<?php
require_once '../auth_helper.php';
require_login();

if ($_SERVER['REQUEST_METHOD'] === 'GET' && isset($_GET['id'])) {
    $candId = $_GET['id'];
    $pdo = db();

    try {
        $stmt = $pdo->prepare("DELETE FROM candidates WHERE id = ?");
        $stmt->execute([$candId]);

        $currentUser = get_user();
        audit_log('candidate_deleted', 'candidates', $candId, null, null, "Deleted candidate ID $candId");

        header("Location: ../candidate_management.php?success=candidate_deleted");
        exit;
    } catch (PDOException $e) {
        die("Error deleting candidate: " . $e->getMessage());
    }
} else {
    header("Location: ../candidate_management.php");
    exit;
}