<?php defined('ACCESS') OR die('No direct script access...');
/**
 * Author - koder_alex
 * ISQ - 669906617
 * VK - https://vk.com/koder_alex
 * It is forbidden to give, sell, modify.
 */

if (isAjax()) {
    if (!(isset($_GET['type']) && $_GET['type'] == 'delete' && is_dir(FILES_PATH . 'mail/files/image') && isset($_GET['hash']) && is_file(FILES_PATH . 'mail/files/image/' . $_GET['hash'])))
        redirect('/mail/', 'Ошибка доступа.', 'error');
    $file = DB::$pdo->queryFetch("SELECT id_user, id_kont FROM mail_files_vk WHERE `action` = 'prepare' AND `id_mail` = '0' AND `id_user` = '" . $user['id'] . "' AND `folder` = 'image' AND `tmp_name` = '" . $_GET['hash'] . "'");

    if ($file === false)
        redirect('/mail/', 'Ошибка доступа.', 'error');
    unlink(FILES_PATH . 'mail/files/image/' . $_GET['hash']);
    DB::$pdo->query("DELETE FROM `mail_files_vk` WHERE `action` = 'prepare' AND `id_mail` = '0' AND `id_user` = '" . $user['id'] . "' AND `folder` = 'image' AND `tmp_name` = '" . $_GET['hash'] . "'");
    redirect('/mail/?act=show&peer=' . $file['id_kont']);
} else {
    $data = [];
    if (!(isset($_GET['type']) && $_GET['type'] == 'delete' && is_dir(FILES_PATH . 'mail/files/image') && isset($_GET['hash']) && is_file(FILES_PATH . 'mail/files/image/' . $_GET['hash'])))
        $data['error'] = 'Ошибка доступа...';
    $file = DB::$pdo->queryFetch("SELECT id_user, id_kont FROM mail_files_vk WHERE `action` = 'prepare' AND `id_mail` = '0' AND `id_user` = '" . $user['id'] . "' AND `folder` = 'image' AND `tmp_name` = '" . $_GET['hash'] . "'");
    if ($file === false)
        $data['error'] = 'Ошибка доступа...';
    if (count($data) == 0) {
        unlink(FILES_PATH . 'mail/files/image/' . $_GET['hash']);
        DB::$pdo->query("DELETE FROM `mail_files_vk` WHERE `action` = 'prepare' AND `id_mail` = '0' AND `id_user` = '" . $user['id'] . "' AND `folder` = 'image' AND `tmp_name` = '" . $_GET['hash'] . "'");
    }
    setData($data);
}
?>