/**
*
*/
function _unsetcookies()
{
setcookie('username', '', time() - 1);
setcookie('uniqid', '', time() - 1);
_session_destroy();
_location(null, 'index.php');
}
$_rows = _fetch_array("SELECT \n\t\t\t\t\t\t\t\ttg_id,tg_fromuser,tg_content,tg_date\n\t\t\t\t\t\t\tFROM \n\t\t\t\t\t\t\t\ttg_message \n\t\t \t\t\t\t WHERE \n\t\t\t\t\t\t\t\ttg_id='{$_GET['id']}' \n\t\t\t\t\t\t LIMIT 1\n\t\t\t\t\t\t ");
//check whether a message exist
if ($_rows) {
//protect from illegal deleting by validating unique identifier
if (!!($_rows = _fetch_array("SELECT \n\t\t\t\t\t\t\t\t\t\t\t\ttg_uniqid \n\t\t \t\t\t\t\t\t\t\t FROM \n\t\t\t\t\t\t\t\t\t\t\t\ttg_user \n\t\t\t\t\t\t\t\t\t\t WHERE \n\t\t\t\t\t\t\t\t\t\t\t\ttg_username='******'username']}' \n\t\t\t\t\t\t\t\t\t\t LIMIT 1"))) {
//Protect from faking unique identifier
_uniqid($_rows['tg_uniqid'], $_COOKIE['uniqid']);
//delete a single message
_query("DELETE FROM \n\t\t\t\t\t\t\t\ttg_message \n\t\t\t\t \t\t WHERE \n\t\t\t\t\t\t\t\ttg_id='{$_GET['id']}' \n\t\t\t\t\t\t LIMIT 1\n\t\t\t\t");
if (_affected_rows() == 1) {
_close();
_session_destroy();
_location('Message deleted', 'member_message.php');
} else {
_close();
_session_destroy();
_alert_back('Fail to delete');
}
} else {
_alert_back('Illegal access');
}
} else {
_alert_back('This message does not exist');
}
}
}
if (isset($_GET['id'])) {
$_rows = _fetch_array("SELECT \n\t\t\t\t\t\t\t\ttg_id,tg_state,tg_fromuser,tg_content,tg_date\n\t\t\t\t\t\t\tFROM \n\t\t\t\t\t\t\t\ttg_message \n\t\t \t\t\t\t WHERE \n\t\t\t\t\t\t\t\ttg_id='{$_GET['id']}' \n\t\t\t\t\t\t LIMIT 1\n\t\t\t\t\t\t ");
if ($_rows) {
//check whether a message is readed
if (empty($_rows['tg_state'])) {
/**
*_logout 注销登录并销毁session
*/
function _logout()
{
setcookie('username', '', time() - 3600);
setcookie('uniqid', '', time() - 3600);
_session_destroy();
}
