Uname:Linux ip-10-0-5-176 6.8.0-1057-aws #60~22.04.1-Ubuntu SMP Wed May 27 08:16:59 UTC 2026 x86_64

403WebShell
403Webshell
Server IP : 3.111.61.48  /  Your IP : 216.73.216.67
Web Server : Apache
System : Linux ip-10-0-5-176 6.8.0-1057-aws #60~22.04.1-Ubuntu SMP Wed May 27 08:16:59 UTC 2026 x86_64
User : ubuntu ( 1000)
PHP Version : 8.2.31
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/vhost/itms.arukustech.com/public/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /var/www/vhost/itms.arukustech.com/public/users_delete.php
<?php
require_once __DIR__ . '/../app/db.php';
require_once __DIR__ . '/../app/helpers/auth.php';

auth(); // login required

$pdo = db();

// Only superadmin can delete users
if ($_SESSION['role'] !== 'superadmin') {
    header("Location: users.php?error=denied");
    exit;
}

// Validate ID
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
    header("Location: users.php?error=invalid");
    exit;
}

$id = (int)$_GET['id'];

// Prevent deleting own account
if ($id == $_SESSION['user_id']) {
    header("Location: users.php?error=cannot_delete_self");
    exit;
}

// Fetch user to check role
$stmt = $pdo->prepare("SELECT id, role FROM users WHERE id=?");
$stmt->execute([$id]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);

if (!$user) {
    header("Location: users.php?error=notfound");
    exit;
}

// Prevent deleting another superadmin
if ($user['role'] === 'superadmin') {
    header("Location: users.php?error=cannot_delete_superadmin");
    exit;
}

// Delete user
$stmt = $pdo->prepare("DELETE FROM users WHERE id=?");
$stmt->execute([$id]);

header("Location: users.php?deleted=1");
exit;

Youez - 2016 - github.com/yon3zu
LinuXploit