First version, for githup; UNSTABLE, DO NOT USE!

www/intern/scripts/trainer/ajax-remove_basket_item.php

@@ -0,0 +1,47 @@
+<?php
+header('Content-Type: application/json');
+
+if (session_status() !== PHP_SESSION_ACTIVE) session_start();
+
+if ( empty($_SESSION['access_granted_trainer']) || $_SESSION['access_granted_trainer'] !== true || empty($_SESSION['passcodetrainer_id']) || intval($_SESSION['passcodetrainer_id']) < 1 ) {
+    http_response_code(403);
+    exit;
+}
+
+
+if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
+
+$type = 'tr';
+
+$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
+
+if ($data['success'] === false){
+	echo json_encode(['success' => false, 'message' => $data['message']]);
+    exit; 
+}
+
+require $baseDir . '/../scripts/db/db-tables.php';
+
+// --- Get input ---
+$id  = isset($_POST['id']) ? intval($_POST['id']) : 0;
+$userId = intval($_SESSION['passcodetrainer_id']);
+
+// --- Validate inputs ---
+if ($id < 1) {
+    http_response_code(422);
+    exit;
+}
+
+// --- Check for existing open order ---
+$sql = "DELETE FROM $tableBasketItems WHERE user_id = ? AND item_id = ?";
+$stmt = $mysqli->prepare($sql);
+$stmt->bind_param("ii", $userId, $id);
+
+if (!$stmt->execute()) {
+    http_response_code(500);
+    exit;
+}
+
+http_response_code(200);
+exit;
+?>