forked from WBCE/News-with-Images
-
Notifications
You must be signed in to change notification settings - Fork 0
/
delete_post.php
68 lines (59 loc) · 2.09 KB
/
delete_post.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php
/**
*
* @category modules
* @package news_img
* @author WBCE Community
* @copyright 2004-2009, Ryan Djurovich
* @copyright 2009-2010, Website Baker Org. e.V.
* @copyright 2019-, WBCE Community
* @link https://www.wbce.org/
* @license http://www.gnu.org/licenses/gpl.html
* @platform WBCE
*
*/
require_once __DIR__.'/functions.inc.php';
// Get id
if((!isset($_GET['post_id']))AND(!isset($_POST['manage_posts']))) {
header("Location: ".ADMIN_URL."/pages/index.php");
exit(0);
}
// Include WB admin wrapper script
$update_when_modified = true; // Tells script to update when this page was last updated
$admin_header = FALSE;
// Include WB admin wrapper script
require WB_PATH.'/modules/admin.php';
if ( isset($_POST['manage_posts']) && is_array($_POST['manage_posts']) && !$admin->checkFTAN()){
$admin->print_header();
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']
.' (FTAN) '.__FILE__.':'.__LINE__,
ADMIN_URL.'/pages/index.php');
$admin->print_footer();
exit();
} else $admin->print_header();
$post_id = $admin->checkIDKEY('post_id', 0, 'GET');
if(defined('WB_VERSION') && (version_compare(WB_VERSION, '2.8.3', '>')))
$post_id = intval($_GET['post_id']);
if (!$post_id && isset($_GET['post_id'])){
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']
.' (IDKEY) '.__FILE__.':'.__LINE__,
ADMIN_URL.'/pages/index.php');
$admin->print_footer();
exit();
}
$posts=array();
if (isset($_GET['post_id'])){
$posts = array($post_id);
} else {
if(isset($_POST['manage_posts'])&&is_array($_POST['manage_posts']))
$posts=$_POST['manage_posts'];
}
mod_nwi_post_delete($posts);
// Check if there is a db error, otherwise say successful
if($database->is_error()) {
$admin->print_error($database->get_error(), ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
} else {
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
}
// Print admin footer
$admin->print_footer();