po/src/profile.del.php

137 lines
5.1 KiB
PHP

<?php
// Copyright (C) 2002-2006 Balint Kis (balint@k-i-s.net)
// Copyright (C) 2005-2013 Solomon Peachy (pizza@shaftnet.org)
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
include_once "include/config.php";
include_once "include/profile.php";
include_once "include/site.php";
include_once "include/common.php";
$database = site_prolog(PO_USER_TYPE_USER);
$type = pg_escape_string($database, $_REQUEST['type']);
$item_id = pg_escape_string($database, $_REQUEST['item']);
$go = isset($_REQUEST['go']);
$number_of_references = pg_fetch_row(pg_query($database, "select number_of_equipment_references($item_id)"));
/* Ensure the user owns it !*/
if ((!$go || ($go && $_REQUEST['go'] != 'old')) &&
($po_user['type'] != PO_USER_TYPE_ADMIN)) {
$result = pg_fetch_row(pg_query($database, "select count(identifier) from equipment where identifier='$item_id' and users=$po_user[id]"));
if ($result[0] == 0) {
site_referer_error('not_owner');
site_epilog($database);
exit();
}
}
if ($go) {
if ($_REQUEST['go'] == 'old') {
old_profile_del_item($database, $type, $item_id);
site_epilog($database);
header("Location: my.profile.php?selector=".$profile_data[$type]['idx']);
exit();
}
$sku_to_remove = FALSE;
pg_query($database, "begin");
$sku_to_remove = pg_fetch_row(pg_query($database, "select sku from equipment where identifier='$item_id'"));
$number_of_same_type = pg_fetch_row(pg_query($database, "select count(identifier) from equipment where sku = $sku_to_remove[0]"));
if ($number_of_same_type[0] != 1) {
$sku_to_remove = FALSE;
}
$result = pg_query($database, "delete from equipment where identifier='$item_id'");
if ($result && $sku_to_remove) {
$result = pg_query($database, "delete from equipment_sku where identifier='$sku_to_remove[0]'");
}
if ($result) {
pg_query($database, "commit");
} else {
pg_query($database, "rollback");
site_push_error($strings['errors_db_insert_failed']);
}
site_epilog($database);
header("Location: my.profile.php?selector=".$profile_data[$equipment_types[$type]]['idx']);
exit();
}
site_header(sprintf($strings['profile_delete'], $strings['generic_'.$equipment_types[$type]]));
site_navigator(6);
site_navigator_status(emit_a(generate_link('user', ''), $strings['generic_users'])." : ".emit_a("my.profile.php", $strings['generic_my_profile'])." : ".sprintf($strings['profile_delete'], $strings['generic_'.$equipment_types[$type]]), "");
theme_display_navigator_box_top($profile_data[$equipment_types[$type]]['idx'], $profile_data, "100%");
print "<form method=\"post\" action=\"profile.del.php\" accept-charset=\"".$strings['formats_encoding']."\">";
print "<input type=\"hidden\" name=\"type\" value=\"$type\">";
print "<input type=\"hidden\" name=\"item_id\" value=\"$item_id\">";
print "<table class=\"profile\">\n";
print "<tr class=\"folder_top\">\n";
print emit_td($strings['generic_delete']." ".$strings['generic_'.$equipment_types[$type]], 'colspan="7"');
print "</tr>\n";
print "<tr>";
print emit_th($strings['profile_manufacturer']);
print emit_th($strings['profile_model']);
print emit_th($strings['profile_serial']);
print emit_th($strings['profile_purchased']);
print emit_th($strings['profile_new']);
print emit_th($strings['generic_access']);
print emit_th($strings['generic_refs']);
print "</tr>";
$tbr = pg_fetch_assoc(pg_query($database, "select name, model, purchase_date, purchased_new, m_url, s_url, access_rights, serial
from view_equipment where identifier='$item_id'"));
print "<tr>";
if ($tbr['m_url'])
$tbr['name'] = emit_a($tbr['m_url'], $tbr['name']);
if ($tbr['s_url'])
$tbr['model'] = emit_a($tbr['s_url'], $tbr['model']);
print emit_td($tbr['name']);
print emit_td($tbr['model']);
print emit_td($tbr['serial']);
print emit_td(emit_date_html($tbr['purchase_date'], 'date'));
print emit_td(emit_yes_no_text($tbr['purchased_new']));
print emit_td($strings['generic_'.$access[$tbr['access_rights']]]);
print emit_td($number_of_references[0]);
print "</tr>";
print "</table>";
if ($number_of_references[0]==0) {
print "<input type=\"hidden\" name=\"go\" value=\"go\"/>\n";
print "<input type=\"hidden\" name=\"item\" value=\"$item_id\"/>\n";
print $thm_elem['button.confirm.delete'];
print $thm_elem['button.cancel'];
} else {
print $thm_elem['button.back'];
}
print "</form>";
theme_display_navigator_box_bottom("100%");
site_footer($database);
site_epilog($database);
?>