File size: 4.35Kb
<?
/* Mixanza
* Дата последнего редактирования 03.12.2017
* Модифицировал Mixanza
*/
foreach (array('start', 'compress', 'sess', 'settings', 'db_connect', 'ipua', 'fnc', 'user') as $inc) {
require_once "../../sys/inc/$inc.php";
}
if (isset($_GET['id']) && $pdo->query(("SELECT COUNT(*) FROM `notes` WHERE `id` = '".intval($_GET['id'])."'"),0)->fetchColumn()==1)
{
$post=$pdo->query(("SELECT * FROM `notes` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
$ank=$pdo->query(("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
if (isset($user) && (access('adm_mysql') || $user['id']==$ank['id'])){
$files = $pdo->query("SELECT * FROM `notes_files` WHERE `id_post` = '$post[id]'");
while ($post3 = $files->fetch(PDO::FETCH_ASSOC))
{
$pdo->query("DELETE FROM `notes_files` WHERE `id` = '$post3[id]'");
if($post3['type']=='upload'){
@unlink(H.'sys/blogs/files/' . $post3['id'] . '.dat');
@unlink(H.'sys/blogs/screen/' . $post3['id'] . '.gif');
}
}
$pdo->query("UPDATE `user` SET `activity` = '" . ($user['activity'] - 25) . "' WHERE `id` = '" . $user['id'] . "' LIMIT 1");
$pdo->query("INSERT INTO `jurnal_balls` (`time`, `msg`, `id_user`, `balls`, `id_post`, `type`, `type_post`) values('$time', 'Удаление записи в блоге', '$user[id]', '25', '".intval($_GET['id'])."', 'minus', 'notes')");
$pdo->query("DELETE FROM `notes` WHERE `id` = '$post[id]'");
$pdo->query("DELETE FROM `notes_count` WHERE `id_notes` = '$post[id]'");
$pdo->query("DELETE FROM `notes_komm` WHERE `id_notes` = '$post[id]'");
$pdo->query("DELETE FROM `mark_notes` WHERE `id_list` = '$post[id]'");
$_SESSION['message']='Запись успешно удалена';
header("Location: user.php");
exit;
}
}else{
echo toOutput('А как ты сюда попал?');
}
if (isset($_GET['komm']) && access('adm_mysql') || $pdo->query(("SELECT COUNT(*) FROM `notes_komm` WHERE `id` = '".intval($_GET['komm'])."'"),0)->fetchColumn()==1)
{
$post=$pdo->query(("SELECT * FROM `notes_komm` WHERE `id` = '".intval($_GET['komm'])."' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
$notes=$pdo->query(("SELECT * FROM `notes` WHERE `id` = '$post[id_notes]' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
$ank=$pdo->query(("SELECT * FROM `user` WHERE `id` = $notes[id_user] LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
if (isset($user) && (access('adm_mysql') || $user['id']==$ank['id'])){
$pdo->query("DELETE FROM `notes_komm` WHERE `id` = '$post[id]'");
$q1 = $pdo->query("SELECT * FROM `files_post` WHERE `id_post` = '" . intval($_GET['komm']) . "' AND `id_user` = '" .$user['id']. "' AND `type` = 'blogs'");
while ($d = $q1->fetch(PDO::FETCH_ASSOC)) {
unlink(htmlspecialchars($_SERVER['DOCUMENT_ROOT']).'/sys/files_post/'.$d['id'].'.jpg');
}
$_SESSION['message']='Комментарий успешно удален';
header("Location: " . htmlspecialchars($_SERVER['HTTP_REFERER']));
exit;
}
}
if (isset($_GET['dir']) && $pdo->query(("SELECT COUNT(*) FROM `notes_dir` WHERE `id` = '".intval($_GET['dir'])."'"),0)==1)
{
if (isset($user) && access('adm_mysql')){
$q = $pdo->query("SELECT * FROM `notes_dir` WHERE `id` = '".intval($_GET['dir'])."' LIMIT 1");
while ($post = $q->fetch(PDO::FETCH_ASSOC))
{
$notes=$pdo->query(("SELECT * FROM `notes` WHERE `id_dir` = '$post[id]'"))->fetch(PDO::FETCH_ASSOC);
$pdo->query("DELETE FROM `notes_count` WHERE `id_notes` = '$notes[id]'");
$pdo->query("DELETE FROM `notes_komm` WHERE `id_notes` = '$notes[id]'");
$pdo->query("DELETE FROM `mark_notes` WHERE `id_list` = '$notes[id]'");
}
$post = $pdo->query(("SELECT * FROM `notes_dir` WHERE `id` = '".intval($_GET['dir'])."' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
$pdo->query("DELETE FROM `notes_count` WHERE `id_notes` = '$notes[id]'");
$pdo->query("DELETE FROM `notes_komm` WHERE `id_notes` = '$notes[id]'");
$pdo->query("DELETE FROM `mark_notes` WHERE `id_list` = '$notes[id]'");
$pdo->query("DELETE FROM `notes` WHERE `id_dir` = '$post[id]'");
$pdo->query("DELETE FROM `notes_dir` WHERE `id` = '$post[id]'");
$_SESSION['message']='Категория успешно удалена';
header("Location: " . htmlspecialchars($_SERVER['HTTP_REFERER']));
exit;
}else{
echo toOutput('А как ты сюда попал?');
}
}else{
echo toOutput('А как ты сюда попал?');
}
?>