Файл: 3020.ru/file_3020/plugins/shop.categorydelete.php
Строк: 30
<?
if ($level != 4) {
die('У вас нет прав доступа');
}
if (isset($ID)) {
$category = $sql -> fetch("SELECT * FROM `shop_category` WHERE `id` = '$ID' LIMIT 1");
}
if (!isset($category['id'])) {
die('Категории не существует');
}
if (isset($_GET['ok']) && isset($_SESSION['sid']) && isset($_GET['sid']) && ($_SESSION['sid'] == $_GET['sid'])) {
$sql -> delete("DELETE FROM `shop_category` WHERE `id_category` like '%%$category[id]%%'");
$sql -> delete("DELETE FROM `shop_category` WHERE `id` = '$category[id]'");
$array = $sql -> select("SELECT * FROM `shop_goods` WHERE `dir` like '%%/$category[id]/%%'");
foreach ($array AS $post) {
$sql -> delete("DELETE FROM `shop_comments` WHERE `id_goods` = '$post[id]'");
$sql -> delete("DELETE FROM `shop_votes` WHERE `id_goods` = '$post[id]'");
$sql -> delete("DELETE FROM `shop_goods` WHERE `id` = '$post[id]'");
$sql -> delete("DELETE FROM `shop_pays` WHERE `id_goods` = '$goods[id]' AND `pays` = '0'");
$file = unserialize($post['file']);
@unlink(FILES . 'shop/' . $file['cache'] . '.dat');
if ($post['screens']) {
$screens = unserialize($post['screens']);
foreach ($screens AS $key => $value){
@unlink(SRC . 'screen/shop/' . $value . '.png');
}
}
}
admin_log($user['id'], 'Магазин|Категории', "Удаление категории [b]" . $category['name'] . "[/b]");
$_SESSION['message'] = 'Категория успешно удалена';
header('Location: ?func=shop');
exit;
}
$sid = mt_rand(000, 999);
$_SESSION['sid'] = $sid;
$system['title'] = 'Удаление категории';
require SYS . 'header.php';
?>
<div class="nav2">
<center>Вы действительно хотите удалить категорию <?= text($category['name'])?>?</center>
<center><a href="?func=<?= $func?>&id=<?= $category['id']?>&sid=<?= $sid?>&ok" class="btn">Удалить</a>
<a href="?func=shop&id=<?= $category['id']?>" class="btn">Отмена</a></center>
</div>