summaryrefslogtreecommitdiffstats
path: root/web/html
diff options
context:
space:
mode:
Diffstat (limited to 'web/html')
-rw-r--r--web/html/account.php16
-rw-r--r--web/html/index.php2
2 files changed, 18 insertions, 0 deletions
diff --git a/web/html/account.php b/web/html/account.php
index f212eab..d289950 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -55,6 +55,22 @@ if (isset($_COOKIE["AURSID"])) {
}
}
+ } elseif ($action == "DeleteAccount") {
+ /* Details for account being deleted. */
+ $acctinfo = account_details(in_request('ID'), in_request('U'));
+
+ if (can_edit_account($acctinfo)) {
+ $UID = $acctinfo['ID'];
+ if (in_request('confirm_Delete') && check_token()) {
+ user_delete($UID);
+ header('Location: /');
+ } else {
+ $username = $acctinfo['Username'];
+ include("account_delete.php");
+ }
+ } else {
+ print __("You do not have permission to edit this account.");
+ }
} elseif ($action == "AccountInfo") {
# no editing, just looking up user info
#
diff --git a/web/html/index.php b/web/html/index.php
index 554e86c..e05b555 100644
--- a/web/html/index.php
+++ b/web/html/index.php
@@ -123,6 +123,8 @@ if (!empty($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) {
$_REQUEST['Action'] = "DisplayAccount";
} elseif ($tokens[3] == 'update') {
$_REQUEST['Action'] = "UpdateAccount";
+ } elseif ($tokens[3] == 'delete') {
+ $_REQUEST['Action'] = "DeleteAccount";
} else {
header("HTTP/1.0 404 Not Found");
include "./404.php";