attachments_delete PHP Code Examples

Example #1

0

Show file

File: attachments.php Project: DeannaG65/BeehiveForum

if (isset($_POST['summary'])) {
    if (isset($_POST['hashes']) && is_array($_POST['hashes'])) {
        $hash_array = array_filter($_POST['hashes'], 'is_md5');
    } else {
        $hash_array = array();
    }
    $used_post_space = format_file_size(attachments_get_post_used_space($_SESSION['UID'], $hash_array));
    $free_post_space = attachments_get_free_post_space($_SESSION['UID'], $hash_array);
    $content_type = 'application/json; charset=UTF-8';
    $content = json_encode(array('used_post_space' => $used_post_space, 'free_post_space' => $free_post_space > -1 ? format_file_size($free_post_space) : gettext("Unlimited"), 'free_upload_space' => $free_upload_space > -1 ? format_file_size($free_upload_space) : gettext("Unlimited")));
} else {
    if (isset($_POST['delete'])) {
        $valid = true;
        if (isset($_POST['hashes']) && is_array($_POST['hashes'])) {
            foreach ($_POST['hashes'] as $hash) {
                if (!attachments_delete($hash)) {
                    $valid = false;
                }
            }
        }
        $content_type = 'application/json; charset=UTF-8';
        $content = json_encode($valid);
    } else {
        if (isset($_FILES['upload']) && is_array($_FILES['upload'])) {
            for ($i = 0; $i < sizeof($_FILES['upload']['name']); $i++) {
                if (isset($_FILES['upload']['name'][$i]) && strlen(trim($_FILES['upload']['name'][$i])) > 0) {
                    $file_name = trim($_FILES['upload']['name'][$i]);
                    if (isset($_FILES['upload']['error'][$i]) && $_FILES['upload']['error'][$i] != UPLOAD_ERR_OK) {
                        $valid = false;
                        $error = gettext('Upload had errors');
                    } else {

Example #2

0

Show file

File: attachments.inc.php Project: richstokoe/BeehiveForum

function attachments_delete_by_aid($aid)
{
    if (!is_md5($aid)) {
        return false;
    }
    if (!($db = db::get())) {
        return false;
    }
    if (($uid = session::get_value('UID')) === false) {
        return false;
    }
    // Fetch the attachment to make sure the user
    // is able to delete it, i.e. it belongs to them.
    $sql = "SELECT PAF.HASH FROM POST_ATTACHMENT_FILES PAF ";
    $sql .= "WHERE PAF.AID = '{$aid}' AND PAF.UID = '{$uid}'";
    if (!($result = $db->query($sql))) {
        return false;
    }
    while ($attachment_data = $result->fetch_assoc()) {
        if (!attachments_delete($attachment_data['HASH'])) {
            return false;
        }
    }
    return true;
}

