<?php
    $_id = isset($_GET['i']) ? intval($_GET['i']) : 0;
    $_user = isset($_GET['u']) ? trim(strval($_GET['u'])) : '';

    $quilts_permissions = mysqli_query_logged("SELECT * FROM quilts_permissions WHERE user_id = '" . $GLOBALS['auth']['id'] . "' AND quilt_id = " . sq($_id) . " AND permission = 'root'");
    if (!mysqli_num_rows($quilts_permissions))
    {
        header('Location: ./?s=quilts_moderate');
        die;
    }

    $users = mysqli_query_logged("SELECT * FROM members WHERE username = " . sq($_user) . " AND id != '" . $GLOBALS['auth']['id'] . "'");
    if ($users_row = mysqli_fetch_assoc($users))
    {
        mysqli_query_logged("DELETE FROM quilts_permissions WHERE user_id = '" . $users_row['id'] . "' AND quilt_id = " . sq($_id));
    }

    header('Location: ./?s=quilt_edit&i=' . $_id);
    die;
?>