diff options
Diffstat (limited to 'backend/forget.php')
| -rw-r--r-- | backend/forget.php | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/backend/forget.php b/backend/forget.php new file mode 100644 index 0000000..9f6f543 --- /dev/null +++ b/backend/forget.php @@ -0,0 +1,71 @@ +<?php +/* hitler-clicker + * api for account deletion + * © 2025 hitler.rip <git@hitler.rip> + * licensed under AGPLv3-or-later; see LICENSE.md for more information + */ + +header('Content-Type: application/json; charset=UTF-8'); + +try { + $pdo = new PDO("mysql:host=127.0.0.1;dbname=hitlerclicker", "root", "aA1234Aa"); +} catch(PDOException $e) { + die('{ "status": "database offline" }'); +}; + +$wrkarr = []; +$ifarr = [ "name", "password" ]; +$postjson = json_decode(file_get_contents('php://input'), true); +foreach ($ifarr as $i): + if (isset($postjson[$i])): + $newarr = [ + "$i" => "$postjson[$i]", + ]; + $wrkarr = array_merge($wrkarr, $newarr); + endif; +endforeach; + +if (!isset($wrkarr["name"]) || trim($wrkarr["name"]) == ""): + die('{ "status": "login (name) was not provided.\ncould not attempt to forget." }'); +elseif (!isset($wrkarr["password"]) || trim($wrkarr["password"]) == ""): + die('{ "status": "password was not provided.\ncould not attempt to forget." }'); +else: + + $query = $pdo->prepare("SELECT name, password, team, clicks FROM users WHERE name LIKE ?"); + $query -> execute([$wrkarr["name"]]); + $found = $query->fetch(PDO::FETCH_ASSOC); + if ($found): + + if (!password_verify($wrkarr["password"], $found["password"])): + die('{ "status": "wrong password." }'); + else: + + $forgottenclicks = $found["clicks"]; + + $query = $pdo->prepare("SELECT team, clicks, fromanon FROM stats WHERE team LIKE ?"); + $query -> execute([$found["team"]]); + $found = $query->fetch(PDO::FETCH_ASSOC); + + $oldanonclicks = $found["fromanon"]; + $newanonclicks = $oldanonclicks + $forgottenclicks; + + $query = $pdo->prepare("UPDATE stats SET fromanon = :fromanon WHERE stats.team = :team"); + $query -> execute([ + "fromanon" => "$newanonclicks", + "team" => "$found[team]" + ]); + + $query = $pdo->prepare("DELETE FROM users WHERE name LIKE ?"); + $query -> execute([$wrkarr["name"]]); + + die("{ \"status\": \"success\", \"fc\": \"$forgottenclicks\", \"nac\": \"$newanonclicks\" }"); + + endif; + + else: + die('{ "status": "name does not exist in the database." }'); + endif; + +endif; + +?> |