archives/FHeD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 40 Activity

🐛 It'll definitely work this time

Browse Source 
Signed-off-by: Luke Tainton <luke@tainton.uk>
This commit is contained in:
Luke Tainton
2020-08-10 17:32:46 +01:00
parent 856d142b3f
commit b7d70b953e
1 changed files with 19 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
app/public/actions/delsub.php
View File

@@ -6,26 +6,27 @@
$authorised_users = get_subscribers($db, $request); $authorised_users = get_subscribers($db, $request);
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request); $is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
$subs_to_remove = implode(",", $_POST['delSubSelector']); if (!empty($_POST['delSubSelector'])) {
$subs_to_remove = implode(",", $_POST['delSubSelector']);
// Remove subscriber(s) // Remove subscriber(s)
if ($is_authorised == true) { if ($is_authorised == true) {
if($_SERVER['REQUEST_METHOD'] == 'POST') { if($_SERVER['REQUEST_METHOD'] == 'POST') {
try { try {
$stmt = "DELETE FROM ticket_subscribers WHERE WHERE sub_id IN (:sublist)"; $stmt = "DELETE FROM ticket_subscribers WHERE sub_id IN (:sublist)";
$sql = $db->prepare($stmt); $sql = $db->prepare($stmt);
$sql->bindParam(':sublist', $subs_to_remove); $sql->bindParam(':sublist', $subs_to_remove);
$sql->execute(); $sql->execute();
} catch (PDOException $e) { } catch (PDOException $e) {
$alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage()); $alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage());
}
} }
} } else {
$newURL = "/editsub?rid=" . $request['uuid']; $alert = array("danger", "You are not authorised to manage subscribers on this request.");
echo("<script>window.location = '$newURL'</script>"); }
} else {
$alert = array("danger", "You are not authorised to manage subscribers on this request.");
$newURL = "/editsub?rid=" . $request['uuid'];
echo("<script>window.location = '$newURL'</script>");
} }
$newURL = "/editsub?rid=" . $request['uuid'];
echo("<script>window.location = '$newURL'</script>");
?> ?>