aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/ucp
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/ucp')
-rw-r--r--phpBB/includes/ucp/ucp_attachments.php19
1 files changed, 19 insertions, 0 deletions
diff --git a/phpBB/includes/ucp/ucp_attachments.php b/phpBB/includes/ucp/ucp_attachments.php
index b20e4a55ed..ded838aded 100644
--- a/phpBB/includes/ucp/ucp_attachments.php
+++ b/phpBB/includes/ucp/ucp_attachments.php
@@ -31,6 +31,24 @@ class ucp_attachments
if ($delete && sizeof($delete_ids))
{
+ // Validate $delete_ids...
+ $sql = 'SELECT attach_id
+ FROM ' . ATTACHMENTS_TABLE . '
+ WHERE poster_id = ' . $user->data['user_id'] . '
+ AND is_orphan = 0
+ AND ' . $db->sql_in_set('attach_id', $delete_ids);
+ $result = $db->sql_query($sql);
+
+ $delete_ids = array();
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $delete_ids[] = $row['attach_id'];
+ }
+ $db->sql_freeresult($result);
+ }
+
+ if ($delete && sizeof($delete_ids))
+ {
$s_hidden_fields = array(
'delete' => 1
);
@@ -46,6 +64,7 @@ class ucp_attachments
{
include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
}
+
delete_attachments('attach', $delete_ids);
meta_refresh(3, $this->u_action);
generated by cgit v1.2.1 (git 2.21.0) at 2025-03-26 02:39:06 +0000