Esempio n. 1
0
/**
* Automatic uninstall function for plugins
*
* @return   array
*
* This code is automatically uninstalling the plugin.
* It passes an array to the core code function that removes
* tables, groups, features and php blocks from the tables.
* Additionally, this code can perform special actions that cannot be
* foreseen by the core code (interactions with other plugins for example)
*
*/
function plugin_autouninstall_nexproject()
{
    global $_PRJCONF, $_TABLES;
    $out = array('tables' => array('prj_category', 'prj_department', 'prj_location', 'prj_objective', 'prj_permissions', 'prj_users', 'prj_projects', 'prj_sorting', 'prj_task_users', 'prj_tasks', 'prj_statuslog', 'prj_session', 'prj_filters', 'prj_lockcontrol', 'prj_projPerms', 'prj_taskSemaphore', 'prj_config'), 'groups' => array('nexProject Admin'), 'features' => array('nexproject.admin'), 'php_blocks' => array('phpblock_projectFilter'), 'vars' => array());
    if (prj_forumExists()) {
        //using this row's config value, we'll delete all forums with this ID as the parent and then chuck out the category itself...
        $sql = "SELECT * FROM {$_TABLES['gf_forums']} where forum_cat={$_PRJCONF['forum_parent']}";
        $forumres = DB_query($sql);
        while ($X = DB_fetchArray($forumres)) {
            forum_deleteForum($X['forum_id']);
        }
        DB_query("DELETE FROM {$_TABLES['gf_categories']} where id={$_PRJCONF['forum_parent']}");
    }
    if (prj_nexFileExists()) {
        PLG_itemDeleted($_PRJCONF['nexfile_parent'], 'nexproject_filefolder');
    }
    DB_query("DELETE FROM {$_TABLES['nexlistitems']} WHERE lid={$_PRJCONF['nexlist_locations']}");
    DB_query("DELETE FROM {$_TABLES['nexlistfields']} WHERE lid={$_PRJCONF['nexlist_locations']}");
    DB_query("DELETE FROM {$_TABLES['nexlist']} WHERE id={$_PRJCONF['nexlist_locations']}");
    DB_query("DELETE FROM {$_TABLES['nexlistitems']} WHERE lid={$_PRJCONF['nexlist_departments']}");
    DB_query("DELETE FROM {$_TABLES['nexlistfields']} WHERE lid={$_PRJCONF['nexlist_departments']}");
    DB_query("DELETE FROM {$_TABLES['nexlist']} WHERE id={$_PRJCONF['nexlist_departments']}");
    DB_query("DELETE FROM {$_TABLES['nexlistitems']} WHERE lid={$_PRJCONF['nexlist_category']}");
    DB_query("DELETE FROM {$_TABLES['nexlistfields']} WHERE lid={$_PRJCONF['nexlist_category']}");
    DB_query("DELETE FROM {$_TABLES['nexlist']} WHERE id={$_PRJCONF['nexlist_category']}");
    DB_query("DELETE FROM {$_TABLES['nexlistitems']} WHERE lid={$_PRJCONF['nexlist_objective']}");
    DB_query("DELETE FROM {$_TABLES['nexlistfields']} WHERE lid={$_PRJCONF['nexlist_objective']}");
    DB_query("DELETE FROM {$_TABLES['nexlist']} WHERE id={$_PRJCONF['nexlist_objective']}");
    return $out;
}
Esempio n. 2
0
/**
* Delete a poll
*
* @param    string  $pid    ID of poll to delete
* @return   string          HTML redirect
*
*/
function deletePoll($pid)
{
    global $_CONF, $_TABLES, $_USER;
    $pid = addslashes($pid);
    $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['polltopics']} WHERE pid = '{$pid}'");
    $Q = DB_fetchArray($result);
    $access = SEC_hasAccess($Q['owner_id'], $Q['group_id'], $Q['perm_owner'], $Q['perm_group'], $Q['perm_members'], $Q['perm_anon']);
    if ($access < 3) {
        COM_accessLog("User {$_USER['username']} tried to illegally delete poll {$pid}.");
        return COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php');
    }
    DB_delete($_TABLES['polltopics'], 'pid', $pid);
    DB_delete($_TABLES['pollanswers'], 'pid', $pid);
    DB_delete($_TABLES['pollquestions'], 'pid', $pid);
    DB_delete($_TABLES['comments'], array('sid', 'type'), array($pid, 'polls'));
    PLG_itemDeleted($pid, 'polls');
    return COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php?msg=20');
}
Esempio n. 3
0
/**
 * Delete a story and related data immediately.
 * Note: For internal use only! To delete a story, use STORY_deleteStory (see
 *       above), which will do permission checks and eventually end up here.
 *
 * @param    string $sid ID of the story to delete
 * @internal For internal use only!
