1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
<?php
include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/partials.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/alert.php';
$user = $_SESSION['user'] ?: null;
if (!$user) {
exit(create_alert('/', 401, 'You must be authorized before editing an account', null));
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['password']) || !password_verify($_POST['password'], $user['password'])) {
exit(create_alert('/account/delete.php', 401, 'Incorrect password.', null));
}
if (!isset($_POST['delete_my_account'])) {
exit(create_alert('/account/delete.php', 200, 'Account deletion has been declined', null));
}
$db = new PDO(DB_URL, DB_USER, DB_PASS);
$db->prepare('DELETE FROM users WHERE id = ?')
->execute([$user['id']]);
session_destroy();
exit(create_alert('/', 200, 'Successfully deleted the account!', null));
}
?>
<!DOCTYPE html>
<html>
<head>
<title>id system</title>
<link rel="stylesheet" href="/static/style.css">
</head>
<body>
<main>
<?php html_navbar(); ?>
<?php display_alert(); ?>
<form action="/account/delete.php" method="post" class="column gap-16">
<h1>Are you sure you want to delete the account?</h1>
<div>
<input type="checkbox" name="delete_my_account" value="1" id="delete_my_account" required>
<label for="delete_my_account">Yes, I want to delete the account and I know my data will be
erased.</label>
</div>
<div>
<input type="password" name="password" placeholder="Enter password" required>
<button type="submit" class="red">Delete</button>
</div>
</form>
</main>
</body>
</html>
|
