From 82c462bb2ad7d0460251719e53b9651756c079a9 Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Mon, 8 Oct 2001 16:04:23 +0000
Subject: [PATCH] fix for delete: as in confirmation 'Yes' is a plain link,
 need to check HTTP_GET_VARS for ab_id and confirm too

---
 addressbook/inc/class.uiaddressbook.inc.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/addressbook/inc/class.uiaddressbook.inc.php b/addressbook/inc/class.uiaddressbook.inc.php
index df9d7e0822..62889c5868 100644
--- a/addressbook/inc/class.uiaddressbook.inc.php
+++ b/addressbook/inc/class.uiaddressbook.inc.php
@@ -710,7 +710,10 @@
 		{
 			$ab_id = $GLOBALS['HTTP_POST_VARS']['entry']['ab_id'] ? $GLOBALS['HTTP_POST_VARS']['entry']['ab_id'] : $GLOBALS['HTTP_POST_VARS']['ab_id'];
 			$confirm = $GLOBALS['HTTP_GET_VARS']['confirm'] ? $GLOBALS['HTTP_GET_VARS']['confirm'] :$GLOBALS['HTTP_POST_VARS']['confirm'];
-
+			if (!$ab_id)
+			{
+				$ab_id = $GLOBALS['HTTP_GET_VARS']['ab_id'];		// else plain Link in delete does not work
+			}
 			if (!$ab_id)
 			{
 				Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.get_list'));
@@ -718,7 +721,7 @@
 
 			$check = $this->bo->read_entry(array('id' => $ab_id, 'fields' => array('owner' => 'owner','tid' => 'tid')));
 
-			if (($this->contacts->grants[$check[0]['owner']] & PHPGW_ACL_DELETE) && $check[0]['owner'] != $GLOBALS['phpgw_info']['user']['account_id'])
+			if (!(($this->contacts->grants[$check[0]['owner']] & PHPGW_ACL_DELETE) || $check[0]['owner'] == $GLOBALS['phpgw_info']['user']['account_id']))
 			{
 				Header('Location: ' . $GLOBALS['phpgw']->link('/index.php','menuaction=addressbook.uiaddressbook.get_list'));
 				$GLOBALS['phpgw']->common->phpgw_exit();