 */
function STORY_doDeleteThisStoryNow($sid)
{
    global $_CONF, $_TABLES;
    require_once $_CONF['path_system'] . 'lib-comment.php';
    STORY_deleteImages($sid);
    DB_delete($_TABLES['comments'], array('sid', 'type'), array($sid, 'article'));
    DB_delete($_TABLES['trackback'], array('sid', 'type'), array($sid, 'article'));
    DB_delete($_TABLES['stories'], 'sid', $sid);
    TOPIC_deleteTopicAssignments('article', $sid);
    // notify plugins
    PLG_itemDeleted($sid, 'article');
    // update RSS feed
    COM_rdfUpToDateCheck('article');
    COM_rdfUpToDateCheck('comment');
    STORY_updateLastArticlePublished();
    CMT_updateCommentcodes();
}
Esempio n. 4
0
function delCat()
{
    global $_CONF, $_TABLES, $eh, $mytree, $filemgmt_FileStore, $filemgmt_SnapCat, $filemgmt_SnapStore;
    $cid = $_POST['cid'];
    //get all subcategories under the specified category
    $arr = $mytree->getAllChildId($cid);
    for ($i = 0; $i < sizeof($arr); $i++) {
        //get all downloads in each subcategory
        $result = DB_query("SELECT lid,url,logourl FROM {$_TABLES['filemgmt_filedetail']} WHERE cid='{$arr[$i]}'");
        //now for each download, delete the text data and votes associated with the download
        while (list($lid, $url, $logourl) = DB_fetchArray($result)) {
            DB_query("DELETE FROM {$_TABLES['filemgmt_filedesc']} WHERE lid='{$lid}'");
            DB_query("DELETE FROM {$_TABLES['filemgmt_votedata']} WHERE lid='{$lid}'");
            DB_query("DELETE FROM {$_TABLES['filemgmt_filedetail']} WHERE lid='{$lid}'");
            DB_query("DELETE FROM {$_TABLES['filemgmt_brokenlinks']} WHERE lid='{$lid}'");
            $name = rawurldecode($url);
            $fullname = $filemgmt_FileStore . $name;
            if ($fullname != "" && file_exists($fullname) && !is_dir($fullname)) {
                $err = @unlink($fullname);
            }
            $name = rawurldecode($logourl);
            $fullname = $filemgmt_SnapStore . $name;
            if ($fullname != "" && file_exists($fullname) && !is_dir($fullname)) {
                $err = @unlink($fullname);
            }
        }
        //all downloads for each subcategory is deleted, now delete the subcategory data
        $catimage = DB_getItem($_TABLES['filemgmt_cat'], 'imgurl', "cid='{$arr[$i]}'");
        $catimage_filename = $filemgmt_SnapCat . $catimage;
        if ($catimage != '' && file_exists($catimage_filename) && !is_dir($catimage_filename)) {
            // Check that there is only one category using this image
            if (DB_count($_TABLES['filemgmt_cat'], 'imgurl', $catimage) == 1) {
                @unlink($catimage_filename);
            }
        }
        DB_query("DELETE FROM {$_TABLES['filemgmt_cat']} WHERE cid='{$arr[$i]}'");
    }
    //all subcategory and associated data are deleted, now delete category data and its associated data
    $result = DB_query("SELECT lid,url,logourl FROM {$_TABLES['filemgmt_filedetail']} WHERE cid='{$cid}'");
    while (list($lid, $url, $logourl) = DB_fetchArray($result)) {
        DB_query("DELETE FROM {$_TABLES['filemgmt_filedetail']} WHERE lid='{$lid}'");
        DB_query("DELETE FROM {$_TABLES['filemgmt_filedesc']} WHERE lid='{$lid}'");
        DB_query("DELETE FROM {$_TABLES['filemgmt_brokenlinks']} WHERE lid='{$lid}'");
        PLG_itemDeleted($lid, 'filemgmt');
        $name = rawurldecode($url);
        $fullname = $filemgmt_FileStore . $name;
        if ($fullname != "" && file_exists($fullname) && !is_dir($fullname)) {
            $err = @unlink($fullname);
        }
        $name = rawurldecode($logourl);
        $fullname = $filemgmt_SnapStore . $name;
        if ($fullname != '' && file_exists($fullname) && !is_dir($fullname)) {
            $err = @unlink($fullname);
        }
    }
    $catimage = DB_getItem($_TABLES['filemgmt_cat'], 'imgurl', "cid='{$cid}'");
    $catimage_filename = $filemgmt_SnapCat . $catimage;
    if ($catimage != '' && file_exists($catimage_filename) && !is_dir($catimage_filename)) {
        // Check that there is only one category using this image
        if (DB_count($_TABLES['filemgmt_cat'], 'imgurl', $catimage) == 1) {
            @unlink($catimage_filename);
        }
    }
    DB_query("DELETE FROM {$_TABLES['filemgmt_cat']} WHERE cid='{$cid}'");
    CACHE_remove_instance('whatsnew');
    redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php?op=categoryConfigAdmin", 2, _MD_CATDELETED);
    exit;
}
Esempio n. 5
0
/**
* Delete a story and related data immediately.
*
* Note: For internal use only! To delete a story, use STORY_deleteStory (see
*       above), which will do permission checks and eventually end up here.
*
* @param    string  $sid    ID of the story to delete
* @internal For internal use only!
