blob: 0f79981d36a29417c16b4f3af3e0b09b69afa666 [file] [log] [blame]
Copybara botbe50d492023-11-30 00:16:42 +01001<?php
2require_once("core.php");
3security::checkType(security::WORKER, security::METHOD_NOTFOUND);
4security::checkWorkerUIEnabled();
5
6$url = (security::isAllowed(security::ADMIN) ? "incidents.php" : "userincidents.php?id=".(int)$_SESSION["id"]);
7
8if (!security::checkParams("POST", [
9 ["id", security::PARAM_ISINT],
10 ["name", security::PARAM_NEMPTY]
11])) {
12 security::go(visual::getContinueUrl($url, "unexpected", "POST"));
13
14}
15
16$id = (int)$_POST["id"];
17$name = $_POST["name"];
18
19$incident = incidents::get($id, true);
20if ($incident === false) security::go(visual::getContinueUrl($url, "unexpected", "POST"));
21
22if (!security::isAllowed(security::ADMIN)) incidents::checkIncidentIsFromPerson($incident["id"]);
23
24security::go(visual::getContinueUrl($url, (incidents::deleteAttachment($id, $name) ? "attachmentdeleted" : "unexpected"), "POST"));