archives/FHeD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 40 Activity

🐛 Fix incorrect POST variable and add foreach()

Browse Source 
Signed-off-by: Luke Tainton <luke@tainton.uk>
This commit is contained in:
Luke Tainton
2020-08-10 16:05:12 +01:00
parent 714e8a256f
commit ba5e020d60
1 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
app/public/actions/delsub.php
View File

@@ -9,14 +9,16 @@
// Add subscriber
if ($is_authorised == true) {
if($_SERVER['REQUEST_METHOD'] == 'POST') {
try {
$stmt = "DELETE FROM ticket_subscribers WHERE ticket_uuid=:tktuuid AND user_uuid=:usruuid";
$sql = $db->prepare($stmt);
$sql->bindParam(':tktuuid', $request['uuid']);
$sql->bindParam(':usruuid', $POST['addSubSelector']);
$sql->execute();
} catch (PDOException $e) {
$alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage());
foreach ($_POST['addSubSelector'] as $sub) {
try {
$stmt = "DELETE FROM ticket_subscribers WHERE ticket_uuid=:tktuuid AND user_uuid=:usruuid";
$sql = $db->prepare($stmt);
$sql->bindParam(':tktuuid', $request['uuid']);
$sql->bindParam(':usruuid', $sub);
$sql->execute();
} catch (PDOException $e) {
$alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage());
}
}
}
$newURL = "/managesub?rid=" . $request['uuid'];