diff options
| author | ilotterytea <iltsu@alright.party> | 2025-08-19 10:46:11 +0500 |
|---|---|---|
| committer | ilotterytea <iltsu@alright.party> | 2025-08-19 10:46:11 +0500 |
| commit | 3a71ab0d6d5b9e2ecae630a93a1e862906745384 (patch) | |
| tree | bf8d97db68de686ff2a825828ae6676634889bfe | |
| parent | 440e8f50feda7a3c1d78c16678624bfe8eaf4db1 (diff) | |
feat: delete your account
| -rw-r--r-- | account/delete.php | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/account/delete.php b/account/delete.php new file mode 100644 index 0000000..f218aa6 --- /dev/null +++ b/account/delete.php @@ -0,0 +1,62 @@ +<?php +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/partials.php'; +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php'; +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php'; +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/alert.php'; + +$user = $_SESSION['user'] ?: null; + +if (!$user) { + exit(create_alert('/', 401, 'You must be authorized before editing an account', null)); +} + + +if ($_SERVER['REQUEST_METHOD'] == 'POST') { + if (!isset($_POST['password']) || !password_verify($_POST['password'], $user['password'])) { + exit(create_alert('/account/delete.php', 401, 'Incorrect password.', null)); + } + + if (!isset($_POST['delete_my_account'])) { + exit(create_alert('/account/delete.php', 200, 'Account deletion has been declined', null)); + } + + $db = new PDO(DB_URL, DB_USER, DB_PASS); + + $db->prepare('DELETE FROM users WHERE id = ?') + ->execute([$user['id']]); + + session_destroy(); + + exit(create_alert('/', 200, 'Successfully deleted the account!', null)); +} + +?> +<!DOCTYPE html> +<html> + +<head> + <title>id system</title> + <link rel="stylesheet" href="/static/style.css"> +</head> + +<body> + <main> + <?php html_navbar(); ?> + <?php display_alert(); ?> + + <form action="/account/delete.php" method="post" class="column gap-16"> + <h1>Are you sure you want to delete the account?</h1> + <div> + <input type="checkbox" name="delete_my_account" value="1" id="delete_my_account" required> + <label for="delete_my_account">Yes, I want to delete the account and I know my data will be + erased.</label> + </div> + <div> + <input type="password" name="password" placeholder="Enter password" required> + <button type="submit" class="red">Delete</button> + </div> + </form> + </main> +</body> + +</html>
\ No newline at end of file |