33 lines
992 B
PHP
33 lines
992 B
PHP
<?php
|
|
// TODO: Add authentication to ensure only admin users can access this page.
|
|
// For example:
|
|
// session_start();
|
|
// if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'admin') {
|
|
// die('Access Denied: You do not have permission to perform this action.');
|
|
// }
|
|
|
|
require_once 'db/config.php';
|
|
|
|
if (isset($_GET['score_id']) && !empty($_GET['score_id'])) {
|
|
$score_id = (int)$_GET['score_id'];
|
|
|
|
try {
|
|
$pdo = db();
|
|
|
|
$stmt = $pdo->prepare("DELETE FROM scores WHERE id = ?");
|
|
$stmt->execute([$score_id]);
|
|
|
|
// Redirect back to the results page
|
|
header("Location: results.php?delete_success=1");
|
|
exit;
|
|
|
|
} catch (PDOException $e) {
|
|
// Optional: handle error, e.g., log it or show a generic error message
|
|
die("Error: Could not delete the score. " . $e->getMessage());
|
|
}
|
|
} else {
|
|
// No score_id provided
|
|
header("Location: results.php?delete_error=1");
|
|
exit;
|
|
}
|
|
?>
|