Sindbad~EG File Manager

Current Path : /home/beeson/public_html/WebMathXpert/ThreeBodyWeb/
Upload File :
Current File : //home/beeson/public_html/WebMathXpert/ThreeBodyWeb/DeleteFromGalleryHelper.php

<?php
// DeleteFromGalleryHelper.php
// CORS headers to allow fetch() to work properly
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: POST");
header("Access-Control-Allow-Headers: Content-Type");
session_start();
$dbFile = 'ThreeBodyDatabase.db';
$db = new SQLite3($dbFile);

// Get POST data
$docId = $_POST['DocumentNumber'] ?? null;
$password = $_POST['password'] ?? '';

if (!$docId || !$password) {
    exit("Missing data");
}

// Check password and get image filename
$stmt = $db->prepare("SELECT image_filename FROM documents WHERE DocumentNumber = :docId AND password = :password");
$stmt->bindValue(':docId', $docId, SQLITE3_INTEGER);
$stmt->bindValue(':password', $password, SQLITE3_TEXT);
$result = $stmt->execute();
$row = $result->fetchArray(SQLITE3_ASSOC);

if (!$row) {
    exit("Invalid password or document not found");
}

// Try deleting the image file
$imageFile = $row['image_filename'];
$imagePath = __DIR__ . "/images/" . $imageFile;
if ($imageFile && file_exists($imagePath)) {
    if (!unlink($imagePath)) {
        exit("Failed to delete image file");
    }
}

// Delete the database row
$stmt = $db->prepare("DELETE FROM documents WHERE DocumentNumber = :docId");
$stmt->bindValue(':docId', $docId, SQLITE3_INTEGER);
if ($stmt->execute()) {
    exit("OK"); // This is what the JavaScript is looking for
} else {
    exit("Database deletion failed");
}
?>

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists