prepare("SELECT household_id FROM users WHERE id = ?");
$stmt_household->bind_param("i", $current_user_id);
$stmt_household->execute();
$current_user_household_id = $stmt_household->get_result()->fetch_assoc()['household_id'];
$stmt_household->close();
$household_member_ids = [$current_user_id];
if ($current_user_household_id) {
$stmt_members = $conn->prepare("SELECT id FROM users WHERE household_id = ?");
$stmt_members->bind_param("i", $current_user_household_id);
$stmt_members->execute();
$result_members = $stmt_members->get_result();
while ($row = $result_members->fetch_assoc()) {
if (!in_array($row['id'], $household_member_ids)) {
$household_member_ids[] = $row['id'];
}
}
$stmt_members->close();
}
// Löschlogik
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['delete_article_id'])) {
$article_to_delete_id = intval($_POST['delete_article_id']);
$stmt_get_article = $conn->prepare("SELECT name, user_id, household_id FROM articles WHERE id = ?");
$stmt_get_article->bind_param("i", $article_to_delete_id);
$stmt_get_article->execute();
$article_to_delete = $stmt_get_article->get_result()->fetch_assoc();
$stmt_get_article->close();
$can_delete = false;
if ($article_to_delete) {
$is_owner = ($article_to_delete['user_id'] == $current_user_id);
$is_household_article = !empty($article_to_delete['household_id']) && $article_to_delete['household_id'] == $current_user_household_id;
if ($is_owner || $is_household_article) {
$can_delete = true;
}
}
if ($can_delete) {
$stmt_delete = $conn->prepare("DELETE FROM articles WHERE id = ?");
$stmt_delete->bind_param("i", $article_to_delete_id);
if ($stmt_delete->execute()) {
if ($current_user_household_id) {
$log_message = htmlspecialchars($_SESSION['username']) . " hat den Artikel '" . htmlspecialchars($article_to_delete['name']) . "' gelöscht.";
log_household_action($conn, $current_user_household_id, $current_user_id, $log_message);
}
$message = '
Artikel erfolgreich gelöscht.
';
} else {
$message = '
Fehler beim Löschen des Artikels: ' . $stmt_delete->error . '
';
}
$stmt_delete->close();
} else {
$message = '
Sie sind nicht berechtigt, diesen Artikel zu löschen.
';
}
}
$articles = [];
$placeholders = implode(',', array_fill(0, count($household_member_ids), '?'));
$types = str_repeat('i', count($household_member_ids));
$sql = "SELECT
a.id, a.name, a.weight_grams, a.quantity_owned, a.product_url, a.consumable, a.image_url, a.user_id, a.parent_article_id,
u.username as creator_name, a.household_id, a.product_designation,
c.id AS category_id, c.name AS category_name,
m.id AS manufacturer_id, m.name AS manufacturer_name,
l2.name AS location_level2_name, l1.name AS location_level1_name
FROM articles a
JOIN users u ON a.user_id = u.id
LEFT JOIN categories c ON a.category_id = c.id
LEFT JOIN manufacturers m ON a.manufacturer_id = m.id
LEFT JOIN storage_locations l2 ON a.storage_location_id = l2.id
LEFT JOIN storage_locations l1 ON l2.parent_id = l1.id
WHERE a.user_id IN ($placeholders) OR a.household_id = ?
ORDER BY c.name ASC, a.name ASC"; // Pre-sort by category helps, but JS does the grouping
$stmt = $conn->prepare($sql);
if ($stmt === false) {
$message .= '