From d8422634fc4e983b0563fc699d59e8d8f9de24a2 Mon Sep 17 00:00:00 2001
From: tianya <tianya@benshar.com>
Date: Sun, 17 Apr 2022 11:27:22 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BC=9A=E5=91=98=E6=94=B6=E8=97=8Fbug?=
 =?UTF-8?q?=E4=BF=AE=E5=A4=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/user/archives_do.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/user/archives_do.php b/src/user/archives_do.php
index 02695804..eb3d0740 100755
--- a/src/user/archives_do.php
+++ b/src/user/archives_do.php
@@ -18,12 +18,16 @@ function delStow()
 ------------------*/
 if ($dopost == "delStow") {
     CheckRank(0, 0);
-    $type = empty($type) ? 'sys' : trim($type);
+    $type = empty($type) ? '' : HtmlReplace(trim($type), -1);
+    $tupdate = '';
+    if (!empty($type)) {
+        $tupdate = " AND type = '$type'";
+    }
     $ENV_GOBACK_URL = empty($_COOKIE['ENV_GOBACK_URL']) ? "mystow.php" : $_COOKIE['ENV_GOBACK_URL'];
-    $dsql->ExecuteNoneQuery("DELETE FROM #@__member_stow WHERE aid='$aid' AND mid='".$cfg_ml->M_ID."' AND type='$type';");
+    $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_stow` WHERE aid='$aid' AND mid='".$cfg_ml->M_ID."'$tupdate;");
     //更新用户统计
     $row = $dsql->GetOne("SELECT COUNT(*) AS nums FROM `#@__member_stow` WHERE `mid`='".$cfg_ml->M_ID."' ");
-    $dsql->ExecuteNoneQuery("UPDATE #@__member_tj SET `stow`='$row[nums]' WHERE `mid`='".$cfg_ml->M_ID."'");
+    $dsql->ExecuteNoneQuery("UPDATE `#@__member_tj` SET `stow`='$row[nums]' WHERE `mid`='".$cfg_ml->M_ID."'");
 
     ShowMsg("成功删除一条收藏记录", $ENV_GOBACK_URL);
     exit();