Location: PHPKode > projects > @1 File Store > control/files/delete.php
<?php
if(!isset($_GET["id"]) || $_GET["id"]=="") {
	exit("Bad request");
}
require_once("const.php");
$userlevel=$CurUser->getlevel();
$userid=$CurUser->getid();
$SQL="SELECT user_id FROM `".DB_PREFIX."file_list` WHERE `id`='".$_GET['id']."'";
if(!$mysql->query($SQL)) {
	exit($mysql->error);
} else {
	$resq=$mysql->arr;
	$fileuserid=$resq['user_id'];
}

if ($userid==$fileuserid or $userlevel<1) {
	$smarty->assign("action", $lang['delete_file_2']);
	$form["submit"]=$lang['delete'];
	$form["readonly"]=1;
	$form["hidden_fields"]=array("id"=>$_GET["id"], "folder"=>$_GET["folder"]);
	if($_SERVER["REQUEST_METHOD"]==$form["method"]) {		
		$SQL="DELETE FROM `".DB_PREFIX."file_list`  WHERE `id`='".$_POST["id"]."'";
		if(!$mysql->query($SQL)) {
			exit($mysql->error);
		}
		unlink("../../".UPLOAD_DIR.$_POST["download"]);
		if (isset($_GET['frm']) and $_GET['frm']=='pending') {
			Header("Location:../../pf.php");
			exit();
		} else {
			Header("Location:../../folder.php?id=".$_POST["folder"]);
			exit();
		}
	} else {
		$SQL="SELECT * FROM `".DB_PREFIX."file_list` WHERE `id`='".$_GET["id"]."'";
		if(!$mysql->query($SQL)) {
			exit($mysql->error);
		} else {
			$userform->load($form["fields"], $mysql->arr);
			$form["hidden_fields"]["download"]=$mysql->field("download");
		}
	}
} else {
	if (isset($_GET['frm']) and $_GET['frm'] == 'folder') {
		Header("Location:../../folder.php?id=".$_GET["folder"]."&e=1");
		exit();
	}
	Header("Location:../../folder.php?id=".$_GET["folder"]."&e=1");
	exit();
}
$smarty->assign("form", $form);
$smarty->display("control/form.tpl");
?>
Return current item: @1 File Store