Файл: 3020.ru/file_3020/plugins/admin.userdelete.php
Строк: 113
<?
if ($level != 4 || $ID == $user['id']) {
die('У вас нет прав доступа');
}
if (isset($ID)) {
$ank = $sql -> fetch("SELECT * FROM `users` WHERE `id` = '$ID' LIMIT 1");
} else {
die('Не указан ID параметр пользователя');
}
if (!$ank['id']) {
die('Пользователя не существует');
}
if (isset($_POST['captcha'])) {
$captcha = (int) $_POST['captcha'];
if ($captcha != $_SESSION['captcha']) {
$err[] = 'Неверный код с картинки';
}
if (!isset($err)) {
/**
* Профиль
*/
//$sql -> delete("DELETE FROM `users` WHERE `id` = '$ank[id]'");
/**
* Файлы
*/
@unlink(SRC . 'avatar/' . $ank['id'] . '.png');
@unlink(SRC . 'wmid/' . $ank['wmid'] . '.png');
/**
* Контакты
*/
$sql -> delete("DELETE FROM `contacts` WHERE `id_user` = '$ank[id]' OR `id_contact` = '$ank[id]'");
/**
* Чат
*/
$sql -> delete("DELETE FROM `chat` WHERE `id_user` = '$ank[id]'");
/**
* Логи входов
*/
$sql -> delete("DELETE FROM `users_log` WHERE `id_user` = '$ank[id]'");
/**
* Логи биллинга
*/
$sql -> delete("DELETE FROM `billing_log` WHERE `id_user` = '$ank[id]'");
/**
* Журнал
*/
$sql -> delete("DELETE FROM `journal` WHERE `id_user` = '$ank[id]'");
/**
* Логи администратора
*/
$sql -> delete("DELETE FROM `admin_log` WHERE `id_user` = '$ank[id]'");
/**
* Отзывы о сайте
*/
$sql -> delete("DELETE FROM `votes` WHERE `id_user` = '$ank[id]'");
/**
* Новости
*/
$sql -> delete("DELETE FROM `news` WHERE `id_user` = '$ank[id]'");
$sql -> delete("DELETE FROM `news_comments` WHERE `id_user` = '$ank[id]'");
/**
* Почта
*/
$array = $sql -> select("SELECT * FROM `mail` WHERE `id_contact` = '$ank[id]' OR `id_user` = '$ank[id]'");
foreach ($array AS $post) {
if ($post['file']) {
$file = unserialize($post['file']);
@unlink(SRC . 'screen/mail/' . $file['cache'] . '.png');
unlink(FILES . 'mail/' . $file['cache'] . '.dat');
} else {
$file = false;
}
$sql -> delete("DELETE FROM `mail` WHERE `id` = '$post[id]' AND (`id_user` = '$ank[id]' OR `id_contact` = '$ank[id]') LIMIT 1");
}
/**
* Тикеты
*/
$array = $sql -> select("SELECT * FROM `support_id` WHERE `id_user` = '$ank[id]'");
foreach ($array AS $post) {
$sql -> delete("DELETE FROM `support` WHERE `id_user` = '$post[id]'");
if ($post['screens']) {
$screens = unserialize($post['screens']);
foreach ($screens AS $key => $value){
@unlink(SRC . 'screen/support/' . $value . '.png');
}
}
}
/**
* Товары
*/
$array = $sql -> select("SELECT * FROM `shop_goods` WHERE `id_user` = '$ank[id]'");
foreach ($array AS $post) {
$sql -> delete("DELETE FROM `shop_comments` WHERE `id_goods` = '$post[id]'");
$sql -> delete("DELETE FROM `shop_votes` WHERE `id_goods` = '$post[id]'");
$sql -> delete("DELETE FROM `shop_goods` WHERE `id` = '$post[id]'");
$file = unserialize($post['file']);
@unlink(FILES . 'shop/' . $file['cache'] . '.dat');
if ($post['screens']) {
$screens = unserialize($post['screens']);
foreach ($screens AS $key => $value){
@unlink(SRC . 'screen/shop/' . $value . '.png');
}
}
}
/**
* Подписки и подписчики
*/
$sql -> delete("DELETE FROM `shop_spy` WHERE `id_user` = '$ank[id]' OR `id_author` = '$ank[id]'");
/**
* Неоплаченные счета
*/
$sql -> delete("DELETE FROM `shop_pays` WHERE (`id_user` = '$ank[id]' OR `id_author` = '$ank[id]') AND `pays` = '0'");
/**
* Журнал
*/
$sql -> delete("DELETE FROM `journal` WHERE `id_user` = '$ank[id]'");
admin_log($user['id'], 'Пользователи|Удаление пользователя', "Удаление пользователя: ID $ank[id], Логин: $ank[login], Email: $ank[email], ICQ: $ank[icq]~, Skype: $ank[skype]~ ");
/**
* Профиль
*/
$sql -> delete("DELETE FROM `users` WHERE `id` = '$ank[id]'");
$_SESSION['message'] = 'Пользователь успешно удален';
header('Location: /?func=admin&sid='. mt_rand(000, 999));
exit;
//header('Location: );
//exit;
}
}
$system['title'] = 'Удаление пользователя ' . login($ID, 0);
require SYS . 'header.php';
?>
<form class="form-horizontal" action="?func=admin.userdelete&id=<?= $ank['id']?>" method="POST" style="margin: 2px;">
<div class="alert alert-block" style="margin: 2px;">
<button type="button" class="close" data-dismiss="alert">×</button>
Вы действительно хотите удалить пользователя <?= login($ID, 1)?>?
</div>
<div class="control-group">
<label class="control-label" for="captcha">Код с картинки</label>
<div class="controls">
<img src="/_src/captcha.php?sid=<?= mt_rand(10000, 99999); ?>" id="captcha" class="captcha" /> <input type="text" id="captcha" class="captcha" name="captcha" placeholder="Введите код с картинки..">
</div>
</div>
<div class="control-group" style="margin: 2px;">
<div class="controls">
<button type="submit" class="btn">Удалить</button>
</div>
</div>
</form>
<div class="foot">
« <a href="?func=admin">Админ панель</a>
</div>