}
return $result;
}
+
+ // get - obtains file details from local database.
+ static function get($id) {
+ global $user;
+ $mdb2 = getConnection();
+
+ $group_id = $user->getGroup();
+ $org_id = $user->org_id;
+
+ $sql = "select id, remote_id, file_key, entity_type, entity_id, file_name, description, status from tt_files".
+ " where id = $id and group_id = $group_id and org_id = $org_id and (status = 0 or status = 1)";
+ $res = $mdb2->query($sql);
+ if (!is_a($res, 'PEAR_Error')) {
+ $val = $res->fetchRow();
+ if ($val && $val['id'])
+ return $val;
+ }
+ return false;
+ }
}
--- /dev/null
+<?php
+// +----------------------------------------------------------------------+
+// | Anuko Time Tracker
+// +----------------------------------------------------------------------+
+// | Copyright (c) Anuko International Ltd. (https://www.anuko.com)
+// +----------------------------------------------------------------------+
+// | LIBERAL FREEWARE LICENSE: This source code document may be used
+// | by anyone for any purpose, and freely redistributed alone or in
+// | combination with other software, provided that the license is obeyed.
+// |
+// | There are only two ways to violate the license:
+// |
+// | 1. To redistribute this code in source form, with the copyright
+// | notice or license removed or altered. (Distributing in compiled
+// | forms without embedded copyright notices is permitted).
+// |
+// | 2. To redistribute modified versions of this code in *any* form
+// | that bears insufficient indications that the modifications are
+// | not the work of the original author(s).
+// |
+// | This license applies to this document only, not any other software
+// | that it may be combined with.
+// |
+// +----------------------------------------------------------------------+
+// | Contributors:
+// | https://www.anuko.com/time_tracker/credits.htm
+// +----------------------------------------------------------------------+
+
+require_once('initialize.php');
+import('form.Form');
+import('ttFileHelper');
+import('ttProjectHelper');
+
+// Access checks.
+$cl_file_id = (int)$request->getParameter('id');
+$file = ttFileHelper::get($cl_file_id);
+if (!$file) {
+ header('Location: access_denied.php');
+ exit();
+}
+// Entity-specific checks.
+if ($file['entity_type'] == 'project') {
+ if (!ttAccessAllowed('manage_projects') || !ttProjectHelper::get($file['entity_id'])) {
+ header('Location: access_denied.php');
+ exit();
+ }
+}
+if ($file['entity_type'] != 'project') {
+ // Currently, files are only associated with projects.
+ // Improve access checks when the feature evolves.
+ header('Location: access_denied.php');
+ exit();
+}
+// End of access checks.
+
+$file_to_delete = $file['file_name'];
+
+$form = new Form('fileDeleteForm');
+$form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_file_id));
+$form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->get('label.delete')));
+$form->addInput(array('type'=>'submit','name'=>'btn_cancel','value'=>$i18n->get('button.cancel')));
+
+// TODO: design redirects properly...
+if ($request->isPost()) {
+ if ($request->getParameter('btn_delete')) {
+ if (ttProjectHelper::delete($cl_project_id)) {
+ header('Location: projects.php');
+ exit();
+ } else
+ $err->add($i18n->get('error.db'));
+ } elseif ($request->getParameter('btn_cancel')) {
+ header('Location: projects.php');
+ exit();
+ }
+} // isPost
+
+$smarty->assign('file_to_delete', $file_to_delete);
+$smarty->assign('forms', array($form->getName()=>$form->toArray()));
+$smarty->assign('onload', 'onLoad="document.fileDeleteForm.btn_cancel.focus()"');
+$smarty->assign('title', $i18n->get('title.delete_file'));
+$smarty->assign('content_page_name', 'file_delete.tpl');
+$smarty->display('index.tpl');
projects / timetracker.git / commitdiff