<?php
        include_once 'data_connect.php';
        include 'log.php';
    
        $del = $_GET['file'];
        $del_link = $_GET['link'];
        
        
        if (file_exists($del)) {
            
            $check_rights = simplexml_load_file($del,null,true);

                if ( ($_SESSION['userID'] == $check_rights->postinfo->post->createdby) || (get_account($_SESSION['username'])['rights']) == 'administrator' ) { // using username to get user rights. 


                    if (file_exists('../'.$del_link.'.php'))
                        unlink('../'.$del_link.'.php');



                    if (file_exists($del)) {

                        unlink($del);

                        if(strpos($del,'nu') !== false) {
                            $delnu = str_replace('nu','',$del);
                            unlink($delnu);
                        }


                        $htm = str_replace(array('autosaves','nu','xml'),array('autosaves/content','','htm'),$del);
                        
                        if (file_exists($htm))
                            unlink($htm);

                        $message = '<div id="action-confirm"><span>Post deleted</span></div>';

                        //plugin
                        insert('rssburn');


                        $sum = get_log()['posts'];
                        $sum -= 1;

                        update_log('posts',$sum);
                    }
                }
            }

            
    // Keep or remove some GET values
    

    $plink = '';
    

    // Get existing GET parameters
    if (count($_GET) > 2) {
            
        //'link' 'file'
        // We don't want to resend these values, so we remove them from $plink
        $x=0;
        foreach($_GET as $param=>$val) {
             
            if ($param != 'file' && $param != 'link')
            {
                $front = ($x == 0) ? '?' : '&';
                $plink .= $front.$param.'='.$val;
                $x++;
            }
        }
    }
    
    
    // Redirect
    header('Location:opensaved.php'.$plink)



?>