Location: PHPKode > scripts > PHP-AGTC membership system > admin/delete_file.php
<?php

  require '../mysqlvars.php';
  require '../init.php';
  require '../lib/db.php';
  require '../lib/form_functions.php';

  session_start('ADMIN');

  $dbConn = connectDB($dbHost, $dbUser, $dbPass, $dbDB);
  if (!$dbConn) {
	die('Database is currently down...please try again later');
  }
  
  require 'includes/secure_page.php';

  if (!isset($_GET['address_id']) && !isset($_POST['address_id'])) {
	die ('Illegal navigation');
  }
  else {
	$address_id = isset($_GET['address_id']) ? $_GET['address_id'] : $_POST['address_id'];
  }

  if (!isset($_GET['file_id']) && !isset($_POST['file_id'])) {
	die ('Illegal navigation');
  }
  else {
	$file_id = isset($_GET['file_id']) ? $_GET['file_id'] : $_POST['file_id'];
  }

  unset($error);
  unset($confirm);
  $found = false;

  $querystr = "SELECT concat(username, ' ', address_id) as name FROM wsd_contacts WHERE address_id = '$address_id'";
  $result = mysql_query($querystr);
  if ($result) {
	if ($frow = mysql_fetch_row($result)) {
	  //$name = $frow[0];
	  
	}
	else {
	  $error = 'Contact not found';
	}
  }
  else {
	$error = mysql_error();
  }

  if (!isset($error)) {

	if (isset($_POST['confirm'])) {
	  $fl = $_POST['file_id'] . '.' . $_POST['ftype'];
	  
	  if (file_exists($APP->upload_dir . $fl)) {
		unlink($APP->upload_dir . $fl);  
	  }
	  mysql_query("DELETE FROM wsd_files WHERE file_id = " . $_POST['file_id']); ?>
	  <SCRIPT LANGUAGE="JavaScript">
	  <!--
		 if (window.opener) {
		   if (!window.opener.closed) { 
			 window.opener.location.reload(1); 
		   }
		   window.close();
		 }
					       
	  //-->
	  </SCRIPT>
	  <?php      
	  $confirm = 'File deleted';
	  $found = false;
	  
  
	}

	else {
	  $query = "SELECT * FROM wsd_files WHERE ";
	  $query .= "address_id = '$address_id' AND file_id = '$file_id'";
	  $result = mysql_query($query, $dbConn);
	  if ($result) {
		if ($frow = mysql_fetch_array($result)) {
		  $found = true;
		  $ftype = $frow['ftype'];
		  $title = $frow['title'];
			   
		}
		else {
		  $error = 'File not found';
		}
	  }
	  else {
		$error = mysql_error();
	  }
	}
  }

  include '../members/includes/header.php';
  
?>

	<tr>
	  <td>
		<table class="fg">
		  <tr>
			<td class="title">Delete File</td>
		  </tr>
		</table>
	  </td>
	</tr>
	<tr>
	  <td>
	  <table class="nb">
		  <?php if (isset($confirm)) { echo "<tr><td class=\"bold\">$confirm</td><tr>"; } ?>

		  <?php if (isset($error)) { echo "<tr><td class=\"error\">$error</td></tr>"; } ?>

		</table>
	  </td>
	</tr>
	<tr>
	  <td>
		<?php if ($found) { ?>
		  <table class="fg">
			<form method="POST" action="<?php echo $_SERVER['PHP_SELF'] ?>">
			<tr>
			  <td class="label">&nbsp;</td>
			  <td class="field">
				<input type="hidden" name="address_id" value="<?php echo $address_id ?>">
				<input type="hidden" name="file_id" value="<?php echo $file_id ?>">
				<input type="hidden" name="ftype" value="<?php echo $ftype ?>">
			  </td>
			</tr>
			
			<tr>
			  <td class="label">File:</td>
			  <td class="field"><?php echo $title ?></td>
			</tr>
			
			
			<tr><td class="label">&nbsp;</td><td class="field"><input type="Submit" name="confirm" value="Delete"></td></tr>
			</form>
		  </table>
		<?php } ?>
	  </td>
	</tr>
  
<?php include '../members/includes/footer.php' ?>

Return current item: PHP-AGTC membership system