archives/FHeD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 40 Activity

🐛 It'll definitely work this time

Browse Source 
Signed-off-by: Luke Tainton <luke@tainton.uk>
This commit is contained in:
Luke Tainton
2020-08-10 17:32:46 +01:00
parent 856d142b3f
commit b7d70b953e
1 changed files with 19 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
app/public/actions/delsub.php
View File

@@ -6,26 +6,27 @@
$authorised_users = get_subscribers($db, $request);
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
$subs_to_remove = implode(",", $_POST['delSubSelector']);
if (!empty($_POST['delSubSelector'])) {
$subs_to_remove = implode(",", $_POST['delSubSelector']);
// Remove subscriber(s)
if ($is_authorised == true) {
if($_SERVER['REQUEST_METHOD'] == 'POST') {
try {
$stmt = "DELETE FROM ticket_subscribers WHERE WHERE sub_id IN (:sublist)";
$sql = $db->prepare($stmt);
$sql->bindParam(':sublist', $subs_to_remove);
$sql->execute();
} catch (PDOException $e) {
$alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage());
// Remove subscriber(s)
if ($is_authorised == true) {
if($_SERVER['REQUEST_METHOD'] == 'POST') {
try {
$stmt = "DELETE FROM ticket_subscribers WHERE sub_id IN (:sublist)";
$sql = $db->prepare($stmt);
$sql->bindParam(':sublist', $subs_to_remove);
$sql->execute();
} catch (PDOException $e) {
$alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage());
}
}
}
$newURL = "/editsub?rid=" . $request['uuid'];
echo("<script>window.location = '$newURL'</script>");
} else {
$alert = array("danger", "You are not authorised to manage subscribers on this request.");
$newURL = "/editsub?rid=" . $request['uuid'];
echo("<script>window.location = '$newURL'</script>");
} else {
$alert = array("danger", "You are not authorised to manage subscribers on this request.");
}
}
$newURL = "/editsub?rid=" . $request['uuid'];
echo("<script>window.location = '$newURL'</script>");
?>