From e2f75375178d397ca78ca57d590106ef87e52589 Mon Sep 17 00:00:00 2001
From: johnnyq <johnny@pittpc.com>
Date: Fri, 8 Nov 2024 13:02:03 -0500
Subject: [PATCH] Add Bulk Document Deletion

---
 client_documents.php   |  5 ++++
 post/user/document.php | 59 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 64 insertions(+)

diff --git a/client_documents.php b/client_documents.php
index 823d05b7..a017d4ab 100644
--- a/client_documents.php
+++ b/client_documents.php
@@ -140,6 +140,11 @@ while ($folder_id > 0) {
                                     <a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkMoveDocumentModal">
                                         <i class="fas fa-fw fa-exchange-alt mr-2"></i>Move
                                     </a>
+                                    <div class="dropdown-divider"></div>
+                                    <button class="dropdown-item text-danger text-bold"
+                                            type="submit" form="bulkActions" name="bulk_delete_documents">
+                                        <i class="fas fa-fw fa-trash mr-2"></i>Delete
+                                    </button>
                                 </div>
                             </div>
                         </div>
diff --git a/post/user/document.php b/post/user/document.php
index 41f8a742..22664bc5 100644
--- a/post/user/document.php
+++ b/post/user/document.php
@@ -548,4 +548,63 @@ if (isset($_GET['delete_document'])) {
 
 }
 
+if (isset($_POST['bulk_delete_documents'])) {
+
+    enforceUserPermission('module_support', 3);
+    validateCSRFToken($_POST['csrf_token']);
+
+    
+    if ($_POST['document_ids']) {     
+        
+        // Get selected document count
+        $document_count = count($_POST['document_ids']);
+        
+        // Delete document loop
+        foreach($_POST['document_ids'] as $document_id) {
+            $document_id = intval($document_id);
+            // Get document name for logging
+            $sql = mysqli_query($mysqli,"SELECT document_name FROM documents WHERE document_id = $document_id");
+            $row = mysqli_fetch_array($sql);
+            $document_name = sanitizeInput($row['document_name']);
+
+            mysqli_query($mysqli,"DELETE FROM documents WHERE document_id = $document_id");
+
+            // Delete all versions associated with the master document
+            mysqli_query($mysqli,"DELETE FROM documents WHERE document_parent = $document_id");
+
+            // Remove Associations
+            // File Association
+            mysqli_query($mysqli,"DELETE FROM document_files WHERE document_id = $document_id");
+
+            // Contact Associations
+            mysqli_query($mysqli,"DELETE FROM contact_documents WHERE document_id = $document_id");
+
+            // Asset Associations
+            mysqli_query($mysqli,"DELETE FROM asset_documents WHERE document_id = $document_id");
+
+            // Software Associations
+            mysqli_query($mysqli,"DELETE FROM software_documents WHERE document_id = $document_id");
+
+            // Vendor Associations
+            mysqli_query($mysqli,"DELETE FROM vendor_documents WHERE document_id = $document_id");
+
+            // Service Associations
+            mysqli_query($mysqli,"DELETE FROM service_documents WHERE document_id = $document_id");
+
+            //Logging
+            mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Delete', log_description = 'Deleted $document_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");            
+
+        }
+
+        //Logging
+        mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Bulk Delete', log_description = '$session_name deleted $document_count documents', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+
+        $_SESSION['alert_type'] = "error";
+        $_SESSION['alert_message'] = "You deleted <strong>$document_count</strong> Documents and associated document versions";
+    }
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+