function delete_message() { if (!is_logged_in() || !is_post_parameter_complete(array('username', 'date')) || !(is_admin() || is_logged_username($_POST['username']))) { Error('Invalid Access'); } if (DeletePost($_POST['username'], $_POST['date'])) { echo 'success'; } else { echo 'Delete failed'; } }
$strBody = $_REQUEST['message']; $bParseURLs = (bool) $_REQUEST['parseurls']; $bParseEMails = (bool) $_REQUEST['parseemails']; $bDisableSmilies = (bool) $_REQUEST['dsmilies']; $aDeleteAttachments = $_REQUEST['deleteattach']; } else { // Store the post info into variables. $strSubject = $aPostInfo['title']; $iPostIcon = (int) $aPostInfo['icon']; $strBody = $aPostInfo['body']; $bDisableSmilies = $aPostInfo['dsmilies']; } // Are they deleting? if ($_REQUEST['submit'] == 'Delete Now' && (bool) $_REQUEST['deletepost']) { // Yes, do that now. DeletePost($aPostInfo); } // Template require "./skins/{$CFG['skin']}/editpost.tpl.php"; // Send the page. exit; // *************************************************************************** \\ // The user hit the Delete [Post] Now button, so that's what we'll attempt to do. function DeletePost($aPostInfo) { global $CFG, $dbConn, $iForumID; $iPostID = $aPostInfo['id']; $iThreadID = $aPostInfo['parent']; $iAuthorID = $aPostInfo['author']; // Get the thread's root. $dbConn->query("SELECT post.id FROM post LEFT JOIN thread ON (post.parent = thread.id) WHERE thread.id={$iThreadID} ORDER BY post.datetime_posted ASC LIMIT 1");
require_once 'post.class.php'; require_once inc_response; require_once inc_dataReader; require_once inc_component; require_once inc_manage_unit; require_once inc_QueryHelper; $task = isset($_POST["task"]) ? $_POST["task"] : (isset($_GET["task"]) ? $_GET["task"] : ""); switch ($task) { case "fullSelect": fullSelect(); case "selectPost": selectPost(); case "SavePost": SavePost(); case "DeletePost": DeletePost(); case "MovePost": MovePost(); } function selectPost() { $where = "1=1"; $whereParam = array(); //----------------------- if (!empty($_POST["post_id"])) { $where .= "post_id=:pid"; $whereParam[":pid"] = $_POST["post_id"]; } if (!empty($_POST["title"])) { $where .= "title like :title"; $whereParam[":pid"] = "%" . $_POST["title"] . "%";