*
*/
function STORY_doDeleteThisStoryNow($sid)
{
    global $_CONF, $_TABLES;
    require_once $_CONF['path_system'] . 'lib-comment.php';
    STORY_deleteImages($sid);
    DB_delete($_TABLES['comments'], array('sid', 'type'), array($sid, 'article'));
    DB_delete($_TABLES['trackback'], array('sid', 'type'), array($sid, 'article'));
    DB_delete($_TABLES['stories'], 'sid', $sid);
    // notify plugins
    PLG_itemDeleted($sid, 'article');
    // update RSS feed and Older Stories block
    COM_rdfUpToDateCheck();
    COM_olderStuff();
    CMT_updateCommentcodes();
}
Esempio n. 6
0
/**
 * Delete an existing static page
 *
 * @param   array   args    Contains all the data provided by the client
 * @param   string  &output OUTPUT parameter containing the returned text
 * @param   string  &svc_msg OUTPUT parameter containing any service messages
 * @return  int		    Response code as defined in lib-plugins.php
 */
function service_delete_staticpages($args, &$output, &$svc_msg)
{
    global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG12, $LANG_STATIC, $LANG_LOGIN;
    if (empty($args['sp_id']) && !empty($args['id'])) {
        $args['sp_id'] = $args['id'];
    }
    // Apply filters to the parameters passed by the webservice
    if ($args['gl_svc']) {
        $args['sp_id'] = COM_applyBasicFilter($args['sp_id']);
        $args['mode'] = COM_applyBasicFilter($args['mode']);
    }
    $sp_id = $args['sp_id'];
    if (!SEC_hasRights('staticpages.delete')) {
        $output = COM_siteHeader('menu', $LANG_STATIC['access_denied']);
        $output .= COM_showMessageText($LANG_STATIC['access_denied_msg'], $LANG_STATIC['access_denied'], true);
        $output .= COM_siteFooter();
        if (!COM_isAnonUser()) {
            return PLG_RET_PERMISSION_DENIED;
        } else {
            return PLG_RET_AUTH_FAILED;
        }
    }
    DB_delete($_TABLES['staticpage'], 'sp_id', $sp_id);
    DB_delete($_TABLES['comments'], array('sid', 'type'), array($sp_id, 'staticpages'));
    PLG_itemDeleted($sp_id, 'staticpages');
    $output = COM_refresh($_CONF['site_admin_url'] . '/plugins/staticpages/index.php');
    return PLG_RET_OK;
}
Esempio n. 7
0
/**
 * Delete an existing story
 *
 * @param   array   args    Contains all the data provided by the client
 * @param   string  &output OUTPUT parameter containing the returned text
 * @return  int		    Response code as defined in lib-plugins.php
 */
function service_delete_story($args, &$output, &$svc_msg)
{
    global $_CONF, $_TABLES, $_USER;
    if (empty($args['sid']) && !empty($args['id'])) {
        $args['sid'] = $args['id'];
    }
    if ($args['gl_svc']) {
        $args['sid'] = COM_applyBasicFilter($args['sid']);
    }
    $sid = $args['sid'];
    $result = DB_query("SELECT tid,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'");
    $A = DB_fetchArray($result);
    $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    $access = min($access, SEC_hasTopicAccess($A['tid']));
    if ($access < 3) {
        COM_accessLog("User {$_USER['username']} tried to illegally delete story {$sid}.");
        $output = COM_refresh($_CONF['site_admin_url'] . '/story.php');
        if ($_USER['uid'] > 1) {
            return PLG_RET_PERMISSION_DENIED;
        } else {
            return PLG_RET_AUTH_FAILED;
        }
    }
    STORY_deleteImages($sid);
    DB_query("DELETE FROM {$_TABLES['comments']} WHERE sid = '" . DB_escapeString($sid) . "' AND type = 'article'");
    DB_delete($_TABLES['stories'], 'sid', DB_escapeString($sid));
    // delete Trackbacks
    DB_query("DELETE FROM {$_TABLES['trackback']} WHERE sid = '" . DB_escapeString($sid) . "' AND type = 'article';");
    PLG_itemDeleted($sid, 'article');
    // update RSS feed and Older Stories block
    COM_rdfUpToDateCheck();
    COM_olderStuff();
    COM_setMessage(10);
    $output = COM_refresh($_CONF['site_admin_url'] . '/story.php');
    return PLG_RET_OK;
}
Esempio n. 8
0
}
foreach ($pluginLangLines as $line) {
    if (trim($line) == '' || substr($line, 0, 1) == '#') {
        continue;
    }
    $tokens = explode('=', $line);
    $key = 'LANG_' . trim($tokens[0]);
    array_shift($tokens);
    $val = implode('=', $tokens);
    $pluginLangLabels[$key] = trim($val);
}
/* Record Project ID (pid) in a project session record so we can navigate back from the other plugins */
prj_updateSession($pid);
switch ($mode) {
    case 'deletefile':
        PLG_itemDeleted($id, 'nexproject_fileitem');
        break;
    case 'edit':
        // Edit Task
