public function deleteComment() { $id = intval($_GET['cid']); $verify = deep_htmlspecialchars($_GET['item']); $aid = intval($_GET['aid']); if ($id == '') { $this->error('删除失败...', $_SERVER['HTTP_REFERER'], 1); } if ($aid == '') { $this->error('删除失败...', $_SERVER['HTTP_REFERER'], 1); } if ($verify == '') { $this->error('删除失败...', $_SERVER['HTTP_REFERER'], 1); } $objComment = M('comment'); $result = $objComment->where(array('id' => $id))->getField('time'); if (md5($result) != $verify) { $this->error('删除失败...', $_SERVER['HTTP_REFERER'], 1); } $idList = parent::getCidList('comment', $id, '1'); $where = 'id in(' . $idList . ')'; $result2 = $objComment->where($where)->delete(); if ($result2) { M('ask')->where('id=' . $aid)->setDec('comment_num', $result2); $this->success('删除成功', $_SERVER['HTTP_REFERER'], 1); } else { $this->error('删除失败...', $_SERVER['HTTP_REFERER'], 1); } }