$folder_name created"); redirect(); } if (isset($_POST['rename_folder'])) { enforceUserPermission('module_support', 2); $folder_id = intval($_POST['folder_id']); $folder_name = sanitizeInput($_POST['folder_name']); // Get old Folder Name Client ID for Logging $sql = mysqli_query($mysqli,"SELECT folder_name, folder_client_id FROM folders WHERE folder_id = $folder_id"); $row = mysqli_fetch_array($sql); $old_folder_name = sanitizeInput($row['folder_name']); $client_id = intval($row['folder_client_id']); // Folder edit query mysqli_query($mysqli,"UPDATE folders SET folder_name = '$folder_name' WHERE folder_id = $folder_id"); logAction("Folder", "Rename", "$session_name renamed folder $old_folder_name to $folder_name", $client_id, $folder_id); flash_alert("Folder $old_folder_name renamed to $folder_name"); redirect(); } if (isset($_GET['delete_folder'])) { enforceUserPermission('module_support', 3); $folder_id = intval($_GET['delete_folder']); // Get Folder Name Client ID for Logging $sql = mysqli_query($mysqli,"SELECT folder_name, folder_client_id FROM folders WHERE folder_id = $folder_id"); $row = mysqli_fetch_array($sql); $folder_name = sanitizeInput($row['folder_name']); $client_id = intval($row['folder_client_id']); mysqli_query($mysqli,"DELETE FROM folders WHERE folder_id = $folder_id"); // Move files in deleted folder back to the root folder / $sql_documents = mysqli_query($mysqli,"SELECT * FROM documents WHERE document_folder_id = $folder_id"); while($row = mysqli_fetch_array($sql_documents)) { $document_id = intval($row['document_id']); mysqli_query($mysqli,"UPDATE documents SET document_folder_id = 0 WHERE document_id = $document_id"); } logAction("Folder", "Delete", "$session_name deleted folder $folder_name", $client_id); flash_alert("Folder $folder_name deleted", 'error'); redirect(); }