function prune($forum_id, $prune_date, $prune_all = false) { global $db, $lang; $prune_all = $prune_all ? '' : 'AND t.topic_vote = 0 AND t.topic_type <> ' . POST_ANNOUNCE; // // Those without polls and announcements ... unless told otherwise! // $sql = "SELECT t.topic_id FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t\n\t\tWHERE t.forum_id = {$forum_id}\n\t\t\t{$prune_all}\n\t\t\tAND ( p.post_id = t.topic_last_post_id OR t.topic_last_post_id = 0 )"; if ($prune_date != '') { $sql .= " AND p.post_time < {$prune_date}"; } $result = $db->sql_query($sql); $sql_topics = ''; while ($row = $db->sql_fetchrow($result)) { $sql_topics .= ($sql_topics != '' ? ', ' : '') . $row['topic_id']; } $db->sql_freeresult($result); if ($sql_topics != '') { $sql = "SELECT post_id FROM " . POSTS_TABLE . "\n\t\t\tWHERE forum_id = {$forum_id} AND topic_id IN ({$sql_topics})"; $result = $db->sql_query($sql); $sql_post = ''; while ($row = $db->sql_fetchrow($result)) { $sql_post .= ($sql_post != '' ? ', ' : '') . $row['post_id']; } $db->sql_freeresult($result); if ($sql_post != '') { $db->sql_query("DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id IN ({$sql_topics})"); $db->sql_query("DELETE FROM " . TOPICS_TABLE . " WHERE topic_id IN ({$sql_topics})"); $pruned_topics = $db->sql_affectedrows(); $db->sql_query("DELETE FROM " . POSTS_TABLE . " WHERE post_id IN ({$sql_post})"); $pruned_posts = $db->sql_affectedrows(); $db->sql_query("DELETE FROM " . POSTS_TEXT_TABLE . " WHERE post_id IN ({$sql_post})"); remove_search_post($sql_post); // if (defined('BBAttach_mod')) { delete_attachment($sql_post); return array('topics' => $pruned_topics, 'posts' => $pruned_posts); } } return array('topics' => 0, 'posts' => 0); }
/** * For Private Messaging */ function privmsgs_attachment_mod($mode) { global $config, $template, $user, $lang, $db; global $confirm, $delete, $delete_all, $post_id, $privmsgs_id, $privmsg_id, $submit, $refresh, $mark_list, $folder; if ($folder != 'outbox') { $this->display_attach_box_limits(); } if (!intval($config['allow_pm_attach'])) { return; } if (!$refresh) { $add_attachment_box = !empty($_POST['add_attachment_box']) ? true : false; $posted_attachments_box = !empty($_POST['posted_attachments_box']) ? true : false; $refresh = $add_attachment_box || $posted_attachments_box; } $post_id = $privmsgs_id; $result = $this->handle_attachments($mode, PAGE_PRIVMSGS); if ($result === false) { return; } $mark_list = request_var('mark', array(0)); if (($this->pm_delete_attachments || $delete) && sizeof($mark_list)) { if (!$user->data['session_logged_in']) { $header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . append_sid(IP_ROOT_PATH . CMS_PAGE_LOGIN . '?redirect=privmsg.' . PHP_EXT . '&folder=inbox', true)); exit; } if (sizeof($mark_list)) { $delete_sql_id = ''; for ($i = 0; $i < sizeof($mark_list); $i++) { $delete_sql_id .= ($delete_sql_id != '' ? ', ' : '') . intval($mark_list[$i]); } if (($this->pm_delete_attachments || $confirm) && !$delete_all) { delete_attachment($delete_sql_id, 0, PAGE_PRIVMSGS); } } } if ($submit || $refresh || $mode != '') { $this->display_attachment_bodies(); } }
if ($confirm && sizeof($delete_id_list) > 0) { $attachments = array(); for ($i = 0; $i < sizeof($delete_id_list); $i++) { $sql = 'SELECT post_id, privmsgs_id FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . intval($delete_id_list[$i]) . ' AND (user_id_1 = ' . intval($profiledata['user_id']) . ' OR user_id_2 = ' . intval($profiledata['user_id']) . ')'; $result = $db->sql_query($sql); if ($result) { $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row['post_id'] != 0) { delete_attachment(0, intval($delete_id_list[$i])); } else { delete_attachment(0, intval($delete_id_list[$i]), PAGE_PRIVMSGS, intval($profiledata['user_id'])); } } } } else { if ($delete && sizeof($delete_id_list) > 0) { // Not confirmed, show confirmation message $hidden_fields = '<input type="hidden" name="view" value="' . $view . '" />'; $hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />'; $hidden_fields .= '<input type="hidden" name="order" value="' . $sort_order . '" />'; $hidden_fields .= '<input type="hidden" name="' . POST_USERS_URL . '" value="' . intval($profiledata['user_id']) . '" />'; $hidden_fields .= '<input type="hidden" name="start" value="' . $start . '" />'; $hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; for ($i = 0; $i < sizeof($delete_id_list); $i++) { $hidden_fields .= '<input type="hidden" name="delete_id_list[]" value="' . intval($delete_id_list[$i]) . '" />'; }
if ($_POST['action'] == 'edit_attachment') { edit_attachment($_POST['sample_id'], $_POST['attachment_id']); } if ($_POST['action'] == 'add_attachment') { add_attachment($_POST['sample_id']); } if ($_POST['action'] == 'save_attachment') { if (isset($_FILES)) { save_attachment($_POST, $_FILES); } list_attachment($_POST['sample_id']); } if ($_POST['action'] == 'insert_attachment') { if (isset($_FILES)) { insert_attachment($_POST, $_FILES); } update_cross_reference($_POST['sample_id']); list_attachment($_POST['sample_id']); } if ($_POST['action'] == 'delete_attachment') { if (isset($_FILES)) { delete_attachment($_POST['sample_id'], $_POST['attachment_id']); } update_cross_reference($_POST['sample_id']); list_attachment($_POST['sample_id']); } if ($_POST['action'] == 'print_attachment') { echo '<h2 style="page-break-before: always;"></h2>'; print_attachment($_POST['sample_id']); } }
