Файл: vsime.com/comm/inc/act_delete_cat.php
Строк: 52
<?
if($user['id']==1 && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `comm_cat` WHERE `id` = '".intval($_GET['id'])."'"))!=0)
{
// $ust->access('comm_delete_cat')
$cat=mysqli_query($dbi, "SELECT * FROM `comm_cat` WHERE `id` = '".intval($_GET['id'])."'");
$cat=mysqli_fetch_array($cat);
$title .= ' - Удаление категории'; // Заголовок страницы
ex_head();
if (isset($_POST['submited']))
{
if (hsc(@$_POST['mdp'])==$mdp)
{
$query_comm = mysqli_query($dbi, "SELECT * FROM `comm` WHERE `id_cat` = '$cat[id]'");
while ($post_comm = mysqli_fetch_array($query_comm))
{
// удаляем все данные из форума
$query_forum_cat = mysqli_query($dbi, "SELECT * FROM `comm_forum` WHERE `id_comm` = '$post_comm[id]' AND `type` = 'cat'");
while ($post_forum_cat = mysqli_fetch_array($query_forum_cat))
{
$query_forum_topic = mysqli_query($dbi, "SELECT * FROM `comm_forum` WHERE `id_comm` = '$post_comm[id]' AND `type` = 'topic' AND `id_cat` = '$post_forum_cat[id]'");
while ($post_forum_topic = mysqli_fetch_array($query_forum_topic))
{
mysqli_query($dbi, "DELETE FROM `comm_forum` WHERE `id` = '$post_forum_topic[id]' AND `type` = 'topic'");
mysqli_query($dbi, "DELETE FROM `comm_forum_komm` WHERE `id_topic` = '$post_forum_topic[id]' LIMIT 1");
}
mysqli_query($dbi, "DELETE FROM `comm_forum` WHERE `id` = '$post_forum_cat[id]' AND `type` = 'cat'");
}
// удаляем все данные из чата
mysqli_query($dbi, "DELETE FROM `comm_chat` WHERE `id_comm` = '$post_comm[id]'");
mysqli_query($dbi, "DELETE FROM `comm_chat_who` WHERE `id_comm` = '$post_comm[id]'");
// удаляем все данные из загрузок
$query_files_dir = mysqli_query($dbi, "SELECT * FROM `comm_files` WHERE `id_comm` = '$post_comm[id]' AND `type` = 'dir' AND `id_dir` = '0'");
while ($post_files_dir = mysqli_fetch_array($query_files_dir))
{
$query_files_file = mysqli_query($dbi, "SELECT * FROM `comm_files` WHERE `id_comm` = '$post_comm[id]' AND `counter` like '%/$post_files_dir[id]/%' AND `type` = 'file'");
while ($post_files_file = mysqli_fetch_array($query_files_file))
{
mysqli_query($dbi, "DELETE FROM `comm_files_komm` WHERE `id_file` = '$post_files_file[id]' AND `id_comm` = '$post_comm[id]'");
mysqli_query($dbi, "DELETE FROM `comm_files_rating` WHERE `id_file` = '$post_files_file[id]' AND `id_comm` = '$post_comm[id]'");
mysqli_query($dbi, "DELETE FROM `comm_files` WHERE `id` = '$post_files_file[id]' AND `type` = 'file' AND `id_comm` = '$post_comm[id]'");
unlink(H."comm/files/c$post_comm[id]/d$post_files_file[id_dir]/$post_files_file[name].$post_files_file[ras].dat");
if (is_file(H."comm/screen_tmp/48-48_".$post_files_file['id']."screen.png"))unlink(H."comm/screen_tmp/48-48_".$post_files_file['id']."screen.png");
if (is_file(H."comm/screen_tmp/128-128_".$post_files_file['id']."screen.png"))unlink(H."comm/screen_tmp/128-128_".$post_files_file['id']."screen.png");
}
$query_files_dir2 = mysqli_query($dbi, "SELECT * FROM `comm_files` WHERE `id_comm` = '$post_comm[id]' AND `counter` like '%/$post_files_dir[id]/%' AND `type` = 'dir'");
while ($post_files_dir2 = mysqli_fetch_array($query_files_dir2))
{
rmdir(H."comm/files/c$post_comm[id]/d$post_files_dir2[id]");
mysqli_query($dbi, "DELETE FROM `comm_files` WHERE `id` = '$post_files_dir2[id]' AND `type` = 'dir' AND `id_comm` = '$post_comm[id]'");
}
mysqli_query($dbi, "DELETE FROM `comm_files` WHERE `id` = '$post_files_dir[id]' AND `type` = 'dir' AND `id_comm` = '$post_comm[id]'");
rmdir(H."comm/files/c$post_comm[id]/d$post_files_dir[id]");
}
rmdir(H."comm/files/c$post_comm[id]/d0");
// удаляем визиты
mysqli_query($dbi, "DELETE FROM `soo_visits` WHERE `id_comm` = '$post_comm[id]'");
// удаляем участников
mysqli_query($dbi, "DELETE FROM `comm_users` WHERE `id_comm` = '$post_comm[id]'");
// удаляем баны
mysqli_query($dbi, "DELETE FROM `users_ban` WHERE `id_comm` = '$post_comm[id]'");
// удаляем записи в журнале
mysqli_query($dbi, "DELETE FROM `comm_journal` WHERE `id_comm` = '$post_comm[id]'");
// удаляем юзеров из ч/с сообщества
mysqli_query($dbi, "DELETE FROM `comm_blist` WHERE `id_comm` = '$post_comm[id]'");
// удаляем "пересоздателей"
mysqli_query($dbi, "DELETE FROM `comm_readmin` WHERE `id` = '$post_comm[id]'");
// удаляем сообщество
mysqli_query($dbi, "DELETE FROM `comm` WHERE `id` = '$post_comm[id]'");
if (is_file(H."i/comm_avatar/comm.".$post_comm['id'].".".$post_comm['mdi'].".img.png"))unlink(H."i/comm_avatar/comm.".$post_comm['id'].".".$post_comm['mdi'].".img.png");
}
// удаляем категорию
mysqli_query($dbi, "DELETE FROM `comm_cat` WHERE `id` = '$cat[id]'");
header("Location:/comm");
exit;
} else hacked_by_Killer();
}
echo "<form method='POST'>n";
echo "<div class='freespace'>n";
echo "Подтвердите удаление категории<br/>n";
echo "</div>n";
echo "<div class='freespace'>n";
echo "<input type='hidden' name='mdp' value='$mdp'>n";
echo "<input type='submit' name='submited' value='Удалить'>n";
echo "</div>n";
echo "</form>n";
echo "<div class='foot'>n";
echo image_back()." <a href='?'>Отмена</a>n";
echo "</div>n";
ex_foot();
}
else{header("Location:/comm");exit;}
?>