Path : /var/www/html/smart_kpp2_bk17 มีค 69/modules/idocument/
File Upload :
Current File : /var/www/html/smart_kpp2_bk17 มีค 69/modules/idocument/delete_file.php

<?php
session_start();
defined('_VALID_') or die('Direct Access is not allowed.');

header('Content-Type: application/json');

//$connect = mysqli_connect('localhost', 'root', 'of@8266', 'smartarea') or die(json_encode(['success' => false, 'message' => 'Database connection failed']));
//mysqli_set_charset($connect, 'utf8');

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    echo json_encode(['success' => false, 'message' => 'Invalid request method']);
    exit;
}

$file_id = (int)($_POST['file_id'] ?? 0);
$doc_type = mysqli_real_escape_string($connect, $_POST['doc_type'] ?? '');
$document_id = (int)($_POST['document_id'] ?? 0);

if (!$file_id || !in_array($doc_type, ['ref', 'attach', 'sent']) || !$document_id) {
    echo json_encode(['success' => false, 'message' => 'Invalid parameters']);
    exit;
}

// Verify document ownership and file
$sql = "SELECT file_name FROM idocument_files WHERE id = $file_id AND document_id = $document_id AND docType = '$doc_type'";
$result = mysqli_query($connect, $sql);
if (!$result || mysqli_num_rows($result) == 0) {
    echo json_encode(['success' => false, 'message' => 'File not found']);
    exit;
}

$row = mysqli_fetch_assoc($result);
$file_name = $row['file_name'];
$file_path = './Uploads/Files/' . $file_name;

if (file_exists($file_path)) {
    if (!unlink($file_path)) {
        echo json_encode(['success' => false, 'message' => 'Failed to delete file from server']);
        exit;
    }
}

$sql = "DELETE FROM idocument_files WHERE id = $file_id";
if (mysqli_query($connect, $sql)) {
    echo json_encode(['success' => true, 'message' => 'File deleted successfully']);
} else {
    echo json_encode(['success' => false, 'message' => 'Failed to delete file from database']);
}

mysqli_close($connect);
?>