if (!empty($sort_order)) { $select_sort_order = '<select name="order">'; if ($sort_order == 'ASC') { $select_sort_order .= '<option value="ASC" selected="selected">' . $lang['Sort_Ascending'] . '</option><option value="DESC">' . $lang['Sort_Descending'] . '</option>'; } else { $select_sort_order .= '<option value="ASC">' . $lang['Sort_Ascending'] . '</option><option value="DESC" selected="selected">' . $lang['Sort_Descending'] . '</option>'; } $select_sort_order .= '</select>'; } $submit_change = isset($_POST['submit_change']) ? TRUE : FALSE; $delete = isset($_POST['delete']) ? TRUE : FALSE; $delete_id_list = isset($_POST['delete_id_list']) ? $_POST['delete_id_list'] : array(); $confirm = isset($_POST['confirm']) ? TRUE : FALSE; if ($confirm && count($delete_id_list) > 0) { $attachments = array(); delete_attachment(-1, $delete_id_list); } else { if ($delete && count($delete_id_list) > 0) { // // Not confirmed, show confirmation message // $hidden_fields = '<input type="hidden" name="view" value="' . $view . '" />'; $hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />'; $hidden_fields .= '<input type="hidden" name="order" value="' . $sort_order . '" />'; $hidden_fields .= '<input type="hidden" name="u_id" value="' . $uid . '" />'; $hidden_fields .= '<input type="hidden" name="start" value="' . $start . '" />'; for ($i = 0; $i < count($delete_id_list); $i++) { $hidden_fields .= '<input type="hidden" name="delete_id_list[]" value="' . $delete_id_list[$i] . '" />'; } $template->assign_vars(array('MESSAGE_TITLE' => $lang['Confirm'], 'MESSAGE_TEXT' => $lang['Confirm_delete_attachments'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'S_CONFIRM_ACTION' => URL::admin('&do=attach_cp'), 'S_HIDDEN_FIELDS' => $hidden_fields)); $template->set_filenames(array('body' => 'confirm_body.html'));
/** * Handle Attachments (Add/Delete/Edit/Show) - This is the first function called from every message handler */ function posting_attachment_mod() { global $mode, $confirm, $is_auth, $post_id, $delete, $refresh, $HTTP_POST_VARS; if (!$refresh) { $add_attachment_box = !empty($HTTP_POST_VARS['add_attachment_box']) ? TRUE : FALSE; $posted_attachments_box = !empty($HTTP_POST_VARS['posted_attachments_box']) ? TRUE : FALSE; $refresh = $add_attachment_box || $posted_attachments_box; } // Choose what to display $result = $this->handle_attachments($mode); if ($result === false) { return; } if ($confirm && ($delete || $mode == 'delete' || $mode == 'editpost') && ($is_auth['auth_delete'] || $is_auth['auth_mod'])) { if ($post_id) { delete_attachment($post_id); } } $this->display_attachment_bodies(); }
/* For licensing terms, see /license.txt */ /** * @author Patrick Cool <*****@*****.**>, Ghent University * @author Julio Montoya <*****@*****.**> UI Improvements + lots of bugfixes * @copyright Ghent University * @package chamilo.forum */ require_once api_get_path(SYS_CODE_PATH) . 'forum/forumfunction.inc.php'; // Are we in a lp ? $origin = ''; if (isset($_GET['origin'])) { $origin = Security::remove_XSS($_GET['origin']); } //delete attachment file if (isset($_GET['action']) && $_GET['action'] == 'delete_attach' && isset($_GET['id_attach'])) { delete_attachment(0, $_GET['id_attach']); } $rows = get_posts($_GET['thread']); $rows = calculate_children($rows); $count = 0; $clean_forum_id = intval($_GET['forum']); $clean_thread_id = intval($_GET['thread']); $group_id = api_get_group_id(); $locked = api_resource_is_locked_by_gradebook($clean_thread_id, LINK_FORUM_THREAD); foreach ($rows as $post) { // The style depends on the status of the message: approved or not. if ($post['visible'] == '0') { $titleclass = 'forum_message_post_title_2_be_approved'; $messageclass = 'forum_message_post_text_2_be_approved'; $leftclass = 'forum_message_left_2_be_approved'; } else {
function attach_delete_post($id = 0) { global $db; $data = array(':id' => $id); $ps = $db->run('SELECT a.id FROM ' . $db->prefix . 'attachments AS a WHERE a.post_id=:id', $data); if ($ps->rowCount()) { $ps->setFetchMode(PDO::FETCH_COLUMN, 0); foreach ($ps as $attach_id) { if (!delete_attachment($attach_id)) { continue; } } } }
function del_info($id, $rs) { global $db, $_pre; $rsdb = $db->get_one("SELECT B.*,A.* FROM `{$_pre}content` A LEFT JOIN `{$_pre}content_{$rs['mid']}` B ON A.id=B.id WHERE A.id='{$id}'"); delete_attachment($rsdb[uid], tempdir($rsdb[picurl])); foreach ($rsdb as $value) { if (strlen($value) > 10) { delete_attachment($rsdb[uid], $value); //删除在线编辑器中上传的内容 } } $db->query("DELETE FROM `{$_pre}content` WHERE id='{$id}' "); $db->query("DELETE FROM `{$_pre}content_{$rs['mid']}` WHERE id='{$id}' "); $rsdb[comments] && $db->query("DELETE FROM `{$_pre}comments` WHERE id='{$id}' "); if ($rsdb[picnum] > 1) { $query = $db->query("SELECT * FROM `{$_pre}pic` WHERE id='{$id}'"); while ($rs = $db->fetch_array($query)) { delete_attachment($rs[uid], tempdir($rs[imgurl])); delete_attachment($rs[uid], tempdir("{$rs['imgurl']}.gif")); } } }
