diff -r c72d6d51f3d3 -r c255196bc447 delete_record.php --- a/delete_record.php Wed Mar 12 20:45:56 2008 +0000 +++ b/delete_record.php Tue Mar 25 22:45:31 2008 +0000 @@ -20,42 +20,66 @@ */ require_once("inc/toolkit.inc.php"); +include_once("inc/header.inc.php"); -if ($_GET["id"]) { - // check if we have access to the given id - $zoneId = recid_to_domid($_GET['id']); - if ((!level(5)) && (!xs($zoneId))) { - error(ERR_RECORD_ACCESS_DENIED); - } - if ((!level(5)) && ($_SESSION[$zoneId.'_ispartial'] == 1)) { - $db->setLimit(1); - $checkPartial = $db->queryOne("SELECT id FROM record_owners WHERE record_id=".$db->quote($_GET["id"])." AND user_id=".$db->quote($_SESSION["userid"])); - if (empty($checkPartial)) { - error(ERR_RECORD_ACCESS_DENIED); +$record_id = "-1"; +if (isset($_GET['id']) && v_num($_GET['id'])) { + $record_id = $_GET['id']; +} + + +$confirm = "-1"; +if ((isset($_GET['confirm']) && v_num($_GET['confirm']) + $confirm = $_GET['confirm']; +} + +if (verify_permission(zone_content_edit_others)) { $perm_content_edit = "all" ; } +elseif (verify_permission(zone_content_edit_own)) { $perm_content_edit = "own" ; } +else { $perm_content_edit = "none" ; } + +$user_is_zone_owner = verify_user_is_owner_zoneid($_GET["domain"]); + +if ($record_id == "-1" ) { + if ($confirm == '1') { + if ( delete_record($record_id) ) { + success(SUC_RECORD_DEL); } - } - if ($_GET["confirm"] == '0') { - clean_page("edit.php?id=".$_GET["domain"]); - } elseif ($_GET["confirm"] == '1') { - delete_record($_GET["id"]); - clean_page("edit.php?id=".$_GET["domain"]); - } - include_once("inc/header.inc.php"); - ?> + } else { + $zone_id = recid_to_domid($record_id); + $zone_name = get_domain_name_from_id($zone_id); + $user_is_zone_owner = verify_user_is_owner_zoneid($zone_id); + $record_info = get_record_from_id($record_id); -

""

" . _('You are trying to delete a record that is needed for this zone to work.') . "
"; + echo "

" . _('Delete record') . " in zone \"" . $zone_name . "\"

\n"; + + if ( $zone_type == "SLAVE" || $perm_content_edit == "none" || $perm_content_edit == "own" && $user_is_zone_owner == "0" ) { + error(ERR_PERM_EDIT_RECORD); + } else { + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo "

Name	Type	Content	Priority	TTL
" . $record_info['name'] . "	" . $record_info['type'] . "	" . $record_info['content'] . "	" . $record_info['priority'] . "	" . $record_info['ttl'] . "

\n"; + if (($record_info['type'] == 'NS' && $record_info['name'] == $zone_name) || $record_info['type'] == 'SOA') { + echo "

" . _('You are trying to delete a record that is needed for this zone to work.') . "

\n"; + } + echo "

" . _('Are you sure?') . "

\n"; + echo " \n"; + echo " \n"; + } } - ?>

- &confirm=1'" value=""> - &confirm=0'" value=""> -