admin/34394-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34394-vm/delete-credential.php
Flatlogic Bot 95de2da48e beta.0001
2025-09-28 22:00:58 +00:00

104 lines
3.6 KiB
PHP
Raw Blame History

<?php
session_start();
require_once __DIR__ . '/db/config.php';
require_once __DIR__ . '/includes/audit.php';
// If user is not logged in, redirect to login page
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
$displayName = $_SESSION['user_display_name'] ?? 'User';
$credentialId = $_GET['credential_id'] ?? null;
$credential = null;
$error = '';
if (!$credentialId) {
header('Location: dashboard.php');
exit;
}
$pdo = db();
// Fetch credential data to display its name and ensure it belongs to the user.
try {
$stmt = $pdo->prepare(
"SELECT c.credential_id, c.name, c.client_id FROM credentials c " .
"JOIN clients cl ON c.client_id = cl.client_id " .
"WHERE c.credential_id = ? AND cl.user_id = ?"
);
$stmt->execute([$credentialId, $_SESSION['user_id']]);
$credential = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$credential) {
// If credential not found or doesn't belong to the user, redirect.
header('Location: dashboard.php');
exit;
}
} catch (PDOException $e) {
$error = "Error fetching credential data: " . $e->getMessage();
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['confirm_delete'])) {
try {
$stmt = $pdo->prepare(
"DELETE c FROM credentials c " .
"JOIN clients cl ON c.client_id = cl.client_id " .
"WHERE c.credential_id = ? AND cl.user_id = ?"
);
$stmt->execute([$credentialId, $_SESSION['user_id']]);
log_audit_event('credential_delete', $_SESSION['user_id'], 'credential', $credentialId);
header('Location: dashboard.php?client_id=' . $credential['client_id'] . '&status=credential_deleted');
exit;
} catch (PDOException $e) {
$error = "Error deleting credential: " . $e->getMessage();
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Delete Credential - ClientManager</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css">
</head>
<body>
<nav class="navbar navbar-expand-lg navbar-dark bg-dark">
<div class="container-fluid">
<a class="navbar-brand" href="dashboard.php">ClientManager</a>
</div>
</nav>
<div class="container mt-4">
<h2>Delete Credential</h2>
<?php if ($error): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?>
<?php if ($credential): ?>
<div class="alert alert-warning">
<h4>Are you sure?</h4>
<p>This action will permanently delete the credential <strong><?php echo htmlspecialchars($credential['name']); ?></strong>.</p>
</div>
<form action="delete-credential.php?credential_id=<?php echo htmlspecialchars($credentialId); ?>" method="post">
<button type="submit" name="confirm_delete" class="btn btn-danger">Yes, Delete</button>
<a href="dashboard.php?client_id=<?php echo htmlspecialchars($credential['client_id']); ?>" class="btn btn-secondary">Cancel</a>
</form>
<?php else: ?>
<div class="alert alert-info">Credential not found or you do not have permission to delete it.</div>
<a href="dashboard.php" class="btn btn-primary">Back to Dashboard</a>
<?php endif; ?>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink