OwlCyberSecurity - MANAGER

Edit File: delete_user.php

<?php
// delete_user.php

// Ensure session_start() is NOT called here.
// // session_start(); // Keep this commented out or remove.

require_once 'includes/auth_validate.php';
require_once './config/config.php';

$del_id = filter_input(INPUT_POST, 'del_id', FILTER_VALIDATE_INT); // Ensure it's an integer
$db = getDbInstance();

// Only super admin is allowed to delete users
if ($_SESSION['admin_type'] !== 'super')
{
    $_SESSION['failure'] = "Permission Denied: You do not have permission to delete users.";
    // FIX: Redirect to admin_users page via content.php
    header('location: content.php?page=admin_users');
    exit();
}

// Delete a user using user_id
if ($del_id && $_SERVER['REQUEST_METHOD'] == 'POST') {

$db->where('id', $del_id);
    $stat = $db->delete('admin_accounts');
    if ($stat) {
        $_SESSION['info'] = "User deleted successfully!";
    } else {
        $_SESSION['failure'] = "Failed to delete user: " . $db->getLastError();
    }
} else {
    $_SESSION['failure'] = "Invalid request for user deletion.";
}

// FIX: Redirect to admin_users page via content.php (always redirect after POST)
header('location: content.php?page=admin_users');
exit;