"Access not authorized"); } $projectId = $_POST['project_id'] ?? $_GET['project_id'] ?? ""; $clientId = $_POST['client_id'] ?? $_GET['client_id'] ?? ""; //TODO: scrub inputs if(empty($projectId) || empty($clientId)) { return array("error" => "One or more required fields missing: project_id, client_id"); } $db = SqliteDatabase::getSingleton(); $sql = "DELETE FROM account_projects WHERE account_id = :client_id AND project_id = :project_id LIMIT 1;"; $preparedQuery = $db->prepare($sql); $preparedQuery->bindValue(':project_id', $projectId); $preparedQuery->bindValue(':client_id', $clientId); try { $result = $preparedQuery->execute(); $loggerData = array(); $loggerData['admin_display_name'] = $_SESSION['display_name']; $loggerData['admin_user_id'] = $_SESSION['user_id']; $loggerData['project_removed'] = $projectId; $loggerData['domain_removed'] = $clientId; SecurityLogger::action("remove-project-domain", $loggerData, time()); return array("status" => "success"); } catch(Exception $e) { return array("error" => "Error" , "exception" => $e->getMessage()); } } }