Файл: chat/includes/massdel.php
Строк: 52
<?php
/**
* @package Chat for JohnCMS
* @link http://johncms.com
* @copyright Copyright (C) 2010-2017 k_2
* @license LICENSE.txt (see attached file)
* @version VERSION.txt (see attached file)
* @author http://johncms.com/profile/?user=6251
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
if (!$id || !$user_id || $chat_us_d['rights'] != 1 && $rights < 6) {
header("Location: index.php");
exit;
}
/*
-----------------------------------------------------------------
Удаление выбранных постов из чата
-----------------------------------------------------------------
*/
if (isset ($_GET['yes'])) {
$dc = $_SESSION['dc'];
if (isset ($_GET['del']) && $rights == 9) {
foreach ($dc as $delid) {
$soob = db::query("SELECT `id_u` FROM `chat_room_" . $id . "` WHERE `id` = '" . intval($delid) . "'");
if (mysqli_num_rows($soob)) {
$message = mysqli_fetch_assoc($soob);
$post_us_d = mysqli_fetch_assoc(db::query("SELECT `postchat` FROM `chat_users` WHERE `id_u` = '" . $message['id_u'] . "'"));
$postchat = $post_us_d['postchat'] > 0 ? $post_us_d['postchat'] - 1 : 0;
db::query("UPDATE `chat_users` SET `postchat` = '" . $postchat . "' WHERE `id_u` = '" . $message['id_u'] . "'");
db::query("DELETE FROM `chat_room_" . $id . "` WHERE `id` = '" . intval($delid) . "'");
}
}
header("Location: index.php?id=$id");
exit;
} else {
foreach ($dc as $delid) {
$soob = db::query("SELECT `id_u`, `author` FROM `chat_room_" . $id . "` WHERE `id` = '" . intval($delid) . "'");
if (mysqli_num_rows($soob)) {
$message = mysqli_fetch_assoc($soob);
$us_d = mysqli_fetch_assoc(db::query("SELECT `rights` FROM `users` WHERE `id` = '" . $message['id_u'] . "'"));
$post_us_d = mysqli_fetch_assoc(db::query("SELECT `postchat`, `rights` FROM `chat_users` WHERE `id_u` = '" . $message['id_u'] . "'"));
// Получаем должность автора сообщения
$rights_us_d = $us_d['rights'] ? $us_d['rights'] : $post_us_d['rights'];
// Получаем мою должность
$rights_d = $rights ? $rights : $chat_us_d['rights'];
if ($rights_us_d < $rights_d || $rights == 9) {
// Скрываем сообщение
$set_author = array();
$set_author = unserialize($message['author']);
$set_author['name_delete'] = $login;
db::query("UPDATE `chat_room_" . $id . "` SET `author` = '" . db::escape(serialize($set_author)) . "', `tip` = '1' WHERE `id` = '" . intval($delid) . "'");
$postchat = $post_us_d['postchat'] > 0 ? $post_us_d['postchat'] - 1 : 0;
db::query("UPDATE `chat_users` SET `postchat` = '" . $postchat . "' WHERE `id_u` = '" . $message['id_u'] . "'");
}
}
}
header("Location: index.php?id=$id");
exit;
}
} else {
if (empty ($_POST['delch'])) {
echo functions::display_error($lng_chat['nothing_selected'], '<a href="index.php?id=' . $id . '">' . $lng['back'] . '</a>');
require("../incfiles/end.php");
exit;
}
foreach ($_POST['delch'] as $v) {
$dc[] = intval($v);
}
$_SESSION['dc'] = $dc;
echo '<div class="phdr">' . $lng_chat['mass_dell'] . '</div><div class="menu">';
if ($rights == 9) {
echo $lng_chat['select_variant'] . ': <p><a href="index.php?act=massdel&id=' . $id . '&yes&del">' . $lng['delete'] . '</a> | <a href="index.php?act=massdel&id=' . $id . '&yes">' . $lng_chat['hide'] . '</a></p>';
} else {
echo $lng['delete_confirmation'] . '<p><a href="index.php?act=massdel&id=' . $id . '&yes">' . $lng_chat['action_yes'] . '</a> | <a href="index.php?id=' . $id . '">' . $lng_chat['action_no'] . '</a></p>';
}
echo '</div><div class="phdr"><a href="index.php?id=' . $id . '">Назад</a></div>';
}