<?php

/*
Controller name: Posts Extra
Controller description: delete_post method by Dave van Hoorn • www.freshcode.nl
*/

class JSON_API_Postsextra_Controller {
	
	public function delete_post() {
		
		// Global json_api needs to be initialized
		global $json_api;
		
		// Check if the current user can edit_posts, if not, error
		if (!current_user_can('edit_posts')) {
			$json_api->error("You need to login with a user capable of creating posts to delete a post.");
		}
		
		// Only allow the removal of posts if a nonce (number used once) is included, for safety
		if (!$json_api->query->nonce) {
			$json_api->error("You must include a 'nonce' value to delete posts. Use the `get_nonce` Core API method.");
		}
		
		// Get a nonce for the deletion of a post
		$nonce_id = $json_api->get_nonce_id('postsextra', 'delete_post');
		
		// If the nonce isn't correct, say someone has to get one
		if (!wp_verify_nonce($json_api->query->nonce, $nonce_id)) {
			$json_api->error("Your 'nonce' value was incorrect. Use the 'get_nonce' API method.");
		}
		
		// Prevent caching?
		nocache_headers();
		
		// Get the ID from the URL Query
		$id = $json_api->query->id;
		
		// Get the post with the given ID to check if it still exists
		$postexists = get_post($id);
		
		// If the post exists, delete it
		if ($postexists){
			
			// Delete the post
			wp_delete_post( $id, true );
			
			// Let the user know the post has been deleted
			return array(
				"Message" => "Post with ID: $id has been deleted"
			);
		
		// Post with the Id was never found, did it actually exist? 
		} else {
			
			// Post wasn't found, so return a message
			return array(
				"Message" => "Post with ID: $id wasn't found, does it actually exist?"
			);
		}	
	}
	
}

?>