Added: Delete vehicle

2025-01-26 23:01:35 +01:00
parent 2201430f59
commit a5f99788fc
5 changed files with 68 additions and 5 deletions
--- a/app/controllers/VehicleController.php
+++ b/app/controllers/VehicleController.php
@ -56,7 +56,23 @@ class VehicleController extends Controller {
    }

    public function delete() {
-        // TODO: Delete vehicle (to be implemented later)
+        if(!$_SERVER['REQUEST_METHOD'] === 'POST') {
+            echo "Wrong method";
+            return;
+        }
+
+        // TODO: Validate the request
+        $vehicle_id = $_POST['vehicle_id'];
+
+        $vehicle = new Vehicle();
+        $result = $vehicle->delete($vehicle_id, $_SESSION['user']['id']);
+
+        if($result != true) {
+            echo "Something went wrong";
+            return;
+        }
+
+        $this->view('vehicles/index', ['title' => 'Vehicles', 'vehicles' => $vehicles]);
    }

    public function api_get() {
--- a/app/models/Vehicle.php
+++ b/app/models/Vehicle.php
@ -60,4 +60,28 @@ class Vehicle {

        return $result->fetch_assoc();
    }
+
+    public function delete($vehicle_id, $user_id) {
+        try {
+            $stmt = $this->db->prepare("SELECT id FROM vehicles WHERE id = ? AND user_id = ?");
+            $stmt->bind_param("ii", $vehicle_id, $user_id);
+            $stmt->execute();
+            $result = $stmt->get_result();
+
+            if ($result->num_rows === 0) {
+                return "Error: Unauthorized action or vehicle not found.";
+            }
+
+            $stmt = $this->db->prepare("DELETE FROM vehicles WHERE id = ?");
+            $stmt->bind_param("i", $vehicle_id);
+
+            if ($stmt->execute()) {
+                return true;
+            } else {
+                return "Error: " . $stmt->error;
+            }
+        } catch (mysqli_sql_exception $e) {
+            return $e->getMessage();
+        }
+    }
 }
--- a/app/views/vehicles/index.php
+++ b/app/views/vehicles/index.php
@ -14,8 +14,10 @@
                <p><?= htmlspecialchars($vehicle['fuel_type']) ?></p>
                <p><?= htmlspecialchars($vehicle['note'] ?? "") ?></p>
                <div class="actions">
-                    <a href="/vehicles/edit?id=<?= $vehicle['id'] ?>">Edit</a>
-                    <a href="/vehicles/delete?id=<?= $vehicle['id'] ?>" onclick="return confirm('Are you sure you want to delete this habit?')">Delete</a>
+                <form method="POST" action="/vehicles/delete">
+                    <input type="number" name="vehicle_id" value="<?= $vehicle['id'] ?>" style="display: none">
+                    <input type="submit" value="Delete vehicle" class="btn-danger">
+                </form>
                </div>
            </div>
        <?php endforeach; ?>