1<?php 2# MantisBT - A PHP based bugtracking system 3 4# MantisBT is free software: you can redistribute it and/or modify 5# it under the terms of the GNU General Public License as published by 6# the Free Software Foundation, either version 2 of the License, or 7# (at your option) any later version. 8# 9# MantisBT is distributed in the hope that it will be useful, 10# but WITHOUT ANY WARRANTY; without even the implied warranty of 11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12# GNU General Public License for more details. 13# 14# You should have received a copy of the GNU General Public License 15# along with MantisBT. If not, see <http://www.gnu.org/licenses/>. 16 17/** 18 * Delete a file from a bug and then view the bug 19 * 20 * @package MantisBT 21 * @copyright Copyright 2000 - 2002 Kenzaburo Ito - kenito@300baud.org 22 * @copyright Copyright 2002 MantisBT Team - mantisbt-dev@lists.sourceforge.net 23 * @link http://www.mantisbt.org 24 * 25 * @uses core.php 26 * @uses access_api.php 27 * @uses bug_api.php 28 * @uses config_api.php 29 * @uses file_api.php 30 * @uses form_api.php 31 * @uses gpc_api.php 32 * @uses helper_api.php 33 * @uses lang_api.php 34 * @uses print_api.php 35 */ 36 37require_once( 'core.php' ); 38require_api( 'access_api.php' ); 39require_api( 'bug_api.php' ); 40require_api( 'config_api.php' ); 41require_api( 'file_api.php' ); 42require_api( 'form_api.php' ); 43require_api( 'gpc_api.php' ); 44require_api( 'helper_api.php' ); 45require_api( 'lang_api.php' ); 46require_api( 'print_api.php' ); 47 48form_security_validate( 'bug_file_delete' ); 49 50$f_file_id = gpc_get_int( 'file_id' ); 51 52$t_bug_id = file_get_field( $f_file_id, 'bug_id' ); 53 54$t_bug = bug_get( $t_bug_id, true ); 55if( $t_bug->project_id != helper_get_current_project() ) { 56 # in case the current project is not the same project of the bug we are viewing... 57 # ... override the current project. This to avoid problems with categories and handlers lists etc. 58 $g_project_override = $t_bug->project_id; 59} 60 61$t_attachment_owner = file_get_field( $f_file_id, 'user_id' ); 62$t_current_user_is_attachment_owner = $t_attachment_owner == auth_get_current_user_id(); 63if( !$t_current_user_is_attachment_owner || ( $t_current_user_is_attachment_owner && !config_get( 'allow_delete_own_attachments' ) ) ) { 64 access_ensure_bug_level( config_get( 'delete_attachments_threshold' ), $t_bug_id ); 65} 66 67helper_ensure_confirmed( lang_get( 'delete_attachment_sure_msg' ), lang_get( 'delete' ) ); 68 69file_delete( $f_file_id, 'bug' ); 70 71form_security_purge( 'bug_file_delete' ); 72 73print_header_redirect_view( $t_bug_id ); 74