TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c618fd4506a1fb584c149231b5484b02001d4a79
4WDCSA.co.za/src/processors/delete_album.php
twotalesanimation e6d298c506 fix: correct require paths and database connection in album processors 
- Fix rootPath calculation in all album processors (was going up too many levels)
- Use global \ from connection.php instead of calling openDatabaseConnection()
- Fix cleanup code in save_album.php to use existing \
- Update all processors to use proper config file includes (env.php, session.php, connection.php, functions.php)
- Ensures validateCSRFToken() and other functions are properly available
2025-12-05 09:59:05 +02:00

96 lines
2.5 KiB
PHP
Raw Blame History

<?php
$rootPath = dirname(dirname(__DIR__));
require_once($rootPath . '/src/config/env.php');
require_once($rootPath . '/src/config/session.php');
require_once($rootPath . '/src/config/connection.php');
if (!isset($_SESSION['user_id'])) {
http_response_code(403);
exit('Forbidden');
}
$album_id = intval($_GET['id'] ?? 0);
if (!$album_id) {
http_response_code(400);
exit('Album ID is required');
}
// Verify ownership
$albumCheck = $conn->prepare("SELECT user_id FROM photo_albums WHERE album_id = ?");
$albumCheck->bind_param("i", $album_id);
$albumCheck->execute();
$albumResult = $albumCheck->get_result();
if ($albumResult->num_rows === 0) {
$conn->close();
http_response_code(404);
header('Location: gallery');
exit;
}
$album = $albumResult->fetch_assoc();
if ($album['user_id'] !== $_SESSION['user_id']) {
$conn->close();
http_response_code(403);
header('Location: gallery');
exit;
}
$albumCheck->close();
try {
// Start transaction
$conn->begin_transaction();
// Get all photos for this album
$photoStmt = $conn->prepare("SELECT file_path FROM photos WHERE album_id = ?");
$photoStmt->bind_param("i", $album_id);
$photoStmt->execute();
$photoResult = $photoStmt->get_result();
// Delete photo files
while ($photo = $photoResult->fetch_assoc()) {
$photoPath = $_SERVER['DOCUMENT_ROOT'] . $photo['file_path'];
if (file_exists($photoPath)) {
unlink($photoPath);
}
}
$photoStmt->close();
// Delete photos from database (cascade should handle this)
$deletePhotosStmt = $conn->prepare("DELETE FROM photos WHERE album_id = ?");
$deletePhotosStmt->bind_param("i", $album_id);
$deletePhotosStmt->execute();
$deletePhotosStmt->close();
// Delete album from database
$deleteAlbumStmt = $conn->prepare("DELETE FROM photo_albums WHERE album_id = ?");
$deleteAlbumStmt->bind_param("i", $album_id);
$deleteAlbumStmt->execute();
$deleteAlbumStmt->close();
// Delete album directory
$albumDir = $rootPath . '/assets/uploads/gallery/' . $album_id;
if (is_dir($albumDir)) {
rmdir($albumDir);
}
// Commit transaction
$conn->commit();
$conn->close();
// Redirect to gallery
header('Location: gallery');
exit;
} catch (Exception $e) {
// Rollback on error
$conn->rollback();
$conn->close();
http_response_code(400);
echo 'Error deleting album: ' . htmlspecialchars($e->getMessage());
exit;
}
?>
Reference in New Issue View Git Blame Copy Permalink