<?php
session_start();
if (!isset($_SESSION['name'])) {
    http_response_code(401);
    echo json_encode(['message' => 'Unauthorized']);
    die;
}

require_once 'config/db.php';

$id = isset($_GET['id']) ? $_GET['id'] : die('Item ID not provided');

$query = "DELETE FROM items WHERE id = :id";
$stmt = $pdo->prepare($query);
$stmt->bindParam(':id', $id);

if ($stmt->execute()) {
    echo json_encode(['message' => 'Item deleted successfully']);
} else {
    http_response_code(400);
    echo json_encode(['message' => 'Failed to delete item']);
}