last2014/uwuzu-mirror
1
0
Fork 0
mirror of https://github.com/Daichimarukana/uwuzu.git synced 2026-06-05 03:24:41 +00:00
Code Activity

uwuzu version 1.2.19

Browse Source
This commit is contained in:
daichimarukana
2023-09-10 18:19:44 +09:00
parent 66a93d34ec
commit c4a67e75ec
43 changed files with 4546 additions and 698 deletions
Download Patch File Download Diff File Expand all files Collapse all files
delete/delete.php
+38 -24
View File
@@ -1,27 +1,35 @@
<?php
require('../db.php');
if (isset($_POST['uniqid']) && isset($_POST['userid'])){
session_name('uwuzu_s_id');
session_start();
session_regenerate_id(true);
$userid = $_SESSION['userid'];
if (htmlentities(isset($_POST['uniqid'])) && htmlentities(isset($_POST['userid'])) && htmlentities(isset($_POST['account_id']))){
$postUserid = htmlentities($_POST['userid']);
$postUniqid = htmlentities($_POST['uniqid']);
$loginid = htmlentities($_POST['account_id']);
if($userid === $postUserid){
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option);
} catch (PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option);
} catch (PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$query = $dbh->prepare('SELECT * FROM ueuse WHERE uniqid = :uniqid limit 1');
$query->execute(array(':uniqid' => $postUniqid));
$result = $query->fetch();
if($result["account"] === $postUserid){
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
@@ -29,20 +37,20 @@ if (isset($_POST['uniqid']) && isset($_POST['userid'])){
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$query = $dbh->prepare('SELECT * FROM ueuse WHERE uniqid = :uniqid limit 1');
$query = $dbh->prepare('SELECT * FROM account WHERE userid = :userid limit 1');
$query->execute(array(':uniqid' => $postUniqid));
$result = $query->fetch();
$query->execute(array(':userid' => $postUserid));
if($result["account"] === $postUserid){
$result2 = $query->fetch();
if($result2["loginid"] === $loginid){
try {
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS);
// 削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE uniqid = :uniqid AND account = :userid");
$deleteQuery->bindValue(':uniqid', $postUniqid, PDO::PARAM_STR);
$deleteQuery->bindValue(':userid', $userid, PDO::PARAM_STR);
$deleteQuery->bindValue(':userid', $postUserid, PDO::PARAM_STR);
$res = $deleteQuery->execute();
if ($res) {
@@ -57,6 +65,12 @@ if (isset($_POST['uniqid']) && isset($_POST['userid'])){
exit;
}
}
}else{
echo json_encode(['success' => false, 'error' => '削除に失敗しました。(userid_err)']);
exit;
}
}else{
echo json_encode(['success' => false, 'error' => '削除に失敗しました。(sess_err)']);
exit;
}
?>