        if ($pid == 0 and $id > 0) {
            // If pid not set but task id is - retrieve the pid (project id)
            $pid = DB_getItem($_TABLES['prj_tasks'], 'pid', "tid={$id}");
        }
        $uid = $_USER['uid'];
        $protoken = prj_getProjectPermissions($pid, $uid, $id);
        $ownertoken = getTaskToken($id, $uid, "{$_TABLES['prj_task_users']}", "{$_TABLES['prj_tasks']}");
        if ($protoken['full'] != 0 || $protoken['teammember'] != 0 || $ownertoken != 0) {
            $taskrec = DB_fetchArray(DB_query("SELECT * FROM {$_TABLES['prj_tasks']} WHERE tid={$id}"));
            $result = DB_query("SELECT pid, name FROM {$_TABLES['prj_projects']} WHERE pid={$pid}");
            list($pid, $name) = DB_fetchArray($result);
            $edit_icons = prj_edit_task_icons($pid, $id, 'edit');
Esempio n. 9
0
/**
* Recursivly deletes all albums and child albums
*
* @param    int     album_id    album id to delete
* @return   int     true for success or false for failure
*
*/
function MG_deleteChildAlbums($album_id)
{
    global $MG_albums, $_CONF, $_MG_CONF, $_TABLES, $_USER;
    $sql = "SELECT * FROM {$_TABLES['mg_albums']} WHERE album_parent=" . $album_id;
    $aResult = DB_query($sql);
    $rowCount = DB_numRows($aResult);
    for ($z = 0; $z < $rowCount; $z++) {
        $row = DB_fetchArray($aResult);
        MG_deleteChildAlbums($row['album_id']);
    }
    $sql = "SELECT ma.media_id, m.media_filename, m.media_mime_ext\r\n            FROM " . $_TABLES['mg_media_albums'] . " as ma LEFT JOIN " . $_TABLES['mg_media'] . " as m ON ma.media_id=m.media_id\r\n            WHERE ma.album_id = " . $album_id;
    $result = DB_query($sql);
    $nRows = DB_numRows($result);
    $mediarow = array();
    for ($i = 0; $i < $nRows; $i++) {
        $row = DB_fetchArray($result);
        $mediarow[] = $row;
    }
    if (count($mediarow) != 0) {
        for ($i = 0; $i < count($mediarow); $i++) {
            $sql = "SELECT COUNT(media_id) AS count FROM " . $_TABLES['mg_media_albums'] . "  WHERE media_id = '" . $mediarow[$i]['media_id'] . "'";
            $result = DB_query($sql);
            $row = DB_fetchArray($result);
            if ($row['count'] <= 1) {
                foreach ($_MG_CONF['validExtensions'] as $ext) {
                    @unlink($_MG_CONF['path_mediaobjects'] . 'tn/' . $mediarow[$i]['media_filename'][0] . '/' . $mediarow[$i]['media_filename'] . $ext);
                    @unlink($_MG_CONF['path_mediaobjects'] . 'disp/' . $mediarow[$i]['media_filename'][0] . '/' . $mediarow[$i]['media_filename'] . $ext);
                }
                @unlink($_MG_CONF['path_mediaobjects'] . 'orig/' . $mediarow[$i]['media_filename'][0] . '/' . $mediarow[$i]['media_filename'] . '.' . $mediarow[$i]['media_mime_ext']);
                $sql = "DELETE FROM " . $_TABLES['mg_media'] . "  WHERE media_id = '" . $mediarow[$i]['media_id'] . "'";
                DB_query($sql);
                DB_delete($_TABLES['comments'], 'sid', $mediarow[$i]['media_id']);
                DB_delete($_TABLES['mg_playback_options'], 'media_id', $mediarow[$i]['media_id']);
                PLG_itemDeleted($mediarow[$i]['media_id'], 'mediagallery');
            }
        }
    }
    $sql = "DELETE FROM " . $_TABLES['mg_media_albums'] . " WHERE album_id = " . $album_id;
    DB_query($sql);
    $sql = "DELETE FROM " . $_TABLES['mg_albums'] . " WHERE album_id = " . $album_id;
    DB_query($sql);
    $feedname = sprintf($_MG_CONF['rss_feed_name'] . "%06d", $album_id);
    $feedpath = MG_getFeedPath();
    @unlink($feedpath . '/' . $feedname . '.rss');
}
Esempio n. 10
0
/* Check to see if user has checked multiple records to delete */
if (strcasecmp($_SERVER['REQUEST_METHOD'], 'POST') === 0 and $op == 'delchecked' and SEC_checkToken()) {
    $chk_record_delete = array();
    if (isset($_POST['chk_record_delete'])) {
        $chk_record_delete = $_POST['chk_record_delete'];
    }
    foreach ($chk_record_delete as $id) {
        $id = COM_applyFilter($id, true);
        DB_query("DELETE FROM {$_TABLES['forum_topic']} WHERE id='{$id}'");
        PLG_itemDeleted($id, 'forum');
    }
    COM_rdfUpToDateCheck('forum');
    // forum rss feeds update
} elseif ($op == 'delrecord' and SEC_checkToken()) {
    DB_query("DELETE FROM {$_TABLES['forum_topic']} WHERE id='{$id}'");
    PLG_itemDeleted($id, 'forum');
    COM_rdfUpToDateCheck('forum');
    // forum rss feeds update
}
// Page Navigation Logic
if (empty($show)) {
    $show = $CONF_FORUM['show_messages_perpage'];
}
// Check if this is the first page.
