From 12adccac3a68923086ae7084e58871de93ce6a7d Mon Sep 17 00:00:00 2001
From: doesnmisclown <kirilltyurin123@yandex.ru>
Date: Fri, 25 Aug 2023 04:59:32 +0000
Subject: [PATCH] =?UTF-8?q?=D0=97=D0=B0=D0=B3=D1=80=D1=83=D0=B7=D0=B8?=
 =?UTF-8?q?=D1=82=D1=8C=20=D1=84=D0=B0=D0=B9=D0=BB=D1=8B=20=D0=B2=20=C2=AB?=
 =?UTF-8?q?api/user=C2=BB?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 api/user/delete.php | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 api/user/delete.php

diff --git a/api/user/delete.php b/api/user/delete.php
new file mode 100644
index 0000000..8af9ef7
--- /dev/null
+++ b/api/user/delete.php
@@ -0,0 +1,34 @@
+<?php
+require_once("../_auth.php");
+require_once("../_utils.php");
+require_once("./index.php");
+
+function User_Delete($id){
+  global $db;
+  $s = $db->prepare("delete from users where id = $id");
+  $s->bind_param("s",$id);
+  return $s->execute() !== false;
+}
+
+if (ThisFileIsRequested(__FILE__)) {
+	require_once("../_json.php");
+	
+if (isset($_REQUEST["id"])) {
+		if (!ctype_digit($_REQUEST["id"]))
+			ReturnJSONError($Err_RDP_InvalidID, "id must be numeric");
+     if(!User_HasRole("admin")){
+	    ReturnJSONError($Err_DP_NotEnoughRole,"You need to be admin to delete other accounts");
+	  }
+		$UserID = intval($_REQUEST["id"]);
+	} else {
+		if ($LOGGED_IN)
+			$UserID = $_SESSION["userid"];
+		else
+			ReturnJSONError($Err_RDP_InvalidID, "id must be specified or valid session must be provided");
+	}
+	  $result = User_Delete($UserID);
+	  session_unset();
+	  session_destroy();
+    ReturnJSONData(["success" => $result]);
+	}
+?>
\ No newline at end of file