function show_archive_page($dbconn, $diary_login, $mode)
{
$nid = empty($_GET['nid']) ? NULL : (int) $_GET['nid'];
$month = empty($_GET['month']) ? NULL : (int) $_GET['month'];
$year = empty($_GET['year']) ? NULL : (int) $_GET['year'];
$sql = "SELECT u.uid, s.page_archive, s.format_note FROM " . TABLE_SETTINGS . " AS s, " . TABLE_USERS . " AS u WHERE u.login='******' AND s.uid=u.uid LIMIT 1";
$result = pg_query($sql) or die(pg_last_error($dbconn));
$settings = pg_fetch_object($result, NULL);
switch ($mode) {
case SHOW_NOTE:
$sql2 = "SELECT COUNT(*) AS commentscount FROM " . TABLE_COMMENTS . " AS c WHERE c.uid='1' AND c.nid='" . $nid . "'";
$result2 = pg_query($sql2) or die(pg_last_error($dbconn));
$data2 = pg_fetch_object($result2, NULL);
echo assign_vars($settings->page_archive, array('{login}' => $diary_login, '{archive}' => get_note($dbconn, $diary_login, $settings->format_note, $nid), '{commentscount}' => $data2->commentscount));
break;
case SHOW_MONTH:
$sql = "SELECT * FROM notes";
$result = pg_query($sql) or die(pg_last_error($dbconn));
$data = pg_fetch_object($result, NULL);
echo assign_vars($settings->page_archive, array('{login}' => $diary_login, '{archive}' => get_archive_notes($dbconn, $diary_login, $settings->format_note, $month, $year)));
break;
}
}
<?php
require_once './common.inc';
$id = (int) $_REQUEST['id'];
$note = get_note($id)->next();
if (!$note) {
throw new RuntimeException('Note not found');
}
if ($note->adminid != $admin_id) {
throw new RuntimeException('Permission denied');
}
$userid = $note->userid;
delete_note($id);
redirect('view.php?id=' . $userid);
