| Server IP : 3.111.61.48 / Your IP : 216.73.216.67 Web Server : Apache System : Linux ip-10-0-5-176 6.8.0-1057-aws #60~22.04.1-Ubuntu SMP Wed May 27 08:16:59 UTC 2026 x86_64 User : ubuntu ( 1000) PHP Version : 8.2.31 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /var/www/vhost/itms.arukustech.com/public/api/ |
Upload File : |
<?php
require_once __DIR__ . '/../../app/db.php';
require_once __DIR__ . '/../../app/helpers/auth.php';
auth();
$pdo = db();
if ($_SESSION['role'] !== 'superadmin') {
echo json_encode(["error" => "denied"]);
exit;
}
$data = json_decode(file_get_contents("php://input"), true);
$id = (int)$data['id'];
if ($id == $_SESSION['user_id']) {
echo json_encode(["error" => "cannot_delete_self"]);
exit;
}
// Fetch user role
$stmt = $pdo->prepare("SELECT role FROM users WHERE id=?");
$stmt->execute([$id]);
$user = $stmt->fetch();
if (!$user) {
echo json_encode(["error" => "notfound"]);
exit;
}
if ($user['role'] === 'superadmin') {
echo json_encode(["error" => "cannot_delete_superadmin"]);
exit;
}
$stmt = $pdo->prepare("DELETE FROM users WHERE id=?");
$stmt->execute([$id]);
echo json_encode(["success" => true]);