
<?php

        include_once 'data_connect.php';

        include 'log.php';

    

        $del = $_GET['file'];

        $del_link = $_GET['link'];

        

        

        if (file_exists($del)) {

            

            $check_rights = simplexml_load_file($del,null,true);



                if ( ($_SESSION['userID'] == $check_rights->postinfo->post->createdby) || (get_account($_SESSION['username'])['rights']) == 'administrator' ) { // using username to get user rights. 





                    if (file_exists('../'.$del_link.'.php'))

                        unlink('../'.$del_link.'.php');







                    if (file_exists($del)) {



                        unlink($del);



                        if(strpos($del,'nu') !== false) {

                            $delnu = str_replace('nu','',$del);

                            unlink($delnu);

                        }





                        $htm = str_replace(array('autosaves','nu','xml'),array('autosaves/content','','htm'),$del);

                        

                        if (file_exists($htm))

                            unlink($htm);



                        $message = '<div id="action-confirm"><span>Post deleted</span></div>';



                        //plugin

                        insert('rssburn');





                        $sum = get_log()['posts'];

                        $sum -= 1;



                        update_log('posts',$sum);

                    }

                }

            }



            

    // Keep or remove some GET values

    



    $plink = '';

    



    // Get existing GET parameters

    if (count($_GET) > 2) {

            

        //'link' 'file'

        // We don't want to resend these values, so we remove them from $plink

        $x=0;

        foreach($_GET as $param=>$val) {

             

            if ($param != 'file' && $param != 'link')

            {

                $front = ($x == 0) ? '?' : '&';

                $plink .= $front.$param.'='.$val;

                $x++;

            }

        }

    }

    

    

    // Redirect

    header('Location:opensaved.php'.$plink)







?>