Файл: vkollektive2014/soo/inc/admin_soo_act.php
Строк: 32
<?
if(isset($_POST['ok']) && isset($_POST['name']))
{
$name=check(htmlspecialchars($_POST['name'], ENT_QUOTES));
$desc = check(htmlspecialchars($_POST['desc'], ENT_QUOTES));
if ($name<3 && $name>32){error('Название должно быть от трьёх до 32 сиволов!');
}
else
{
mysql_query("INSERT INTO `soo_cat` (`name`, `desc`) values ('$name', '$desc')");
ok('Категория успешно создана');
}
}
if(isset($_GET['edit']) && isset($_POST['name']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_cat` WHERE `id` = '".intval($_GET['edit'])."' LIMIT 1"),0)==1)
{
$name=check(htmlspecialchars($_POST['name'], ENT_QUOTES));
$desc = check(htmlspecialchars($_POST['desc'], ENT_QUOTES));
if(!isset($_POST['desc']) && !$_POST['desc']!=NULL){
$desc=NULL;
}
if (($name<3 && $name>32) || ($desc<3 && $desc>100)){error('Название должно быть от трьёх до 32 сиволов!');
}
else
{
mysql_query("UPDATE `soo_cat` SET `name`='$name', `desc`='$desc' WHERE `id`='".intval($_GET['edit'])."' LIMIT 1");
ok('Категория успешно изменена');
}
}
if(isset($_GET['del']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_cat` WHERE `id` = '".intval($_GET['del'])."' LIMIT 1"),0)==1)
{
$q=mysql_query("SELECT * FROM `soo` WHERE `id_cat`='".intval($_GET['del'])."'");
while ($delete = mysql_fetch_assoc($q))
{
mysql_query("DELETE FROM `soo_users` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo_chat` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo_news` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo_bl` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo_friends` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo_friends` WHERE `id_friend`='$delete[id]'");
mysql_query("DELETE FROM `soo_votes` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo_votes_otvet` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo_forums` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo_forum_thems` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo_forum_mess` WHERE `id_soo`='$delete[id]'");
mysql_query("DELETE FROM `soo` WHERE `id`='$delete[id]'");
mysql_query("DELETE FROM `soo_obmen_dir` WHERE `id_soo`='$delete[id]'");
$q2=mysql_query("SELECT * FROM `soo_obmen_files` WHERE `id_soo`='$delete[id]'");
while ($del = mysql_fetch_assoc($q2))
{
unlink(H.'sys/soo/obmen/files/'.$del['id'].'.dat');
}
mysql_query("DELETE FROM `soo_obmen_files` WHERE `id_soo`='$delid'");
mysql_query("DELETE FROM `soo_obmen_komm` WHERE `id_soo`='$delid'");
}
mysql_query("DELETE FROM `soo` WHERE `id_cat`='".intval($_GET['del'])."'");
mysql_query("DELETE FROM `soo_cat` WHERE `id`='".intval($_GET['del'])."'");
ok('Категория успешно удалена');
}
?>