/
admin_delete.php
48 lines (37 loc) · 1.38 KB
/
admin_delete.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
error_reporting(E_ALL & ~E_NOTICE);
ini_set("display_errors", 1);
define('AT_INCLUDE_PATH', '../../../../include/');
require(AT_INCLUDE_PATH.'vitals.inc.php');
admin_authenticate(AT_ADMIN_BASICLTI);
$tool = intval($_REQUEST['id']);
$sql = "SELECT title FROM %sbasiclti_tools WHERE id = %d";
$row = queryDB($sql, array(TABLE_PREFIX, $tool), TRUE);
if ( strlen($row["title"]) < 1) {
$msg->addError('UNABLE_TO_FIND_TOOL');
header('Location: ../index_admin.php');
exit;
}
if (isset($_POST['submit_no'])) {
$msg->addFeedback('CANCELLED');
header('Location: ../index_admin.php');
exit;
} else if (isset($_POST['submit_yes'])) {
check_csrf_token();
$sql = "DELETE FROM %sbasiclti_tools WHERE id =%d";
$result = queryDB($sql, array(TABLE_PREFIX, $tool));
global $sqlout;
write_to_log(AT_ADMIN_LOG_DELETE, 'basiclti_delete', $result, $sqlout);
$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
header('Location: ../index_admin.php');
exit;
}
require(AT_INCLUDE_PATH.'header.inc.php');
if (!isset($_POST['step'])) {
$hidden_vars['step'] = 2;
$hidden_vars['id'] = $tool;
$hidden_vars['csrftoken'] = $_SESSION['token'];
$msg->addConfirm(array('DELETE_TOOL_1', $row['title']), $hidden_vars);
$msg->printConfirm();
}
require(AT_INCLUDE_PATH.'footer.inc.php');