<?php require_once "../../config.php"; require_once "../../dist/class/class.connect.php"; require_once "../../dist/functions/data.access.php"; $c_host = $databaselocation; $c_user = $databaseuser; $c_pass = $databasepass; $c_db = $databasename; session_start(); if (!isset($_SESSION["loged"])) { $html = file_get_contents("../session_error.html"); echo $html; } else { $id_local = $_POST["id"]; $local = getLocal($id_local); if ($local) { $local = $local[0]; $owner = $local->usuario; } else { $owner = 0; } $userid = $_SESSION["userid"]; if ($userid != $owner) { die("Usted no puede borrar este local"); } else { deleteLocal($id_local); die("Local borrado exitósamente"); } }
'nome'=>array('type'=>'string', 'length'=>255), 'codweb'=>array('type'=>'string', 'length'=>25), 'tipo_proced'=>array('type'=>'string', 'length'=>25), 'responsable'=>array('type'=>'string', 'length'=>50), 'corresponsable1'=>array('type'=>'string', 'length'=>50), 'corresponsable2'=>array('type'=>'string', 'length'=>50), 'corresponsable3'=>array('type'=>'string', 'length'=>50), 'cons1select'=>array('type'=>'int', 'length'=>2), 'cons2select'=>array('type'=>'int', 'length'=>2), 'observacions'=>array('type'=>'string', 'length'=>5000), 'promotor'=>array('type'=>'string', 'length'=>255), 'org_promotor'=>array('type'=>'string', 'length'=>255), 'org_sustantivo'=>array('type'=>'string', 'length'=>255), 'gid'=>array('type'=>'int', 'length'=>4) ); validateSqlInj(); /**** end SQL Injection validation ****/ function deleteLocal() { include '../conf/config.php'; // connection to database goes here $dbconn = pg_connect("host={$host} port={$port} dbname={$db_name} user={$username} password={$password}") or die('Could not connect: ' . pg_last_error()); pg_set_client_encoding($dbconn, "utf-8"); $actualiza = "DELETE FROM locais WHERE id = " . $_POST["idlocal"] . "; "; pg_query($actualiza) or die('Could not insert: ' . pg_last_error()); pg_close($dbconn); } deleteLocal();