Наконец-то разобрался с сессиями, +минорные фиксы

api/user/delete.php

@@ -8,7 +8,7 @@ require_once("./index.php");
 // Delete existing account
 function User_Delete ($id) {
 	global $db;
-	$s = $db->prepare("delete from users where id = $id");
+	$s = $db->prepare("delete from users where id = ?");
 	$s->bind_param("s", $id);
 	return $s->execute() !== false;
 }
@@ -32,11 +32,16 @@ if (ThisFileIsRequested(__FILE__)) {
 		ReturnJSONError($Err_RDP_InvalidID, "valid session must be provided");
 	}
 
+	// If its attempt to delete other account
 	if (!User_HasRole($_SESSION["userid"], "admin") && $_SESSION["userid"] !== $UserID)
 		ReturnJSONError($Err_DP_NotEnoughRole, "you need to be admin to delete other accounts");
 
 	$result = User_Delete($UserID);
-	EndSession();
+
+	// If it was self-deletion
+	if ($UserID === $_SESSION["userid"])
+		EndSession();
+
 	ReturnJSONData(["success" => $result]);
 }
 ?>