refactor(core): ♻️ 限制用户仅能删除自己发送的消息

通过增加对回复消息发送者的校验，防止用户尝试删除管理员（Bot）回复的消息。当检测到目标消息来自 Bot 时，将拦截删除请求并向用户发送提醒。同时移除了一些冗余的日志打印和旧的数据库查询逻辑。

telegram/tg-bot.js

@@ -246,6 +246,16 @@ async function handleUserDelete(msg, u, env) {
         });
     }
 
+    // 检查是否是 Bot 发送的消息（管理员回复）
+    if (msg.reply_to_message.from && msg.reply_to_message.from.is_bot) {
+        console.log(`Delete blocked: User tried to delete bot's message`);
+        return api(env.BOT_TOKEN, "sendMessage", {
+            chat_id: u.user_id,
+            text: "❌ 您只能删除自己发送的消息，无法删除管理员回复的消息",
+            reply_to_message_id: msg.message_id
+        });
+    }
+
     const targetMsgIdRaw = msg.reply_to_message.message_id;
     const targetMsgId = targetMsgIdRaw.toString();
     console.log(`Delete request: user=${u.user_id}, target_msg_raw=${targetMsgIdRaw} (type: ${typeof targetMsgIdRaw}), target_msg_str=${targetMsgId}`);
@@ -261,18 +271,6 @@ async function handleUserDelete(msg, u, env) {
     
     if (!ref || !ref.topic_message_id) {
         console.log(`Delete failed: No mapping found for user=${u.user_id}, msg=${targetMsgId}`);
-        
-        // 检查是否是管理员发送的消息（通过反向查询）
-        const adminRef = await sql(env, "SELECT user_id FROM messages WHERE topic_message_id=?", [targetMsgId], 'first');
-        if (adminRef) {
-            console.log(`Delete blocked: User tried to delete admin's message (topic_msg=${targetMsgId})`);
-            return api(env.BOT_TOKEN, "sendMessage", {
-                chat_id: u.user_id,
-                text: "❌ 您只能删除自己发送的消息，无法删除管理员回复的消息",
-                reply_to_message_id: msg.message_id
-            });
-        }
-        
         console.log(`Tip: Check database records with: SELECT * FROM messages WHERE user_id='${u.user_id}'`);
         
         // 帮助用户排查：列出该用户的最近5条消息记录