From dd885424d7281728893cb7829216313f8e776436 Mon Sep 17 00:00:00 2001
From: simo <simo>
Date: Tue, 7 Jun 2005 21:32:07 +0000
Subject: Fix deletion abilities such that: TUs and DEVs may delete any package
 in unsupported Otherwise only package maintainers may delete their own

---
 web/html/packages.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/web/html/packages.php b/web/html/packages.php
index 604ba72c..4ea4b012 100644
--- a/web/html/packages.php
+++ b/web/html/packages.php
@@ -202,8 +202,14 @@ if (isset($_REQUEST["do_Flag"])) {
 				$q.= "WHERE Packages.ID IN (" . $delete . ") ";
 				$q.= "AND Packages.LocationID = PackageLocations.ID ";
 				$q.= "AND PackageLocations.Location = 'unsupported' ";
-				$q.= "AND $field IN (0,  " . uid_from_sid($_COOKIE["AURSID"]) . ")";
-				$result = db_query($q, $dbh);
+				# If they're a TU or dev, can always delete, otherwise check ownership
+				#
+				if ($atype == "Trusted User" || $atype == "Developer") {
+					$result = db_query($q, $dbh);
+				} else {
+					$q.= "AND $field IN (0,  " . uid_from_sid($_COOKIE["AURSID"]) . ")";
+					$result = db_query($q, $dbh);
+				}
 				if ($result != Null && mysql_num_rows($result) > 0) {
 					while ($row = mysql_fetch_assoc($result)) {
 						$ids_to_delete[] = $row['ID'];
-- 
cgit v1.2.3-24-g4f1b