The following files exists in this folder. Click to view.
delete_user.php38 lines UTF-8 Unix (LF)
<?php
session_start();
require_once('databaseconnection.php');
include('check_login.php');
$file_in = "accounts/users.json";
$users = json_decode(file_get_contents($file_in), true);
//Uppdaterar active till 0 ifall lösen och användare stämmer
if(isset($_POST['username']) and isset($_POST['password'])){
$password = sha1("LBM".trim($_POST['password'])."Stegen"); //krypterar
$username = trim($_POST['username']);
$username = htmlspecialchars($username, ENT_QUOTES, "UTF-8");
$sql = "SELECT * FROM Users
WHERE username = :username AND password = :password";
$stm = $pdo->prepare($sql);
$stm->execute(array('username' => $username, 'password' => $password));
$res = $stm->fetch(PDO::FETCH_ASSOC);
if(isset($res["userId"])){
if($res['active'] != 1){
header('location: index.php?action=login&mess=deleted');
exit();
}
$userId = $res['userId'];
$sql = "UPDATE Users SET active = 0 WHERE userId = $userId;";
$stm = $pdo->prepare($sql);
$stm->execute();
header('location: logout.php?action=deleted');
exit();
}
}
header('location: delete_user_form.php?mess=wrong');
exit();
?>