Page 1 of 1

Deleting a Forum Topic

Posted: Tue Mar 17, 2009 7:42 am
by res_123
Hello,

Basically I am creating a Forum system and I want to add a feature in which the the 'admin' of the forum can delete the topic created inside the forum.

I know I would need the following sql statement:

Code: Select all

 
$sql = "DELETE FROM `forum_topics` WHERE `id`='".$id."';
 
Currently I have a mod.php file to edit topics which can only be done either by the author or admin and I call this from my topic.php page posted below.
mod.php

Code: Select all

 
<?php
 
error_reporting(E_ALL ^ E_NOTICE); //Report all error except NOTICES
 
if(!$_SESSION['uid']){
header("Location: index.php");
}
 
$actz = $_GET['act2'];
$actzz = array('reply','topic','admin');
 
if($actz){
    $admin = isa($_SESSION['uid']);
    
    if($actz == 'admin'){
        if($admin){
        }else {
           echo "You are not an administrator, so you cannot view this page!";
           }
        }
    
    if($actz == 'reply'){
        $id = mss($_GET['id']);
        if($id){
            $sql = "SELECT * FROM `forum_replies` WHERE `id`='".$id."'";
            $res = mysql_query($sql) or die(mysql_error());
            if(mysql_num_rows($res) == 0){
                echo "This topic doesn't exist, so therefore you cannot edit it!";
                }else {
                    $row = mysql_fetch_assoc($res);
                    $user_id = $row['uid'];
 
                    if($user_id == $_SESSION['uid'] || $admin == 1){
                      if(!$_POST['submit']){
                            echo "<form method=\"post\" action=\"./index.php?act=mod&act2=reply&id=".$id."\">\n";
                            echo "<table border=\"0\" width=\"100%\" cellspacing=\"3\" cellpadding=\"3\">\n";
                            echo "<tr><td class=\"forum_header\" align=\"center\"><textarea style=\"width:90%;height:200px\" name=\"reply\">".$row['message']."</textarea></td></tr>\n";
                            echo "<tr><td class=\"forum_header\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"Edit This Reply\"></td></tr>\n";
                            echo "</table></form>\n";
                            }else {
                                $reply = mss($_POST['reply']);
                                    if($reply){
                                        $r = range(10,10000);
                                        if(in_array(strlen($reply),$r)){
                                            $sql2 = "UPDATE `forum_replies` SET `message`='".$reply."', `edit_time`='".time()."' WHERE `id`='".$id."'";
                                            $res2 = mysql_query($sql2) or die(mysql_error());
                                            header("Location: index.php?act=topic&id=".$row['tid']."");
                                            }else {
                                                echo "Your message must be between 10 and 10000";
                                            }
                                        }
                                    }
                                }else {
                                    echo "This is not your reply to edit!";
                                    }
                        }
                    }
            }
        
        
    if($actz == 'topic'){
        
        
        }
     }else {
    header("Location: index.php");
}
?>
 
topic.php

Code: Select all

 
 
error_reporting(E_ALL ^ E_NOTICE); //Report all error except NOTICES
$id = mss($_GET['id']);
$page = (!$_GET['page'] || $_GET['page'] < 0) ? "1" : $_GET['page'];
$page = ceil($page);
 
$limit = 10;
$start = $limit;
$end = $page*$limit-($limit);
 
if($id){
    $sql = "SELECT * FROM `forum_topics` WHERE `id`='".$id."'";
    $res = mysql_query($sql) or die(mysql_error());
    if(mysql_num_rows($res) == 0){
        echo "This topic does not exists!";
        }else {
            $row = mysql_fetch_assoc($res);
            $sql2 = "SELECT admin FROM `forum_sub_cats` WHERE `id`='".$row['cid']."'";
            $res2 = mysql_query($sql2) or die(mysql_error());
            $row2 = mysql_fetch_assoc($res2);
            if($row2['admin'] == 1 && $admin_user_level == 0){
                echo "You cannot view this topic!";
                }else {
                    $a = (isa($row['uid'])) ? "<font style=\"color:#800000;\">ADMIN</font>" : "";
                    echo "<table border=\"0\" width=\"100%\"cellspacing=\"3\" cellpadding=\"3\">\n";
                    echo "<tr><td colspan=\"2\" align=\"left\" class=\"forum_header\"><b>".$row['title']."</b>- Posted on: <em>".$row['date']."</em></td></tr>\n";
                    echo "<tr><td align=\"left\" width=\"15%\" valign=\"top\" class=\"forum_header\">".uid($row['uid'],true)."<br>Post Count: ".post($row['uid'])."</br>".$a."</td>\n";
                    echo "<td align=\"left\" valign=\"top\" class=\"forum_header\">\n";
                    echo topic($row['message']);
                    echo "</td>\n";
                    echo "</tr>\n";
                    $amount_check = "SELECT * FROM `forum_replies` WHERE `tid`='".$id."'";
                    $amount_check_res = mysql_query($amount_check) or die(mysql_error());
                    $amount_count = mysql_num_rows($amount_check_res);
                    $pages = ceil($amount_count/$limit);
                    
