36 lines
984 B
PHP
36 lines
984 B
PHP
<?php
|
|
header('Content-Type: application/json');
|
|
require_once __DIR__ . '/auth_helper.php';
|
|
|
|
$data = json_decode(file_get_contents('php://input'), true);
|
|
|
|
if (!$data || !isset($data['id'])) {
|
|
echo json_encode(['success' => false, 'error' => 'Invalid input. Recipe ID is missing.']);
|
|
exit;
|
|
}
|
|
|
|
$recipeId = $data['id'];
|
|
$userId = get_logged_in_user_id();
|
|
|
|
$pdo = db();
|
|
|
|
try {
|
|
// Check ownership
|
|
$stmt = $pdo->prepare("SELECT user_id FROM recipes WHERE id = ?");
|
|
$stmt->execute([$recipeId]);
|
|
$recipe = $stmt->fetch();
|
|
|
|
if ($recipe && $recipe['user_id'] !== null && $recipe['user_id'] != $userId) {
|
|
echo json_encode(['success' => false, 'error' => 'Unauthorized to delete this recipe.']);
|
|
exit;
|
|
}
|
|
|
|
$stmt = $pdo->prepare("DELETE FROM recipes WHERE id = ?");
|
|
$stmt->execute([$recipeId]);
|
|
|
|
echo json_encode(['success' => true]);
|
|
|
|
} catch (PDOException $e) {
|
|
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
|
}
|