Файл: Source/pages/deletepm.php
Строк: 15
<?php
/*
* Script name: Points4Prize
* Author: Soft Projects
* Date created: 15/07/2015
*/
if (!isset($_SESSION['logged_in'])) {
$_SESSION['location'] = "/pm";
header('Location: /login');
exit();
}
$ID = (int) htmlspecialchars($_GET['id']);
if (isset($_SESSION['user'], $_SESSION['pass'])) {
$user = str_replace(" ", "", $_SESSION['user']);
$user = sprintf("%s", mysql_real_escape_string($user));
} else {
$user = str_replace(" ", "", $_COOKIE['user']);
$user = sprintf("%s", mysql_real_escape_string($user));
}
mysql_query("DELETE FROM vn_messages WHERE id='{$ID}' and forw='{$user}'") or die(mysql_error());
header("Location: /pm");
?>