<?php
/****************************************************************************************/
/* ACollab */
/****************************************************************************************/
/* Copyright (c) 2002-2005 Adaptive Technology Resource Centre / University of Toronto */
/* */
/* http://atutor.ca/acollab */
/* */
/* This program is free software. You may redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation; either version 2 of the License, */
/* or (at your option) any later version. */
/* */
/* This program is distributed in the hope that it will be useful, but */
/* WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */
/* See the GNU General Public License for more details. */
/* */
/* You may access the GNU General Public License at: */
/* http://www.opensource.org/licenses/gpl-license.php */
/* */
/* You may contact the Adaptive Technology Resource Centre at */
/* Robarts Library, University of Toronto */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5 */
/* Further contact information is available at http://www.utoronto.ca/atrc/ */
/****************************************************************************************/
/* Programmer: */
/* Joel Kronenberg - ATRC */
/****************************************************************************************/
// $Id: revision_delete_file.php 297 2005-01-17 19:15:02Z joel $
define('AC_INCLUDE_PATH', '../include/');
require(AC_INCLUDE_PATH.'vitals.inc.php');
authenticate(USER_CLIENT, USER_GROUP_ADMIN);
if (isset($_POST['cancel'])) {
header('Location: revisions.php?id='.$_POST['fid']);
exit;
}
$id = intval($_REQUEST['id']);
$fid = intval($_REQUEST['fid']);
$sql = "SELECT * FROM ".TABLE_PREFIX."files WHERE file_id=$fid AND group_id=$_SESSION[group_id]";
$result = mysql_query($sql,$db);
if (!($row = mysql_fetch_assoc($result))) {
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions');
require(AC_INCLUDE_PATH.'header.inc.php');
$errors[] = E_FILE_NOT_FOUND;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
}
$title = $row['title'];
$locked = $row['locked'];
$folder = $row['folder_id'];
$sql = "SELECT * FROM ".TABLE_PREFIX."files_revisions WHERE revision_id=$id AND file_id=$fid";
$result = mysql_query($sql,$db);
if (!($row = mysql_fetch_assoc($result))) {
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions');
require(AC_INCLUDE_PATH.'header.inc.php');
$errors[] = E_FILE_NOT_FOUND;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
} else if ($folder == 0 && $row['member_id'] != $_SESSION['member_id'] && !authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK)) {
/* if file's in a private folder that is not yours and you're not grp admin */
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions');
require(AC_INCLUDE_PATH.'header.inc.php');
/* actually permission is denied, but for security we fake a "FNF" */
$errors[] = E_FILE_NOT_FOUND;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
} else if (!authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) && $locked) {
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions');
require(AC_INCLUDE_PATH.'header.inc.php');
$errors[] = E_FILE_LOCKED;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
}
if (isset($_POST['submit'])) {
/* update the current parent file id: */
$sql = "UPDATE ".TABLE_PREFIX."files SET num_revisions=num_revisions-1, library_revision_id=0 WHERE file_id=$fid AND group_id=$_SESSION[group_id]";
$result = mysql_query($sql, $db);
$sql = "DELETE FROM ".TABLE_PREFIX."files_revisions WHERE revision_id=$id AND file_id=$fid";
mysql_query($sql, $db);
$char = substr($id, 0, 1).'/';
@unlink(UPLOAD_DIR.$char.$id);
$sql = "DELETE FROM ".TABLE_PREFIX."files_comments WHERE revision_id=$id";
mysql_query($sql, $db);
header('Location: revisions.php?id='.$fid.SEP.'f='.F_FILE_DELETED);
exit;
}
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions'). ': '.$title;
$_SECTION[2][1] = 'drafting/revisions.php?id='.$fid;
$_SECTION[3][0] = _AC('delete_revision');
$_SECTION[3][1] = 'drafting/delete_file.php';
require(AC_INCLUDE_PATH.'header.inc.php');
?>
<br />
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<input type="hidden" name="id" value="<?php echo $id; ?>" />
<input type="hidden" name="fid" value="<?php echo $fid; ?>" />
<table border="0" cellspacing="0" cellpadding="2" align="center" class="box2">
<tr>
<th colspan="4" class="box"><h3><?php echo _AC('delete_revision'); ?></h3></th>
</tr>
<tr>
<td class="row1 nobar"> </td>
<td class="row1 nobar" width="20%"><b><?php echo _AC('by'); ?>:</b></td>
<td class="row1 nobar"><?php echo get_login($row['member_id']); ?></td>
<td class="row1 nobar"> </td>
</tr>
<tr>
<td class="row1 nobar"> </td>
<td class="row1 nobar"><b><?php echo _AC('date'); ?>:</b></td>
<td class="row1 nobar"><?php echo $row['initial_date']; ?></td>
<td class="row1 nobar"> </td>
</tr>
<tr>
<td class="row1 nobar"> </td>
<td class="row1 nobar"><b><?php echo _AC('file_name'); ?>:</b></td>
<td class="row1 nobar"><?php echo $row['file_name']; ?></td>
<td class="row1 nobar"> </td>
</tr>
<tr>
<td class="row1 nobar"> </td>
<td class="row1 nobar"><b><?php echo _AC('file_size'); ?>:</b></td>
<td class="row1 nobar"><?php echo $row['file_size']; ?> Bytes</td>
<td class="row1 nobar"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" valign="top"><b><?php echo _AC('description'); ?>:</b></td>
<td class="row1"><?php echo nl2br($row['description']); ?></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" colspan="2"><img src="images/clr.gif" height="1" width="1" alt="" /><br /><?php echo _AC('confirm_delete_revision'); ?><br /></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right" colspan="2"><br /><input type="submit" name="submit" value="<?php echo _AC('delete'); ?>" class="submitY" onfocus="this.className='submitY highlight'" onblur="this.className='submitY'" /> <input type="submit" name="cancel" value="<?php echo _AC('cancel'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /><br /><br /></td>
<td class="row1"> </td>
</tr>
</table>
</form>
<br />
<?php
require(AC_INCLUDE_PATH.'footer.inc.php');
?>