File size: 1.96Kb
<?
foreach (array('start', 'compress', 'sess', 'settings', 'db_connect', 'ipua', 'fnc', 'user') as $inc) {
require_once "../../../sys/inc/$inc.php";
}
only_reg('/reg.php');
if(isset($_GET['id']) && $pdo->query(("SELECT COUNT(*) FROM `soo` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"),0)->fetchColumn()==1)
{
$s=intval($_GET['id']);
$soo = $pdo->query(("SELECT * FROM `soo` WHERE `id` = '$s' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
if(isset($_GET['id_news']) && $pdo->query(("SELECT COUNT(*) FROM `soo_news` WHERE `id` = '".intval($_GET['id_news'])."' AND `id_soo`='$soo[id]' LIMIT 1"),0)->fetchColumn()==1)
{
$id = intval($_GET['id_news']);
}
$news = $pdo->query("SELECT * FROM `soo_news` WHERE `id_soo`='$soo[id]' AND `id`='$id'")->fetch(PDO::FETCH_ASSOC);
$post=$pdo->query(("SELECT * FROM `soo_news_komm` WHERE `id` = '".intval($_GET['komm'])."' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
$notes=$pdo->query(("SELECT * FROM `soo_news` WHERE `id` = '$news[id]' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
$ank=$pdo->query(("SELECT * FROM `user` WHERE `id` = '$news[avtor]' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
$mod = $pdo->query(("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '$soo[id]' AND `id_user`='$user[id]' AND `mod` = '1' LIMIT 1"),0)->fetchColumn();
if(isset($user) && $user['id']==$soo['admid'] || $user['id']==$news['avtor'] || $mod || access('adm_mysql'))
{
$q1 = $pdo->query("SELECT * FROM `files_post` WHERE `id_post` = '" . intval($_GET['komm']) . "' AND `id_user` = '" .$user['id']. "' AND `type` = 'soo_news'");
while ($d = $q1->fetch(PDO::FETCH_ASSOC)) {
unlink(htmlspecialchars($_SERVER['DOCUMENT_ROOT']).'/sys/files_post/'.$d['id'].'.jpg');
}
$pdo->query("DELETE FROM `soo_news_komm` WHERE `id` = '$post[id]'");
$_SESSION['message']='Комментарий успешно удален';
header('Location: /modules/groups/news/list.php?id='.$soo['id'].'&id_news='.$news['id'].'');
exit;
}
}
?>