<?php
session_start();
include "../../bossflex/Helpers/Reject.php";
Reject::permission($_SESSION['admin']);
if (!isset($_GET['Email']) || !isset($_GET['Flag'])) {
header('Location:https://' . $_SESSION['redir'] . "?result=A server error occurred. Please try again.");
}
include "../../bossflex/DB/Models/User.php";
/** @var User $User */
$User = User::getUserByEmail($_GET['Email']);
if ($User->getCID() != $_SESSION['admin']['CID'] && $_SESSION['admin']['CID'] != 1 || !$User) {
header('Location:https://' . $_SESSION['redir'] . "?result=Error: Incorrect data received");
}
if ($_GET['Flag'] == 1) {
User::flagUser($User->getUID());
header('Location:https://' . $_SESSION['redir'] . "?result=" . $User->getEmail() . " scheduled for removal");
} else {
User::unFlagUser($User->getUID());
header('Location:https://' . $_SESSION['redir'] . "?result=" . $User->getEmail() . " no longer scheduled for removal");
}