if ($step == 2) { if ($rsdb[picurl] && $rsdb[picurl] != $postdb[picurl]) { delete_attachment($lfjdb[uid], $rsdb[picurl]); } $db->query("UPDATE {$pre}special SET title='{$postdb['title']}',fid='{$postdb['fid']}',picurl='{$postdb['picurl']}',content='{$postdb['content']}',allowpost='{$postdb['allowpost']}',banner='{$postdb['banner']}' WHERE uid={$lfjuid} AND id='{$id}'"); refreshto("special.php?job=listsp", "修改成功", 1); } $group_post = group_box("postdb[allowpost]", explode(",", $rsdb[allowpost])); $sort_fid = $Guidedb->Select("{$pre}spsort", "postdb[fid]", $rsdb[fid], ""); $MSG = '修改专题'; require dirname(__FILE__) . "/" . "head.php"; require dirname(__FILE__) . "/" . "template/special/editsp.htm"; require dirname(__FILE__) . "/" . "foot.php"; } elseif ($job == 'delsp') { $rsdb = $db->get_one("SELECT * FROM {$pre}special WHERE uid='{$lfjuid}' AND id='{$id}'"); delete_attachment($lfjdb[uid], $rsdb[picurl]); $db->query("DELETE FROM {$pre}special WHERE uid={$lfjuid} AND id='{$id}'"); refreshto("special.php?job=listsp", "删除成功", 1); } elseif ($job == 'addsp') { if ($step == 2) { $yz = $groupdb[PassContributeSP] || $web_admin ? 1 : 0; $db->query("INSERT INTO `{$pre}special` ( `fid` , `title` , `style` , `template` , `picurl` , `content` ,`uid` , `username` , `posttime` , `list`, `allowpost`, `yz`, `banner` ) VALUES ('{$postdb['fid']}','{$postdb['title']}','{$style}','','{$postdb['picurl']}','{$postdb['content']}','{$lfjuid}','{$lfjid}','{$timestamp}','{$timestamp}','{$postdb['allowpost']}','{$yz}','{$postdb['banner']}')"); refreshto("special.php?job=listsp", "创建专题成功", 1); } $group_post = group_box("postdb[allowpost]", explode(",", $rsdb[allowpost])); $MSG = '创建专题'; $sort_fid = $Guidedb->Select("{$pre}spsort", "postdb[fid]", $rsdb[fid], ""); require dirname(__FILE__) . "/" . "head.php"; require dirname(__FILE__) . "/" . "template/special/editsp.htm"; require dirname(__FILE__) . "/" . "foot.php"; } elseif ($job == "edit_atc") {
EOT; if ($postfile) { //其中..与/开头都是不允许的 if (!ereg("^[0-9a-z_/]+\$", $dir) || ereg("^/", $dir)) { $dir = "other"; } $array[name] = is_array($postfile) ? $_FILES[postfile][name] : $postfile_name; $array[path] = $webdb[updir] . "/" . $dir; $array[size] = is_array($postfile) ? $_FILES[postfile][size] : $postfile_size; $array[updateTable] = 1; //统计用户上传的文件占用空间大小 $filename = upfile(is_array($postfile) ? $_FILES[postfile][tmp_name] : $postfile, $array); //删除用户反复上传的图片 if ($ISone) { delete_attachment($lfjuid, tempdir("{$oldfile}")); } $newfile = "{$dir}/{$filename}"; echo "上传成功,<A HREF='?fn={$fn}&dir={$dir}&label={$_GET['label']}&ISone={$_GET['ISone']}&oldfile={$newfile}&showDomain={$showDomain}'>你可以继续或重新上传</A>"; $fn || ($fn = "upfile"); $weburl = tempdir($newfile); echo "<script>\n\t\t\t\tif(self==top){\n\t\t\t\t\twindow.opener.{$fn}('{$newfile}','{$array['name']}','{$array['size']}','{$_GET['label']}','{$weburl}');\n\t\t\t\t\twindow.self.close();\n\t\t\t\t}else{\n\t\t\t\t\twindow.parent.{$fn}('{$newfile}','{$array['name']}','{$array['size']}','{$_GET['label']}','{$weburl}');\n\t\t\t\t}\n\t\t </script>"; exit; } print <<<EOT <form name="form1" method="post" action="" enctype="multipart/form-data"> <input id="postfile" type="file" name="postfile" style="height:20px; background-color:#EBEBEB; border:1 solid black;" onMouseOver ="this.style.backgroundColor='#F0F0F0'" onMouseOut ="this.style.backgroundColor='#FAFAFA'" onblur="post('')"> <input type="submit" name="Submit" value="上传文件" style="height:20px; background-color:#EBEBEB; border:1 solid black;" onMouseOver ="this.style.backgroundColor='#F0F0F0'" onMouseOut ="this.style.backgroundColor='#FAFAFA'" > <input type="hidden" name="action" value="uploadfile"> <input type="hidden" name="showDomain" value="{$showDomain}">
$postdb[template] = @serialize($postdb[tpl]); $postdb[allowpost] = @implode(",", $postdb[allowpost]); $db->query("UPDATE `{$pre}special` SET fid='{$postdb['fid']}',title='{$postdb['title']}',picurl='{$postdb['picurl']}',content='{$postdb['content']}',style='{$postdb['style']}',template='{$postdb['template']}',list='{$postdb['list']}',banner='{$postdb['banner']}',allowpost='{$postdb['allowpost']}',ifbase='{$postdb['ifbase']}',htmlname='{$postdb['htmlname']}',keywords='{$postdb['keywords']}' WHERE id='{$id}' "); get_htmltype(); jump("修改成功!", "{$FROMURL}"); } elseif ($action == "delete" && $Apower[special_list]) { if ($id) { $idDB[] = $id; } if (!$idDB) { showmsg("请选择一个专题"); } $query = $db->query("SELECT * FROM `{$pre}special` WHERE id IN (" . implode(",", $idDB) . ")"); while ($rs = $db->fetch_array($query)) { delete_attachment($rs[uid], tempdir($rs[picurl])); delete_attachment($rs[uid], tempdir($rs[banner])); $fidDB = $db->get_one("SELECT * FROM {$pre}spsort WHERE fid='{$rs['fid']}'"); $array = get_SPhtml_url($fidDB, $rs[id], $rs[posttime]); $array[showurl] = str_replace("{$webdb['www_url']}/", ROOT_PATH, $array[showurl]); $array[listurl] = str_replace("{$webdb['www_url']}/", ROOT_PATH, $array[listurl]); @unlink($array[showurl]); @unlink($array[listurl]); $db->query(" DELETE FROM `{$pre}special` WHERE id='{$rs['id']}' "); $db->query(" DELETE FROM `{$pre}label` WHERE ch='0' AND pagetype='11' AND module='0' AND fid='{$rs['id']}' AND chtype='0' "); } jump("删除成功", $FROMURL); } elseif ($job == "com" && $Apower[special_list]) { $db->query("UPDATE `{$pre}special` SET levels='{$levels}',levelstime='{$timestamp}' WHERE id='{$id}' "); jump("处理成功", $FROMURL, 0); } elseif ($job == "yz" && $Apower[special_list]) { $db->query("UPDATE `{$pre}special` SET yz='{$yz}' WHERE id='{$id}' ");