                    $previous = ($page-1 <= 0) ? "&laquo; Prev" : "<a href=\"./index.php?act=topic&id=".$id."&page=".($page-1)."\">&laquo; Prev</a>";
                    $nextpage = ($page+1 > $pages) ? "Next &raquo;" : "<a href=\"./index.php?act=topic&id=".$id."&page=".($page+1)."\">Next &raquo;</a>";
                    echo "<tr><td align=\"right\" colspan=\"2\" class=\"forum_header\">\n";
                    echo "Pages: ";
                    echo $previous;
                    for($i=1;$i<=$pages;$i++){
                        $href = ($page == $i) ? " ".$i." " : " <a href=\"./index.php?act=topic&id=".$id."&page=".$i."\">".$i."</a> ";
                        
                        echo $href;
                    }
                    echo $nextpage;
                    echo "</td></tr>\n";
                    $select_sql = "SELECT * FROM `forum_replies` WHERE `tid`='".$id."' ORDER BY id ASC LIMIT ".$end.",".$start."";
                    $select_res = mysql_query($select_sql) or die(mysql_error());
                    
                    while($rowr = mysql_fetch_assoc($select_res)){
                    echo "<tr><td colspan=\"2\" align=\"left\" class=\"forum_header\">Posted on: <em>".$rowr['date']."</em></td></tr>\n";
                    echo "<tr><td align=\"left\" width=\"15%\" valign=\"top\" class=\"forum_header\">".uid($rowr['uid'],true)."<br>Post Count: ".post($rowr['uid'])."</br>".$a."</td>\n";
                    echo "<td align=\"left\" valign=\"top\" class=\"forum_header\">\n";
                    echo topic($rowr['message']);
                    if($rowr['edit_time'] > 0){
                        echo "<tr><td align=\"left\" colspan=\"3\" class=\"forum_header\"><em>Edited at:".date("l jS \of F Y",$rowr['edit_time']) . " at " . date("h:i:s",$rowr['edit_time'])."</em></td></tr>\n";
                        }
                    $adminz = isa($_SESSION['uid']);
                    if($adminz == 1 || $rowr['uid'] == $_SESSION['uid']){
                        echo "<tr><td align=\"left\" colspan=\"2\"><a href=\"index.php?act=mod&act2=reply&id=".$rowr['id']."\">Edit This Reply</a></td><tr>\n";
                    }
                    echo "</td>\n";
                    echo "</tr>\n";
                    }       
 
                    echo "<form method=\"post\" action=\"./index.php?act=reply&id=".$row['id']."\">\n";
                    echo "<tr><td colspan=\"2\" align=\"center\"><textarea style=\"width:90%\" name=\"reply\"></textarea><br><input type=\"submit\" name=\"submit\" value=\"Add Reply\" stlye=\"width:90%\"></td</tr>\n";
                    echo "</table>\n";
                      }  
                        }
                            }else {
                                    echo "Please view a valid topic!";
                                  }
?>
 
I was wondering if anybody could guide me as how I could perform this task.

I only want the the admin to be able to delete the post.

Re: Deleting a Forum Topic - Update

Posted: Wed Mar 18, 2009 7:57 pm
by res_123
Right well I finally succeeded in adjusting the script to delete the reply.......Now the issue is when I change the status of the user from admin to normal user it is NOT deleting the reply from the post.

