looks like the user id is stored in the communityid session variable.
also, in the tbl_posts table, does the customerid column relate to the tbl_directorylistings.communityid column?
if so, add another where clause to the recordset that populates the delete page.
the current where clause is:
WHERE postid = Parampostid
change that to:
WHERE postid = Parampostid AND customerid = paramUserID
and create another paramter as:
Default Value: -1
RunTime value: $_SESSION['communityid']
this will prevent the delete page form showing another users records.