php
index 0d6ee378..dad4ef96 100644
--- a/www/ebooks/post.php
+++ b/www/ebooks/post.php
@@ -16,7 +16,7 @@ try{
 	$ebook = Ebook::GetByIdentifier($identifier);
 
 	if($ebook->IsPlaceholder()){
-		require('/standardebooks.org/web/www/ebook-placeholders/post.php');
+		require(WEB_ROOT . '/ebook-placeholders/post.php');
 		exit();
 	}