Пример #1
0
function comment_delete_action()
{
    $BD = $_POST['comment_post_board'];
    $ID = $_POST['comment_post_id'];
    $CM = $_POST['comment_id'];
    $OK = TRUE;
    $who = isset($_SESSION['member']['id']) ? $_SESSION['member']['id'] : 0;
    if ($_POST['comment_delete_member'] != $who) {
        $OK = FALSE;
        set_clue('登入身份已經變動要繼續動作請再切換!');
    }
    if (isset($_POST['comment_password'])) {
        $result = inget('`comment_password`', 'comments', 'WHERE `id` = ' . $CM);
        $comment = mysql_fetch_assoc($result);
        if (empty($_POST['comment_password']) || hash('sha256', $_POST['comment_password']) != $comment['comment_password']) {
            $OK = FALSE;
            set_clue('密碼不正確無法刪除!');
        }
    }
    if ($OK) {
        $delete = '`id` = ' . $CM;
        incut('comments', $delete);
        $change['key'] = 'comment_count';
        $change['value'] = 'comment_count-1';
        $where['key'] = 'id';
        $where['value'] = $ID;
        inset('posts', $change, $where);
        set_clue('回覆已經刪除!');
        header('location: ' . OUT_PATH . $ID);
    } else {
        header('location: ' . OUT_PATH . 'clear/' . $CM);
    }
}
Пример #2
0
function load_page($page)
{
    if (!$page) {
        $page = 'index.inc.php';
    } else {
        $page = $page . '.inc.php';
    }
    if (file_exists('pool/pages/' . $page)) {
        $page = 'pool/pages/' . $page;
    } elseif (file_exists('chrome/content/' . $page)) {
        $page = 'chrome/content/' . $page;
    } else {
        set_clue('您尋找的頁面並不存在!');
        $page = load_page('notfound');
    }
    return $page;
}