48 lines
1002 B
PHP
48 lines
1002 B
PHP
|
<?php
|
||
|
|
session_start();
|
||
|
|
|
||
|
|
$env = parse_ini_file("../config/.env");
|
||
|
|
|
||
|
|
$username = $_SESSION["username"];
|
||
|
|
|
||
|
|
// Connect to db
|
||
|
|
$conn = new mysqli($env["HOST"], $env["DBUSER"], $env["DBPASS"], $env["TABLE"]);
|
||
|
|
|
||
|
|
if ($conn->connect_error) {
|
||
|
|
die("Connection failed: " . $conn->connect_error);
|
||
|
|
}
|
||
|
|
|
||
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST") { // When user posts data
|
||
|
|
$password = $_POST["password"];
|
||
|
|
|
||
|
|
$user_row = $conn->query("SELECT * FROM users WHERE username = '$username';")->fetch_assoc();
|
||
|
|
|
||
|
|
$password_confirm = $user_row["password"];
|
||
|
|
|
||
|
|
if($password != $password_confirm) {
|
||
|
|
header("Location: /settings.php?wrongpass");
|
||
|
|
$conn->close();
|
||
|
|
exit;
|
||
|
|
}
|
||
|
|
|
||
|
|
$user_id = $user_row["id"];
|
||
|
|
|
||
|
|
$result = $conn->query("DROP TABLE user$user_id;");
|
||
|
|
|
||
|
|
if(!$result) {
|
||
|
|
die("Error removing data.");
|
||
|
|
}
|
||
|
|
|
||
|
|
$result = $conn->query("DELETE FROM users WHERE username = '$username';");
|
||
|
|
|
||
|
|
if(!$result) {
|
||
|
|
die("Error deleting user.");
|
||
|
|
}
|
||
|
|
|
||
|
|
header("Location: logout.php?deleted");
|
||
|
|
$conn->close();
|
||
|
|
exit;
|
||
|
|
}
|
||
|
|
?>
|
||
|
|
|