-
Notifications
You must be signed in to change notification settings - Fork 0
/
del.php
67 lines (64 loc) · 1.86 KB
/
del.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php
include 'database.inc.php';
include 'vars.inc.php';
if ($_GET['type']=="checked") {
$checkfiles = $_POST['checkfiles'];
foreach($checkfiles as $value) {
$checkarr = explode("_",$value);
$fileid = $checkarr[0];
$sec = $checkarr[1];
$query = "SELECT * FROM files WHERE id='".$fileid."'";
$result = mysql_query($query);
$num=mysql_numrows($result);
if ($num==0) {
header( 'Location: http://'.$domain.'/user.php?delmsg=fail' );
}
$filehash = mysql_result($result,0,"hash");
$sechash = mysql_result($result,0,"securityhash");
$filename = mysql_result($result,0,"name");
if ($sechash==$sec) {
$query = "SELECT * FROM files WHERE hash='".$filehash."'";
$result = mysql_query($query);
$num=mysql_numrows($result);
if ($num==1) {
unlink($storagepath.$filehash);}
$query="DELETE FROM files WHERE id='".$fileid."'";
mysql_query($query);
}
} //end foreach
header( 'Location: http://'.$domain.'/user.php?delmsg=ok' );
}else{
$fileid = $_GET['plik']; // file to be send to the client
$sec = $_GET['security'];
$query = "SELECT * FROM files WHERE id='".$fileid."'";
$result = mysql_query($query);
$num=mysql_numrows($result);
if ($num==0) {
if ($_GET['a']=="b")
{
header( 'Location: http://'.$domain.'/user.php?delmsg=fail' );
}else{
header( 'location: http://'.$domain.'/up.php?delmsg=fail' );
}
}
$filehash = mysql_result($result,0,"hash");
$sechash = mysql_result($result,0,"securityhash");
$filename = mysql_result($result,0,"name");
if ($sechash==$sec) {
$query = "SELECT * FROM files WHERE hash='".$filehash."'";
$result = mysql_query($query);
$num=mysql_numrows($result);
if ($num==1) {
unlink($storagepath.$filehash);}
$query="DELETE FROM files WHERE id='".$fileid."'";
mysql_query($query);
if ($_GET['a']=="b")
{
header( 'Location: http://'.$domain.'/user.php?delmsg=ok' );
}else{
header( 'location: http://'.$domain.'/up.php?delmsg=ok' );
}
}
} //end if checked
mysql_close($mysql_db_link);
?>