1 files changed, 62 insertions, 0 deletions

diff --git a/account/delete.php b/account/delete.php
new file mode 100644
index 0000000..f218aa6
--- /dev/null
+++ b/account/delete.php
@@ -0,0 +1,62 @@
+<?php
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/partials.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/alert.php';
+
+$user = $_SESSION['user'] ?: null;
+
+if (!$user) {
+    exit(create_alert('/', 401, 'You must be authorized before editing an account', null));
+}
+
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    if (!isset($_POST['password']) || !password_verify($_POST['password'], $user['password'])) {
+        exit(create_alert('/account/delete.php', 401, 'Incorrect password.', null));
+    }
+
+    if (!isset($_POST['delete_my_account'])) {
+        exit(create_alert('/account/delete.php', 200, 'Account deletion has been declined', null));
+    }
+
+    $db = new PDO(DB_URL, DB_USER, DB_PASS);
+
+    $db->prepare('DELETE FROM users WHERE id = ?')
+        ->execute([$user['id']]);
+
+    session_destroy();
+
+    exit(create_alert('/', 200, 'Successfully deleted the account!', null));
+}
+
+?>
+<!DOCTYPE html>
+<html>
+
+<head>
+    <title>id system</title>
+    <link rel="stylesheet" href="/static/style.css">
+</head>
+
+<body>
+    <main>
+        <?php html_navbar(); ?>
+        <?php display_alert(); ?>
+
+        <form action="/account/delete.php" method="post" class="column gap-16">
+            <h1>Are you sure you want to delete the account?</h1>
+            <div>
+                <input type="checkbox" name="delete_my_account" value="1" id="delete_my_account" required>
+                <label for="delete_my_account">Yes, I want to delete the account and I know my data will be
+                    erased.</label>
+            </div>
+            <div>
+                <input type="password" name="password" placeholder="Enter password" required>
+                <button type="submit" class="red">Delete</button>
+            </div>
+        </form>
+    </main>
+</body>
+
+</html>
\ No newline at end of file