File "controller.php"

Full Path: /home/quiczmwg/lightspringdigitals.com/admin/img/controller.php
File size: 1.06 KB
MIME-type: text/x-php
Charset: utf-8

<?php
include_once("../_db.php");
session_start();

if (isset($_GET['userid']) && isset($_GET['status'])) {
    $userid = $_GET['userid'];
    $status = $_GET['status'];

    if ($status == 'delete') {
        // Secure delete query using prepared statements
        $stmt = $conn->prepare("DELETE FROM user_login WHERE userid = ?");
        $stmt->bind_param("s", $userid);
        if ($stmt->execute()) {
            $_SESSION['mgs'] = "Account deleted successfully!";
        } else {
            $_SESSION['mgs'] = "Error deleting account!";
        }
        $stmt->close();
    } else {
        // Secure verify account query using prepared statements
        $stmt = $conn->prepare("UPDATE user_login SET status = 'verify' WHERE userid = ?");
        $stmt->bind_param("s", $userid);
        if ($stmt->execute()) {
            $_SESSION['mgs'] = "Account has been verified!";
        } else {
            $_SESSION['mgs'] = "Error verifying account!";
        }
        $stmt->close();
    }

    // Redirect back to info.php
    header("Location: info.php");
    exit();
}
?>