if (empty($page)) {
    $page = 1;
}
$whereSQL = '';
$forumname = '';
if ($forum > 0) {
    $whereSQL = " WHERE forum='{$forum}'";
Esempio n. 11
0
     PLG_itemDeleted($msgid, 'forum');
     DB_query("DELETE FROM {$_TABLES['forum_topic']} WHERE (pid='{$msgid}')");
     DB_query("DELETE FROM {$_TABLES['forum_watch']} WHERE (id='{$msgid}')");
     $postCount = DB_Count($_TABLES['forum_topic'], 'forum', $forum);
     DB_query("UPDATE {$_TABLES['forum_forums']} SET topic_count=topic_count-1,post_count={$postCount} WHERE forum_id={$forum}");
     $query = DB_query("SELECT MAX(id) FROM {$_TABLES['forum_topic']} WHERE forum={$forum}");
     list($last_topic) = DB_fetchArray($query);
     if ($last_topic > 0) {
         DB_query("UPDATE {$_TABLES['forum_forums']} SET last_post_rec={$last_topic} WHERE forum_id={$forum}");
     } else {
         DB_query("UPDATE {$_TABLES['forum_forums']} SET last_post_rec=0 WHERE forum_id={$forum}");
     }
 } else {
     DB_query("UPDATE {$_TABLES['forum_topic']} SET replies=replies-1 WHERE id={$topicparent}");
     DB_query("DELETE FROM {$_TABLES['forum_topic']} WHERE (id='{$msgid}')");
     PLG_itemDeleted($msgid, 'forum');
     DB_query("UPDATE {$_TABLES['forum_forums']} SET post_count=post_count-1 WHERE forum_id={$forum}");
     // Get the post id for the last post in this topic
     $query = DB_query("SELECT MAX(id) FROM {$_TABLES['forum_topic']} WHERE forum={$forum}");
     list($last_topic) = DB_fetchArray($query);
     if ($last_topic > 0) {
         DB_query("UPDATE {$_TABLES['forum_forums']} SET last_post_rec={$last_topic} WHERE forum_id={$forum}");
     }
 }
 if ($topicparent == 0) {
     $topicparent = $msgid;
 } else {
     $lsql = DB_query("SELECT MAX(id) FROM {$_TABLES['forum_topic']} WHERE pid={$topicparent}");
     list($lastrecid) = DB_fetchArray($lsql);
     if ($lastrecid == NULL) {
         $topicdatecreated = DB_getItem($_TABLES['forum_topic'], 'date', "id={$topicparent}");
Esempio n. 12
0
/**
* Delete an event
*
* @param    string  $eid    id of event to delete
* @param    string  $type   'submission' when attempting to delete a submission
* @param    string          HTML redirect
*/
function CALENDAR_delete($eid, $type = '')
{
    global $_CONF, $_TABLES, $_USER;
    if (empty($type)) {
        // delete regular event
        $result = DB_query("SELECT * FROM {$_TABLES['events']} WHERE eid = '" . DB_escapeString($eid) . "'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access < 3) {
            COM_accessLog("User {$_USER['username']} tried to illegally delete event {$eid}.");
            return COM_refresh($_CONF['site_admin_url'] . '/plugins/calendar/index.php');
        }
        DB_delete($_TABLES['events'], 'eid', DB_escapeString($eid));
        DB_delete($_TABLES['personal_events'], 'eid', DB_escapeString($eid));
        PLG_itemDeleted($eid, 'calendar');
        COM_rdfUpToDateCheck('calendar', $A['event_type'], $A['eid']);
        return COM_refresh($_CONF['site_admin_url'] . '/plugins/calendar/index.php?msg=18');
    } elseif ($type == 'submission') {
        if (plugin_ismoderator_calendar()) {
            DB_delete($_TABLES['eventsubmission'], 'eid', DB_escapeString($eid));
            return COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
        } else {
            COM_accessLog("User {$_USER['username']} tried to illegally delete event submission {$eid}.");
        }
    } else {
        COM_accessLog("User {$_USER['username']} tried to illegally delete event {$eid} of type {$type}.");
    }
    return COM_refresh($_CONF['site_admin_url'] . '/plugins/calendar/index.php');
}
Esempio n. 13
0
/**
 * Delete forum post(s)
 *
 * This function will delete the requested forum post and update all the
 * topic / forum counters.
 *
 * @param  int     $topic_id        Topic ID to delete
 * @param  int     $topic_parent_id Parent ID of topic
 * @param  int     $forum_id        Forum ID where topic exists
 *
 * @return  string HTML to display confirmation
 */
function moderator_deletePost($topic_id, $topic_parent_id, $forum_id)
{
    global $_CONF, $_USER, $_TABLES, $_FF_CONF, $LANG_GF02;
    $retval = '';
    $topicparent = DB_getItem($_TABLES['ff_topic'], "pid", "id=" . (int) $topic_id);
    if ($topicparent == 0) {
        // Need to check for any attachments and delete if required
        $q1 = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE pid=" . (int) $topic_id . " OR id=" . (int) $topic_id);
        while ($A = DB_fetchArray($q1)) {
            $q2 = DB_query("SELECT id FROM {$_TABLES['ff_attachments']} WHERE topic_id=" . (int) $A['id']);
            while ($B = DB_fetchArray($q2)) {
                forum_delAttachment($B['id']);
            }
            PLG_itemDeleted($A['id'], 'forum');
        }
        DB_query("DELETE FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $topic_id);
        DB_query("DELETE FROM {$_TABLES['ff_topic']} WHERE pid=" . (int) $topic_id);
        DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE (type='forum' AND id=" . (int) $topic_id . ")");
        $postCount = DB_Count($_TABLES['ff_topic'], 'forum', (int) $forum_id);
        $topicsQuery = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE forum=" . (int) $forum_id . " AND pid=0");
        $topicCount = DB_numRows($topicsQuery);
        DB_query("UPDATE {$_TABLES['ff_forums']} SET topic_count=" . (int) $topicCount . ",post_count=" . (int) $postCount . " WHERE forum_id=" . (int) $forum_id);
        // Remove any lastviewed records in the log so that the new updated topic indicator will appear
        DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicparent);
    } else {
        // Need to check for any attachments and delete if required
        $q1 = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $topic_id);
        while ($A = DB_fetchArray($q1)) {
            $q2 = DB_query("SELECT id FROM {$_TABLES['ff_attachments']} WHERE topic_id=" . (int) $A['id']);
            while ($B = DB_fetchArray($q2)) {
                forum_delAttachment($B['id']);
            }
        }
        DB_query("UPDATE {$_TABLES['ff_topic']} SET replies=replies-1 WHERE id=" . (int) $topicparent);
        DB_query("DELETE FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $topic_id);
        $postCount = DB_Count($_TABLES['ff_topic'], 'forum', (int) $forum_id);
        DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=" . (int) $postCount . " WHERE forum_id=" . (int) $forum_id);
        $sql = "SELECT count(*) AS count FROM {$_TABLES['ff_topic']} topic left join {$_TABLES['ff_attachments']} att ON topic.id=att.topic_id WHERE (topic.id=" . (int) $topicparent . " OR topic.pid=" . (int) $topicparent . ") and att.filename <> ''";
        $result = DB_query($sql);
        if (DB_numRows($result) > 0) {
            list($attCount) = DB_fetchArray($result);
            DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=" . (int) $attCount . " WHERE id=" . (int) $topicparent);
        }
        PLG_itemDeleted($topic_id, 'forum');
    }
    if ($topicparent == 0) {
        $topicparent = $topic_id;
        gf_updateLastPost($forum_id);
    } else {
        gf_updateLastPost($forum_id, $topicparent);
    }
    CACHE_remove_instance('forumcb');
    if ($topicparent == $topic_id) {
        $link = $_CONF['site_url'] . '/forum/index.php?forum=' . $forum_id;
        $retval .= FF_statusMessage($LANG_GF02['msg55'], $link, $LANG_GF02['msg55'], true, $forum_id, true);
    } else {
        $link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topicparent;
        $retval .= FF_statusMessage($LANG_GF02['msg55'], $link, $LANG_GF02['msg55'], true, $forum_id, true);
    }
    return $retval;
}
Esempio n. 14
0
function MG_deleteMedia($media_id)
{
    global $_TABLES;
    $sql = "SELECT media_filename, media_mime_ext FROM {$_TABLES['mg_media']} " . "WHERE media_id='" . addslashes($media_id) . "'";
    $result = DB_query($sql);
    while (list($filename, $mime_ext) = DB_fetchArray($result)) {
        $orig = Media::getFilePath('orig', $filename, $mime_ext);
        @unlink($orig);
        $disp = Media::getFilePath('disp', $filename);
        @unlink($disp);
        $ext = pathinfo($disp, PATHINFO_EXTENSION);
        $tn = Media::getFilePath('tn', $filename, $ext);
        @unlink($tn);
        $types = array('0', '1', '2', '3', '10', '11', '12', '13');
        foreach ($types as $t) {
            $fpath = Media::getThumbPath($tn, $t);
            @unlink($fpath);
        }
        DB_delete($_TABLES['mg_media_albums'], 'media_id', addslashes($media_id));
        DB_delete($_TABLES['mg_media'], 'media_id', addslashes($media_id));
        DB_delete($_TABLES['comments'], 'sid', addslashes($media_id));
        DB_delete($_TABLES['mg_playback_options'], 'media_id', addslashes($media_id));
        PLG_itemDeleted($media_id, 'mediagallery');
    }
}
Esempio n. 15
0
/**
 * Delete an existing static page
 *
 * @param   array   args    Contains all the data provided by the client
 * @param   string  &output OUTPUT parameter containing the returned text
 * @param   string  &svc_msg OUTPUT parameter containing any service messages
 * @return  int		    Response code as defined in lib-plugins.php
 */
function service_delete_staticpages($args, &$output, &$svc_msg)
{
    global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG12, $LANG_STATIC;
    $output = COM_refresh($_CONF['site_admin_url'] . '/plugins/staticpages/index.php?msg=20');
    if (empty($args['sp_id']) && !empty($args['id'])) {
        $args['sp_id'] = $args['id'];
    }
    // Apply filters to the parameters passed by the webservice
    if ($args['gl_svc']) {
        $args['sp_id'] = COM_applyBasicFilter($args['sp_id']);
        $args['mode'] = COM_applyBasicFilter($args['mode']);
    }
    $sp_id = $args['sp_id'];
    if (!SEC_hasRights('staticpages.delete')) {
        $output = COM_siteHeader('menu', $LANG_STATIC['access_denied']);
        $output .= COM_startBlock($LANG_STATIC['access_denied'], '', COM_getBlockTemplate('_msg_block', 'header'));
        $output .= $LANG_STATIC['access_denied_msg'];
        $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $output .= COM_siteFooter();
        if ($_USER['uid'] > 1) {
            return PLG_RET_PERMISSION_DENIED;
        } else {
            return PLG_RET_AUTH_FAILED;
        }
    }
    // If a staticpage template, remove any use of the file
    if (DB_getItem($_TABLES['staticpage'], 'template_flag', "sp_id = '{$sp_id}'") == 1) {
        $sql = "UPDATE {$_TABLES['staticpage']} SET template_id = '' WHERE template_id = '{$sp_id}'";
        $result = DB_query($sql);
    }
    DB_delete($_TABLES['staticpage'], 'sp_id', $sp_id);
    DB_delete($_TABLES['comments'], array('sid', 'type'), array($sp_id, 'staticpages'));
    PLG_itemDeleted($sp_id, 'staticpages');
    return PLG_RET_OK;
}
Esempio n. 16
0
/**
 * Delete an existing static page
 *
 * @param   array   args    Contains all the data provided by the client
 * @param   string  &output OUTPUT parameter containing the returned text
