<?php
// Deleting existing account


// Includes
if ($IS_FRONTEND) {
	require_once("api/_auth.php");
	require_once("api/_utils.php");
	require_once("api/_errorslist.php");
	require_once("api/user/index.php");
} else {
	require_once("../_auth.php");
	require_once("../_utils.php");
	require_once("../_errorslist.php");
	require_once("./index.php");
}


// Functions

/*
 * FUNCTION
 * Delete existing account
 */
function User_Delete (int $id): ReturnT {
	global $db;

	$s = $db->prepare("delete from users where id = ?");
	$s->bind_param("s", $id);

	return new ReturnT(data: ($s->execute() !== false));
}


// Methods

/*
 * METHOD
 * Delete existing account
 */
function User_Delete_Method (array $req): ReturnT {
	global $LOGGED_IN, $THIS_USER;

	$id = null;

	// Input sanity checks

	if (isset($req["id"]) && $LOGGED_IN) {
		if (!ctype_digit($req["id"]))
			return new ReturnT(err_code: E_UIN_BADARGS, err_desc: "id must be numeric");
		$id = intval($req["id"]);
	} elseif (!isset($req["id"]) && $LOGGED_IN) {
		$id = $THIS_USER;
	} else {
		return new ReturnT(err_code: E_AUT_NOTAUTHED, err_desc: "valid session must be provided");
	}

	// If its attempt to delete other account
	if (!User_HasRole($THIS_USER, "admin")->GetData() && $THIS_USER !== $id)
		return new ReturnT(err_code: E_ACS_INSUFROLE, err_desc: "you must be admin to delete other accounts");

	// Actions

	return User_Delete($id);
}


if (Utils_ThisFileIsRequested(__FILE__)) {
	require_once("../_json.php");

	// HACK: for debugging purposes. Will be removed later
	if ($Config["debug"])
		$_POST = $_REQUEST;

	$result = User_Delete_Method($_POST);

	if ($result->IsError()) {
		$result->ThrowJSONError();
	} else {
		// If it was self-deletion
		if ($id === $THIS_USER)
			AUTH_EndSession();
		JSON_ReturnData(["success" => $result->GetData()]);
	}
}
?>