mods/_core/file_manager/delete.php

   1 <?php
   2 /****************************************************************/
   3 /* ATutor                                                                                                               */
   4 /****************************************************************/
   5 /* Copyright (c) 2002-2010                                      */
   6 /* Inclusive Design Institute                                   */
   7 /* http://atutor.ca                                                                                             */
   8 /*                                                              */
   9 /* This program is free software. You can redistribute it and/or*/
  10 /* modify it under the terms of the GNU General Public License  */
  11 /* as published by the Free Software Foundation.                                */
  12 /****************************************************************/
  13
  14 define('AT_INCLUDE_PATH', '../../../include/');
  15 require(AT_INCLUDE_PATH.'vitals.inc.php');
  16 require_once(AT_INCLUDE_PATH.'../mods/_core/file_manager/filemanager.inc.php');
  17
  18 global $db;
  19
  20 if (!authenticate(AT_PRIV_FILES,AT_PRIV_RETURN)) {
  21         authenticate(AT_PRIV_CONTENT);
  22 }
  23
  24 $current_path = AT_CONTENT_DIR.$_SESSION['course_id'].'/';
  25
  26 $popup = $_REQUEST['popup'];
  27 $framed = $_REQUEST['framed'];
  28
  29 if (isset($_POST['submit_no'])) {
  30         $msg->addFeedback('CANCELLED');
  31         header('Location: index.php?pathext='.$_POST['pathext'].SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type']);
  32         exit;
  33 }
  34
  35 if (isset($_POST['submit_yes'])) {
  36         /* delete files and directories */
  37         /* delete the file  */
  38         $pathext = $_POST['pathext'];
  39         if (isset($_POST['listoffiles']))  {
  40                 $checkbox = explode(',',$_POST['listoffiles']);
  41                 $count = count($checkbox);
  42                 $result=true;
  43                 for ($i=0; $i<$count; $i++) {
  44                         $filename=$checkbox[$i];
  45
  46                         if (course_realpath($current_path . $pathext . $filename) == FALSE) {
  47                                 $msg->addError('FILE_NOT_DELETED');
  48                                 $result=false;
  49                                 break;
  50                         } else if (!(@unlink($current_path.$pathext.$filename))) {
  51                                 $msg->addError('FILE_NOT_DELETED');
  52                                 $result=false;
  53                                 break;
  54                         }
  55                 }
  56                 if ($result)
  57                 {
  58                         // delete according definition of primary resources and alternatives for adapted content
  59                         $filename = '../'.$pathext.$filename;
  60
  61                         // 1. delete secondary resources types
  62                         $sql = "DELETE FROM ".TABLE_PREFIX."secondary_resources_types
  63                                  WHERE secondary_resource_id in (SELECT secondary_resource_id
  64                                               FROM ".TABLE_PREFIX."secondary_resources
  65                                              WHERE secondary_resource = '".$filename."'
  66                                                 OR primary_resource_id in (SELECT primary_resource_id
  67                                                               FROM ".TABLE_PREFIX."primary_resources
  68                                                              WHERE resource='".$filename."'))";
  69                         $result = mysql_query($sql, $db);
  70
  71                         // 2. delete secondary resources
  72                         $sql = "DELETE FROM ".TABLE_PREFIX."secondary_resources
