diff --git a/app/public/actions/delsub.php b/app/public/actions/delsub.php
index 87282da..ada6d02 100644
--- a/app/public/actions/delsub.php
+++ b/app/public/actions/delsub.php
@@ -6,26 +6,27 @@
$authorised_users = get_subscribers($db, $request);
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
- $subs_to_remove = implode(",", $_POST['delSubSelector']);
+ if (!empty($_POST['delSubSelector'])) {
+ $subs_to_remove = implode(",", $_POST['delSubSelector']);
- // Remove subscriber(s)
- if ($is_authorised == true) {
- if($_SERVER['REQUEST_METHOD'] == 'POST') {
- try {
- $stmt = "DELETE FROM ticket_subscribers WHERE WHERE sub_id IN (:sublist)";
- $sql = $db->prepare($stmt);
- $sql->bindParam(':sublist', $subs_to_remove);
- $sql->execute();
- } catch (PDOException $e) {
- $alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage());
+ // Remove subscriber(s)
+ if ($is_authorised == true) {
+ if($_SERVER['REQUEST_METHOD'] == 'POST') {
+ try {
+ $stmt = "DELETE FROM ticket_subscribers WHERE sub_id IN (:sublist)";
+ $sql = $db->prepare($stmt);
+ $sql->bindParam(':sublist', $subs_to_remove);
+ $sql->execute();
+ } catch (PDOException $e) {
+ $alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage());
+ }
}
- }
- $newURL = "/editsub?rid=" . $request['uuid'];
- echo("");
- } else {
- $alert = array("danger", "You are not authorised to manage subscribers on this request.");
- $newURL = "/editsub?rid=" . $request['uuid'];
- echo("");
+ } else {
+ $alert = array("danger", "You are not authorised to manage subscribers on this request.");
+ }
+
}
+ $newURL = "/editsub?rid=" . $request['uuid'];
+ echo("");
?>