EduProjects/techstore
1
0
Fork 0
mirror of https://codeberg.org/ThisIsMiseryy/techstore synced 2026-05-14 14:52:04 +00:00
Code Issues Packages Projects Releases 3 Wiki Activity
Files
60871cfe7d85523141dd8a3e28ef6bbec7542a18
techstore/src/account/delete.php
T

92 lines
3.9 KiB
PHP
Raw Blame History

<!DOCTYPE html>
<html lang="it">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Elimina Account - TechStore</title>
<link rel="stylesheet" href="../assets/style.css">
</head>
<body>
<?php
session_start();
include '../db_conf.php';
if (!isset($_SESSION['id'])) {
header('Location: ../login.php');
exit();
}
$message = '';
$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$current_password = $_POST['current_password'] ?? '';
if (empty($current_password)) {
$error = 'Inserisci la password per confermare.';
} else {
$sql = "SELECT Password FROM Users WHERE UserID = ?";
if ($stmt = $conn->prepare($sql)) {
$stmt->bind_param("i", $_SESSION['id']);
$stmt->execute();
$stmt->bind_result($hashed_password);
$stmt->fetch();
$stmt->close();
if (!password_verify($current_password, $hashed_password)) {
$error = 'La password non è corretta.';
} else {
// Elimina gli ordini associati all'utente
$sql_delete_order_items = "DELETE oi FROM OrderItems oi JOIN Orders o ON oi.OrderID = o.OrderID WHERE o.UserID = ?";
$stmt_delete_order_items = $conn->prepare($sql_delete_order_items);
$stmt_delete_order_items->bind_param("i", $_SESSION['id']);
$stmt_delete_order_items->execute();
$stmt_delete_order_items->close();
$sql_delete_orders = "DELETE FROM Orders WHERE UserID = ?";
$stmt_delete_orders = $conn->prepare($sql_delete_orders);
$stmt_delete_orders->bind_param("i", $_SESSION['id']);
$stmt_delete_orders->execute();
$stmt_delete_orders->close();
$sql_delete_user = "DELETE FROM Users WHERE UserID = ?";
$stmt_delete_user = $conn->prepare($sql_delete_user);
$stmt_delete_user->bind_param("i", $_SESSION['id']);
$stmt_delete_user->execute();
$stmt_delete_user->close();
session_unset();
session_destroy();
$message = 'Il tuo account è stato eliminato insieme a tutti i tuoi ordini.';
}
} else {
$error = 'Errore nel database.';
}
}
}
?>
<form action="" method="POST">
<h2>Elimina Account</h2>
<p style="margin-bottom: 20px; color: #333;">Questa operazione cancellerà il tuo account e tutti gli ordini associati. Inserisci la tua password per confermare.</p>
<?php if ($message): ?>
<p style="color: #155724; background-color: #d4edda; border: 1px solid #c3e6cb; padding: 10px; border-radius: 4px; text-align: center;">
<?php echo htmlspecialchars($message); ?>
</p>
<?php endif; ?>
<?php if ($error): ?>
<p style="color: #721c24; background-color: #f8d7da; border: 1px solid #f5c6cb; padding: 10px; border-radius: 4px; text-align: center;">
<?php echo htmlspecialchars($error); ?>
</p>
<?php endif; ?>
<label for="current_password">Password corrente:</label>
<input type="password" id="current_password" name="current_password" required><br>
<button type="submit" style="background-color: #dc3545;">Elimina account</button>
<p style="text-align: center;"><a href="../account.php">Annulla e torna al mio account</a></p>
</form>
</body>
</html>
View Git Blame Copy Permalink