-
Notifications
You must be signed in to change notification settings - Fork 3
/
removepost.php
56 lines (53 loc) · 1.38 KB
/
removepost.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
<?php
$app = $_GET['a'];
echo $app;
if($app != "") {
if($app != "*") {
if($app != " ") {
// Ensure the admin is logged in
require_once("login/classes/Login.php");
include 'admincheck.php';
// Checked that the app name is safe to run in the db
// Include the db info
require 'db.php';
$conn = new mysqli($host, $user, $pass, $database);
if($conn->connect_error) {
header("Location: index.php?error");
die("");
}
$app = str_replace(";", "NOTALLOWED", $app);
require 'db.php';
$sql = "SELECT * FROM `openappstore` WHERE `app` = '" . $app . "' LIMIT 1";
//$sql = "SELECT * FROM `openappstore` WHERE `app` = '$a';";
//echo $sql;
/* Do the actual command */
$idToDelete;
$result = $conn->query($sql);
$newSQL = "";
if($result->num_rows > 0) {
//print a box for the app
while($row = $result->fetch_assoc()) {
if($row['id'] != null && $row['id'] != "") {
$newSQL = "DELETE FROM `openappstore` WHERE id = " . $row['id'];
} else {
die("SQL ERROR");
}
}
}
// Now execute the new sql
$result = $conn->query($newSQL);
if(!result) {
header("Location: index.php?error");
} else {
header("Location: index.php?success");
}
} else {
echo("e3");
}
} else {
echo("e2");
}
} else {
echo("e1");
}
?>