24 lines
751 B
PHP
24 lines
751 B
PHP
<?php
|
|
require_once 'db/config.php';
|
|
|
|
// Auth and Role check
|
|
if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'Admin') {
|
|
$_SESSION['error'] = "You do not have permission to delete customers.";
|
|
header("Location: customers.php");
|
|
exit;
|
|
}
|
|
|
|
$id = $_GET['id'] ?? null;
|
|
|
|
if ($id) {
|
|
$stmt = db()->prepare("UPDATE customers SET deleted_at = NOW() WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
|
|
// Log action
|
|
$log_stmt = db()->prepare("INSERT INTO audit_logs (user_id, action, entity_type, entity_id, details) VALUES (?, ?, ?, ?, ?)");
|
|
$log_stmt->execute([$_SESSION['user_id'], 'DELETE', 'CUSTOMER', $id, "Soft deleted"]);
|
|
}
|
|
|
|
$_SESSION['success'] = "Customer deleted successfully.";
|
|
header("Location: customers.php");
|
|
exit; |