<?php
require_once("../_auth.php");
require_once("../_utils.php");
require_once("./index.php");

function User_Delete($id){
  global $db;
  $s = $db->prepare("delete from users where id = $id");
  $s->bind_param("s",$id);
  return $s->execute() !== false;
}

if (ThisFileIsRequested(__FILE__)) {
	require_once("../_json.php");
	
if (isset($_REQUEST["id"])) {
		if (!ctype_digit($_REQUEST["id"]))
			ReturnJSONError($Err_RDP_InvalidID, "id must be numeric");
     if(!User_HasRole("admin")){
	    ReturnJSONError($Err_DP_NotEnoughRole,"You need to be admin to delete other accounts");
	  }
		$UserID = intval($_REQUEST["id"]);
	} else {
		if ($LOGGED_IN)
			$UserID = $_SESSION["userid"];
		else
			ReturnJSONError($Err_RDP_InvalidID, "id must be specified or valid session must be provided");
	}
	  $result = User_Delete($UserID);
	  session_unset();
	  session_destroy();
    ReturnJSONData(["success" => $result]);
	}
?>