$ds = mysqli_fetch_array(safe_query("SELECT\n screens, poster\n FROM\n " . PREFIX . "news\n WHERE\n newsID='" . (int) $id . "'"));
if (($ds['poster'] != $userID || !isnewswriter($userID)) && !isnewsadmin($userID)) {
die($_language->module['no_access']);
}
if ($ds['screens']) {
$screens = explode("|", $ds['screens']);
if (is_array($screens)) {
$filepath = "./images/news-pics/";
foreach ($screens as $screen) {
if (file_exists($filepath . $screen)) {
@unlink($filepath . $screen);
}
}
}
}
\webspell\Tags::removeTags('news', $id);
safe_query("DELETE FROM " . PREFIX . "news WHERE newsID='" . (int) $id . "'");
safe_query("DELETE FROM " . PREFIX . "news_contents WHERE newsID='" . (int) $id . "'");
safe_query("DELETE FROM " . PREFIX . "comments WHERE parentID='" . (int) $id . "' AND type='ne'");
generate_rss2();
if (isset($_GET['close'])) {
echo '<body onload="window.close()"></body>';
} else {
header("Location: index.php?site=news");
}
} elseif ($action == "edit") {
include "_mysql.php";
include "_settings.php";
include "_functions.php";
$_language->readModule('news');
$newsID = $_GET['newsID'];