function dowork($id, $job) { global $db, $_pre, $timestamp, $userdb, $webdb; $rsdb = $db->get_one("SELECT * FROM {$_pre}content WHERE id='{$id}' "); if ($job == "delete") { $rsdb[picurl] = tempdir($rsdb[picurl]); delete_attachment($rsdb[uid], $rsdb[picurl]); $db->query("DELETE FROM {$_pre}content WHERE id='{$id}' "); $db->query("DELETE FROM {$_pre}content_1 WHERE id='{$id}' "); $db->query("DELETE FROM {$_pre}comments WHERE id='{$id}' "); } elseif ($job == "move") { global $fid; if ($fid) { $rs = $db->get_one("SELECT name,mid FROM {$_pre}sort WHERE fid='{$fid}'"); //if($rs[mid]==$rsdb[mid]){ $db->query("UPDATE {$_pre}content SET fid='{$fid}',fname='{$rs['name']}',lastfid='{$rsdb['fid']}' WHERE id='{$id}' "); $db->query("UPDATE {$_pre}content_1 SET fid='{$fid}' WHERE id='{$id}' "); //$db->query("UPDATE `{$_pre}sort` SET contents=contents-1 WHERE fid='$rsdb[fid]'"); //$db->query("UPDATE `{$_pre}sort` SET contents=contents+1 WHERE fid='$fid'"); //} } } elseif ($job == "movesp") { global $spfiddb; if ($spfiddb) { $db->query("DELETE FROM `{$_pre}special` WHERE id='{$id}'"); foreach ($spfiddb as $key => $value) { $db->query("INSERT INTO `{$_pre}special` (`fid` , `id`) VALUES ('{$value}', '{$id}')"); } } } elseif ($job == "color") { global $color; $db->query("UPDATE {$_pre}content SET titlecolor='{$color}' WHERE id='{$id}' "); } elseif ($job == "yz") { $db->query("UPDATE {$_pre}content SET yz='1',yzer='{$userdb['username']}',yztime='{$timestamp}' WHERE id='{$id}' "); } elseif ($job == "setdelete") { $db->query("UPDATE {$_pre}content SET yz='2' WHERE id='{$id}' "); } elseif ($job == "undelete") { $db->query("UPDATE {$_pre}content SET yz='1' WHERE id='{$id}' "); } elseif ($job == "unyz") { $db->query("UPDATE {$_pre}content SET yz='0',yzer='{$userdb['username']}',yztime='{$timestamp}' WHERE id='{$id}' "); } elseif ($job == "com") { global $levels; if ($levels == 1) { $SQL = ",yz=1"; } $db->query("UPDATE {$_pre}content SET levels='{$levels}',levelstime='{$timestamp}'{$SQL} WHERE id='{$id}' "); } elseif ($job == "uncom") { $db->query("UPDATE {$_pre}content SET levels='0',levelstime='0' WHERE id='{$id}' "); } elseif ($job == "top") { global $toptime; $db->query("UPDATE {$_pre}content SET list=list+'{$toptime}' WHERE id='{$id}' "); } elseif ($job == "untop") { $db->query("UPDATE {$_pre}content SET list='{$timestamp}' WHERE id='{$id}' "); } elseif ($job == "front") { global $topid; if ($topid) { $rs = $db->get_one("SELECT list FROM {$_pre}content WHERE id='{$topid}' "); $list = $rs["list"] + 1; $db->query("UPDATE {$_pre}content SET list='{$list}' WHERE id='{$id}' "); } else { $db->query("UPDATE {$_pre}content SET list='{$timestamp}' WHERE id='{$id}' "); } } elseif ($job == "bottom") { global $bottomid; if ($bottomid) { $rs = $db->get_one("SELECT list FROM {$_pre}content WHERE id='{$bottomid}' "); $list = $rs["list"] - 1; $db->query("UPDATE {$_pre}content SET list='{$list}' WHERE id='{$id}' "); } else { $db->query("UPDATE {$_pre}content SET list='0' WHERE id='{$id}' "); } } }
function delete_torrent($attach_id, $mode = '') { global $lang, $userdata; global $reg_mode, $topic_id; $attach_id = intval($attach_id); $reg_mode = $mode; if (!($torrent = get_torrent_info($attach_id))) { message_die(GENERAL_ERROR, 'Torrent not found'); } $post_id = $torrent['post_id']; $topic_id = $torrent['topic_id']; $forum_id = $torrent['forum_id']; $poster_id = $torrent['poster_id']; if ($torrent['extension'] !== TORRENT_EXT) { message_die(GENERAL_ERROR, $lang['Not_torrent']); } torrent_auth_check($forum_id, $torrent['poster_id']); tracker_unregister($attach_id); delete_attachment(0, $attach_id); return; }
/** * Prune Attachments (includes/prune.php) */ function prune_attachments($sql_post) { // prune it. delete_attachment($sql_post); }
function delete_article($aid, $rid, $forcedel = 0) { global $db, $pre, $webdb; if (!$aid) { showerr("id²»´æÔÚ"); } $erp = get_id_table($aid); if ($rid) { $rsdb = $db->get_one("SELECT R.*,A.* FROM {$pre}article{$erp} A LEFT JOIN {$pre}reply{$erp} R ON A.aid=R.aid WHERE R.rid='{$rid}'"); } elseif ($aid) { $rsdb = $db->get_one("SELECT R.*,A.* FROM {$pre}article{$erp} A LEFT JOIN {$pre}reply{$erp} R ON A.aid=R.aid WHERE A.aid='{$aid}' ORDER BY R.rid ASC LIMIT 1"); if (!$rsdb[rid]) { $db->query("DELETE FROM {$pre}article{$erp} WHERE aid='{$aid}'"); $db->query("DELETE FROM {$pre}article_db WHERE aid='{$aid}'"); $db->query("DELETE FROM {$pre}fu_article WHERE aid='{$aid}'"); } } if (!