Location: PHPKode > projects > ACollab > drafting/revision_delete_comment.php
<?php
/****************************************************************************************/
/* ACollab                                                                              */
/****************************************************************************************/
/* Copyright (c) 2002-2005  Adaptive Technology Resource Centre / University of Toronto */
/*                                                                                      */
/* http://atutor.ca/acollab                                                             */
/*                                                                                      */
/* This program is free software. You may redistribute it and/or                        */
/* modify it under the terms of the GNU General Public License                          */
/* as published by the Free Software Foundation; either version 2 of the License,       */
/* or (at your option) any later version.                                               */
/*                                                                                      */
/* This program is distributed in the hope that it will be useful, but                  */
/* WITHOUT ANY WARRANTY; without even the implied warranty of                           */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                                 */
/* See the GNU General Public License for more details.                                 */
/*                                                                                      */
/* You may access the GNU General Public License at:                                    */
/* http://www.opensource.org/licenses/gpl-license.php                                   */
/*                                                                                      */
/* You may contact the Adaptive Technology Resource Centre at                           */
/* Robarts Library, University of Toronto                                               */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5                              */
/* Further contact information is available at http://www.utoronto.ca/atrc/             */
/****************************************************************************************/
/* Programmer:                                                                          */
/* Joel Kronenberg - ATRC                                                               */
/****************************************************************************************/
// $Id: revision_delete_comment.php 297 2005-01-17 19:15:02Z joel $

define('AC_INCLUDE_PATH', '../include/');

require(AC_INCLUDE_PATH.'vitals.inc.php');
authenticate(USER_CLIENT, USER_GROUP_ADMIN);

$id  = intval($_REQUEST['id']);
$fid  = intval($_REQUEST['fid']);
$ffid  = intval($_REQUEST['ffid']);
$r  = intval($_REQUEST['r']);

	$sql = "SELECT * FROM ".TABLE_PREFIX."revisions_comments WHERE comment_id=$id";
	$result = mysql_query($sql,$db);
	if (!($row = mysql_fetch_assoc($result))) {
		$_SECTION[0][0] = _AC('home');
		$_SECTION[0][1] = 'home.php';
		$_SECTION[1][0] = _AC('drafting_room');
		$_SECTION[1][1] = 'drafting/';
		$_SECTION[2][0] = _AC('delete_revision_comment');

		require(AC_INCLUDE_PATH.'header.inc.php');

		$errors[] = E_DRAFT_COMMENT_NOT_FOUND;
		print_errors($errors);
		require (AC_INCLUDE_PATH.'footer.inc.php');
		exit;
	} else if (($row['member_id'] != $_SESSION['member_id'])  && !authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK)){
			
		$_SECTION[0][0] = _AC('home');
		$_SECTION[0][1] = 'home.php';
		$_SECTION[1][0] = _AC('drafting_room');
		$_SECTION[1][1] = 'drafting/';
		$_SECTION[2][0] = _AC('delete_revision_comment');

		require(AC_INCLUDE_PATH.'header.inc.php');

		/* actually permission is denied, but for security we fake a "FNF" */
		$errors[] = E_DRAFT_COMMENT_NOT_FOUND;
		print_errors($errors);
		require (AC_INCLUDE_PATH.'footer.inc.php');
		exit;
	}

if (isset($_POST['cancel'])) {
	header('Location: comments.php?id='.$fid.SEP.'r='.$r.SEP.'fid='.$ffid);
	exit;
}

if (isset($_POST['submit'])) {
	$sql = "DELETE FROM ".TABLE_PREFIX."revisions_comments WHERE comment_id=$id AND revision_id=$fid";
	mysql_query($sql, $db);
	
	$sql = "UPDATE ".TABLE_PREFIX."files_revisions SET num_comments=num_comments-1 WHERE revision_id=$fid AND file_id=$ffid";
	mysql_query($sql, $db);

	header('Location: comments.php?id='.$fid.SEP.'r='.$r.SEP.'fid='.$ffid.'f='.F_COMMENT_DELETED);
	exit;
}

/* should really be replaced with a function :S */
$sql = "SELECT * FROM ".TABLE_PREFIX."files WHERE file_id=$ffid";
$result = mysql_query($sql,$db);
$row = mysql_fetch_assoc($result);

$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions'). ': '.$row['title'];
$_SECTION[2][1] = 'drafting/revisions.php?id='. $ffid;
$_SECTION[3][0] = _AC('comments'). ': '._AC('revision') .' #'.$r;
$_SECTION[3][1] = 'drafting/comments.php?id=' . $fid.SEP.'r='.$r.SEP.'fid='.$ffid;
$_SECTION[4][0] = _AC('delete_revision_comment');

require(AC_INCLUDE_PATH.'header.inc.php');


	$sql = "SELECT * FROM ".TABLE_PREFIX."revisions_comments WHERE comment_id=$id AND revision_id=$fid";
	$result = mysql_query($sql,$db);
	$row = mysql_fetch_assoc($result);

?>
<br />
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
	<input type="hidden" name="id" value="<?php echo $id; ?>">
	<input type="hidden" name="fid" value="<?php echo $fid; ?>">
	<input type="hidden" name="ffid" value="<?php echo $ffid; ?>">
	<input type="hidden" name="r" value="<?php echo $r; ?>">


	<table border="0" cellspacing="0" cellpadding="2" align="center" class="box2">
	<tr>
		<th colspan="4" class="box"><h3><?php echo _AC('delete_revision_comment'); ?></h3></th>
	</tr>
	<tr>
		<td class="row1 nobar">&nbsp;</td>
		<td class="row1 nobar" width="20%"><b><?php echo _AC('by'); ?>:</b></td>
		<td class="row1 nobar"><?php echo get_login($row['member_id']); ?></td>
		<td class="row1 nobar">&nbsp;</td>
	</tr>
	<tr>
		<td class="row1 nobar">&nbsp;</td>
		<td class="row1 nobar"><b><?php echo _AC('date'); ?>:</b></td>
		<td class="row1 nobar"><?php echo $row['date']; ?></td>
		<td class="row1 nobar">&nbsp;</td>
	</tr>
	<tr>
		<td class="row1">&nbsp;</td>
		<td class="row1" valign="top"><b><?php echo _AC('comment'); ?>:</b></td>
		<td class="row1"><?php echo nl2br($row['comment']); ?></td>
		<td class="row1">&nbsp;</td>
	</tr>
	<tr bgcolor="white">
		<td class="row1">&nbsp;</td>
		<td class="row1" align="right" colspan="2"><br /><input type="submit" name="submit" value="<?php echo _AC('delete'); ?>" class="submitY" onfocus="this.className='submitY highlight'" onblur="this.className='submitY'" /> &nbsp; <input type="submit" name="cancel" value="<?php echo _AC('cancel'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /><br /><br /></td>
		<td class="row1">&nbsp;</td>
	</tr>
	</table>
</form>

<br />
<?php
	require(AC_INCLUDE_PATH.'footer.inc.php');
?>
Return current item: ACollab