File size: 1.38Kb
<?php
require( '../sys/inc/core.php' );
if ( isset( $_GET['id'] ) && db::count("SELECT COUNT(*) FROM `news_komm` WHERE `id` = '" . intval( $_GET['id'] ) . "'") == 1 ) {
$post = db::fetch("SELECT * FROM `news_komm` WHERE `id` = '" . intval( $_GET['id'] ) . "' LIMIT 1", ARRAY_A);
$ank = db::fetch("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1", ARRAY_A);
if ( isset( $user ) && ( $user['level'] > $ank['level'] ) )
db::query("DELETE FROM `news_komm` WHERE `id` = '$post[id]'");
$_SESSION['message'] = 'Комментарий успешно удален';
if ( isset( $_SERVER['HTTP_REFERER'] ) && $_SERVER['HTTP_REFERER'] != NULL )
header( "Location: " . htmlspecialchars( $_SERVER['HTTP_REFERER'] ) );
else
header( "Location: index.php?" . SID );
exit;
}
if ( isset( $_GET['news_id'] ) && db::count("SELECT COUNT(*) FROM `news` WHERE `id` = '" . intval( $_GET['news_id'] ) . "'") == 1 ) {
$post = db::fetch("SELECT * FROM `news` WHERE `id` = '" . intval( $_GET['news_id'] ) . "' LIMIT 1", ARRAY_A);
if ( user_access( 'adm_news' ) ) {
db::query("DELETE FROM `news` WHERE `id` = '$post[id]'");
db::query("DELETE FROM `news_komm` WHERE `id_news` = '$post[id]'");
$_SESSION['message'] = 'Новость успешно удалена';
}
header( "Location: index.php?" . SID );
exit;
}
?>