$rsdb) { return; } if ($rsdb[topic]) { if ($forcedel || $webdb[ForceDel]) { if ($rsdb[picurl]) { delete_attachment($rsdb[uid], tempdir($rsdb[picurl])); delete_attachment($rsdb[uid], tempdir("{$rsdb['picurl']}.jpg")); delete_attachment($rsdb[uid], tempdir("{$rsdb['picurl']}.jpg.jpg")); } $query = $db->query("SELECT * FROM {$pre}reply{$erp} WHERE aid='{$rsdb['aid']}'"); while ($rs = $db->fetch_array($query)) { delete_attachment($rs[uid], $rs[content]); } if ($rsdb[mid]) { $r2 = $db->get_one("SELECT * FROM {$pre}article_content_{$rsdb['mid']} WHERE aid='{$rsdb['aid']}'"); //ɾ³ý¸½¼þ if ($rsdb[mid] == 100 || $rsdb[mid] == 101 || $rsdb[mid] == 102) { //ɾ³ýͼƬ,Èí¼þ,ÊÓƵ if ($rsdb[mid] == 100) { $string = $r2[photourl]; } elseif ($rsdb[mid] == 101) { $string = $r2[softurl]; } elseif ($rsdb[mid] == 102) { $string = $r2[mvurl]; } $string = str_replace("\r", "", $string); $detail = explode("\n", $string); foreach ($detail as $value) { $d = explode("@@@", $value); delete_attachment($rsdb[uid], tempdir($d[0])); } } elseif ($rsdb[mid] == 104) { //ɾ³ýFLASH $d = explode("@@@", $r2[flashurl]); delete_attachment($rsdb[uid], tempdir($d[0])); } $db->query("DELETE FROM {$pre}article_content_{$rsdb['mid']} WHERE aid='{$rsdb['aid']}'"); } $db->query("DELETE FROM `{$pre}collection` WHERE aid='{$rsdb['aid']}' "); $db->query("DELETE FROM `{$pre}article{$erp}` WHERE aid='{$rsdb['aid']}' "); $db->query("DELETE FROM `{$pre}article_db` WHERE aid='{$rsdb['aid']}' "); $db->query("DELETE FROM `{$pre}reply{$erp}` WHERE aid='{$rsdb['aid']}' "); $db->query("DELETE FROM `{$pre}comment` WHERE aid='{$rsdb['aid']}' "); $db->query("DELETE FROM `{$pre}report` WHERE aid='{$rsdb['aid']}' "); $db->query("DELETE FROM `{$pre}fu_article` WHERE aid='{$rsdb['aid']}'"); //²Æ¸»´¦Àí Give_article_money($rsdb[uid], 'del'); if ($rsdb[levels]) { Give_article_money($rsdb[uid], 'uncom'); } //ɾ³ý¹Ø¼ü×Ö keyword_del($rsdb[aid], $rsdb[keywords]); } else { $db->query("UPDATE {$pre}article{$erp} SET yz=2 WHERE aid='{$rsdb['aid']}'"); } } else { $db->query("DELETE FROM {$pre}reply{$erp} WHERE rid='{$rsdb['rid']}'"); delete_attachment($rsdb[uid], $rsdb[content]); if ($rsdb[mid]) { $db->query("DELETE FROM {$pre}article_content_{$rsdb['mid']} WHERE rid='{$rsdb['rid']}'"); } $db->query("UPDATE {$pre}article{$erp} SET pages=pages-1 WHERE aid='{$rsdb['aid']}'"); } //ɾ³ý»º´æÎļþ delete_cache_file($rsdb[fid], $rsdb[aid]); }
} if ($post_id_sql != '') { $sql = "DELETE \n\t\t\t\t\tFROM " . POSTS_TABLE . " \n\t\t\t\t\tWHERE post_id IN ({$post_id_sql})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete posts', '', __LINE__, __FILE__, $sql); } $sql = "DELETE \n\t\t\t\t\tFROM " . POSTS_TEXT_TABLE . " \n\t\t\t\t\tWHERE post_id IN ({$post_id_sql})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete posts text', '', __LINE__, __FILE__, $sql); } $sql = "DELETE \n\tFROM " . PAYMENT_TABLE . " \n\tWHERE post_id IN ({$post_id_sql})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete posts\' payment information', '', __LINE__, __FILE__, $sql); } remove_search_post($post_id_sql); delete_attachment(explode(', ', $post_id_sql)); } if ($vote_id_sql != '') { $sql = "DELETE \n\t\t\t\t\tFROM " . VOTE_DESC_TABLE . " \n\t\t\t\t\tWHERE vote_id IN ({$vote_id_sql})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete vote descriptions', '', __LINE__, __FILE__, $sql); } $sql = "DELETE \n\t\t\t\t\tFROM " . VOTE_RESULTS_TABLE . " \n\t\t\t\t\tWHERE vote_id IN ({$vote_id_sql})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete vote results', '', __LINE__, __FILE__, $sql); } $sql = "DELETE \n\t\t\t\t\tFROM " . VOTE_USERS_TABLE . " \n\t\t\t\t\tWHERE vote_id IN ({$vote_id_sql})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete vote users', '', __LINE__, __FILE__, $sql); } }
/** * This function stores the edit of a post in the forum_post table. * * @param array * @return void HTML * * @author Patrick Cool <*****@*****.**>, Ghent University * @version february 2006, dokeos 1.8 */ function store_edit_post($values) { global $origin; $table_threads = Database::get_course_table(TABLE_FORUM_THREAD); $table_posts = Database::get_course_table(TABLE_FORUM_POST); $gradebook = Security::remove_XSS($_GET['gradebook']); $course_id = api_get_course_int_id(); // First we check if the change affects the thread and if so we commit the changes (sticky and post_title=thread_title are relevant). //if (array_key_exists('is_first_post_of_thread',$values) AND $values['is_first_post_of_thread']=='1') { $posts = get_posts($values['thread_id']); $first_post = null; if (!empty($posts)) { $first_post = $posts[0]; } if (!empty($first_post) && $first_post['post_id'] == $values['post_id']) { $sql = "UPDATE {$table_threads} SET\n thread_title ='" . Database::escape_string($values['post_title']) . "',\n thread_sticky ='" . Database::escape_string(isset($values['thread_sticky']) ? $values['thread_sticky'] : null) . "'," . "thread_title_qualify ='" . Database::escape_string($values['calification_notebook_title']) . "'," . "thread_qualify_max ='" . Database::escape_string($values['numeric_calification']) . "'," . "thread_weight ='" . Database::escape_string($values['weight_calification']) . "'" . " WHERE c_id = {$course_id} AND thread_id='" . intval($values['thread_id']) . "'"; Database::query($sql); } //} // Update the post_title and the post_text. $sql = "UPDATE {$table_posts} SET\n post_title ='" . Database::escape_string($values['post_title']) . "',\n post_text ='" . Database::escape_string($values['post_text']) . "',\n post_notification ='" . Database::escape_string(isset($values['post_notification']) ? $values['post_notification'] : null) . "'\n WHERE c_id = {$course_id} AND post_id='" . intval($values['post_id']) . "'"; Database::query($sql); if (!empty($values['remove_attach'])) { delete_attachment($values['post_id']); } if (empty($values['id_attach'])) { add_forum_attachment_file($values['file_comment'], $values['post_id']); } else { edit_forum_attachment_file($values['file_comment'], $values['post_id'], $values['id_attach']); } if (api_is_course_admin() == true) { $ccode = api_get_course_id(); $sid = api_get_session_id(); $link_info = is_resource_in_course_gradebook($ccode, 5, $values['thread_id'], $sid); $link_id = $link_info['id']; $thread_qualify_gradebook = isset($values['thread_qualify_gradebook']) ? $values['thread_qualify_gradebook'] : null; if ($thread_qualify_gradebook != 1) { if ($link_info !== false) { remove_resource_from_course_gradebook($link_id); } } else { if ($link_info === false && !$_GET['thread']) { $weigthqualify = $values['weight_calification']; add_resource_to_course_gradebook($values['category_id'], $ccode, 5, $values['thread_id'], Database::escape_string(stripslashes($values['calification_notebook_title'])), $weigthqualify, $values['numeric_calification'], null, 0, $sid); } } } // Storing the attachments if any. //update_added_resources('forum_post', $values['post_id']); $message = get_lang('EditPostStored') . '<br />'; $message .= get_lang('ReturnTo') . ' <a href="viewforum.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($_GET['forum']) . '&gidReq=' . $_SESSION['toolgroup'] . '&origin=' . $origin . '">' . get_lang('Forum') . '</a><br />'; $message .= get_lang('ReturnTo') . ' <a href="viewthread.php?' . api_get_cidreq() . '&forum=' . Security::remove_XSS($_GET['forum']) . '&gidReq=' . $_SESSION['toolgroup'] . '&origin=' . $origin . '&gradebook=' . $gradebook . '&thread=' . $values['thread_id'] . '&post=' . Security::remove_XSS($_GET['post']) . '">' . get_lang('Message') . '</a>'; Session::erase('formelements'); Session::erase('origin'); Session::erase('breadcrumbs'); Session::erase('addedresource'); Session::erase('addedresourceid'); Display::display_confirmation_message($message, false); }
$json['errorMessage'] = '1. the forum category, forum or thread is invisible (visibility==0)'; break; } if (!api_is_allowed_to_edit(null, true) and ($current_forum_category && $current_forum_category['locked'] != 0 or $current_forum['locked'] != 0 or $current_thread['locked'] != 0)) { $json['errorMessage'] = '2. the forum category, forum or thread is locked (locked <>0)'; break; } if (api_is_anonymous() and $current_forum['allow_anonymous'] == 0) { $json['errorMessage'] = '3. if anonymous posts are not allowed'; break; } $group_id = api_get_group_id(); if (!api_is_allowed_to_edit(null, true) and $current_forum['allow_edit'] == 0 && ($group_id && !GroupManager::is_tutor_of_group(api_get_user_id(), $group_id))) { $json['errorMessage'] = '4. if editing of replies is not allowed'; break; } // If pass all previous control, user can edit post $attachId = $_REQUEST['attachId']; $threadId = $_REQUEST['thread']; // Delete forum attachment from database and file system $affectedRows = delete_attachment(0, $attachId, false); if ($affectedRows > 0) { $json['error'] = false; $json['errorMessage'] = 'Success'; } } break; } } echo json_encode($json); exit;
} else { update_attachment($selected_id, $_POST['filterType'], $_POST['trans_no'], $_POST['description'], $filename, $unique_name, $filesize, $filetype); display_notification(_("Attachment has been updated.")); } } refresh_pager('trans_tbl'); $Ajax->activate('_page_body'); $Mode = 'RESET'; } if ($Mode == 'Delete') { $row = get_attachment($selected_id); $dir = company_path() . "/attachments"; if (file_exists($dir . "/" . $row['unique_name'])) { unlink($dir . "/" . $row['unique_name']); } delete_attachment($selected_id); display_notification(_("Attachment has been deleted.")); $Mode = 'RESET'; } if ($Mode == 'RESET') { unset($_POST['trans_no']); unset($_POST['description']); $selected_id = -1; } function viewing_controls() { global $selected_id; start_table(TABLESTYLE_NOBORDER); start_row(); systypes_list_cells(_("Type:"), 'filterType', null, true); if (list_updated('filterType')) {
$current_ext = $current_path['extension']; // location $location = WW_ROOT . '/ww_files/attachments/' . $current_ext . '/'; // new file details $new_file = $_FILES['new_attachment']; $replace_status = replace_attachment($location, $new_file, $current); if ($replace_status === true) { header('Location: ' . $url); } else { $error = $replace_status; } } } // confirm delete attachment if (isset($_POST['confirm_delete_attachment']) && $_POST['confirm_delete_attachment'] == 'Yes') { $attachment_delete = delete_attachment($_POST['filename'], $_POST['ext']); if (!empty($attachment_delete)) { header('Location: ' . WW_WEB_ROOT . '/ww_edit/index.php?page_name=attachments'); } else { $error = $attachment_delete; } } // cancel delete attachment if (isset($_POST['cancel_delete_attachment']) && $_POST['cancel_delete_attachment'] == 'No') { $attachment_id = (int) $_POST['attachment_id']; header('Location: ' . WW_WEB_ROOT . '/ww_edit/index.php?page_name=attachments&attachment_id=' . $attachment_id); } // delete folder if (isset($_POST['remove_folder'])) { if (!empty($_GET['ext'])) { $rm_folder = WW_ROOT . '/ww_files/attachments/' . $_GET['ext'] . '/';
