Gitiles
Code Review Sign In
gerrit.avm99963.com / hores-external / be50d49a1de3579494650ceb3cad0f04719b087f / . / src / dynamic / deleteattachment.php
blob: 66b6b1f30ba4be49a98e92d62b2572e1db30d89d [file] [log] [blame]
Copybara botbe50d492023-11-30 00:16:42 +0100[diff] [blame^]1<?php
2require_once(__DIR__."/../core.php");
3security::checkType(security::WORKER, security::METHOD_NOTFOUND);
4security::checkWorkerUIEnabled();
5
6if (!security::checkParams("GET", [
7 ["id", security::PARAM_ISINT],
8 ["name", security::PARAM_NEMPTY]
9])) {
10 security::notFound();
11}
12
13$id = (int)$_GET["id"];
14$name = $_GET["name"];
15
16$incident = incidents::get($id, true);
17if ($incident === false) security::notFound();
18
19if (!security::isAllowed(security::ADMIN)) incidents::checkIncidentIsFromPerson($incident["id"]);
20
21$attachments = incidents::getAttachmentsFromIncident($incident);
22
23if ($attachments === false || !count($attachments)) security::notFound();
24
25$flag = false;
26
27foreach ($attachments as $attachment) {
28 if ($attachment == $name) {
29 $flag = true;
30 ?>
31 <form action="dodeleteattachment.php" method="POST" autocomplete="off">
32 <input type="hidden" name="id" value="<?=(int)$id?>">
33 <?php visual::addContinueInput(); ?>
34 <input type="hidden" name="name" value="<?=security::htmlsafe($name)?>">
35 <h4 class="mdl-dialog__title">Eliminar archivo adjunto</h4>
36 <div class="mdl-dialog__content">
37 <p>¿Estás seguro que quieres eliminar el archivo adjunto <code><?=security::htmlsafe($name)?></code>? <span style="color:#EF5350;font-weight:bold;">Esta acción es irreversible</span></p>
38 </div>
39 <div class="mdl-dialog__actions">
40 <button type="submit" class="mdl-button mdl-js-button mdl-js-ripple-effect mdl-button--accent">Eliminar</button>
41 <button data-dyndialog-close class="mdl-button mdl-js-button mdl-js-ripple-effect cancel">Cancelar</button>
42 </div>
43 </form>
44 <?php
45 break;
46 }
47}
48
49if ($flag === false) security::notFound();