HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /home/httpd/html/porn.tw/public_html/includes/
Upload Files
File: /home/httpd/html/porn.tw/public_html/includes/ajax.delete_friend.php
<?php
    include('../mb.php');
    
    if(!$_SESSION[userid]) {
	header("Location: $basehttp/login");
	exit();
    } 

    $id = mysqli_real_escape_string($dbconn,$_GET[id]);
    if(!is_numeric($id)) { exit(); } 

    if(is_numeric($_GET[approved])) {
        $approved=1;
    } 

    if(!$approved){			
        $drow = dbQuery("SELECT record_num,friend FROM friends WHERE record_num = '$id' AND approved = 0  AND (`friend` = '$_SESSION[userid]' || `user` = '$_SESSION[userid]')",false);	
        if($drow){		
            dbQuery("DELETE FROM friends WHERE record_num = '$id'");
        } else {
            exit();
        }
    } else {				
        $drow = dbQuery("SELECT user FROM friends WHERE record_num = '$id' AND approved = 1  AND  `friend` = '$_SESSION[userid]'",false);	
        if($drow){		
            $user=$drow[0]['user'];			
            dbQuery("DELETE FROM friends WHERE `user` = '$_SESSION[userid]' AND `friend` ='$user'"); 
            dbQuery("DELETE FROM friends WHERE record_num = '$id'");
        } else {
            exit();
        }
    }	

    exit();
?>
@ Telegram