equal
deleted
inserted
replaced
1 <?php |
1 <?php |
2 |
2 |
3 require_once("inc/toolkit.inc.php"); |
3 require_once("inc/toolkit.inc.php"); |
4 |
4 |
5 if ($_GET["id"]) { |
5 if ($_GET["id"]) { |
|
6 // check if we have access to the given id |
|
7 $zoneId = recid_to_domid($_GET['id']); |
|
8 if ((!level(5)) && (!xs($zoneId))) { |
|
9 error(ERR_RECORD_ACCESS_DENIED); |
|
10 } |
|
11 if ((!level(5)) && ($_SESSION[$zoneId.'_ispartial'] == 1)) { |
|
12 $checkPartial = $db->queryOne("SELECT id FROM record_owners WHERE record_id='".$_GET["id"]."' AND user_id='".$_SESSION["userid"]."' LIMIT 1"); |
|
13 if (empty($checkPartial)) { |
|
14 error(ERR_RECORD_ACCESS_DENIED); |
|
15 } |
|
16 } |
6 if ($_GET["confirm"] == '0') { |
17 if ($_GET["confirm"] == '0') { |
7 clean_page("edit.php?id=".$_GET["domain"]); |
18 clean_page("edit.php?id=".$_GET["domain"]); |
8 } elseif ($_GET["confirm"] == '1') { |
19 } elseif ($_GET["confirm"] == '1') { |
9 delete_record($_GET["id"]); |
20 delete_record($_GET["id"]); |
10 clean_page("edit.php?id=".$_GET["domain"]); |
21 clean_page("edit.php?id=".$_GET["domain"]); |
23 <input type="button" class="button" OnClick="location.href='<? echo $_SERVER["REQUEST_URI"] ?>&confirm=1'" value="<? echo _('Yes'); ?>"> |
34 <input type="button" class="button" OnClick="location.href='<? echo $_SERVER["REQUEST_URI"] ?>&confirm=1'" value="<? echo _('Yes'); ?>"> |
24 <input type="button" class="button" OnClick="location.href='<? echo $_SERVER["REQUEST_URI"] ?>&confirm=0'" value="<? echo _('No'); ?>"> |
35 <input type="button" class="button" OnClick="location.href='<? echo $_SERVER["REQUEST_URI"] ?>&confirm=0'" value="<? echo _('No'); ?>"> |
25 <? |
36 <? |
26 } else { |
37 } else { |
27 include_once("inc/header.inc.php"); |
38 include_once("inc/header.inc.php"); |
28 die("Nothing to do!"); |
39 echo _("Nothing to do!"); |
29 } |
40 } |
30 include_once("inc/footer.inc.php"); |
41 include_once("inc/footer.inc.php"); |