startup/inhalte/oposten_del.php

<?php
$test = explode("_", $_POST['ID']);
$ID = $test['1'];
$Jahr = $test['0'];

if (!isset($_POST['action']))
{
	echo "<h1>Mahnung löschen</h1>\n";
	$sql = "SELECT Nr, Kontakt_ID, DATE_FORMAT(Datum, '%d.%m.%Y') AS Datum FROM " . PREFIX . "_Mahnungen WHERE (Jahr = \"" . $Jahr . "\" AND ID = \"" . $ID . "\");";
	$result = $db->query($sql);
	$nt = $result->fetch_assoc();
	$sql2 = "SELECT Firma, Nachname FROM " . PREFIX . "_Kontakte WHERE ID = \"" . $nt['Kontakt_ID'] . "\";";
	$result2 = $db->query($sql2);
	$nt2 = $result2->fetch_assoc();
	echo "<h2>Soll folgende " . $nt['Nr'] . ". Mahnung wirklich gelöscht werden?</h2>\n";
	echo "<label>Mahnung-Nr.</label>\n";
	echo "<label class=\"data\">" . $_POST['ID'] . "</label>\n";
	echo "<br class=\"fix\" />\n";
	echo "<label>Kunde</label>\n";
	echo "<label class=\"data\">" . $nt2['Firma'] . " - " . $nt2['Nachname'] . "</label>\n";
	echo "<br class=\"fix\" />\n";
	echo "<label>Vom</label>\n";
	echo "<label class=\"data\">" . $nt['Datum'] . "</label>\n";
	echo "<br class=\"fix\" />\n";
	echo "<form action=\"index.php?" . $_SERVER['QUERY_STRING'] . "\" method=\"post\" >\n";
	echo "	<input type=\"hidden\" name=\"ID\" value=\"" . $_POST['ID'] . "\" />\n";
	echo "	<input type=\"hidden\" name=\"formaction\" value=\"del\" />\n";
	echo "	<br />\n";
	echo "	<input type=\"submit\" class=\"button_del\" name=\"action\" value=\"1\" title=\"Mahnung jetzt l&ouml;schen\" />\n";
	echo "	<input type=\"submit\" class=\"button_stop\" name=\"formaction\" value=\"stop\" title=\"Abbrechen\" />\n";
	echo "	<br />\n";
	echo "</form>\n";
}
else
{
	$sql = 'DELETE FROM
				' . PREFIX . '_Mahnungen
			WHERE (
				Jahr = "' . $Jahr . '"
			AND
				ID = "' . $ID . '" );';
	$result = $db->query($sql);
	if ($result)
	{
		unset($_POST);
		include __DIR__ . "/oposten.php";
	}
	else
	{
		echo "Fehler beim löschen";
	}
}