-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdelete_upload.php
More file actions
41 lines (36 loc) · 1.14 KB
/
delete_upload.php
File metadata and controls
41 lines (36 loc) · 1.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<?php
session_start();
include 'includes/db_connect.php';
include 'includes/auth_functions.php';
include 'includes/helper_functions.php';
if (!isset($_SESSION['user_id'])) {
header('Location: login.php');
exit;
}
$userId = $_SESSION['user_id'];
$uploadId = $_POST['upload_id'] ?? null;
if (!$uploadId || !is_numeric($uploadId)) {
header('Location: profile.php?error=Invalid upload');
exit;
}
$upload = getUploadById($uploadId);
if (!$upload || $upload['user_id'] != $userId) {
header('Location: profile.php?error=Unauthorized');
exit;
}
// Delete code file
$codeFile = __DIR__ . '/assets/uploads/code_files/' . basename($upload['file_path']);
if (file_exists($codeFile)) {
unlink($codeFile);
}
// Delete poster if exists
if (!empty($upload['poster_path'])) {
$posterFile = __DIR__ . '/' . $upload['poster_path'];
if (file_exists($posterFile)) {
unlink($posterFile);
}
}
// Delete from DB
$pdo->prepare('DELETE FROM uploads WHERE id = ?')->execute([$uploadId]);
header('Location: profile.php?username=' . urlencode($_SESSION['username']) . '&msg=Upload deleted');
exit;