File size: 1.04Kb
<?php
session_start();
require '../db.php';
header('Content-Type: application/json');
if (!isset($_SESSION['user_id'])) {
echo json_encode(['status' => 'error', 'message' => 'Unauthorized']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['message_id'])) {
$msgId = $_POST['message_id'];
$userId = $_SESSION['user_id'];
try {
// Разрешить удаление только собственных сообщений
$stmt = $pdo->prepare("UPDATE messages SET is_deleted = 1 WHERE id = ? AND user_id = ?");
$stmt->execute([$msgId, $userId]);
if ($stmt->rowCount() > 0) {
echo json_encode(['status' => 'success']);
} else {
echo json_encode(['status' => 'error', 'message' => 'Message not found or not yours']);
}
} catch (PDOException $e) {
echo json_encode(['status' => 'error', 'message' => $e->getMessage()]);
}
} else {
echo json_encode(['status' => 'error', 'message' => 'Invalid request']);
}