static function has_permission($folderID, $userObj, $db)
{
$permission = false;
$folder_owner = folder_utils::get_ownerID($folderID, $db);
if ($folder_owner == $userObj->get_user_ID()) {
return true;
}
$result = $db->prepare("SELECT idMod FROM folders_modules_staff WHERE folders_id = ?");
$result->bind_param('i', $folderID);
$result->execute();
$result->bind_result($idMod);
while ($result->fetch()) {
if ($userObj->is_staff_user_on_module($idMod)) {
$permission = true;
break;
}
}
$result->close();
return $permission;
}
// You should have received a copy of the GNU General Public License
// along with Rogō. If not, see <http://www.gnu.org/licenses/>.
/**
*
* Delete a personal folder.
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require '../include/errors.inc';
require '../classes/folderutils.class.php';
$folderID = check_var('folderID', 'POST', true, false, true);
if ($userObject->get_user_ID() != folder_utils::get_ownerID($folderID, $mysqli)) {
$msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
$notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
$result = $mysqli->prepare("SELECT name FROM folders WHERE id = ?");
$result->bind_param('i', $folderID);
$result->execute();
$result->bind_result($name);
$result->fetch();
$result->close();
$directories = explode(';', $name);
$parent = '';
if (count($directories) > 1) {
for ($i = 1; $i < count($directories); $i++) {
if ($parent == '') {
$parent = $directories[$i - 1];
