/**
* Delete a block
*
* @param string $bid id of block to delete
* @return string HTML redirect or error message
*
*/
function deleteBlock($bid)
{
global $_CONF, $_TABLES, $_USER;
$result = DB_query("SELECT tid,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access < 3 || hasBlockTopicAccess($A['tid']) < 3) {
COM_accessLog("User {$_USER['username']} tried to illegally delete block {$bid}.");
return COM_refresh($_CONF['site_admin_url'] . '/block.php');
}
DB_delete($_TABLES['blocks'], 'bid', $bid);
return COM_refresh($_CONF['site_admin_url'] . '/block.php?msg=12');
}
/**
* used for the list of blocks in admin/block.php
*
*/
function ADMIN_getListField_blocks($fieldname, $fieldvalue, $A, $icon_arr, $token)
{
global $_CONF, $LANG_ADMIN, $LANG21, $_IMAGE_TYPE;
$retval = false;
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access > 0 && hasBlockTopicAccess($A['tid']) > 0) {
switch ($fieldname) {
case 'edit':
if ($access == 3) {
$retval = COM_createLink($icon_arr['edit'], "{$_CONF['site_admin_url']}/block.php?mode=edit&bid={$A['bid']}");
}
break;
case 'title':
$retval = stripslashes($A['title']);
if (empty($retval)) {
$retval = '(' . $A['name'] . ')';
}
break;
case 'blockorder':
$retval .= $A['blockorder'];
break;
case 'is_enabled':
if ($access == 3) {
if ($A['is_enabled'] == 1) {
$switch = ' checked="checked"';
} else {
$switch = '';
}
$retval = "<input type=\"checkbox\" name=\"enabledblocks[{$A['bid']}]\" " . "onclick=\"submit()\" value=\"{$A['onleft']}\"{$switch}" . XHTML . ">";
$retval .= "<input type=\"hidden\" name=\"" . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . ">";
}
break;
case 'move':
if ($access == 3) {
if ($A['onleft'] == 1) {
$side = $LANG21[40];
$blockcontrol_image = 'block-right.' . $_IMAGE_TYPE;
$moveTitleMsg = $LANG21[59];
$switchside = '1';
} else {
$blockcontrol_image = 'block-left.' . $_IMAGE_TYPE;
$moveTitleMsg = $LANG21[60];
$switchside = '0';
}
$csrftoken = '&' . CSRF_TOKEN . '=' . $token;
$retval .= "<img src=\"{$_CONF['layout_url']}/images/admin/{$blockcontrol_image}\" width=\"45\" height=\"20\" usemap=\"#arrow{$A['bid']}\" alt=\"\"" . XHTML . ">" . "<map id=\"arrow{$A['bid']}\" name=\"arrow{$A['bid']}\">" . "<area coords=\"0,0,12,20\" title=\"{$LANG21[58]}\" href=\"{$_CONF['site_admin_url']}/block.php?mode=move&bid={$A['bid']}&where=up{$csrftoken}\" alt=\"{$LANG21[58]}\"" . XHTML . ">" . "<area coords=\"13,0,29,20\" title=\"{$moveTitleMsg}\" href=\"{$_CONF['site_admin_url']}/block.php?mode=move&bid={$A['bid']}&where={$switchside}{$csrftoken}\" alt=\"{$moveTitleMsg}\"" . XHTML . ">" . "<area coords=\"30,0,43,20\" title=\"{$LANG21[57]}\" href=\"{$_CONF['site_admin_url']}/block.php?mode=move&bid={$A['bid']}&where=dn{$csrftoken}\" alt=\"{$LANG21[57]}\"" . XHTML . ">" . "</map>";
}
break;
default:
$retval = $fieldvalue;
break;
}
}
return $retval;
}
