From 65f3431275d2fed44c05df367feeec9980c89fbf Mon Sep 17 00:00:00 2001
From: Andre Lorbach <alorbach@adiscon.com>
Date: Tue, 4 Dec 2012 14:49:18 +0100
Subject: [PATCH] Fixed BUGID 375, user and group data is now deleted when
 removing them using the admin panel.

---
 src/admin/groups.php | 37 ++++++++++++++++++++++++++-----------
 src/admin/users.php  | 36 +++++++++++++++++++++++++-----------
 2 files changed, 51 insertions(+), 22 deletions(-)

diff --git a/src/admin/groups.php b/src/admin/groups.php
index d668450..b1a13dc 100644
--- a/src/admin/groups.php
+++ b/src/admin/groups.php
@@ -281,17 +281,15 @@ if ( isset($_GET['op']) )
 				}
 				// ---
 
-				// do the delete!
-				$result = DB_Query( "DELETE FROM " . DB_GROUPS . " WHERE ID = " . $content['GROUPID'] );
-				if ($result == FALSE)
-				{
-					$content['ISERROR'] = true;
-					$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_GROUP_ERROR_DELGROUP'], $content['USERID'] ); 
-				}
-				else
-					DB_FreeQuery($result);
-
-				// TODO: DELETE GROUP SETTINGS, GROUP MEMBERSHIP ...
+				// Delete User objects!
+				PerformSQLDelete( "DELETE FROM " . DB_SOURCES . " WHERE groupid = " . $content['GROUPID'], 'LN_SOURCES_ERROR_DELSOURCE', $content['GROUPID'] );  
+				PerformSQLDelete( "DELETE FROM " . DB_VIEWS . " WHERE groupid = " . $content['GROUPID'], 'LN_VIEWS_ERROR_DELSEARCH', $content['GROUPID'] );  
+				PerformSQLDelete( "DELETE FROM " . DB_SEARCHES . " WHERE groupid = " . $content['GROUPID'], 'LN_SEARCH_ERROR_DELSEARCH', $content['GROUPID'] );  
+				PerformSQLDelete( "DELETE FROM " . DB_CHARTS . " WHERE groupid = " . $content['GROUPID'], 'LN_CHARTS_ERROR_DELCHART', $content['GROUPID'] );  
+				PerformSQLDelete( "DELETE FROM " . DB_GROUPMEMBERS . " WHERE groupid = " . $content['GROUPID'], 'LN_GROUP_ERROR_REMUSERFROMGROUP', $content['GROUPID'] );  
+													 
+				// Finally delete the Groupobject!
+				PerformSQLDelete( "DELETE FROM " . DB_GROUPS . " WHERE ID = " . $content['GROUPID'], 'LN_GROUP_ERROR_DELGROUP', $content['GROUPID'] );  
 
 				// Do the final redirect
 				RedirectResult( GetAndReplaceLangStr( $content['LN_GROUP_ERROR_HASBEENDEL'], $myrow['groupname'] ) , "groups.php" );
@@ -495,6 +493,23 @@ if ( !isset($_POST['op']) && !isset($_GET['op']) )
 	else
 		$content['EMPTYGROUPS'] = "true";
 }
+
+// Helper function to delete SQL Data
+function PerformSQLDelete( $szDeleteStm, $szErrMsg, $szUserID)
+{
+	global $content; 
+	$result = DB_Query( $szDeleteStm );
+	if ($result == FALSE)
+	{
+		$content['ISERROR'] = true;
+		$content['ERROR_MSG'] = GetAndReplaceLangStr( $content[$szErrMsg], $szUserID ); 
+		return false; 
+	}
+	else
+		DB_FreeQuery($result);
+	// Success
+	return true; 
+}
 // --- END Custom Code
 
 // --- BEGIN CREATE TITLE
diff --git a/src/admin/users.php b/src/admin/users.php
index 44a31b7..a10fa15 100644
--- a/src/admin/users.php
+++ b/src/admin/users.php
@@ -260,18 +260,15 @@ if ( isset($_GET['op']) )
 						PrintSecureUserCheck( GetAndReplaceLangStr( $content['LN_USER_WARNDELETEUSER'], $myrow['username'] ), $content['LN_DELETEYES'], $content['LN_DELETENO'] );
 					}
 					// ---
+					
+					// Delete User objects!
+					PerformSQLDelete( "DELETE FROM " . DB_SOURCES . " WHERE userid = " . $content['USERID'], 'LN_SOURCES_ERROR_DELSOURCE', $content['USERID'] );  
+					PerformSQLDelete( "DELETE FROM " . DB_VIEWS . " WHERE userid = " . $content['USERID'], 'LN_VIEWS_ERROR_DELSEARCH', $content['USERID'] );  
+					PerformSQLDelete( "DELETE FROM " . DB_SEARCHES . " WHERE userid = " . $content['USERID'], 'LN_SEARCH_ERROR_DELSEARCH', $content['USERID'] );  
+					PerformSQLDelete( "DELETE FROM " . DB_CHARTS . " WHERE userid = " . $content['USERID'], 'LN_CHARTS_ERROR_DELCHART', $content['USERID'] );  
 
-					// do the delete!
-					$result = DB_Query( "DELETE FROM " . DB_USERS . " WHERE ID = " . $content['USERID'] );
-					if ($result == FALSE)
-					{
-						$content['ISERROR'] = true;
-						$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_USER_ERROR_DELUSER'], $content['USERID'] ); 
-					}
-					else
-						DB_FreeQuery($result);
-
-					// TODO: DELETE PERSONAL SETTINGS, GROUP MEMBERSHIP ...
+					// Finally delete the Userobject!
+					PerformSQLDelete( "DELETE FROM " . DB_USERS . " WHERE ID = " . $content['USERID'], 'LN_USER_ERROR_DELUSER', $content['USERID'] );  
 
 					// Do the final redirect
 					RedirectResult( GetAndReplaceLangStr( $content['LN_USER_ERROR_HASBEENDEL'], $myrow['username'] ) , "users.php" );
@@ -455,6 +452,23 @@ if ( !isset($_POST['op']) && !isset($_GET['op']) )
 	}
 	// --- 
 }
+
+// Helper function to delete SQL Data
+function PerformSQLDelete( $szDeleteStm, $szErrMsg, $szUserID)
+{
+	global $content; 
+	$result = DB_Query( $szDeleteStm );
+	if ($result == FALSE)
+	{
+		$content['ISERROR'] = true;
+		$content['ERROR_MSG'] = GetAndReplaceLangStr( $content[$szErrMsg], $szUserID ); 
+		return false; 
+	}
+	else
+		DB_FreeQuery($result);
+	// Success
+	return true; 
+}
 // --- END Custom Code
 
 // --- BEGIN CREATE TITLE