Файл: test.masteram.us/adm_panel/delete_mail.php
Строк: 8
<?
include '../Core.php';
if($user['level']=4){
if (isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id` = '".intval($_GET['id'])."'"),0)==1)
{
$post=mysql_fetch_assoc(mysql_query("SELECT * FROM `mail` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"));
$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1"));
if (isset($user) && ($user['level']>$ank['level']))
mysql_query("DELETE FROM `mail` WHERE `id` = '$post[id]'");
}
if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']!=NULL)
header("Location: ".$_SERVER['HTTP_REFERER']);
}
else
header("Location: mail.php?".SID);
?>