getMLText("invalid_request_token"))),getMLText("invalid_request_token")); } if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $documentid = $_POST["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } if (!isset($_POST["linkid"]) || !is_numeric($_POST["linkid"]) || intval($_POST["linkid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_link_id")); } $linkid = $_POST["linkid"]; $link = $document->getDocumentLink($linkid); if (!is_object($link)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_link_id")); } $responsibleUser = $link->getUser(); $accessMode = $document->getAccessMode($user, 'removeDocumentLink'); if ( ($accessMode < M_READ) || (($accessMode == M_READ) && ($responsibleUser->getID() != $user->getID())) || (($accessMode > M_READ) && (!$user->isAdmin()) && ($responsibleUser->getID() != $user->getID()) && !$link->isPublic()) ) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); } if (!$document->removeDocumentLink($linkid)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("error_occured")); } add_log_line("?documentid=".$documentid."&linkid=".$linkid); header("Location:../out/out.ViewDocument.php?documentid=".$documentid."¤ttab=links"); ?>