<?php session_start(); //db include_once('db.php'); $user_email = $_SESSION['email']; $resultuid = mysql_query("SELECT `id` FROM `tbluser` WHERE `email` = '$user_email'") or die(mysql_error()); $row_id = mysql_fetch_assoc($resultuid); $user_id = $row_id['id']; // id of the user if(isset($_POST['delete_user']) && !empty($_POST['delete_user'])) { $gid = $_POST['gid']; $query4admin = mysql_query("SELECT * FROM groups WHERE id = '$gid' AND admin = '$user_id' AND active = '1'"); $admin = mysql_num_rows($query4admin); if($admin==1){ $delete_user = mysql_real_escape_string($_POST['delete_user']); mysql_query("UPDATE groupmembers SET flag = '0' WHERE `member`='$delete_user' AND `id`='$gid'") or die("Error occured!"); header('Location: /groups/?id='.$gid.'&msg=The user has been kicked out or deleted from the group!'); } else { echo "<b>You are not admin of this group</b> or this group is a deleted/suspended one!"; } } elseif(isset($_POST['group']) && !empty($$_POST['group'])) { $gid = mysql_real_escape_string($_POST['group']); $query4admin = mysql_query("SELECT * FROM groups WHERE id = '$gid' AND admin = '$user_id' AND active = '1'"); $admin = mysql_num_rows($query4admin); if($admin==1){ mysql_query("UPDATE groups SET active = '0' WHERE `id`='$gid' AND `admin`='$user_id'") or die("Error occured!"); header('Location: /groups/?msg=You group has been deleted!'); } else { echo "<b>You are not admin of this group</b> or this group is already deleted!"; } } ?>
You have javascript disabled. You will not be able to edit any code.