 * @param   string  &svc_msg OUTPUT parameter containing any service messages
 * @return  int         Response code as defined in lib-plugins.php
 */
function service_delete_staticpages($args, &$output, &$svc_msg)
{
    global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG12, $LANG_STATIC;
    $output = COM_refresh($_CONF['site_admin_url'] . '/plugins/staticpages/index.php?msg=20');
    if (empty($args['sp_id']) && !empty($args['id'])) {
        $args['sp_id'] = $args['id'];
    }
    // Apply filters to the parameters passed by the webservice
    if ($args['gl_svc']) {
        $args['sp_id'] = COM_applyBasicFilter($args['sp_id']);
        $args['mode'] = COM_applyBasicFilter($args['mode']);
    }
    $sp_id = $args['sp_id'];
    if (!SEC_hasRights('staticpages.delete')) {
        $output .= COM_showMessageText($LANG_STATIC['access_denied_msg'], $LANG_STATIC['access_denied']);
        $output = COM_createHTMLDocument($output, array('pagetitle' => $LANG_STATIC['access_denied']));
        if ($_USER['uid'] > 1) {
            return PLG_RET_PERMISSION_DENIED;
        } else {
            return PLG_RET_AUTH_FAILED;
        }
    }
    // If a staticpage template, remove any use of the file
    if (DB_getItem($_TABLES['staticpage'], 'template_flag', "sp_id = '{$sp_id}'") == 1) {
        $sql = "UPDATE {$_TABLES['staticpage']} SET template_id = '' WHERE template_id = '{$sp_id}'";
        $result = DB_query($sql);
    }
    DB_delete($_TABLES['staticpage'], 'sp_id', $sp_id);
    DB_delete($_TABLES['comments'], array('sid', 'type'), array($sp_id, 'staticpages'));
    TOPIC_deleteTopicAssignments('staticpages', $sp_id);
    PLG_itemDeleted($sp_id, 'staticpages');
    // Clear Cache
    $cacheInstance = 'staticpage__' . $sp_id . '__';
    CACHE_remove_instance($cacheInstance);
    return PLG_RET_OK;
}
Esempio n. 17
0
function links_delete_category($cid)
{
    global $_TABLES, $LANG_LINKS_ADMIN;
    $cid = addslashes($cid);
    if (DB_count($_TABLES['linkcategories'], 'cid', $cid) > 0) {
        // item exists so check access rights
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,\n            perm_members,perm_anon FROM {$_TABLES['linkcategories']}\n            WHERE cid='{$cid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access > 2) {
            // has edit rights
            // Check for subfolders and sublinks
            $sf = DB_count($_TABLES['linkcategories'], 'pid', $cid);
            $sl = DB_count($_TABLES['links'], 'cid', $cid);
            if ($sf == 0 && $sl == 0) {
                // No subfolder/links so OK to delete
                DB_delete($_TABLES['linkcategories'], 'cid', $cid);
                PLG_itemDeleted($cid, 'links.category');
                return 13;
            } else {
                // Subfolders and/or sublinks exist so return a message
                return 14;
            }
        } else {
            // no access
            return 15;
            COM_accessLog(sprintf($LANG_LINKS_ADMIN[46], $_USER['username']));
        }
    } else {
        // no such category
        return 16;
    }
}
Esempio n. 18
0
/**
* Delete a link
*
* @param    string  $lid    id of link to delete
* @param    string  $type   'submission' when attempting to delete a submission
* @return   string          HTML redirect
*
*/
function deleteLink($lid, $type = '')
{
    global $_CONF, $_TABLES, $_USER;
    if (empty($type)) {
        // delete regular link
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['links']} WHERE lid ='{$lid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access < 3) {
            COM_accessLog("User {$_USER['username']} tried to illegally delete link {$lid}.");
            return COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php');
        }
        DB_delete($_TABLES['links'], 'lid', $lid);
        PLG_itemDeleted($lid, 'links');
        return COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php?msg=3');
    } elseif ($type == 'submission') {
        if (plugin_ismoderator_links()) {
            DB_delete($_TABLES['linksubmission'], 'lid', $lid);
            return COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php?msg=3');
        } else {
            COM_accessLog("User {$_USER['username']} tried to illegally delete link submission {$lid}.");
        }
    } else {
        COM_accessLog("User {$_USER['username']} tried to illegally delete link {$lid} of type {$type}.");
    }
    return COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php');
}
Esempio n. 19
0
/**
 * Delete a topic
 *
 * @param    string $tid Topic ID
 * @return   string          HTML redirect
 */
function deleteTopic($tid)
{
    global $_CONF, $_TABLES, $_USER, $_TOPICS;
    $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
    $A = DB_fetchArray($result);
    $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    if ($access < 3) {
        COM_accessLog("User {$_USER['username']} tried to illegally delete topic {$tid}.");
        COM_redirect($_CONF['site_admin_url'] . '/topic.php');
    }
    // Update any child topics to root and un hide them
    DB_query("UPDATE {$_TABLES['topics']} SET parent_id = '" . TOPIC_ROOT . "', hidden = 0 WHERE parent_id = '{$tid}'");
    // same with feeds
    DB_query("UPDATE {$_TABLES['syndication']} SET topic = '::all', is_enabled = 0 WHERE topic = '{$tid}'");
    // Need to cycle through stories from topic
    // Only delete story if only this one topic
    // Make sure to check if this topic is default for story. If is make another topic default.
