* event, or an admin can delete. * (An assistant can also delete their boss' documents.) * Comments: * TODO: perhaps add email notification on this */ include_once 'includes/init.php'; include_once 'includes/classes/Doc.class'; $blid = getValue('blid', '-?[0-9]+', true); $can_delete = false; // until proven otherwise $error = $name = $owner = $type = ''; $event_id = -1; if ($is_admin) { $can_delete = true; } $res = dbi_execute(Doc::getSQLForDocId($blid)); if (!$res) { $error = db_error(); } else { if ($row = dbi_fetch_row($res)) { $doc = new Doc($row); $event_id = $doc->getEventId(); $name = $doc->getName(); $owner = $doc->getLogin(); $type = $doc->getType(); if ($owner == $login || user_is_assistant($login, $owner)) { $can_delete = true; } } else { // document not found $error = str_replace('XXX', $blid, translate('Invalid entry id XXX.'));