  73                                  WHERE secondary_resource = '".$filename."'
  74                                     OR primary_resource_id in (SELECT primary_resource_id
  75                                              FROM ".TABLE_PREFIX."primary_resources
  76                                             WHERE resource='".$filename."')";
  77                         $result = mysql_query($sql, $db);
  78
  79                         // 3. delete primary resources types
  80                         $sql = "DELETE FROM ".TABLE_PREFIX."primary_resources_types
  81                                  WHERE primary_resource_id in (SELECT primary_resource_id
  82                                               FROM ".TABLE_PREFIX."primary_resources
  83                                              WHERE resource = '".$filename."')";
  84                         $result = mysql_query($sql, $db);
  85
  86                         // 4. delete primary resources
  87                         $sql = "DELETE FROM ".TABLE_PREFIX."primary_resources
  88                                  WHERE resource = '".$filename."'";
  89                         $result = mysql_query($sql, $db);
  90
  91                         $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  92                 }
  93         }
  94         /* delete directory */
  95         if (isset($_POST['listofdirs'])) {
  96
  97                 $checkbox = explode(',',$_POST['listofdirs']);
  98                 $count = count($checkbox);
  99                 $result=true;
 100                 for ($i=0; $i<$count; $i++) {
 101                         $filename=$checkbox[$i];
 102
 103                         if (strpos($filename, '..') !== false) {
 104                                 $msg->addError('UNKNOWN');
 105                                 $result=false;
 106                                 header('Location: index.php?pathext='.$_POST['pathext'].SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type']);
 107                                 exit;
 108                         } else if (!is_dir($current_path.$pathext.$filename)) {
 109                                 $msg->addError(array('DIR_NOT_DELETED',$filename));
 110                                 $result=false;
 111                                 header('Location: index.php?pathext='.$_POST['pathext'].SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type']);
 112                                 exit;
 113                         } else if (!($result = clr_dir($current_path.$pathext.$filename))) {
 114                                 $msg->addError('DIR_NO_PERMISSION');
 115                                 $result=false;
 116                                 header('Location: index.php?pathext='.$_POST['pathext'].SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type']);
 117                                 exit;
 118                         }
 119                 }
 120                 if ($result)
 121                         $msg->addFeedback('DIR_DELETED');
 122         }
 123
 124         header('Location: index.php?pathext='.$_POST['pathext'].SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type']);
 125         exit;
 126 }
 127
 128         require(AT_INCLUDE_PATH.'header.inc.php');
 129         // find the files and directories to be deleted
 130         $total_list = explode(',', $_GET['list']);
 131         $pathext = $_GET['pathext'];
 132         $popup   = $_GET['popup'];
 133         $framed  = $_GET['framed'];
 134         $cp = $_GET['cp'];
 135         $cid = $_GET['cid'];
 136         $pid = $_GET['pid'];
 137         $a_type = $_GET['a_type'];
 138
 139         $count = count($total_list);
 140         $countd = 0;
 141         $countf = 0;
 142
 143         foreach ($total_list as $list_item) {
 144                 if (is_dir($current_path.$pathext.$list_item)) {
 145                         $_dirs[$countd]  = $list_item;
 146                         $countd++;
 147                 } else {
 148                         $_files[$countf] = $list_item;
 149                         $countf++;
 150                 }
 151         }
 152
 153         $hidden_vars['pathext'] = $pathext;
 154         $hidden_vars['popup']   = $popup;
 155         $hidden_vars['framed']  = $framed;
 156         $hidden_vars['cp']  = $cp;
 157         $hidden_vars['cid']  = $cid;
 158         $hidden_vars['pid']  = $pid;
 159         $hidden_vars['a_type']  = $a_type;
 160
 161         if (isset($_files)) {
 162                 $list_of_files = implode(',', $_files);
 163                 $hidden_vars['listoffiles'] = $list_of_files;
 164
 165                 foreach ($_files as $file) {
 166                         $file_list_to_print .= '<li>'.$file.'</li>';
 167                 }
 168                 $msg->addConfirm(array('FILE_DELETE', $file_list_to_print), $hidden_vars);
 169         }
 170
 171         if (isset($_dirs)) {
 172                 $list_of_dirs = implode(',', $_dirs);
 173                 $hidden_vars['listofdirs'] = $list_of_dirs;
 174
 175                 foreach ($_dirs as $dir) {
 176                         $dir_list_to_print .= '<li>'.$dir.'</li>';
 177                 }
 178
 179                 $msg->addConfirm(array('DIR_DELETE',$dir_list_to_print), $hidden_vars);
 180         }
 181
 182         $msg->printConfirm();
 183
 184         require(AT_INCLUDE_PATH.'footer.inc.php');
 185 ?>