if (empty($archivetid)) { $asql .= ')'; } else { $asql .= ' OR statuscode = ' . STORY_ARCHIVE_ON_EXPIRE . ") AND tid != '{$archivetid}'"; } $expiresql = DB_query($asql); while (list($sid, $expiretopic, $title, $expire, $statuscode) = DB_fetchArray($expiresql)) { if ($statuscode == STORY_ARCHIVE_ON_EXPIRE) { if (!empty($archivetid)) { COM_errorLog("Archive Story: {$sid}, Topic: {$archivetid}, Title: {$title}, Expired: {$expire}"); DB_query("UPDATE {$_TABLES['stories']} SET tid = '{$archivetid}', frontpage = '0', featured = '0' WHERE sid='{$sid}'"); } } else { if ($statuscode == STORY_DELETE_ON_EXPIRE) { COM_errorLog("Delete Story and comments: {$sid}, Topic: {$expiretopic}, Title: {$title}, Expired: {$expire}"); STORY_doDeleteThisStoryNow($sid); } } } $sql = " (date <= NOW()) AND (draft_flag = 0)"; if (empty($topic)) { $sql .= COM_getLangSQL('tid', 'AND', 's'); } // if a topic was provided only select those stories. if (!empty($topic)) { $sql .= " AND s.tid = '{$topic}' "; } elseif (!$newstories) { $sql .= " AND frontpage = 1 "; } if ($topic != $archivetid) { $sql .= " AND s.tid != '{$archivetid}' ";
/** * Delete an existing story * * @param array args Contains all the data provided by the client * @param string &output OUTPUT parameter containing the returned text * @return int Response code as defined in lib-plugins.php */ function service_delete_story($args, &$output, &$svc_msg) { global $_CONF, $_TABLES, $_USER; if (empty($args['sid']) && !empty($args['id'])) { $args['sid'] = $args['id']; } if ($args['gl_svc']) { $args['sid'] = COM_applyBasicFilter($args['sid']); } $sid = $args['sid']; $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'"); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); $access = min($access, TOPIC_hasMultiTopicAccess('article', $sid)); if ($access < 3) { COM_accessLog("User {$_USER['username']} tried to illegally delete story {$sid}."); $output = COM_refresh($_CONF['site_admin_url'] . '/story.php'); if ($_USER['uid'] > 1) { return PLG_RET_PERMISSION_DENIED; } else { return PLG_RET_AUTH_FAILED; } } STORY_doDeleteThisStoryNow($sid); $output = COM_refresh($_CONF['site_admin_url'] . '/story.php?msg=10'); return PLG_RET_OK; }