Made adjustments according to comments on PR #90

src/Helpers/Utils.php

@@ -91,7 +91,9 @@ class Utils
 
     public function errorResponseIfNotOwner($currentStatus, &$response, $user, $asset_id, $message = 'You are not authorized to do this')
     {
-        if($user === false || $currentStatus) return true;
+        if($user === false || $currentStatus) {
+            return true;
+        }
 
         $query = $this->c->queries['asset']['get_one'];
         $query->bindValue(':id', (int) $asset_id, PDO::PARAM_INT);
@@ -107,6 +109,8 @@ class Utils
             $response = $response->withJson(['error' => $message], 403);
             return true;
         }
+
+        return false;
     }
 
     public function errorResponseIfMissingOrNotString($currentStatus, &$response, $object, $property)

src/routes/asset.php

@@ -257,7 +257,7 @@ $app->post('/asset/{id:[0-9]+}/delete', function ($request, $response, $args) {
 
     return $response->withJson([
         'changed' => true,
-        'url' => '/',
+        'url' => 'asset/',
     ], 200);
 });
 

templates/edit_asset.phtml

@@ -26,7 +26,7 @@
                 <div class="form-group">
                     <div class="col-md-4 col-md-push-9 align-right">
                         <form action="<?php echo raw($basepath) ?>/asset/<?php echo url($data['asset_id']) ?>/delete" method="POST">
-                            <input type="submit" id="delete" class="btn btn-danger" onclick="javascript:if(window.confirm('Do you really want to delete this asset?')){ return true; }else{ return false; }" value="Delete asset from library">
+                            <button type="submit" id="delete" class="btn btn-danger" onclick="javascript:if(window.confirm('Do you really want to delete this asset?')){ return true; }else{ return false; }">Delete asset from library</button>
                         </form>
                     </div>
                 </div>