Below is the updated version of my code:
mod.php

Code: Select all

 
<?php
 
error_reporting(E_ALL ^ E_NOTICE); //Report all error except NOTICES
 
if(!$_SESSION['uid']){
header("Location: index.php");
}
 
$actz = $_GET['act2'];
$actzz = array('reply','topic','admin');
 
if($actz){
    $admin = isa($_SESSION['uid']);
    
    if($actz == 'admin'){
        /*$id = mss($_GET['id']);
        if($id){
            $sql1 = "SELECT * FROM `forum_topics` WHERE `id`='".$id."'";
            $res1 = mysql_query($sql) or die(mysql_error());
            if(mysql_num_rows($res) == 0){
                echo "This topic doesn't exist, so therefore you cannot edit it!";
                }else {
                    $row = mysql_fetch_assoc($res);
                    $user_id = $row['uid'];
        if($user_id == $_SESSION['uid'] || $admin == 1){
            $sql2 = "DELETE FROM `forum_topics` WHERE `id`='".$id."'";
            $res2 = mysql_query($sql2) or die(mysql_error());
        }else {
           echo "You are not an administrator, so you cannot view this page!";
           }
        }
    }*/
}
    if($actz == 'reply'){
        $id = mss($_GET['id']);
        if($id){
            $sql = "SELECT * FROM `forum_replies` WHERE `id`='".$id."'";
            $res = mysql_query($sql) or die(mysql_error());
            if(mysql_num_rows($res) == 0){
                echo "This topic doesn't exist, so therefore you cannot edit it!";
                }else {
                    $row = mysql_fetch_assoc($res);
                    $user_id = $row['uid'];
 
                    if($user_id == $_SESSION['uid'] || $admin == 1){
                      if(!$_POST['submit']){
                            echo "<form method=\"post\" action=\"./index.php?act=mod&act2=reply&id=".$id."\">\n";
                            echo "<table border=\"0\" width=\"100%\" cellspacing=\"3\" cellpadding=\"3\">\n";
                            echo "<tr><td class=\"forum_header\" align=\"center\"><textarea style=\"width:90%;height:200px\" name=\"reply\">".$row['message']."</textarea></td></tr>\n";
                            echo "<tr><td class=\"forum_header\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"Edit This Reply\"></td></tr>\n";
                            echo "</table></form>\n";
                            }else {
                                $reply = mss($_POST['reply']);
                                    if($reply){
                                        $r = range(10,10000);
                                        if(in_array(strlen($reply),$r)){
                                            $sql2 = "UPDATE `forum_replies` SET `message`='".$reply."', `edit_time`='".time()."' WHERE `id`='".$id."'";
                                            $res2 = mysql_query($sql2) or die(mysql_error());
                                            header("Location: index.php?act=topic&id=".$row['tid']."");
                                            }else {
                                                echo "Your message must be between 10 and 10000";
                                            }
                                        }
                                    }
                                }else {
                                    echo "This is not your reply to edit!";
                                    }
                        }
                    }
            }               
    if($actz == 'topic'){
            $id = mss($_GET['id']);
        if($id){
            $sql1 = "SELECT * FROM `forum_replies` WHERE `id`='".$id."'";
            $res1 = mysql_query($sql) or die(mysql_error());
            if(mysql_num_rows($res) == 0){
                echo "This topic doesn't exist, so therefore you cannot edit it!";
                }else {
                    $row = mysql_fetch_assoc($res);
                    $user_id = $row['uid'];
                   if($user_id == $_SESSION['uid'] || $admin == 1){
                     $sql2 = "DELETE FROM `forum_replies` WHERE `id`='".$id."'";
                     $res2 = mysql_query($sql2) or die(mysql_error());
                     echo "Message Deleted";  
                       } 
        }
    }
}
     }else {
    header("Location: index.php");
}
?>
 
topic.php

Code: Select all

 
<?php
 
error_reporting(E_ALL ^ E_NOTICE); //Report all error except NOTICES
$id = mss($_GET['id']);
$page = (!$_GET['page'] || $_GET['page'] < 0) ? "1" : $_GET['page'];
$page = ceil($page);
 
$limit = 10;
$start = $limit;
$end = $page*$limit-($limit);
 
