delete
This commit is contained in:
parent
8edccdb2aa
commit
ec34fa8076
@ -84,6 +84,8 @@
|
||||
define('ERROR_YOUAREMUTED', 'You are muted! Expires in %d seconds.', true);
|
||||
define('ERROR_TOR', 'Hmm… That looks like a Tor exit node.', true);
|
||||
define('ERROR_TOOMANYLINKS', 'Too many links; flood detected.', true);
|
||||
define('ERROR_NODELETE', 'You didn\'t select anything to delete.', true);
|
||||
define('ERROR_INVALIDPASSWORD', 'Wrong password…', true);
|
||||
define('ERR_INVALIDIMG','Invalid image.', true);
|
||||
define('ERR_FILESIZE', 'Maximum file size: %maxsz% bytes<br>Your file\'s size: %filesz% bytes', true);
|
||||
define('ERR_MAXSIZE', 'The file was too big.', true);
|
||||
|
65
post.php
65
post.php
@ -20,7 +20,70 @@
|
||||
$_POST = strip_array($_POST);
|
||||
}
|
||||
|
||||
if(isset($_POST['post'])) {
|
||||
if(isset($_POST['delete'])) {
|
||||
// Delete
|
||||
|
||||
if( !isset($_POST['board']) ||
|
||||
!isset($_POST['password'])
|
||||
)
|
||||
error(ERROR_BOT);
|
||||
|
||||
$password = $_POST['password'];
|
||||
|
||||
if(empty($password))
|
||||
error(ERROR_INVALIDPASSWORD);
|
||||
|
||||
$delete = Array();
|
||||
foreach($_POST as $post => $value) {
|
||||
if(preg_match('/^delete_(\d+)$/', $post, $m)) {
|
||||
$delete[] = (int)$m[1];
|
||||
}
|
||||
}
|
||||
|
||||
sql_open();
|
||||
|
||||
// Check if banned
|
||||
checkBan();
|
||||
|
||||
if(BLOCK_TOR && isTor())
|
||||
error(ERROR_TOR);
|
||||
|
||||
// Check if board exists
|
||||
if(!openBoard($_POST['board']))
|
||||
error(ERROR_NOBOARD);
|
||||
|
||||
if(empty($delete))
|
||||
error(ERROR_NODELETE);
|
||||
|
||||
foreach($delete as &$id) {
|
||||
$query = prepare(sprintf("SELECT `password` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
|
||||
$query->bindValue(':id', $id, PDO::PARAM_INT);
|
||||
$query->execute() or error(db_error($query));
|
||||
|
||||
if($post = $query->fetch()) {
|
||||
if(!empty($password) && $post['password'] != $password)
|
||||
error(ERROR_INVALIDPASSWORD);
|
||||
|
||||
if(isset($_POST['file'])) {
|
||||
// Delete just the file
|
||||
deleteFile($id);
|
||||
} else {
|
||||
// Delete entire post
|
||||
deletePost($id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
buildIndex();
|
||||
|
||||
sql_close();
|
||||
|
||||
$is_mod = isset($_POST['mod']) && $_POST['mod'];
|
||||
$root = $is_mod ? ROOT . FILE_MOD . '?/' : ROOT;
|
||||
|
||||
header('Location: ' . $root . $board['dir'] . FILE_INDEX, true, REDIRECT_HTTP);
|
||||
|
||||
} elseif(isset($_POST['post'])) {
|
||||
if( !isset($_POST['name']) ||
|
||||
!isset($_POST['email']) ||
|
||||
!isset($_POST['subject']) ||
|
||||
|
Loading…
Reference in New Issue
Block a user