case 'set_email_view_log': set_email_view_log(); break; case 'get_email_view_log': get_email_view_log(); break; case 'view_error_file': view_error_file(); break; case 'display_attachments': display_attachments(); break; case 'delete_attachment': delete_attachment(); break; case 'rename_attachment': rename_attachment(); break; case 'fetch_file_info': fetch_file_info(); break; case 'rename_document': rename_document(); break; case 'view_attached_file': view_attached_file(); break; case 'send_attachment_email': send_attachment_email();
/** * Clear forum attachment data stored in $_SESSION, * If is not defined post, it will clear all forum attachment data from course * @param int $postId -1 : Clear all attachments from course stored in $_SESSION * 0 : Clear attachments from course, except from temporal post "0" * but without delete them from file system and database * Other values : Clear attachments from course except specified post * and delete them from file system and database * @param int $courseId : Course ID, if it is null, will use api_get_course_int_id() * * @return array */ function clearAttachedFiles($postId = null, $courseId = null) { // Init variables $courseId = intval($courseId); $postId = intval($postId); $array = array(); if (empty($courseId)) { // $courseId can be null, use api method $courseId = api_get_course_int_id(); } if ($postId === -1) { // If post ID is -1 then delete course's attachment data from $_SESSION if (!empty($_SESSION['forum']['upload_file'][$courseId])) { $array = array_keys($_SESSION['forum']['upload_file'][$courseId]); unset($_SESSION['forum']['upload_file'][$courseId]); } } else { $attachIds = getAttachmentIdsByPostId($postId, $courseId); if (!empty($_SESSION['forum']['upload_file'][$courseId]) && is_array($_SESSION['forum']['upload_file'][$courseId])) { foreach ($_SESSION['forum']['upload_file'][$courseId] as $attachId => $attach) { if (!in_array($attachId, $attachIds)) { // If attach ID is not into specified post, delete attachment // Save deleted attachment ID $array[] = $attachId; if ($postId !== 0) { // Post 0 is temporal, delete them from file system and DB delete_attachment(0, $attachId, false); } // Delete attachment data from $_SESSION unset($_SESSION['forum']['upload_file'][$courseId][$attachId]); } } } } return $array; }
function prune_attachments($sql_post) { // // Yeah, prune it. // delete_attachment($sql_post); }
$num_attachments = $ps->fetchColumn(); for ($i = 0; $i < $num_attachments; $i++) { if (isset($_POST['attach_delete'][$i])) { $attach_id = intval($_POST['attach_delete'][$i]); $data = array(':id' => $attach_id); $ps = $db->select('attachments', 'owner', $data, 'id=:id', 1); if ($ps->rowCount() || $is_admmod) { $owner = $ps->fetchColumn(); $can_delete = false; if ($panther_user['is_admin']) { $can_delete = true; } else { $can_delete = ($is_admmod || $panther_user['g_delete_posts'] == '1' && $owner == $panther_user['id']) && ($cur_post['delete_files'] == '1' || $cur_post['delete_files'] == '') ? true : false; } if ($can_delete) { if (!delete_attachment($attach_id)) { message($lang_post['Can\'t delete']); } } else { message($lang_post['No delete']); } } else { message($lang_post['No attachments']); } } } } if (isset($_FILES['attached_file'])) { if (isset($_FILES['attached_file']['error']) && $_FILES['attached_file']['error'] != 0 && $_FILES['attached_file']['error'] != 4) { error_handler(file_upload_error_message($_FILES['attached_file']['error']), __FILE__, __LINE__); }
confirm_referrer(PANTHER_ADMIN_DIR . '/attachments.php'); $id = intval(key($_POST['delete_attachment'])); if (!delete_attachment($id)) { message($lang_admin_attachments['Unable to delete attachment']); } redirect(panther_link($panther_url['admin_attachments']), $lang_admin_attachments['Attachment del redirect']); } elseif (isset($_POST['delete_orphans'])) { confirm_referrer(PANTHER_ADMIN_DIR . '/attachments.php'); $ps = $db->run('SELECT a.id FROM ' . $db->prefix . 'attachments AS a LEFT JOIN ' . $db->prefix . 'posts AS p ON p.id=a.post_id WHERE p.id IS NULL'); if (!$ps->rowCount()) { message($lang_admin_attachments['No orphans']); } $i = 0; $ps->setFetchMode(PDO::FETCH_COLUMN, 0); foreach ($ps as $attachment) { if (!delete_attachment($attachment)) { continue; } else { $i++; } } message(sprintf($lang_admin_attachmetns['X orphans deleted'], array($i))); } $start = isset($_POST['start']) ? intval($_POST['start']) : 0; $limit = isset($_POST['number']) ? intval($_POST['number']) : 50; $increase = isset($_POST['auto_increase']) && $_POST['auto_increase'] == '1' ? $start + $limit : $start; $direction = isset($_POST['direction']) && $_POST['direction'] == '1' ? 'ASC' : 'DESC'; $order = isset($_POST['order']) ? intval($_POST['order']) : 0; switch ($order) { case 1: $order = 'a.downloads';
