// 削除実行 // SQLインジェクション対策のためintvalでフィルタリング $delete_ids = array_map('intval', array_keys($delete)) or print_error('err_shared_id', 'block_sharing_cart', $return_to); $items = $DB->get_records_select('sharing_cart', 'user = '******' AND ' . 'id IN (' . implode(',', $delete_ids) . ')') or print_error('err_shared_id', 'block_sharing_cart', $return_to); $user_dir = make_user_directory($USER->id, true); // ファイル削除に成功したIDのみをDB削除に渡す $delete_ids = array(); foreach ($items as $id => $item) { if (@unlink($user_dir . '/' . $item->file)) { $delete_ids[] = $id; } else { $notifications[] = get_string('err_delete', 'block_sharing_cart'); } } delete_records_select('sharing_cart', 'id IN (' . implode(',', $delete_ids) . ')'); sharing_cart_table::renumber($USER->id); if (count($notifications)) { notice(implode('<br />', $notifications), $return_to); } else { redirect($return_to); } exit; } $title = get_string('bulkdelete', 'block_sharing_cart'); $navlinks = array(); if ($course_id != SITEID) { $navlinks[] = array('name' => get_field('course', 'shortname', 'id', $course_id), 'link' => $CFG->wwwroot . '/course/view.php?id=' . $course_id, 'type' => 'title'); } $navlinks[] = array('name' => $title, 'link' => '', 'type' => 'title'); print_header_simple($title, '', build_navigation($navlinks)); print_heading($title);