RemoveDataFromAccountAction.class.php 1.3 KB

123456789101112131415161718192021222324252627282930313233343536
  1. <?php
  2. class RemoveDataFromAccountAction implements IAction {
  3. public function execute() {
  4. if(!Authorize::isLoggedIn() || !Authorize::hasPermission()) {
  5. return array("error" => "Access not authorized");
  6. }
  7. $projectId = $_POST['project_id'] ?? $_GET['project_id'] ?? "";
  8. $clientId = $_POST['client_id'] ?? $_GET['client_id'] ?? "";
  9. //TODO: scrub inputs
  10. if(empty($projectId) || empty($clientId)) {
  11. return array("error" => "One or more required fields missing: project_id, client_id");
  12. }
  13. $db = SqliteDatabase::getSingleton();
  14. $sql = "DELETE FROM account_projects WHERE account_id = :client_id AND project_id = :project_id LIMIT 1;";
  15. $preparedQuery = $db->prepare($sql);
  16. $preparedQuery->bindValue(':project_id', $projectId);
  17. $preparedQuery->bindValue(':client_id', $clientId);
  18. try {
  19. $result = $preparedQuery->execute();
  20. $loggerData = array();
  21. $loggerData['admin_display_name'] = $_SESSION['display_name'];
  22. $loggerData['admin_user_id'] = $_SESSION['user_id'];
  23. $loggerData['project_removed'] = $projectId;
  24. $loggerData['domain_removed'] = $clientId;
  25. SecurityLogger::action("remove-project-domain", $loggerData, time());
  26. return array("status" => "success");
  27. }
  28. catch(Exception $e) {
  29. return array("error" => "Error" , "exception" => $e->getMessage());
  30. }
  31. }
  32. }