-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathdelete.php
More file actions
55 lines (51 loc) · 1.53 KB
/
delete.php
File metadata and controls
55 lines (51 loc) · 1.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?php
require_once "pdo.php";
session_start();
//Demand a user to be logged in
if (! isset($_SESSION['name']) ) { //this name is the name in the user table
die('ACCESS DENIED');
}
if (isset($_POST['cancel'])) {
header("Location: index.php");
return;
}
if ( isset($_POST['delete']) && isset($_POST['profile_id']) ) {
$sql = "DELETE FROM Profile WHERE profile_id = :zip";
$stmt = $pdo->prepare($sql);
$stmt->execute(array(':zip' => $_POST['profile_id']));
$_SESSION['success'] = 'Profile deleted';
header( 'Location: index.php' ) ;
return;
}
// Guardian: Make sure that profile_id is present
if ( ! isset($_GET['profile_id']) ) {
$_SESSION['error'] = "Missing profile_id";
header('Location: index.php');
return;
}
$stmt = $pdo->prepare("SELECT first_name, last_name, profile_id FROM profile
WHERE profile_id = :xyz");
$stmt->execute(array(":xyz" => $_REQUEST['profile_id']));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ( $row === false ) {
$_SESSION['error'] = 'Could not load profile';
header( 'Location: index.php' ) ;
return;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Porfirio Hernandez</title>
</head>
<body>
<h1>Deleting Profile</h1>
<p>First Name: <?= htmlentities($row['first_name']) ?></p>
<p>Last Name: <?= htmlentities($row['last_name']) ?></p>
<form method="post">
<input type="hidden" name="profile_id" value="<?= $row['profile_id'] ?>">
<p><input type="submit" value="Delete" name="delete">
<input type="submit" name="cancel" value="Cancel"> </p>
</form>
</body>
</html>