<?php
require_once('include/headscript.php');

// Creazione della connessione
$conn = new mysqli($servername, $username, $password, $dbname);

// Verifica della connessione
if ($conn->connect_error) {
    die("Connessione fallita: " . $conn->connect_error);
}

if (isset($_GET['id'])) {
    $id = intval($_GET['id']); // Sanitize input
    // Optional: Verify user ownership for security (uncomment if needed)
    /*
    $iduserlogin = $_SESSION['iduserlogin']; // Assumes user ID is stored in session
    $deleteQuery = "DELETE FROM certificateuserprofile WHERE idcertificateuserprofile = ? AND iduser = ?";
    $stmt = $conn->prepare($deleteQuery);
    $stmt->bind_param("ii", $id, $iduserlogin);
    */
    $deleteQuery = "DELETE FROM certificateuserprofile WHERE idcertificateuserprofile = ?";
    $stmt = $conn->prepare($deleteQuery);
    $stmt->bind_param("i", $id);

    if ($stmt->execute()) {
        // Determine redirect based on source
        $source = isset($_GET['source']) ? $_GET['source'] : 'user';
        if ($source === 'admin') {
            header("Location: certificati.php?message=success");
        } else {
            header("Location: userprofiledoc.php?message=success");
        }
    } else {
        echo "Errore nella cancellazione: " . $conn->error;
    }
    $stmt->close();
} else {
    echo "ID non fornito.";
}

$conn->close();