    $object_tables[] = $_TABLES['stories'];
    $object_tables[] = $_TABLES['storysubmission'];
    $object_tables[] = $_TABLES['blocks'];
    $object_tables_id[$_TABLES['stories']] = 'sid';
    $object_tables_id[$_TABLES['storysubmission']] = 'sid';
    $object_tables_id[$_TABLES['blocks']] = 'bid';
    $object_type[$_TABLES['stories']] = 'article';
    $object_type[$_TABLES['storysubmission']] = 'article';
    $object_type[$_TABLES['blocks']] = 'block';
    foreach ($object_tables as $object_table) {
        $sql = "SELECT {$object_tables_id[$object_table]}, ta.tdefault\n            FROM {$object_table}, {$_TABLES['topic_assignments']} ta\n            WHERE ta.type = '{$object_type[$object_table]}' AND ta.id = CAST({$object_tables_id[$object_table]} AS CHAR) AND ta.tid = '{$tid}'";
        $result = DB_query($sql);
        $numStories = DB_numRows($result);
        for ($i = 0; $i < $numStories; $i++) {
            $A = DB_fetchArray($result);
            // Now check if another topic exists for this story
            $sql = "SELECT {$object_tables_id[$object_table]}, ta.tid\n                FROM {$object_table}, {$_TABLES['topic_assignments']} ta\n                WHERE ta.type = '{$object_type[$object_table]}' AND ta.id = {$object_tables_id[$object_table]}\n                AND ta.tid <> '{$tid}' AND {$object_tables_id[$object_table]} = '{$A[$object_tables_id[$object_table]]}'";
            $resultB = DB_query($sql);
            $numTopics = DB_numRows($resultB);
            if ($numTopics == 0) {
                // Delete comments, trackbacks, images associated with stories in this topic since only topic
                if ($object_table == $_TABLES['stories'] || $object_table == $_TABLES['storysubmission']) {
                    STORY_deleteImages($A['sid']);
                    DB_delete($_TABLES['comments'], array('sid', 'type'), array($A['sid'], 'article'));
                    DB_delete($_TABLES['trackback'], array('sid', 'type'), array($A['sid'], 'article'));
                    if ($object_table == $_TABLES['stories']) {
                        PLG_itemDeleted($A['sid'], 'article');
                    }
                }
                DB_delete($object_table, $object_tables_id[$object_table], $A[$object_tables_id[$object_table]]);
            } else {
                // Story still exists for other topics so make sure one is default
                if ($object_table == $_TABLES['stories'] || $object_table == $_TABLES['storysubmission']) {
                    if ($A['tdefault'] == 1) {
                        $B = DB_fetchArray($resultB);
                        $sql = "UPDATE {$_TABLES['topic_assignments']} SET tdefault = 1 WHERE type = 'article' AND tid = '{$B['tid']}' AND id = '{$B['sid']}'";
                        DB_query($sql);
                    }
                }
            }
        }
    }
    // Notify of Delete topic so other plugins can deal with their items without topics
    PLG_itemDeleted($tid, 'topic');
    // delete these
    DB_delete($_TABLES['topic_assignments'], 'tid', $tid);
    DB_delete($_TABLES['topics'], 'tid', $tid);
    // Reorder Topics, Delete topic cache and reload topic tree
    reorderTopics();
    // update feed(s)
    COM_rdfUpToDateCheck('article');
    COM_redirect($_CONF['site_admin_url'] . '/topic.php?msg=14');
}
Esempio n. 20
0
 /**
  * Delete download file information from the database and the file repository
  */
 function delDownload($id = '', $switch = true)
 {
     global $_CONF, $_TABLES, $_DLM_CONF;
     $this->_checkHasAccess();
     if (!empty($id)) {
         $lid = addslashes(COM_applyFilter($id));
         $name = DB_getItem($_TABLES['downloads'], 'url', "lid = '{$lid}'");
     } else {
         $lid = addslashes(COM_applyFilter($_POST['old_lid']));
         $name = COM_applyFilter($_POST['url']);
     }
     $secret_id = DB_getItem($_TABLES['downloads'], 'secret_id', "lid = '{$lid}'");
     $safename = DLM_createSafeFileName($name, $secret_id);
     $tmpfile = $_DLM_CONF['path_filestore'] . $safename;
     $tmpsnapfile = DB_getItem($_TABLES['downloads'], 'logourl', "lid = '{$lid}'");
     DB_query("DELETE FROM {$_TABLES['downloads']}     WHERE lid = '{$lid}'");
     DB_query("DELETE FROM {$_TABLES['downloadvotes']} WHERE lid = '{$lid}'");
     PLG_itemDeleted($lid, 'downloads');
     $this->_unlink($tmpfile);
     $this->_unlinkSnapImage($tmpsnapfile);
     $this->_unlinkTnImage($tmpsnapfile);
     if ($switch == true) {
         $this->_page = COM_applyFilter($_POST['page']);
         if ($this->_page == 'flist') {
             $url = "{$_CONF['site_url']}/downloads/index.php";
         } else {
             $url = "{$_CONF['site_url']}/admin/plugins/downloads/index.php";
         }
         return PLG_afterSaveSwitch('item', $url, 'downloads', 105);
     } else {
         return;
     }
 }