$select_sort_mode .= '</select>'; } $select_sort_order = '<select name="order">'; if ($sort_order == 'ASC') { $select_sort_order .= '<option value="ASC" selected="selected">' . $lang['Sort_Ascending'] . '</option><option value="DESC">' . $lang['Sort_Descending'] . '</option>'; } else { $select_sort_order .= '<option value="ASC">' . $lang['Sort_Ascending'] . '</option><option value="DESC" selected="selected">' . $lang['Sort_Descending'] . '</option>'; } $select_sort_order .= '</select>'; $submit_change = isset($_POST['submit_change']) ? TRUE : FALSE; $delete = isset($_POST['delete']) ? TRUE : FALSE; $delete_id_list = get_var('delete_id_list', array(0)); $confirm = $_POST['confirm'] ? TRUE : FALSE; if ($confirm && sizeof($delete_id_list) > 0) { $attachments = array(); delete_attachment(0, $delete_id_list); } else { if ($delete && sizeof($delete_id_list) > 0) { // Not confirmed, show confirmation message $hidden_fields = '<input type="hidden" name="view" value="' . $view . '" />'; $hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />'; $hidden_fields .= '<input type="hidden" name="order" value="' . $sort_order . '" />'; $hidden_fields .= '<input type="hidden" name="u_id" value="' . $uid . '" />'; $hidden_fields .= '<input type="hidden" name="start" value="' . $start . '" />'; for ($i = 0; $i < sizeof($delete_id_list); $i++) { $hidden_fields .= '<input type="hidden" name="delete_id_list[]" value="' . $delete_id_list[$i] . '" />'; } $template->set_filenames(array('confirm' => 'confirm_body.tpl')); $template->assign_vars(array('MESSAGE_TITLE' => $lang['Confirm'], 'MESSAGE_TEXT' => $lang['Confirm_delete_attachments'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'S_CONFIRM_ACTION' => append_sid('admin_attach_cp.' . $phpEx), 'S_HIDDEN_FIELDS' => $hidden_fields)); $template->pparse('confirm'); include 'page_footer_admin.' . $phpEx;
/** * For Private Messaging */ function privmsgs_attachment_mod($mode) { global $attach_config, $template, $lang, $userdata, $_POST, $phpbb_root_path, $phpEx, $db; global $confirm, $delete, $delete_all, $post_id, $privmsgs_id, $privmsg_id, $submit, $refresh, $mark_list, $folder; if ($folder != 'outbox') { $this->display_attach_box_limits(); } if (!intval($attach_config['allow_pm_attach'])) { return; } if (!$refresh) { $add_attachment_box = !empty($_POST['add_attachment_box']) ? TRUE : FALSE; $posted_attachments_box = !empty($_POST['posted_attachments_box']) ? TRUE : FALSE; $refresh = $add_attachment_box || $posted_attachments_box; } $post_id = $privmsgs_id; $result = $this->handle_attachments($mode, PAGE_PRIVMSGS); if ($result === false) { return; } $mark_list = get_var('mark', array(0)); if (($this->pm_delete_attachments || $delete) && sizeof($mark_list)) { if (!$userdata['session_logged_in']) { // ZphpBB2 - use Zikula login and redirect //redirect(append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); System::redirect(ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri())))); // <= ZphpBB2 exit; } if (sizeof($mark_list)) { $delete_sql_id = ''; for ($i = 0; $i < sizeof($mark_list); $i++) { $delete_sql_id .= ($delete_sql_id != '' ? ', ' : '') . intval($mark_list[$i]); } if (($this->pm_delete_attachments || $confirm) && !$delete_all) { delete_attachment($delete_sql_id, 0, PAGE_PRIVMSGS); } } } if ($submit || $refresh || $mode != '') { $this->display_attachment_bodies(); } }
function privmsgs_attachment_mod($mode) { global $attach_config, $template, $lang, $userdata, $HTTP_POST_VARS, $phpbb_root_path, $phpEx, $db; global $confirm, $delete, $delete_all, $post_id, $privmsgs_id, $privmsg_id, $submit, $refresh, $mark_list, $folder; if ($folder != 'outbox') { $this->display_attach_box_limits(); } if (!intval($attach_config['allow_pm_attach'])) { return; } if (!$refresh) { $add_attachment_box = !empty($HTTP_POST_VARS['add_attachment_box']) ? TRUE : FALSE; $posted_attachments_box = !empty($HTTP_POST_VARS['posted_attachments_box']) ? TRUE : FALSE; $refresh = $add_attachment_box || $posted_attachments_box; } $post_id = $privmsgs_id; $result = $this->handle_attachments($mode, PAGE_PRIVMSGS); if ($result == FALSE) { return; } $mark_list = !empty($HTTP_POST_VARS['mark']) ? $HTTP_POST_VARS['mark'] : array(); if (($this->pm_delete_attachments || $delete) && count($mark_list)) { if (!$userdata['session_logged_in']) { $header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . append_sid("login.{$phpEx}?redirect=privmsg.{$phpEx}&folder=inbox", true)); exit; } if (count($mark_list)) { $delete_sql_id = ''; for ($i = 0; $i < count($mark_list); $i++) { $delete_sql_id .= ($delete_sql_id != '' ? ', ' : '') . intval($mark_list[$i]); } if (($this->pm_delete_attachments || $confirm) && !$delete_all) { delete_attachment($delete_sql_id, -1, PAGE_PRIVMSGS); } } } if ($submit || $refresh || $mode != '') { $this->display_attachment_bodies(); } }
function delete_torrent($attach_id, $mode = '') { global $lang, $reg_mode, $topic_id; $attach_id = intval($attach_id); $reg_mode = $mode; if (!($torrent = get_torrent_info($attach_id))) { bb_die($lang['TOR_NOT_FOUND']); } $topic_id = $torrent['topic_id']; $forum_id = $torrent['forum_id']; $poster_id = $torrent['poster_id']; if ($torrent['extension'] !== TORRENT_EXT) { bb_die($lang['NOT_TORRENT']); } torrent_auth_check($forum_id, $poster_id); tracker_unregister($attach_id); delete_attachment(0, $attach_id); return; }