Location: PHPKode > projects > H-tracker > takedelreq.php
<?
//
//  H-Tracker v0.2
//    http://h-tracker.org
//    Based on TorrentTrader (http://www.torrenttrader.org)
//
//

require "backend/functions.php";
dbconn(true);
global $CURUSER;

stdhead("Delete");
if (get_user_class($CURUSER) > 5){
if (empty($_POST["delreq"])){
show_error_msg("Error", "You must select at least one request to delete.");
die;
}
$do="DELETE FROM requests WHERE id IN (" . implode(", ", $_POST[delreq]) . ")";
$do2="DELETE FROM addedrequests WHERE requestid IN (" . implode(", ", $_POST[delreq]) . ")";
$res2=mysql_query($do2);
$res=mysql_query($do);
show_success_msg("Successfuly", "Request was deleted.");

echo "<BR><BR>";
} else {
foreach ($_POST[delreq] as $del_req){
$delete_ok = checkRequestOwnership($CURUSER[id],$del_req);
if ($delete_ok){
$do="DELETE FROM requests WHERE id IN ($del_req)";
$do2="DELETE FROM addedrequests WHERE requestid IN ($del_req)";
$res2=mysql_query($do2);
$res=mysql_query($do);
print("<CENTER>Request ID $del_req Deleted</CENTER>");
} else {
print("<CENTER>No Permission to delete Request ID $del_req</CENTER>");
}
}
}

end_frame();
stdfoot();



function checkRequestOwnership ($user, $delete_req){
$query = mysql_query("SELECT * FROM requests WHERE userid=$user AND id = $delete_req") or sqlerr();
$num = mysql_num_rows($query);
if ($num > 0)
return(true);
else
return(false);
}


?>
Return current item: H-tracker