Файл: vsime.com/bans/inc/act_delete.php
Строк: 47
<?
if ($count_arr_bans < 1)eccess_denied();
$ban = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `users_ban` WHERE `id` = '".intval($_GET['id'])."' AND `id_comm` = '0'"));
if ($ban == NULL) {
$title .= ' - Ошибка!';
ex_head();
show_errors('Нарушение не найдено.');
ex_foot();
}
$title .= ' - Удалить нарушение';
ex_head();
$ban_user = profile($ban['id_user']);
$ban_give_user = profile($ban['id_ank']);
if ($ban_give_user['id'] != $user['id'] && $user['level'] <= $ban_give_user['level']) {
$title .= ' - Ошибка!';
ex_head();
show_errors('Вам запрещено удалять это нарушение.');
ex_foot();
}
if (isset($_POST['submited']))
{
if (hsc(@$_POST['mdp'])==$mdp)
{
mysqli_query($dbi, "DELETE FROM `users_ban` WHERE `id` = '$ban[id]' AND `id_comm` = '0'");
if ($ban['akt_rating'] > 0 && $ban['time_ban'] > $time)mysqli_query($dbi, "UPDATE `user` SET `akt_rating_f` = '".($ban_user['akt_rating_f'] + $ban['akt_rating'])."' WHERE `id` = '$ban_user[id]'");
header("Location: ?id=$ban[id_user]");
msg_sess("Нарушение успешно удалено");
exit();
} else hacked_by_Killer();
}
echo "<form method='post'>n";
echo "Подтвердите удаление бана <a href='$config[profile_page]?id=$ban_user[id]'>$ban_user[nick]</a><br />n";
echo "<input type='hidden' name='mdp' value='$mdp'>n";
echo "<input type='submit' name='submited' value='Удалить' />n";
echo "</form>n";
echo "<div class='foot'>n";
echo image_back()." <a href='?id=$ban_user[id]'>Отмена</a>n";
echo "</div>n";
ex_foot();
?>