function comment_delete_action()
{
$BD = $_POST['comment_post_board'];
$ID = $_POST['comment_post_id'];
$CM = $_POST['comment_id'];
$OK = TRUE;
$who = isset($_SESSION['member']['id']) ? $_SESSION['member']['id'] : 0;
if ($_POST['comment_delete_member'] != $who) {
$OK = FALSE;
set_clue('登入身份已經變動要繼續動作請再切換!');
}
if (isset($_POST['comment_password'])) {
$result = inget('`comment_password`', 'comments', 'WHERE `id` = ' . $CM);
$comment = mysql_fetch_assoc($result);
if (empty($_POST['comment_password']) || hash('sha256', $_POST['comment_password']) != $comment['comment_password']) {
$OK = FALSE;
set_clue('密碼不正確無法刪除!');
}
}
if ($OK) {
$delete = '`id` = ' . $CM;
incut('comments', $delete);
$change['key'] = 'comment_count';
$change['value'] = 'comment_count-1';
$where['key'] = 'id';
$where['value'] = $ID;
inset('posts', $change, $where);
set_clue('回覆已經刪除!');
header('location: ' . OUT_PATH . $ID);
} else {
header('location: ' . OUT_PATH . 'clear/' . $CM);
}
}
function feed()
{
$many = 20;
$board = '';
//wait for more fix
$result = inget('`id`, `post_title`, `post_author`, `post_author_nicename`, `post_content`, `post_date`, `post_board`', 'posts', $board . 'ORDER BY `post_date` DESC LIMIT 0, ' . $many);
$board = board_info();
$who = member_who();
$prefix = isSSL() ? 'https:' : 'http:';
$row = mysql_fetch_all($result);
if ($row) {
foreach ($row as $id => $list) {
$row[$id]['post_board'] = $board[$list['post_board']]['name'];
$row[$id]['post_board_nicename'] = $board[$list['post_board']]['nicename'];
if ($list['post_author']) {
$row[$id]['post_author'] = $who[$list['post_author']]['nicename'];
} else {
$row[$id]['post_author'] = $list['post_author_nicename'];
}
$row[$id]['post_content'] = html_transfer(show_text($list['post_content']));
}
}
header('Content-type: application/xml; charset=utf-8');
echo '<?xml version="1.0" encoding="utf-8"?>' . "\n";
include load_template('feed');
}