forked from rpiambulance/website
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.drop_game_other_member.php
37 lines (30 loc) · 1.07 KB
/
.drop_game_other_member.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<?php
if($_SERVER['REQUEST_METHOD'] === 'POST') {
require_once ".db_config.php";
$connection = new PDO("mysql:host=$dhost;dbname=$dname", $duser, $dpassword);
$connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if(!isset($dname)) {
$dname = 'ambulanc_web';
}
if(!isset($_POST['game_id'])) {
return;
}
include ".functions.php";
$user = getUser($_POST['session_id'], $connection);
$username = $user['username'];
$gameId = $_POST['game_id'];
$memberToDelete = $_POST['member_id'];
$statement = $connection->prepare("SELECT * FROM members WHERE username=:username");
$statement->bindParam(':username', $username);
$statement->execute();
$memberInfo = $statement->fetchAll(PDO::FETCH_ASSOC)[0];
$memberId = $memberInfo['id'];
if($memberInfo['admin'] === '1') {
$sql = "DELETE FROM games_crews WHERE gameid = :gameId AND memberid = :memberId";
$statement=$connection->prepare($sql);
$statement->bindValue(':gameId', $gameId);
$statement->bindValue(':memberId', $memberToDelete);
$statement->execute();
}
}
?>