<?php /** * Copyright (C) 2021 Double Bastion LLC * * This file is part of Roundpin, which is licensed under the * GNU Affero General Public License Version 3.0. The license terms * are detailed in the "LICENSE.txt" file located in the root directory. */ session_start(); if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) { define('ACCESSCONST', TRUE); require('db-connect.php'); $username = $_POST['username']; $extenForExternal = $_POST['exten_for_external']; // Get the id of the superadmin for which we want to remove the extension for external access $selectid = $mysqli->query("SELECT id, userrole, username, enabled FROM app_users WHERE userrole = 'superadmin' AND BINARY username = '$username' AND enabled = 1"); $queryres = $selectid->fetch_array(); $userID = $queryres[0]; // Remove the row corresponding to the specified superadmin and extension from the 'external_users' table $removequery = $mysqli->prepare("DELETE FROM external_users WHERE userid=? AND exten_for_external=?"); $removequery->bind_param("is", $userID, $extenForExternal); if ($removequery->execute()) { $messagetosend = 'success'; } else { $messagetosend = 'failure'; } $removequery->close(); // Remove the password file for the extension whose data has been removed from the 'external_users' table if (file_exists("restr/".$username."/externalext/".$extenForExternal)) { $removefile = exec("rm restr/".$username."/externalext/".$extenForExternal); } $response = array('result' => $messagetosend); echo json_encode($response); } else { header("Location: roundpin-login.php"); } ?>