$user = $business->view_user($info['id']); $username = $user['loginId']; $usertype = $business->get_user_type($username); if ($usertype == 'admin' or $usertype == 'company') { // WARNING companies can delete other companies offers } else { echo '<script>console.log("not authorized");</script>'; header('Location: ./../states/root.login/login.php'); exit; } } else { echo '<script>console.log("wrong token");</script>'; header('Location: ./../states/root.login/login.php'); exit; } } else { echo '<script>console.log("no token found");</script>'; header('Location: ./../states/root.login/login.php'); exit; } if (isset($_GET['id'])) { echo $_GET['id']; $business->delete_offer($_GET['id']); } if ($usertype == 'admin') { header('Location: ./../states/root.admin.companies.update/update.php?id=' . $_GET['idCompany']); exit; } elseif ($usertype == 'company') { header('Location: ./../states/root.company/company.php'); exit; }