added settings
This commit is contained in:
@@ -0,0 +1,47 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
$env = parse_ini_file("../config/.env");
|
||||
|
||||
$username = $_SESSION["username"];
|
||||
|
||||
// Connect to db
|
||||
$conn = new mysqli($env["HOST"], $env["DBUSER"], $env["DBPASS"], $env["TABLE"]);
|
||||
|
||||
if ($conn->connect_error) {
|
||||
die("Connection failed: " . $conn->connect_error);
|
||||
}
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") { // When user posts data
|
||||
$password = $_POST["password"];
|
||||
|
||||
$user_row = $conn->query("SELECT * FROM users WHERE username = '$username';")->fetch_assoc();
|
||||
|
||||
$password_confirm = $user_row["password"];
|
||||
|
||||
if($password != $password_confirm) {
|
||||
header("Location: /settings.php?wrongpass");
|
||||
$conn->close();
|
||||
exit;
|
||||
}
|
||||
|
||||
$user_id = $user_row["id"];
|
||||
|
||||
$result = $conn->query("DROP TABLE user$user_id;");
|
||||
|
||||
if(!$result) {
|
||||
die("Error removing data.");
|
||||
}
|
||||
|
||||
$result = $conn->query("DELETE FROM users WHERE username = '$username';");
|
||||
|
||||
if(!$result) {
|
||||
die("Error deleting user.");
|
||||
}
|
||||
|
||||
header("Location: logout.php?deleted");
|
||||
$conn->close();
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user