Sindbad~EG File Manager
<?php
require_once '../../config/config.php';
checkLogin();
checkAccess('assembly');
$db = Database::getInstance()->getConnection();
// Debug: Log POST data
error_log('Delete duplicates POST data: ' . print_r($_POST, true));
// Check if member IDs are provided
if (!isset($_POST['member_ids']) || !is_array($_POST['member_ids']) || empty($_POST['member_ids'])) {
$_SESSION['error'] = 'No members selected for deletion.';
error_log('No member_ids in POST data');
header('Location: duplicate-entries.php');
exit;
}
$memberIds = array_map('intval', $_POST['member_ids']);
$deletedCount = 0;
$failedCount = 0;
$errors = [];
// Get user access parameters for verification
$accessLevel = $_SESSION['access_level'] ?? 'assembly';
$areaId = $_SESSION['area_id'] ?? null;
$districtId = $_SESSION['district_id'] ?? null;
$assemblyId = $_SESSION['assembly_id'] ?? null;
try {
$db->beginTransaction();
foreach ($memberIds as $memberId) {
try {
// Verify user has access to this member based on their access level
$accessWhere = '';
$accessParams = ['member_id' => $memberId];
if ($accessLevel === 'assembly') {
$accessWhere = ' AND assembly_id = :assembly_id';
$accessParams['assembly_id'] = $assemblyId;
} elseif ($accessLevel === 'district') {
$accessWhere = ' AND district_id = :district_id';
$accessParams['district_id'] = $districtId;
} elseif ($accessLevel === 'area') {
$accessWhere = ' AND area_id = :area_id';
$accessParams['area_id'] = $areaId;
}
// Check if member exists and user has access
$checkStmt = $db->prepare("SELECT id, first_name, last_name FROM members WHERE id = :member_id {$accessWhere}");
$checkStmt->execute($accessParams);
$member = $checkStmt->fetch();
if (!$member) {
$errors[] = "Member ID {$memberId}: Access denied or member not found";
$failedCount++;
continue;
}
// Delete associated records in proper order to avoid foreign key constraints
// Delete from membership_issues if exists
try {
$deleteIssuesStmt = $db->prepare("DELETE FROM membership_issues WHERE member_id = ?");
$deleteIssuesStmt->execute([$memberId]);
} catch (PDOException $e) {
// Table might not exist, continue
}
// Delete from member_accounts
try {
$deleteAccountStmt = $db->prepare("DELETE FROM member_accounts WHERE member_id = ?");
$deleteAccountStmt->execute([$memberId]);
} catch (PDOException $e) {
// Continue even if this fails
}
// Delete from membership_cards
try {
$deleteCardStmt = $db->prepare("DELETE FROM membership_cards WHERE member_id = ?");
$deleteCardStmt->execute([$memberId]);
} catch (PDOException $e) {
// Continue even if this fails
}
// Delete the member record
$deleteMemberStmt = $db->prepare("DELETE FROM members WHERE id = ?");
if (!$deleteMemberStmt->execute([$memberId])) {
throw new Exception("Failed to delete member record");
}
$deletedCount++;
// Log the deletion
if (class_exists('AuditLog')) {
try {
$auditLog = new AuditLog();
$auditLog->log(
$_SESSION['user_id'] ?? null,
'delete',
'members',
$memberId,
['name' => "{$member['first_name']} {$member['last_name']}"],
null
);
} catch (Exception $e) {
// Fail silently
error_log("Audit log error: " . $e->getMessage());
}
}
} catch (PDOException $e) {
$errors[] = "Member ID {$memberId}: " . $e->getMessage();
$failedCount++;
}
}
$db->commit();
// Set success/error messages
if ($deletedCount > 0) {
$_SESSION['success'] = "Successfully deleted {$deletedCount} member(s).";
}
if ($failedCount > 0) {
$_SESSION['error'] = "Failed to delete {$failedCount} member(s).";
if (!empty($errors)) {
$_SESSION['error'] .= " Details: " . implode('; ', array_slice($errors, 0, 5));
}
}
} catch (Exception $e) {
$db->rollBack();
$_SESSION['error'] = 'An error occurred while deleting members: ' . $e->getMessage();
}
// Redirect back to duplicate entries page
header('Location: duplicate-entries.php' . (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], '?') !== false ? '?' . parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY) : ''));
exit;
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists