<?php
/**
 *  Copyright (C) 2021, 2024  Double Bastion LLC
 *
 *  This file is part of Roundpin, which is licensed under the
 *  GNU Affero General Public License Version 3.0. The license terms
 *  are detailed in the "LICENSE.txt" file located in the root directory.
 */

session_start();

if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {

 define('ACCESSCONST', TRUE);

 require('db-connect.php');

    $username = $_POST['username'];
    $contactName = $_POST['contact_name'];

    // Get the id of the current user from the 'app_users' table
    $enabled = 1;
    $queryid = $mysqli->prepare("SELECT id, username, enabled FROM app_users WHERE BINARY username = ? AND enabled = ?");
    $queryid->bind_param("si", $username, $enabled);
    $queryid->execute();
    $queryres = $queryid->get_result()->fetch_assoc();
    $userID = $queryres['id'];

    // Remove the contact from the 'contacts' table
    $querycont = $mysqli->prepare("DELETE FROM contacts WHERE user_id = ? AND contact_name = ?");
    $querycont->bind_param("ss", $userID, $contactName);
    $querycont->execute();

    if ($querycont) { $message = 'success'; } else { $message = 'failure'; }

    $delresult = ['removeresult' => $message];
    echo json_encode($delresult);

} else {
     header("Location: ../login.php");
}

?>