Файл: setk/ajax/newModal/mail/list.php
Строк: 39
<?
include_once $_SERVER['DOCUMENT_ROOT'] . '/sys/inc/home.php';
include_once H.'sys/inc/start.php';
include_once H.'sys/inc/sess.php';
include_once H.'sys/inc/settings.php';
include_once H.'sys/inc/db_connect.php';
$ID = intval($_SESSION['id_user']);
// Cписок файлов
if (isset($_GET['list']))
{
$q = mysql_query("SELECT * FROM `mail_files` WHERE `id_kont` = '$ID' AND `id_post` = '0' ORDER BY id ASC");
while ($post = mysql_fetch_array($q))
{
?><div class="upload_success"> <?=htmlspecialchars($post['name'])?>.<?=htmlspecialchars($post['ras'])?> <a href="#" onclick="delete_file('<?=htmlspecialchars($post['name'])?>')"><img src="/style/icons/delete.gif" alt="*" /></a></div><?
}
exit;
}
// Удаление файла
if (isset($_GET['delete']))
{
$file = mysql_fetch_assoc(mysql_query("SELECT * FROM `mail_files` WHERE `name` = '" . mysql_real_escape_string($_GET['delete']) . "' AND `id_kont` = '$ID' AND `id_post` = '0' LIMIT 1"));
if (isset($file['id']) && $file['id_kont'] == $ID)
{
mysql_query("DELETE FROM `mail_files` WHERE `id` = '" . $file['id'] . "'");
@unlink(H.'sys/mail/files/' . $file['id'] . '.png');
@unlink(H.'sys/mail/files/' . $file['id'] . '.dat');
}
$q = mysql_query("SELECT * FROM `mail_files` WHERE `id_kont` = '$ID' AND `id_post` = '0' ORDER BY id ASC");
while ($post = mysql_fetch_array($q))
{
?><div class="upload_success"> <?=htmlspecialchars($post['name'])?>.<?=htmlspecialchars($post['ras'])?> <a href="#" onclick="delete_file('<?=htmlspecialchars($post['name'])?>')"><img src="/style/icons/delete.gif" alt="*" /></a></div><?
}
exit;
}
?>