Mini Kabibi Habibi

Current Path : C:/xampp/htdocs/cid/system/
Upload File :
Current File : C:/xampp/htdocs/cid/system/delete_mista_report.php

<?php
session_start();
@include 'include/config.php';

// Check if the user is logged in
if (!isset($_SESSION['username_school'])) {
    header('Location: login.php');
    exit();
}

// Get the username from session
$username = $_SESSION['username_school'];

// Validate and get the plan_id from the query string
if (!isset($_GET['plan_id']) || !is_numeric($_GET['plan_id'])) {
    die("Invalid request.");
}

$plan_id = intval($_GET['plan_id']);

// First, verify ownership: ensure the logged-in user owns this record
$stmt = $conn->prepare("SELECT * FROM mista_reports WHERE id = ? AND username = ?");
$stmt->bind_param("is", $plan_id, $username);
$stmt->execute();
$result = $stmt->get_result();

if ($result->num_rows === 0) {
    die("Record not found or you do not have permission to delete it.");
}

// Proceed with deletion
$delete_stmt = $conn->prepare("DELETE FROM mista_reports WHERE id = ?");
$delete_stmt->bind_param("i", $plan_id);

if ($delete_stmt->execute()) {
    // Redirect after deletion
    header("Location: view_mista_reports.php?msg=deleted");
    exit();
} else {
    echo "Error deleting record: " . $conn->error;
}
?>