* @author Anatoliy Belsky <*****@*****.**>
* @copyright 2010-2014 phpMyFAQ Team
* @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
* @link http://www.phpmyfaq.de
* @since 2010-12-20
*/
use Symfony\Component\HttpFoundation\Response;
if (!defined('IS_VALID_PHPMYFAQ')) {
$protocol = 'http';
if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') {
$protocol = 'https';
}
header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
exit;
}
$ajaxAction = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING);
$attId = PMF_Filter::filterInput(INPUT_GET, 'attId', FILTER_VALIDATE_INT);
$att = PMF_Attachment_Factory::create($attId);
$response = new Response();
if ($att) {
switch ($ajaxAction) {
case 'delete':
if ($att->delete()) {
$response->setContent($PMF_LANG['msgAttachmentsDeleted']);
} else {
$response->setContent($PMF_LANG['ad_att_delfail']);
}
break;
}
}
$response->send();
header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
exit;
}
set_time_limit(0);
if (headers_sent()) {
die;
}
$attachmentErrors = array();
// authenticate with session information
$user = PMF_User_CurrentUser::getFromSession($faqconfig->get('security.ipCheck'));
if (!$user instanceof PMF_User_CurrentUser) {
$user = new PMF_User_CurrentUser();
// user not logged in -> empty user object
}
$id = PMF_Filter::filterInput(INPUT_GET, 'id', FILTER_VALIDATE_INT);
$attachment = PMF_Attachment_Factory::create($id);
$userPermission = $faq->getPermission('user', $attachment->getRecordId());
$groupPermission = $faq->getPermission('group', $attachment->getRecordId());
// Check on group permissions
if ($user->perm instanceof PMF_Perm_PermMedium) {
if (count($groupPermission) && in_array($groupPermission[0], $user->perm->getUserGroups($user->getUserId()))) {
$groupPermission = true;
} else {
$groupPermission = false;
}
} else {
$groupPermission = true;
}
// Check in user's permissions
if (in_array($user->getUserId(), $userPermission)) {
$userPermission = true;
/**
* Quite simple migration from versions <2.6
*
* @return null
*/
protected function migrateFromOldFormatToFs()
{
$list = $this->getOldFileList(PMF_ATTACHMENTS_DIR);
foreach ($list as $recordId => $item) {
$recordLang = $item['lang'];
foreach ($item['files'] as $file) {
$att = PMF_Attachment_Factory::create();
$att->setRecordId($recordId);
$att->setRecordLang($recordLang);
if (!$att->save($file)) {
$this->error[] = "File {$file} couldn't be migrated";
}
}
$recordDir = PMF_ATTACHMENTS_DIR . "/{$recordId}";
if (!@rmdir(PMF_ATTACHMENTS_DIR . "/{$file}")) {
$this->warning[] = "Couldn't remove dir {$recordDir} after migration";
}
}
}
/**
* Deletes a record and all the dependencies
*
* @param integer $recordId Record id
* @param string $recordLang Record language
*
* @return boolean
*/
public function deleteRecord($recordId, $recordLang)
{
$queries = array(sprintf("DELETE FROM %sfaqchanges WHERE beitrag = %d AND lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqcategoryrelations WHERE record_id = %d AND record_lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata WHERE id = %d AND lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata_revisions WHERE id = %d AND lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqvisits WHERE id = %d AND lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata_user WHERE record_id = %d", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata_group WHERE record_id = %d", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata_tags WHERE record_id = %d", PMF_Db::getTablePrefix(), $recordId), sprintf('DELETE FROM %sfaqdata_tags WHERE %sfaqdata_tags.record_id NOT IN (SELECT %sfaqdata.id FROM %sfaqdata)', PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix()), sprintf("DELETE FROM %sfaqcomments WHERE id = %d", PMF_Db::getTablePrefix(), $recordId), sprintf("DELETE FROM %sfaqvoting WHERE artikel = %d", PMF_Db::getTablePrefix(), $recordId));
foreach ($queries as $query) {
$this->_config->getDb()->query($query);
}
// Delete possible attachments
$attId = PMF_Attachment_Factory::fetchByRecordId($this->_config, $recordId);
$attachment = PMF_Attachment_Factory::create($attId);
$attachment->delete();
return true;
}