prepare("DELETE FROM location WHERE id = :id"); $stmt->bindValue(":id",$numDelete); $stmt->execute(); $stmt = $db->prepare("DELETE FROM comment WHERE loc_id= :loc_id"); $stmt->bindValue(":loc_id",$numDelete); $stmt->execute(); $stmt = $db->prepare("SELECT * FROM files where loc_id = :loc_id"); $stmt->bindValue(":loc_id", $numDelete, PDO::PARAM_INT); if ($row = $result->fetch(PDO::FETCH_ASSOC)) { $strFilename = $row['filename']; $strFilename = $uploaddir . $strFilename; unset($strFilename); } $stmt = $db->prepare("DELETE FROM files WHERE loc_id= :loc_id"); $stmt->bindValue(":loc_id",$numDelete); $stmt->execute(); } if (isset($_GET['delcid'])) { if($_GET['csrf'] !== $_SESSION['csrf_token']) { die("Ungültiger Token"); } $numDelete=(int)$_GET['delcid']; $stmt = $db->prepare("DELETE FROM comment WHERE id= :id"); $stmt->bindValue(":id",$numDelete); $stmt->execute(); } if (isset($_GET['delfid'])) { if($_GET['csrf'] !== $_SESSION['csrf_token']) { die("Ungültiger Token"); } $numDelete=(int)$_GET['delfid']; $stmt = $db->prepare("SELECT * FROM files where id = :id"); $stmt->bindParam(':id', $id); //$result = $stmt->execute(); if ($row=$result->fetch(PDO::FETCH_ASSOC)) { $strFilename = $row['filename']; $strFilename = $uploaddir . $strFilename; unset($strFilename); } $stmt = $db->prepare("DELETE FROM files WHERE id= :id"); $stmt->bindValue(":id",$numDelete); $stmt->execute(); } if (isset($_GET['showmap'])) { $numShowmap=(int)$_GET['showmap']; $boolShowmap=$numShowmap==1; } $arrTopic = array ( 1 => "Fußverkehr", 2 => "Radverkehr", 3 => "Bus und Bahn", 4 => "Pkw-Verkehr", 5 => "Lkw-Verkehr" ); $arrIcon = array ( 1 => "", 2 => "", 3 => "", 4 => "", 5 => "" ); ?>