/////////////////////////////////////////////////////////////// // Example wcBasic HTML module to delete a file via a WEB
// interface. This program is called using the following // URL syntax: // // /code/html-deletefile?area=nnn&file=xyz // // where nnn is the file area number, and
// xyz is the file name. //
#include "htmlutil.wch" #include "logfile.wch"
/////////////////////////////////////////////////////////////////
// Get parameters from URL command line. If area is less then 1 // or no file name provided, then we have an URL syntax error.
/////////////////////////////////////////////////////////////////
dim area as integer = val(GetParamStr(paramstr(1), "area","-1"))
dim file as string = GetParamStr(paramstr(1), "file","") if (area < 1) or (file="") then
print "Oops! URL syntax. Contact Web Master!" end end if
/////////////////////////////////////////////////////////////////
// Get the file area record to check the access level. // If we fail, possible reasons are: // // - no user session (WC_USER_NOT_LOGGED_IN) // - no access (WC_ACCESS_DENIED)
// - bad file area number (WC_INVALID_FILEAREA) /////////////////////////////////////////////////////////////////
dim fa as TFileArea if not GetFileArea(area,fa) then
print "Oops! can't get file area. error=";Hex(GetLastError()) end end if
/////////////////////////////////////////////////////////////////
// Get the file record. If we fail, possible reasons are: // // - no user session (WC_USER_NOT_LOGGED_IN) // - no access (WC_ACCESS_DENIED)
// - not found (WC_RECORD_NOT_FOUND) /////////////////////////////////////////////////////////////////
dim fr as tFileRecord dim tid as integer
if not GetFileRecByAreaName (area, file, fr, tid) then print "Oops! can't get file. error=";Hex(GetLastError()) end end if
///////////////////////////////////////////////////////////////// // Check to see if the user has SYSOP access to the file area
// or if has ownership of the file. If not, denied him. // Note: Currently, Wildcat clients such as ANSI or WCNAV are // designed to allow only a file area SYSOP to delete a file.
// The owner (the user who uploaded the file) is allowed // update/modification logic only, but not delete. So this // logic is an extension of the current behavior. We are
// going to make this option here with a boolean flag called // CanOwnerDelete (default = TRUE) /////////////////////////////////////////////////////////////////
Dim CanOwnerDelete as Boolean = TRUE if not (GetObjectFlags(fa.ObjectId) and OBJECTFLAGS_FILEAREA_SYSOP) then
if (Not CanOwnerDelete) or (fr.uploader.id <> user.info.id) then print "Oops! You do not have access to delete file"
end end if end if
///////////////////////////////////////////////////////////////// // Security ok. Now delete the file record as well as the
// physical file, if any. /////////////////////////////////////////////////////////////////
if not DeleteFileRec (fr, True) then
print file + " was not deleted. error=";Hex(GetLastError()) end end if print file + " was deleted successfully."
WriteItemActivityLogEntry("File: "+File+" Deleted in Area: "+Str(area)) End
|