Example #3

0

Show file

File: pm.inc.php Project: DeannaG65/BeehiveForum

function pm_delete_message($mid)
{
    if (!($db = db::get())) {
        return false;
    }
    if (!is_numeric($mid)) {
        return false;
    }
    if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) {
        return false;
    }
    $pm_inbox_items = PM_INBOX_ITEMS;
    $pm_outbox = PM_OUTBOX;
    $pm_sent_items = PM_SENT_ITEMS;
    $pm_saved_out = PM_SAVED_OUT;
    $pm_saved_in = PM_SAVED_IN;
    $pm_draft_items = PM_DRAFT_ITEMS;
    $sql = "DELETE FROM PM_TYPE USING PM_TYPE INNER JOIN PM ON (PM.MID = PM_TYPE.MID) ";
    $sql .= "WHERE (((PM_TYPE.TYPE & {$pm_inbox_items}) AND PM_TYPE.UID = '{$_SESSION['UID']}') OR ";
    $sql .= "((PM_TYPE.TYPE & {$pm_outbox}) AND PM.FROM_UID = '{$_SESSION['UID']}') OR ";
    $sql .= "((PM_TYPE.TYPE & {$pm_sent_items}) AND PM_TYPE.UID = '{$_SESSION['UID']}') OR ";
    $sql .= "((PM_TYPE.TYPE & {$pm_saved_out}) AND PM_TYPE.UID = '{$_SESSION['UID']}') OR ";
    $sql .= "((PM_TYPE.TYPE & {$pm_saved_in}) AND PM_TYPE.UID = '{$_SESSION['UID']}') OR ";
    $sql .= "((PM_TYPE.TYPE & {$pm_draft_items}) AND PM.FROM_UID = '{$_SESSION['UID']}')) ";
    $sql .= "AND PM_TYPE.MID = '{$mid}'";
    if (!($result = $db->query($sql))) {
        return false;
    }
    $sql = "DELETE FROM PM, PM_CONTENT, PM_RECIPIENT USING PM ";
    $sql .= "LEFT JOIN PM_CONTENT ON (PM_CONTENT.MID = PM.MID) ";
    $sql .= "LEFT JOIN PM_RECIPIENT ON (PM_RECIPIENT.MID = PM.MID) ";
    $sql .= "LEFT JOIN PM_TYPE ON (PM_TYPE.MID = PM.MID) ";
    $sql .= "WHERE PM_TYPE.MID IS NULL AND PM.MID = '{$mid}'";
    if (!($result = $db->query($sql))) {
        return false;
    }
    $sql = "SELECT PAF.HASH FROM POST_ATTACHMENT_FILES PAF ";
    $sql .= "INNER JOIN PM_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID) ";
    $sql .= "LEFT JOIN PM ON (PM.MID = PAI.MID) WHERE PM.MID IS NULL ";
    $sql .= "AND PAI.MID = '{$mid}'";
    if (!($result = $db->query($sql))) {
        return false;
    }
    while (($attachment_data = $result->fetch_assoc()) !== null) {
        attachments_delete($attachment_data['HASH']);
    }
    return true;
}

