-
Notifications
You must be signed in to change notification settings - Fork 22
/
delete.php
46 lines (32 loc) · 1.44 KB
/
delete.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<?php
require_once 'connect.php';
/*$_POST['id'] = $_GET['id'];
$_POST['parent-topic-id'] = $_GET['parent-topic-id'];
$_POST['content-type'] = $_GET['content-type'];/**/
if (!isset($_POST['parenttopicid']) && $_POST['postortopic'] == 'topic') {$_POST['parenttopicid'] = $_POST['id'];}
if (!is_numeric($_POST['id'])) die('Can not understand post data :(');
if ($_POST['postortopic'] == 'topic') {
if (isset($_SESSION['permissions']) && ($_SESSION['permissions'] == '1')) {
$query = $db->prepare('DELETE FROM topics WHERE topic_id = ?');
$query->execute(array($_POST['id'])) or die ($query->errorInfo()[2]);
die("success, the topic was deleted!");
}
else {
die("You need to be a moderator or the owner of the topic to delete posts");
}
}
elseif ($_POST['postortopic'] == 'post') {
if (isset($_SESSION['permissions']) && ($_SESSION['permissions'] == '1')) {
$query = $db->prepare('DELETE FROM posts WHERE post_id = ?');
$query->execute(array($_POST['id'])) or die ($query->errorInfo()[2]);
$query = $db->prepare('UPDATE topics SET topic_replies = (topic_replies-1) WHERE topic_id = ?');
$query->execute(array($_POST['parenttopicid'])) or die ($query->errorInfo()[2]);
die("success");
}
else {
die("You need to be a moderator or the owner of the topic to delete posts");
}
}
else {die("Sorry, but we do not have the necessary post data to delete a post");}
//echo "everything works";
?>