| Server IP : 3.111.61.48 / Your IP : 216.73.216.67 Web Server : Apache System : Linux ip-10-0-5-176 6.8.0-1057-aws #60~22.04.1-Ubuntu SMP Wed May 27 08:16:59 UTC 2026 x86_64 User : ubuntu ( 1000) PHP Version : 8.2.31 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /var/www/vhost/itms.arukustech.com/public/api/ |
Upload File : |
<?php
require_once __DIR__ . '/../../app/db.php';
require_once __DIR__ . '/../../app/helpers/auth.php';
// Only allow logged-in users with proper roles to delete
check_login();
// Optional: If you want to restrict delete to only Superadmins
// if (!is_superadmin()) { die("Access denied"); }
$pdo = db();
$id = $_GET['id'] ?? 0;
if (!$id) {
die("Invalid request");
}
/* 1. FETCH RECORD DETAILS (For file deletion and logging) */
$stmt = $pdo->prepare("SELECT product_name, invoice_file FROM rented_inventory WHERE id = ?");
$stmt->execute([$id]);
$item = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$item) {
die("Record not found");
}
/* 2. DELETE INVOICE FILE FROM SERVER */
if (!empty($item['invoice_file'])) {
// $_SERVER['DOCUMENT_ROOT'] ensures we find the absolute path to the 'public' folder
$physicalPath = $_SERVER['DOCUMENT_ROOT'] . $item['invoice_file'];
if (file_exists($physicalPath)) {
unlink($physicalPath);
}
}
/* 3. DELETE RECORD FROM DATABASE */
$delete = $pdo->prepare("DELETE FROM rented_inventory WHERE id = ?");
$result = $delete->execute([$id]);
/* 4. OPTIONAL: LOG ACTIVITY */
// If you have a logActivity function, it's good to track who deleted what
// logActivity("Rented Item Deleted", "Deleted item: " . $item['product_name'] . " (ID: $id)");
if ($result) {
header("Location: /rented_inventory_list.php?deleted=1");
} else {
header("Location: /rented_inventory_list.php?error=delete_failed");
}
exit;