37 lines
1.0 KiB
PHP
37 lines
1.0 KiB
PHP
|
<?php
|
||
|
|
require_once 'config.php';
|
||
|
|
|
||
|
|
if (!isset($_SESSION['user_id'])) {
|
||
|
|
header('Location: login.php');
|
||
|
|
exit;
|
||
|
|
}
|
||
|
|
|
||
|
|
$image_id = $_GET['id'] ?? 0;
|
||
|
|
|
||
|
|
if ($image_id) {
|
||
|
|
try {
|
||
|
|
$stmt = $pdo->prepare("SELECT filename, user_id FROM images WHERE id = ?");
|
||
|
|
$stmt->execute([$image_id]);
|
||
|
|
$image = $stmt->fetch(PDO::FETCH_ASSOC);
|
||
|
|
|
||
|
|
if ($image && ($_SESSION['user_id'] == $image['user_id'] || $_SESSION['username'] === 'admin')) {
|
||
|
|
$stmt = $pdo->prepare("DELETE FROM images WHERE id = ?");
|
||
|
|
$stmt->execute([$image_id]);
|
||
|
|
|
||
|
|
$file_path = 'uploads/' . $image['filename'];
|
||
|
|
if (file_exists($file_path)) {
|
||
|
|
unlink($file_path);
|
||
|
|
}
|
||
|
|
|
||
|
|
$_SESSION['success'] = t('image_deleted_success');
|
||
|
|
} else {
|
||
|
|
$_SESSION['error'] = t('no_permission_delete');
|
||
|
|
}
|
||
|
|
} catch(PDOException $e) {
|
||
|
|
$_SESSION['error'] = t('delete_failed') . ': ' . $e->getMessage();
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
header('Location: dashboard.php');
|
||
|
|
exit;
|
||
|
|
?>
|