| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- <?php
- declare(strict_types=1);
- use App\App\Bootstrap;
- use App\Admin\Auth;
- use App\Security\Csrf;
- use App\Storage\FileSystem;
- use App\Storage\JsonStore;
- require dirname(__DIR__) . '/src/autoload.php';
- Bootstrap::init();
- $auth = new Auth();
- $auth->requireLogin();
- if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
- http_response_code(405);
- echo 'Method not allowed';
- exit;
- }
- if (!Csrf::validate((string) ($_POST['csrf'] ?? ''))) {
- http_response_code(419);
- echo 'Ungültiges CSRF-Token.';
- exit;
- }
- $id = trim((string) ($_POST['id'] ?? ''));
- if ($id === '') {
- http_response_code(422);
- echo 'Ungültige ID.';
- exit;
- }
- $store = new JsonStore();
- $submission = $store->getSubmissionByKey($id);
- if ($submission === null) {
- http_response_code(404);
- echo 'Antrag nicht gefunden.';
- exit;
- }
- $store->deleteSubmissionByKey($id);
- $app = Bootstrap::config('app');
- $uploadDir = rtrim((string) $app['storage']['uploads'], '/') . '/' . (string) ($submission['application_key'] ?? '');
- FileSystem::removeTree($uploadDir);
- header('Location: ' . Bootstrap::url('admin/index.php'));
- exit;
|
