diff --git a/api/delete_attachment.php b/api/delete_attachment.php
index 2921ce0..5ce1f3d 100644
--- a/api/delete_attachment.php
+++ b/api/delete_attachment.php
@@ -5,11 +5,19 @@
  * Handles deletion of ticket attachments
  */
 
-// Apply rate limiting
+// Capture errors for debugging
+ini_set('display_errors', 0);
+error_reporting(E_ALL);
+
+// Apply rate limiting (also starts session)
 require_once dirname(__DIR__) . '/middleware/RateLimitMiddleware.php';
 RateLimitMiddleware::apply('api');
 
-session_start();
+// Ensure session is started
+if (session_status() === PHP_SESSION_NONE) {
+    session_start();
+}
+
 require_once dirname(__DIR__) . '/config/config.php';
 require_once dirname(__DIR__) . '/helpers/ResponseHelper.php';
 require_once dirname(__DIR__) . '/models/AttachmentModel.php';
@@ -37,8 +45,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
 // Verify CSRF token
 $csrfToken = $input['csrf_token'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? '';
 if (!CsrfMiddleware::validateToken($csrfToken)) {
-    $auditLog = new AuditLogModel();
-    $auditLog->logCsrfFailure($_SESSION['user']['user_id'] ?? null, 'delete_attachment');
     ResponseHelper::forbidden('Invalid CSRF token');
 }
 
@@ -81,19 +87,27 @@ try {
     }
 
     // Log the deletion
-    $auditLog = new AuditLogModel();
-    $auditLog->log(
-        $_SESSION['user']['user_id'],
-        'attachment_delete',
-        'ticket_attachments',
-        $attachmentId,
-        json_encode([
-            'ticket_id' => $attachment['ticket_id'],
-            'filename' => $attachment['original_filename'],
-            'size' => $attachment['file_size']
-        ]),
-        null
+    $conn = new mysqli(
+        $GLOBALS['config']['DB_HOST'],
+        $GLOBALS['config']['DB_USER'],
+        $GLOBALS['config']['DB_PASS'],
+        $GLOBALS['config']['DB_NAME']
     );
+    if (!$conn->connect_error) {
+        $auditLog = new AuditLogModel($conn);
+        $auditLog->log(
+            $_SESSION['user']['user_id'],
+            'attachment_delete',
+            'ticket_attachments',
+            (string)$attachmentId,
+            [
+                'ticket_id' => $attachment['ticket_id'],
+                'filename' => $attachment['original_filename'],
+                'size' => $attachment['file_size']
+            ]
+        );
+        $conn->close();
+    }
 
     ResponseHelper::success([], 'Attachment deleted successfully');