Ejemplo n.º 1
0
 * @author    Anatoliy Belsky <*****@*****.**>
 * @copyright 2010-2014 phpMyFAQ Team
 * @license   http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
 * @link      http://www.phpmyfaq.de
 * @since     2010-12-20
 */
use Symfony\Component\HttpFoundation\Response;
if (!defined('IS_VALID_PHPMYFAQ')) {
    $protocol = 'http';
    if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') {
        $protocol = 'https';
    }
    header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
    exit;
}
$ajaxAction = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING);
$attId = PMF_Filter::filterInput(INPUT_GET, 'attId', FILTER_VALIDATE_INT);
$att = PMF_Attachment_Factory::create($attId);
$response = new Response();
if ($att) {
    switch ($ajaxAction) {
        case 'delete':
            if ($att->delete()) {
                $response->setContent($PMF_LANG['msgAttachmentsDeleted']);
            } else {
                $response->setContent($PMF_LANG['ad_att_delfail']);
            }
            break;
    }
}
$response->send();
Ejemplo n.º 2
0
    header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
    exit;
}
set_time_limit(0);
if (headers_sent()) {
    die;
}
$attachmentErrors = array();
// authenticate with session information
$user = PMF_User_CurrentUser::getFromSession($faqconfig->get('security.ipCheck'));
if (!$user instanceof PMF_User_CurrentUser) {
    $user = new PMF_User_CurrentUser();
    // user not logged in -> empty user object
}
$id = PMF_Filter::filterInput(INPUT_GET, 'id', FILTER_VALIDATE_INT);
$attachment = PMF_Attachment_Factory::create($id);
$userPermission = $faq->getPermission('user', $attachment->getRecordId());
$groupPermission = $faq->getPermission('group', $attachment->getRecordId());
// Check on group permissions
if ($user->perm instanceof PMF_Perm_PermMedium) {
    if (count($groupPermission) && in_array($groupPermission[0], $user->perm->getUserGroups($user->getUserId()))) {
        $groupPermission = true;
    } else {
        $groupPermission = false;
    }
} else {
    $groupPermission = true;
}
// Check in user's permissions
if (in_array($user->getUserId(), $userPermission)) {
    $userPermission = true;
Ejemplo n.º 3
0
 /**
  * Quite simple migration from versions <2.6 
  * 
  * @return null
  */
 protected function migrateFromOldFormatToFs()
 {
     $list = $this->getOldFileList(PMF_ATTACHMENTS_DIR);
     foreach ($list as $recordId => $item) {
         $recordLang = $item['lang'];
         foreach ($item['files'] as $file) {
             $att = PMF_Attachment_Factory::create();
             $att->setRecordId($recordId);
             $att->setRecordLang($recordLang);
             if (!$att->save($file)) {
                 $this->error[] = "File {$file} couldn't be migrated";
             }
         }
         $recordDir = PMF_ATTACHMENTS_DIR . "/{$recordId}";
         if (!@rmdir(PMF_ATTACHMENTS_DIR . "/{$file}")) {
             $this->warning[] = "Couldn't remove dir {$recordDir} after migration";
         }
     }
 }
Ejemplo n.º 4
0
 /**
  * Deletes a record and all the dependencies
  *
  * @param integer $recordId   Record id
  * @param string  $recordLang Record language
  *
  * @return boolean
  */
 public function deleteRecord($recordId, $recordLang)
 {
     $queries = array(sprintf("DELETE FROM %sfaqchanges WHERE beitrag = %d AND lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqcategoryrelations WHERE record_id = %d AND record_lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata WHERE id = %d AND lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata_revisions WHERE id = %d AND lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqvisits WHERE id = %d AND lang = '%s'", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata_user WHERE record_id = %d", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata_group WHERE record_id = %d", PMF_Db::getTablePrefix(), $recordId, $recordLang), sprintf("DELETE FROM %sfaqdata_tags WHERE record_id = %d", PMF_Db::getTablePrefix(), $recordId), sprintf('DELETE FROM %sfaqdata_tags WHERE %sfaqdata_tags.record_id NOT IN (SELECT %sfaqdata.id FROM %sfaqdata)', PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix()), sprintf("DELETE FROM %sfaqcomments WHERE id = %d", PMF_Db::getTablePrefix(), $recordId), sprintf("DELETE FROM %sfaqvoting WHERE artikel = %d", PMF_Db::getTablePrefix(), $recordId));
     foreach ($queries as $query) {
         $this->_config->getDb()->query($query);
     }
     // Delete possible attachments
     $attId = PMF_Attachment_Factory::fetchByRecordId($this->_config, $recordId);
     $attachment = PMF_Attachment_Factory::create($attId);
     $attachment->delete();
     return true;
 }