Example #4

0

Show file

File: admin.inc.php Project: DeannaG65/BeehiveForum

function admin_delete_user($uid, $delete_content = false)
{
    if (!($db = db::get())) {
        return false;
    }
    if (!is_numeric($uid)) {
        return false;
    }
    if (!is_bool($delete_content)) {
        $delete_content = false;
    }
    $current_datetime = date(MYSQL_DATETIME, time());
    // Mark as read cut off
    $modified_cutoff_datetime = forum_get_unread_cutoff_datetime();
    // UID of current user
    if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) {
        return false;
    }
    // Before we delete we verify the user account exists and that
    // the user is not the current user account.
    if (($user_logon = user_get_logon($uid)) && $_SESSION['UID'] != $uid) {
        // Check to see if we're also deleting the user's content.
        if ($delete_content === true) {
            // Get a list of available forums
            if (($forum_table_prefix_array = forum_get_all_prefixes()) !== false) {
                // Loop through all forums and delete all the user data from every forum.
                foreach ($forum_table_prefix_array as $forum_table_prefix) {
                    // Delete log entries created by the user
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}ADMIN_LOG` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete Links created by the user
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete Link Votes made by the user
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_VOTE` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete Link Comments made by the user
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_COMMENT` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete Poll Votes made by the user
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_POLL_VOTES` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete Relationship data for the user and relationships
                    // with this user made by other users.
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PEER` WHERE UID = '{$uid}' OR PEER_UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete folder preferences set by the user
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_FOLDER` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete User's Preferences
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PREFS` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete User's Profile.
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PROFILE` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete User's Signature
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_SIG` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete User's Thread Read Data
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_THREAD` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete User's Tracking data (Post Count, etc.)
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_TRACK` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete Word Filter Entries made by user
                    $sql = "DELETE QUICK FROM `{$forum_table_prefix}WORD_FILTER` WHERE UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete Polls created by user
                    $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET POLL_FLAG = 'N', ";
                    $sql .= "MODIFIED = IF(MODIFIED < CAST('{$modified_cutoff_datetime}' AS DATETIME), ";
                    $sql .= "MODIFIED, CAST('{$current_datetime}' AS DATETIME)) WHERE BY_UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete threads started by the user where
                    // the thread only contains a single post.
                    $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET DELETED = 'Y', ";
                    $sql .= "MODIFIED = IF(MODIFIED < CAST('{$modified_cutoff_datetime}' AS DATETIME), ";
                    $sql .= "MODIFIED, CAST('{$current_datetime}' AS DATETIME)) WHERE BY_UID = '{$uid}' ";
                    $sql .= "AND LENGTH = 1";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Delete content of posts made by this user
                    $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST_CONTENT` POST_CONTENT ";
                    $sql .= "LEFT JOIN `{$forum_table_prefix}POST` POST ON (POST.TID = POST_CONTENT.TID ";
                    $sql .= "AND POST.PID = POST_CONTENT.PID) SET POST_CONTENT.CONTENT = NULL ";
                    $sql .= "WHERE POST.FROM_UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                    // Mark posts made by this user as approved so they don't appear in the
                    // approval queue.
                    $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST` ";
                    $sql .= "SET APPROVED = CAST('{$current_datetime}' AS DATETIME), ";
                    $sql .= "APPROVED_BY = '{$_SESSION['UID']}' WHERE FROM_UID = '{$uid}'";
                    if (!$db->query($sql)) {
                        return false;
                    }
                }
            }
            // Delete User Group Entries related to this user.
            $sql = "DELETE QUICK FROM GROUP_USERS WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Remove all PM_TYPE records
            $sql = "DELETE QUICK FROM PM_TYPE WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Remove all PM_RECIPIENT records
            $sql = "DELETE QUICK FROM PM_RECIPIENT WHERE TO_UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete any PMs from this user.
            $sql = "DELETE QUICK FROM PM WHERE FROM_UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Remove any PMs that have no recipients.
            $sql = "DELETE QUICK FROM PM, PM_CONTENT USING PM ";
            $sql .= "LEFT JOIN PM_CONTENT ON (PM_CONTENT.MID = PM.MID) ";
            $sql .= "LEFT JOIN PM_RECIPIENT ON (PM_RECIPIENT.MID = PM.MID) ";
            $sql .= "LEFT JOIN PM_TYPE ON (PM_TYPE.MID = PM.MID) ";
            $sql .= "WHERE PM_TYPE.MID IS NULL OR PM_RECIPIENT.MID IS NULL";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete all the attachments uploaded by the user.
            $sql = "SELECT HASH FROM POST_ATTACHMENT_FILES WHERE UID = '{$uid}'";
            if (!($result = $db->query($sql))) {
                return false;
            }
            while (($attachment_data = $result->fetch_assoc()) !== null) {
                attachments_delete($attachment_data['HASH']);
            }
            // Delete User's PM Search Results
            $sql = "DELETE QUICK FROM PM_SEARCH_RESULTS WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete User's Attachments (doesn't remove the physical files).
            $sql = "DELETE QUICK FROM POST_ATTACHMENT_FILES WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete User's Search Results.
            $sql = "DELETE QUICK FROM SEARCH_RESULTS WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete User's Sessions
            $sql = "DELETE QUICK FROM SESSIONS WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete User's Forum Preferences and Permissions
            $sql = "DELETE QUICK FROM USER_FORUM WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete User's History Data (Logon, Nickname, Email address changes)
            $sql = "DELETE QUICK FROM USER_HISTORY WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete User's Global Preferences
            $sql = "DELETE QUICK FROM USER_PERM WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete User's Global Preferences
            $sql = "DELETE QUICK FROM USER_PREFS WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Delete User's Visitor Log Data
            $sql = "DELETE QUICK FROM VISITOR_LOG WHERE UID = '{$uid}'";
            if (!$db->query($sql)) {
                return false;
            }
            // Add a log entry to show what we've done.
            admin_add_log_entry(DELETE_USER_DATA, array($uid, $user_logon));
        }
        // Delete the User account.
        $sql = "DELETE QUICK FROM USER WHERE UID = '{$uid}'";
        if (!$db->query($sql)) {
            return false;
        }
        // Add a log entry to show what we've done.
        admin_add_log_entry(DELETE_USER, array($user_logon));
        return true;
    }
    return false;
}

PHP attachments_delete Examples