if($id){
    $sql = "SELECT * FROM `forum_topics` WHERE `id`='".$id."'";
    $res = mysql_query($sql) or die(mysql_error());
    if(mysql_num_rows($res) == 0){
        echo "This topic does not exists!";
        }else {
            $row = mysql_fetch_assoc($res);
            $sql2 = "SELECT admin FROM `forum_sub_cats` WHERE `id`='".$row['cid']."'";
            $res2 = mysql_query($sql2) or die(mysql_error());
            $row2 = mysql_fetch_assoc($res2);
            if($row2['admin'] == 1 && $admin_user_level == 0){
                echo "You cannot view this topic!";
                }else {
                    $a = (isa($row['uid'])) ? "<font style=\"color:#800000;\">ADMIN</font>" : "";
                    echo "<table border=\"0\" width=\"100%\"cellspacing=\"3\" cellpadding=\"3\">\n";
                    echo "<tr><td colspan=\"2\" align=\"left\" class=\"forum_header\"><b>".$row['title']."</b>- Posted on: <em>".$row['date']."</em></td></tr>\n";
                    echo "<tr><td align=\"left\" width=\"15%\" valign=\"top\" class=\"forum_header\">".uid($row['uid'],true)."<br>Post Count: ".post($row['uid'])."</br>".$a."</td>\n";
                    echo "<td align=\"left\" valign=\"top\" class=\"forum_header\">\n";
                    echo topic($row['message']);
                    echo "</td>\n";
                    echo "</tr>\n";
                    $amount_check = "SELECT * FROM `forum_replies` WHERE `tid`='".$id."'";
                    $amount_check_res = mysql_query($amount_check) or die(mysql_error());
                    $amount_count = mysql_num_rows($amount_check_res);
                    $pages = ceil($amount_count/$limit);
                    
                    $previous = ($page-1 <= 0) ? "&laquo; Prev" : "<a href=\"./index.php?act=topic&id=".$id."&page=".($page-1)."\">&laquo; Prev</a>";
                    $nextpage = ($page+1 > $pages) ? "Next &raquo;" : "<a href=\"./index.php?act=topic&id=".$id."&page=".($page+1)."\">Next &raquo;</a>";
                    echo "<tr><td align=\"right\" colspan=\"2\" class=\"forum_header\">\n";
                    echo "Pages: ";
                    echo $previous;
                    for($i=1;$i<=$pages;$i++){
                        $href = ($page == $i) ? " ".$i." " : " <a href=\"./index.php?act=topic&id=".$id."&page=".$i."\">".$i."</a> ";
                        echo $href;
                    }
                    echo $nextpage;
                    echo "</td></tr>\n";
                    $select_sql = "SELECT * FROM `forum_replies` WHERE `tid`='".$id."' ORDER BY id ASC LIMIT ".$end.",".$start."";
                    $select_res = mysql_query($select_sql) or die(mysql_error());
                    
                    while($rowr = mysql_fetch_assoc($select_res)){
                    echo "<tr><td colspan=\"2\" align=\"left\" class=\"forum_header\">Posted on: <em>".$rowr['date']."</em></td></tr>\n";
                    echo "<tr><td align=\"left\" width=\"15%\" valign=\"top\" class=\"forum_header\">".uid($rowr['uid'],true)."<br>Post Count: ".post($rowr['uid'])."</br>".$a."</td>\n";
                    echo "<td align=\"left\" valign=\"top\" class=\"forum_header\">\n";
                    echo topic($rowr['message']);
                    if($rowr['edit_time'] > 0){
                        echo "<tr><td align=\"left\" colspan=\"3\" class=\"forum_header\"><em>Edited at:".date("l jS \of F Y",$rowr['edit_time']) . " at " . date("h:i:s",$rowr['edit_time'])."</em></td></tr>\n";
                        }
                    $adminz = isa($_SESSION['uid']);
                    if($adminz == 1 || $rowr['uid'] == $_SESSION['uid']){
                        echo "<tr><td align=\"left\" colspan=\"2\"><a href=\"index.php?act=mod&act2=reply&id=".$rowr['id']."\">| Edit This Reply</a><a href=\"index.php?act=mod&act2=topic&id=".$rowr['id']."\" onclick=\"return confirm('Are you sure you want to delete?')\"> | Delete Reply |</a></td><tr>\n";
                    }
                    echo "</td>\n";
                    echo "</tr>\n";
                    }       
 
                    echo "<form method=\"post\" action=\"./index.php?act=reply&id=".$row['id']."\">\n";
                    echo "<tr><td colspan=\"2\" align=\"center\"><textarea style=\"width:90%\" name=\"reply\"></textarea><br><input type=\"submit\" name=\"submit\" value=\"Add Reply\" stlye=\"width:90%\"></td</tr>\n";
                    echo "</table>\n";
                      }  
                        }
                            }else {
                                    echo "Please view a valid topic!";
                                  }
?>
 
Please somebody please let me know where I am going wrong????????

P.S: I am able to edit the reply!