FSST/Geizkragen
FSST/Geizkragen
2
0
Fork 0
Code Issues Projects 1 Releases 1 Wiki Activity

Add admin review deletion functionality in productpage.php

Browse Source
This commit is contained in:
Fabian Schieder 2026-03-30 20:24:59 +02:00
parent 391f0a9853
commit 52956bca90
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
productpage.php
View File

@ -21,6 +21,18 @@ if ($checkResult->num_rows === 0) {
include __DIR__ . '/404.php'; include __DIR__ . '/404.php';
exit; exit;
} }
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_review']) && isset($_POST['delete_review_id'])) {
if (!empty($_SESSION['user_roles']) && in_array('ADMIN', $_SESSION['user_roles'], true)) {
$deleteId = (int)$_POST['delete_review_id'];
$delStmt = $conn->prepare("DELETE FROM reviews WHERE reviewID = ?");
$delStmt->bind_param("i", $deleteId);
$delStmt->execute();
$delStmt->close();
echo "<script>window.location.href = 'productpage.php?id=" . $productId . "';</script>";
exit;
}
}
?> ?>
@ -330,7 +342,7 @@ if ($checkResult->num_rows === 0) {
<?php <?php
// HIER ANGEPASST: profilePicture und createdAt zum SELECT hinzugefügt // HIER ANGEPASST: profilePicture und createdAt zum SELECT hinzugefügt
$stmt = mysqli_prepare($conn, $stmt = mysqli_prepare($conn,
" SELECT rating, comment, users.displayname, users.profilePicture, reviews.createdAt " SELECT reviews.reviewID, rating, comment, users.displayname, users.profilePicture, reviews.createdAt
FROM reviews FROM reviews
INNER JOIN users ON reviews.userID = users.userID INNER JOIN users ON reviews.userID = users.userID
WHERE productID = ? ORDER BY rating DESC"); WHERE productID = ? ORDER BY rating DESC");
@ -386,6 +398,14 @@ if ($checkResult->num_rows === 0) {
<div class="review-comment"> <div class="review-comment">
<?= nl2br(htmlspecialchars($review['comment'])) ?> <?= nl2br(htmlspecialchars($review['comment'])) ?>
</div> </div>
<?php if (!empty($_SESSION['user_roles']) && in_array('ADMIN', $_SESSION['user_roles'], true)): ?>
<div class="review-admin-actions" style="margin-top: 10px; text-align: right;">
<form method="post" action="productpage.php?id=<?= $productId ?>" onsubmit="return confirm('Bewertung wirklich löschen?');">
<input type="hidden" name="delete_review_id" value="<?= $review['reviewID'] ?>">
<button type="submit" name="delete_review" style="background-color: #ef4444; color: white; border: none; padding: 5px 10px; border-radius: 4px; cursor: pointer; font-size: 0.8rem;">Löschen</button>
</form>
</div>
<?php endif; ?>
</div> </div>