WIP: Blogposts

blog_delete.php

@@ -0,0 +1,36 @@
+<?php
+require_once("env.php");
+require_once("session.php");
+require_once("connection.php");
+require_once("functions.php");
+
+if (!isset($_SESSION['user_id'])) {
+    $_SESSION['message'] = "Not authorized.";
+    header("Location: user_blogs.php");
+    exit;
+}
+
+$token = $_GET['token'];
+// Sanitize the trip_id to prevent SQL injection
+$article_id = intval(decryptData($token, $salt)); // Ensures $trip_id is treated as an integer
+
+$user_id = $_SESSION['user_id'];
+
+if ($article_id <= 0) {
+    $_SESSION['message'] = "Invalid blog ID.";
+    header("Location: user_blogs.php");
+    exit;
+}
+
+$stmt = $conn->prepare("UPDATE blogs SET status = 'deleted' WHERE blog_id = ? AND author = ?");
+$stmt->bind_param("ii", $article_id, $user_id);
+
+if ($stmt->execute()) {
+    $_SESSION['message'] = "Blog deleted!";
+} else {
+    $_SESSION['message'] = "Failed to delete blog: " . $stmt->error;
+}
+
+header("Location: user_blogs.php");
+exit;
+?>