Просмотр файла katrinka.ru/forum_del.php

Конкурс дизайнеров на 15000 рублей
Свежие Креативы и море позитива !!!
Размер файла: 4.56Kb 
  1. <?php
  2.   include 'guestbook/mylib.php';
  3.   include 'config.php';
  4.   if (!checkagent($_SERVER['HTTP_USER_AGENT'])) { noemul(); exit; }
  5.   session_start();
  6.   $agent=$_SERVER['HTTP_USER_AGENT'];
  7.   $uid=0;
  8.   $lang=$_GET['lang'];
  9.   $r=$_GET['r'];
  10.   if (!$r) $r=$_POST['r'];
  11.   $t=htmlspecialchars(trim($_GET['t']),ENT_QUOTES);
  12.   $pid=htmlspecialchars(trim($_GET['pid']),ENT_QUOTES);
  13.   $close=htmlspecialchars(trim($_GET['close']),ENT_QUOTES);
  14.   if ((!$pid)&&(!$t)) exit;
  15.   if (($close)&&(!$t)) exit;
  16.   if ((trim($_COOKIE['Login'])!='')&&(trim($_COOKIE['Password'])!='')) {
  17. 	$login=htmlspecialchars(trim($_COOKIE['Login']),ENT_QUOTES);
  18. 	$pass=htmlspecialchars(trim($_COOKIE['Password']),ENT_QUOTES);
  19.   } else {
  20. 	$login=htmlspecialchars(trim($_POST['login']),ENT_QUOTES);
  21. 	$pass=htmlspecialchars(trim($_POST['pass']),ENT_QUOTES);
  22. 	$nocookie=1;
  23.   }
  24.   if (!($conn=pg_connect("host=$dbhost port=$dbport dbname=$dbname user=$dbuser password=$dbpass"))) exit;
  25. 	if ((isset($_SESSION['id']))&&(isset($_SESSION['access']))) {
  26. 		$uid=$_SESSION['id'];
  27. 		$access=$_SESSION['access'];
  28. 	} else {
  29. 	$res=pg_query($conn,"select id,access from users where login='$login' and passwd='$pass' and moder=0;");
  30. 	$rows=pg_numrows($res);
  31.  
  32. 	if (!$rows) {
  33. 		header("Content-type: text/vnd.wap.wml");
  34. ?>
  35. <?xml version="1.0" encoding="utf-8"?>
  36. <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
  37. <wml>
  38. <card id="Login" title="Login">
  39. <p align="center">
  40. Login: 
  41. <input type="text" name="login" title="Login" maxlength="10"/><br/>
  42. Password:
  43. <input type="password" name="pass" title="Password" maxlength="15"/><br/>
  44. <anchor title="Del">DELETE<go href="forum_del.php" method="post">
  45. <postfield name="login" value="$(login)"/>
  46. <postfield name="pass" value="$(pass)"/>
  47. <?php print "<postfield name=\"lang\" value=\"".$_GET['lang']."\"/>\n";
  48. print "<postfield name=\"pid\" value=\"".$pid."\"/>\n";
  49. print "<postfield name=\"t\" value=\"".$t."\"/>\n";
  50. print "<postfield name=\"close\" value=\"".$close."\"/>\n";
  51. print "<postfield name=\"r\" value=\"".$r."\"/>\n"; ?>
  52. </go></anchor>
  53. </p>
  54. </card>
  55. </wml>
  56. <?php
  57. 		pg_close($conn);
  58. 		exit;
  59. 	}
  60. 	$uid=pg_result($res,0,0);
  61. 	$access=pg_result($res,0,1);
  62. 	$_SESSION['id']=$uid;
  63. 	$_SESSION['access']=$access;
  64. }
  65. 	if ($pid) {
  66. 		$res=pg_query($conn,"select uid,theme from threads where id='$pid';");
  67. 		$fr_u=pg_result($res,0,0);
  68. 		$t=pg_result($res,0,1);
  69. 		$res=pg_query($conn,"select forum from themes where id='$t';");
  70. 		$f=pg_result($res,0,0);
  71. 	} else {
  72. 		$res=pg_query($conn,"select rplnum,forum from themes where id='$t';");
  73. 		$rplnum=pg_result($res,0,0);
  74. 		$f=pg_result($res,0,1);
  75. 	}
  76. 	$res=pg_query($conn,"select id from forum_moder where forum='$f' and uid='$uid';");
  77. 	if (pg_numrows($res)==1) $fmoder=1; else $fmoder=0;
  78.  
  79. 	if (($access < 3)&&(!$fmoder)) {
  80. 		pg_close($conn);
  81. 		header("Location: /");
  82. 	}
  83. 	
  84. 	$res=pg_query($conn,"select id from user_agent where uid='$uid' and agent='$agent';");
  85. #	if (pg_numrows($res)!=1) {
  86. 	if (1==2) {
  87. 		pg_close($conn);
  88. 		header("Content-type: text/vnd.wap.wml"); ?>
  89. <?xml version="1.0" encoding="utf-8"?>
  90. <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
  91. <wml>
  92. <card id="NoOK" title="Error">
  93. <p align="center">
  94. DELETE failed.
  95. </p>
  96. </card>
  97. </wml>
  98. <?php
  99. 		exit;
  100. 	}
  101. 	pg_query($conn,"begin;");
  102. 	if ($pid) {
  103. 		pg_query($conn,"update users set fposts=fposts-1 where id='$fr_u';");
  104. 		pg_query($conn,"update themes set rplnum=rplnum-1 where id='$t';");
  105. 		pg_query($conn,"update forums set nrepl=nrepl-1 where id='$f';");
  106. 		pg_query($conn,"delete from threads where id='$pid';");
  107. 	} else {
  108. 		$res=pg_query($conn,"select uid from threads where theme='$t';");
  109. 		$rows=pg_numrows($res);
  110. 		for ($i=0; $i<$rows; $i++) {
  111. 			$fr_u=pg_result($res,0,0);
  112. 			pg_query($conn,"update users set fposts=fposts-1 where id='$fr_u';");
  113. 		}
  114. 		pg_query($conn,"update forums set nrepl=nrepl-'$rplnum',nthemes=nthemes-1 where id='$f';");
  115. 		pg_query($conn,"delete from threads where theme='$t';");
  116. 		pg_query($conn,"delete from seen_by where theme='$t';");
  117. 		pg_query($conn,"delete from themes where id='$t';");
  118. 	}       
  119. 	pg_query($conn,"end;");
  120. 	
  121. 	pg_close($conn);
  122. 	if (!$res) exit;
  123. 	header("Content-type: text/vnd.wap.wml");
  124. ?>
  125. <?xml version="1.0" encoding="utf-8"?>
  126. <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
  127. <wml>
  128. <?php
  129. 	if ($pid) {
  130. 		print "<card id=\"DelOk\" title=\"REMOVED\" ontimer=\"forum.php?t=".$t."&amp;".SID."\">\n";
  131. 	} else {
  132. 		print "<card id=\"DelOk\" title=\"REMOVED\" ontimer=\"forum.php?f=".$f."&amp;".SID."\">\n";
  133. 	}
  134.  ?>
  135. <timer value="10"/>
  136. <p align="center">
  137. <?php print "Removed\n"; ?>
  138. </p>
  139. </card>
  140. </wml>