From 8925a9526a1d3eac914030b3069713f56c37e55a Mon Sep 17 00:00:00 2001
From: ilotterytea <iltsu@alright.party>
Date: Tue, 9 Dec 2025 16:50:07 +0500
Subject: feat: emoteset editors

---
 emotesets/deleditor.php | 59 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 emotesets/deleditor.php

(limited to 'emotesets/deleditor.php')

diff --git a/emotesets/deleditor.php b/emotesets/deleditor.php
new file mode 100644
index 0000000..0476f37
--- /dev/null
+++ b/emotesets/deleditor.php
@@ -0,0 +1,59 @@
+<?php
+include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/config.php";
+include "{$_SERVER['DOCUMENT_ROOT']}/lib/accounts.php";
+include "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php";
+include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php";
+
+if (!authorize_user(true)) {
+    return;
+}
+
+$d = $_POST;
+if ($_SERVER['REQUEST_METHOD'] === 'GET') {
+    $d = $_GET;
+}
+
+if (isset($_SESSION["user_role"]) && !$_SESSION["user_role"]["permission_emoteset_own"]) {
+    generate_alert("/404.php", "Not enough permissions", 403);
+    exit;
+}
+
+if (!isset($d["id"], $d["username"])) {
+    generate_alert("/emotesets/", "Not enough POST fields");
+    exit;
+}
+
+$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']);
+
+// checking emoteset
+$emote_set_id = $d["id"];
+$stmt = $db->prepare("SELECT id FROM emote_sets WHERE id = ? AND owner_id = ?");
+$stmt->execute([$emote_set_id, $_SESSION['user_id']]);
+if ($stmt->rowCount() == 0) {
+    generate_alert("/emotes", "Emoteset not found", 404);
+    exit;
+}
+$emote_set = $stmt->fetch(PDO::FETCH_ASSOC);
+
+// get user by username
+$user_name = $d['username'];
+$stmt = $db->prepare("SELECT id FROM users WHERE username = ?");
+$stmt->execute([$user_name]);
+if ($stmt->rowCount() == 0) {
+    generate_alert("/404.php", "Username $user_name does not exist", 403);
+    exit;
+}
+$user_id = $stmt->fetch(PDO::FETCH_ASSOC)['id'];
+
+// checking if user has already acquired emote set
+$stmt = $db->prepare("SELECT id FROM acquired_emote_sets WHERE user_id = ? AND emote_set_id = ?");
+$stmt->execute([$user_id, $emote_set_id]);
+if ($stmt->rowCount() == 0) {
+    generate_alert("/404.php", "User $user_name has not acquired this emoteset.", 404);
+    exit;
+}
+
+$db->prepare('DELETE FROM acquired_emote_sets WHERE user_id = ? AND emote_set_id = ?')
+    ->execute([$user_id, $emote_set_id]);
+
+generate_alert("/emotesets/?id=$emote_set_id", "User $user_name can not edit this emoteset anymore.", 200);
\ No newline at end of file
-- 
cgit v1.2.3