48 lines
1.5 KiB
PHP
48 lines
1.5 KiB
PHP
<?php
|
|
include "../utils/security.php";
|
|
secure_session_start();
|
|
header('Content-Type: application/json');
|
|
|
|
require_logged_in();
|
|
|
|
include "../../config/config.php";
|
|
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
|
|
|
|
$user_id = $_SESSION['id'];
|
|
$method = $_SERVER['REQUEST_METHOD'];
|
|
|
|
if ($method === 'GET') {
|
|
$sql = "SELECT id, domain, confirmed_at FROM confirmed_domains WHERE user_id = ? ORDER BY confirmed_at DESC";
|
|
$stmt = mysqli_prepare($conn, $sql);
|
|
mysqli_stmt_bind_param($stmt, 'i', $user_id);
|
|
mysqli_stmt_execute($stmt);
|
|
$result = mysqli_stmt_get_result($stmt);
|
|
$domains = [];
|
|
while ($row = mysqli_fetch_assoc($result)) {
|
|
$domains[] = $row;
|
|
}
|
|
mysqli_stmt_close($stmt);
|
|
echo json_encode(['success' => true, 'domains' => $domains]);
|
|
|
|
} elseif ($method === 'POST') {
|
|
require_csrf_token();
|
|
$input = json_decode(file_get_contents('php://input'), true);
|
|
$domain_id = (int)($input['id'] ?? 0);
|
|
|
|
if ($domain_id <= 0) {
|
|
echo json_encode(['success' => false, 'message' => 'Invalid domain ID.']);
|
|
exit;
|
|
}
|
|
|
|
$sql = "DELETE FROM confirmed_domains WHERE id = ? AND user_id = ?";
|
|
$stmt = mysqli_prepare($conn, $sql);
|
|
mysqli_stmt_bind_param($stmt, 'ii', $domain_id, $user_id);
|
|
mysqli_stmt_execute($stmt);
|
|
mysqli_stmt_close($stmt);
|
|
|
|
echo json_encode(['success' => true, 'message' => 'Domain removed.']);
|
|
|
|
} else {
|
|
echo json_encode(['success' => false, 'message' => 'Invalid request method.'], 405);
|
|
}
|
|
?>
|