sibtracker/system/ajax/commentdelete.php

51 lines
2.3 KiB
PHP
Raw Normal View History

2019-05-18 13:46:03 +08:00
<?php
@session_start();
@error_reporting(7);
@ini_set('display_errors', true);
@ini_set('html_errors', false);
define('DATALIFEENGINE', true);
define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, -12 ) );
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );
include SYSTEM_DIR.'/data/config.php';
require_once SYSTEM_DIR.'/classes/mysql.php';
require_once SYSTEM_DIR.'/data/dbconfig.php';
require_once SYSTEM_DIR.'/modules/functions.php';
require_once SYSTEM_DIR.'/modules/sitelogin.php';
if( !$is_logged ) die( "error" );
$id = intval( $_REQUEST['commid'] );
if( ! $id ) die( "error" );
$user_group = $cache->get( "usergroup" );
if( ! $user_group ) {$user_group = array ();
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {$user_group[$row['id']][$key] = stripslashes($value);}
}
$cache->set( "usergroup", $user_group );
$db->free();
}
$row = $db->super_query("SELECT * FROM " . PREFIX . "_comments where id = '$id'");
$author = $row['autor'];
$is_reg = $row['is_register'];
$post_id = $row['post_id'];
if ($row['id'] AND $post_id){
$have_perm = false;
if (($member_id['user_id'] == $row['user_id'] and $row['is_register'] and $user_group[$member_id['user_group']]['allow_delc']) or $member_id['user_group'] == '1' or $user_group[$member_id['user_group']]['del_allc'] ) $have_perm = true;
//if ( $user_group[$member_id['user_group']]['edit_limit'] AND (($row['date'] + ($user_group[$member_id['user_group']]['edit_limit'] * 60)) < $_TIME) ) {$have_perm = false;} <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
if($have_perm){
$db->query("DELETE FROM " . PREFIX . "_comments where id = '$id'");
if ($is_reg) $author = $db->safesql($author); {$db->query("UPDATE " . USERPREFIX . "_users set comm_num=comm_num-1 where name ='$author'");}
$db->query("UPDATE " . PREFIX . "_post set comm_num=comm_num-1 where id='$post_id'") ;
$cache->clear( array( 'news_', 'comments-last', 'comm_'.$post_id, 'full_'.$post_id ) );
@header( "Content-type: text/html; charset=" . $config['charset'] );
echo "<div class=\"block2 line_center\"><b><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>: $id, <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD>.</b></div>";
} else die( "error" );
} else die( "error" );
?>