function manageReport($id, $type, $post, $kind)
 {
     if ($kind == 1) {
         // Prepare the statement to delete the message/comment from the database
         if ($type == 1) {
             // Get the current type (for images deletion)
             $query = $this->db->query(sprintf("SELECT `type`, `value` FROM `messages` WHERE `id` = '%s'", $this->db->real_escape_string($post)));
             $row = $query->fetch_assoc();
             // Execute the deletePhotos function
             deletePhotos($row['type'], $row['value']);
             $stmt = $this->db->prepare("DELETE FROM `messages` WHERE `id` = '{$this->db->real_escape_string($post)}'");
         } else {
             $stmt = $this->db->prepare("DELETE FROM `comments` WHERE `id` = '{$this->db->real_escape_string($post)}'");
         }
         // Execute the statement
         $stmt->execute();
         // Save the affected rows
         $affected = $stmt->affected_rows;
         // Close the statement
         $stmt->close();
         $this->db->query("UPDATE `reports` SET `state` = '2' WHERE `post` = '{$this->db->real_escape_string($post)}' AND `type` = '{$this->db->real_escape_string($type)}'");
         return 1;
     } else {
         // Make the report safe
         $stmt = $this->db->prepare("UPDATE `reports` SET `state` = '1' WHERE `post` = '{$this->db->real_escape_string($post)}' AND `type` = '{$this->db->real_escape_string($type)}'");
         // Execute the statement
         $stmt->execute();
         // Save the affected rows
         $affected = $stmt->affected_rows;
         // Close the statement
         $stmt->close();
         // If the row has been affected
         return $affected ? 1 : 0;
     }
 }
/**
*  Delete an ad and associated photos
*
*  @param integer $ad_id    Ad ID number
*  @param boolean $admin    True if this is an administrator
*/
function adDelete($ad_id = '', $admin = false, $table = 'ad_ads')
{
    global $_USER, $_TABLES, $_CONF_ADVT;
    $ad_id = COM_sanitizeID($ad_id);
    if ($ad_id == '') {
        return 1;
    }
    if ($table != 'ad_ads' && $table != 'ad_submission') {
        return 2;
    }
    // Check the user's access level.  If this is an admin call,
    // force access to read-write.
    $myaccess = $admin ? 3 : CLASSIFIEDS_checkAccess($ad_id);
    if ($myaccess < 3) {
        return 3;
    }
    /*    $selection = "ad_id = '$ad_id'";
        if (!$admin) {
            $selection.= " AND uid={$_USER['uid']}";
        }
        $ad = DB_getItem($_TABLES[$table], 'ad_id', $selection);
        if ($ad == '')
            return 5;*/
    // If we've gotten this far, then the current user has access
    // to delete this ad.
    if ($table == 'ad_submission') {
        // Do the normal plugin rejection stuff
        plugin_moderationdelete_classifieds($ad_id);
    } else {
        // Do the extra cleanup manually
        if (deletePhotos($ad_id) != 0) {
            return 5;
        }
    }
    // After the cleanup stuff, delete the ad record itself.
    DB_delete($_TABLES[$table], 'ad_id', $ad_id);
    CLASSIFIEDS_auditLog("Ad {$ad_id} deleted.");
    if (DB_error()) {
        COM_errorLog(DB_error());
        return 4;
    } else {
        return 0;
    }
}
Example #3
0
 function delete($id, $type)
 {
     // Type 0: Delete Comment
     // Type 1: Delete Message
     // Type 2: Delete Chat Message
     // Prepare the statement
     if ($type == 0) {
         $stmt = $this->db->prepare("DELETE FROM `comments` WHERE `id` = '{$this->db->real_escape_string($id)}' AND `uid` = '{$this->db->real_escape_string($this->id)}'");
         // Set $x variable to 1 if the delete query is for `comments`
         $x = 0;
     } elseif ($type == 1) {
         // Get the current type (for images deletion)
         $query = $this->db->query(sprintf("SELECT `type`, `value` FROM `messages` WHERE `id` = '%s'", $this->db->real_escape_string($id)));
         $row = $query->fetch_assoc();
         // Execute the deletePhotos function
         deletePhotos($row['type'], $row['value']);
         $stmt = $this->db->prepare("DELETE FROM `messages` WHERE `id` = '{$this->db->real_escape_string($id)}' AND `uid` = '{$this->db->real_escape_string($this->id)}'");
         // Set $x variable to 1 if the delete query is for `messages`
         $x = 1;
     } elseif ($type == 2) {
         $stmt = $this->db->prepare("DELETE FROM `chat` WHERE `id` = '{$this->db->real_escape_string($id)}' AND `from` = '{$this->db->real_escape_string($this->id)}'");
         $x = 2;
     }
     // Execute the statement
     $stmt->execute();
     // Save the affected rows
     $affected = $stmt->affected_rows;
     // Close the statement
     $stmt->close();
     // If the messages/comments table was affected
     if ($affected) {
         // Deletes the Comments/Likes/Reports if the Message was deleted
         if ($x == 1) {
             $this->db->query("DELETE FROM `comments` WHERE `mid` = '{$this->db->real_escape_string($id)}'");
             $this->db->query("DELETE FROM `likes` WHERE `post` = '{$this->db->real_escape_string($id)}'");
             $this->db->query("DELETE FROM `reports` WHERE `post` = '{$this->db->real_escape_string($id)}' AND `parent` = '0'");
             $this->db->query("DELETE FROM `notifications` WHERE `parent` = '{$this->db->real_escape_string($id)}'");
         } elseif ($x == 0) {
             $this->db->query("DELETE FROM `reports` WHERE `post` = '{$this->db->real_escape_string($id)}' AND `parent` != '0'");
             $this->db->query("DELETE FROM `notifications` WHERE `child` = '{$this->db->real_escape_string($id)}' AND `type` = '1'");
         }
     }
     return $affected ? 1 : 0;
 }
Example #4
0
<?php

require "Include/Config.php";
require "Include/Functions.php";
$redirectURL = "Menu.php";
$deleted = false;
if ($_SESSION['bAddRecords'] || $bOkToEdit) {
    if (isset($_GET['PersonID'])) {
        $id = FilterInput($_GET["PersonID"], 'int');
        $deleted = deletePhotos("Person", $id);
        $redirectURL = "PersonView.php?PersonID=" . $id;
    } else {
        if (isset($_GET['FamilyID'])) {
            $id = FilterInput($_GET["FamilyID"], 'int');
            $deleted = deletePhotos("Family", $id);
            $redirectURL = "FamilyView.php?FamilyID=" . $id;
        } else {
            if (isset($_GET['GroupID'])) {
                $id = FilterInput($_GET["GroupID"], 'int');
                $deleted = deletePhotos("Group", $id);
                $redirectURL = "GroupView.php?GroupID=" . $id;
            }
        }
    }
    if ($deleted) {
        $redirectURL = $redirectURL . "&ProfileImageDeleted=true";
    }
}
Redirect($redirectURL);