Файл: modules/blog/delete.php
Строк: 44
<?php
/**
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) 2013, Taras Chornyi, Sergiy Mazurenko, Ivan Kotliar
* @link http://perf-engine.net
* @package PerfEngine
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
$locate = 'in_blogs';
if(!User::logged()) redirect('/');
$locate = 'in_blogs';
$id = num($_GET['id']);
if(!isset($_GET['id']) || $db->query("SELECT * FROM `blogs` WHERE `id` = '$id'")->rowCount() == 0 || ($db->query("SELECT user_id FROM `blogs` WHERE `id` = '$id'")->fetchColumn() != User::Id() && User::level() < 5))
{
redirect('/blog/note/'.$id);
}
if(isset($_POST['yes']))
{
$db->query("DELETE FROM `blogs` WHERE `id` = '".abs(intval($_GET['id'])) ."'");
redirect('/blog/');
}
elseif(isset($_POST['no']))
{
redirect('/blog/');
}
$title = _t('delete');
include_header($title);
$tpl->div('title', _t('delete'));
echo '<form action="/blog/delete/'.abs(intval($_GET['id'])) .'" method="post">
<div class="menu">
<b>'. _t('r_sure') .'</b><br/>
<input name="yes" type="submit" value="'. _t('yes') .'" /> <input name="no" type="submit" value="'. _t('no') .'" /><br/>
</div>
</form>';
$tpl->div('block', NAV .'<a href="/blog/">'. _t('blogs') .'</a><br/>' . HICO .'<a href="/">'. _t('home').'</a>');
include_footer();
?>