* event, or an admin can delete.
* (An assistant can also delete their boss' documents.)
* Comments:
* TODO: perhaps add email notification on this
*/
include_once 'includes/init.php';
include_once 'includes/classes/Doc.class';
$blid = getValue('blid', '-?[0-9]+', true);
$can_delete = false;
// until proven otherwise
$error = $name = $owner = $type = '';
$event_id = -1;
if ($is_admin) {
$can_delete = true;
}
$res = dbi_execute(Doc::getSQLForDocId($blid));
if (!$res) {
$error = db_error();
} else {
if ($row = dbi_fetch_row($res)) {
$doc = new Doc($row);
$event_id = $doc->getEventId();
$name = $doc->getName();
$owner = $doc->getLogin();
$type = $doc->getType();
if ($owner == $login || user_is_assistant($login, $owner)) {
$can_delete = true;
}
} else {
// document not found
$error = str_replace('XXX', $blid, translate('Invalid entry id XXX.'));
