summaryrefslogtreecommitdiffstats
path: root/web/html
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2014-07-25 11:04:19 +0200
committerLukas Fleischer <archlinux@cryptocrack.de>2014-07-25 11:30:33 +0200
commit7df8dc8bcb0989a8543d699a7c667809170a69b3 (patch)
tree3ded7b5d19c0ebea74c943ce8e3bced195f072fb /web/html
parentf4ee1278e5509c531675828dc8fce78ae1a608b9 (diff)
downloadaurweb-7df8dc8bcb0989a8543d699a7c667809170a69b3.tar.xz
Add support for deleting user accounts
Users can now delete their own accounts by clicking a link in the account edit form and confirming the deletion on a follow-up page. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/html')
-rw-r--r--web/html/account.php16
-rw-r--r--web/html/index.php2
2 files changed, 18 insertions, 0 deletions
diff --git a/web/html/account.php b/web/html/account.php
index f212eab..d289950 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -55,6 +55,22 @@ if (isset($_COOKIE["AURSID"])) {
}
}
+ } elseif ($action == "DeleteAccount") {
+ /* Details for account being deleted. */
+ $acctinfo = account_details(in_request('ID'), in_request('U'));
+
+ if (can_edit_account($acctinfo)) {
+ $UID = $acctinfo['ID'];
+ if (in_request('confirm_Delete') && check_token()) {
+ user_delete($UID);
+ header('Location: /');
+ } else {
+ $username = $acctinfo['Username'];
+ include("account_delete.php");
+ }
+ } else {
+ print __("You do not have permission to edit this account.");
+ }
} elseif ($action == "AccountInfo") {
# no editing, just looking up user info
#
diff --git a/web/html/index.php b/web/html/index.php
index 554e86c..e05b555 100644
--- a/web/html/index.php
+++ b/web/html/index.php
@@ -123,6 +123,8 @@ if (!empty($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) {
$_REQUEST['Action'] = "DisplayAccount";
} elseif ($tokens[3] == 'update') {
$_REQUEST['Action'] = "UpdateAccount";
+ } elseif ($tokens[3] == 'delete') {
+ $_REQUEST['Action'] = "DeleteAccount";
} else {
header("HTTP/1.0 404 Not Found");
include "./404.php";