[feladat @ 104]
authorrejo
Tue, 01 Jan 2008 22:07:00 +0000
changeset 57 acc4da012674
parent 56 6db9adfa86ac
child 58 78558a77131e
[feladat @ 104] Created function to delete sub-owner from record.
edit_record.php
inc/record.inc.php
--- a/edit_record.php	Tue Jan 01 20:36:17 2008 +0000
+++ b/edit_record.php	Tue Jan 01 22:07:00 2008 +0000
@@ -22,7 +22,7 @@
 require_once("inc/toolkit.inc.php");
 
 if (isset($_GET["delid"])) {
-   $db->query("DELETE FROM record_owners WHERE id='".$_GET["delid"]."'");
+   delete_record_owner($_GET["domain"],$_GET["delid"],$_GET["id"]);
 }
 
 $xsid = (isset($_GET['id'])) ? $_GET['id'] : $_POST['recordid'];
--- a/inc/record.inc.php	Tue Jan 01 20:36:17 2008 +0000
+++ b/inc/record.inc.php	Tue Jan 01 22:07:00 2008 +0000
@@ -153,7 +153,6 @@
 	global $db;
 	if (!xs($zoneid))
 	{
-		echo "debug: $zoneid";
 		error(ERR_RECORD_ACCESS_DENIED);
 	}
 	if (is_numeric($zoneid) || is_numeric($userid) || is_numeric($recordid))
@@ -167,6 +166,24 @@
 	}
 }
 
+function delete_record_owner($zoneid,$rowid,$recordid)
+{
+	global $db;
+	if (!xs($zoneid))
+	{
+		error(ERR_RECORD_ACCESS_DENIED);
+	}
+	if (is_numeric($zoneid) || is_numeric($rowid) || is_numeric($recordid))
+	{
+		$db->query("DELETE FROM record_owners WHERE id='".$rowid."' AND record_id='".$recordid."'");
+		return true;
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARGC, "delete_record_owner", "at least one of the arguments is not numeric"));
+	}
+}
+
 /*
  * Adds a record.
  * This function validates it if correct it inserts it into the database.