bob
/
westdc-zf1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

在删除评审附件时增加了用户判断,防止附件被其他用户误删

This commit is contained in:
Li Jianxuan 2011-11-09 08:03:01 +00:00
parent e0b5d8a252
commit 46260303a6
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
application/default/controllers/UploadController.php
View File

@ -70,7 +70,7 @@ class UploadController extends Zend_Controller_Action {
$row= $re->fetch(); $row= $re->fetch();
return $row; return $row;
} }
function delreviewattAction(){ function delreviewattAction(){
$this->_helper->layout()->disableLayout(); $this->_helper->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender(); $this->_helper->viewRenderer->setNoRender();
@ -79,7 +79,6 @@ class UploadController extends Zend_Controller_Action {
$basepath = $this->view->config->upload; $basepath = $this->view->config->upload;
$info = $this->getFileinfo($id); $info = $this->getFileinfo($id);
$filepath = $basepath.$info['filename']; $filepath = $basepath.$info['filename'];
try{ try{
$auth = Zend_Auth::getInstance(); $auth = Zend_Auth::getInstance();
if($auth->hasIdentity()) if($auth->hasIdentity())
@ -87,11 +86,12 @@ class UploadController extends Zend_Controller_Action {
$user = $auth->getIdentity(); $user = $auth->getIdentity();
$userid = $user->id; $userid = $user->id;
$sql = "delete from attachments where id='$id' and userid='$userid'"; $sql = "delete from attachments where id='$id' and userid='$userid'";
if($this->db->exec($sql)) if($this->db->exec($sql)>0)
{ {
@unlink($filepath); @unlink($filepath);
} }
} }
}catch(Exception $e){} }catch(Exception $e){}
//不输出任何错误 //不输出任何错误
}//删除评审附件 }//删除评审附件