diff options
| author | Malf Furious <m@lfurio.us> | 2016-05-22 03:02:33 -0400 |
|---|---|---|
| committer | Malf Furious <m@lfurio.us> | 2016-05-22 03:02:33 -0400 |
| commit | c2137095e8b176affa3e97af579a70d394eeb7c1 (patch) | |
| tree | 3028ab1e19adc1bd652445c79e1b45d0ab190683 | |
| parent | 5f99922eb6fbda82da55ccf728eda6add48cb4f1 (diff) | |
| download | scrott-c2137095e8b176affa3e97af579a70d394eeb7c1.tar.gz scrott-c2137095e8b176affa3e97af579a70d394eeb7c1.zip | |
Add action 'delete' to Deleteacct MVC
This action will validate the user's password, and make sure you're not
removing the last admin, then proceed to delete the current user's
account from the database and log them out, for good.
| -rw-r--r-- | app/controller/deleteacct.control.php | 18 | ||||
| -rw-r--r-- | app/model/deleteacct.mod.php | 34 |
2 files changed, 51 insertions, 1 deletions
diff --git a/app/controller/deleteacct.control.php b/app/controller/deleteacct.control.php index 176b7bf..bd81ec7 100644 --- a/app/controller/deleteacct.control.php +++ b/app/controller/deleteacct.control.php @@ -15,7 +15,17 @@ class Deleteacct extends Controller function handle($argv) { $mod = new DeleteacctModel(); - $this->action_default($mod); + + switch ($_REQUEST['input']['action']) + { + case "delete": + $this->action_delete($mod); + break; + + default: + $this->action_default($mod); + break; + } } function action_default($mod) @@ -23,6 +33,12 @@ class Deleteacct extends Controller $mod->deflt(); include "view/deleteacct/default.view.php"; } + + function action_delete($mod) + { + $mod->del($_REQUEST['input']); + $this->action_default($mod); + } } ?> diff --git a/app/model/deleteacct.mod.php b/app/model/deleteacct.mod.php index ca01a0d..89aca14 100644 --- a/app/model/deleteacct.mod.php +++ b/app/model/deleteacct.mod.php @@ -1,6 +1,8 @@ <?php require_once "model/common.mod.php"; +require_once "class/form.class.php"; +require_once "class/user.class.php"; class DeleteacctModel extends CommonModel { @@ -10,6 +12,38 @@ class DeleteacctModel extends CommonModel function deflt() { } + + /* + * Delete current user's account + */ + function del($input) + { + $form = new Form(); + $form->field_text("password", null, false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user->validatePassword($form->password)) + { + $this->logError("Account not deleted - Password was incorrect"); + return; + } + + if ($user->admin && $user->getNumAdmins() == 1) + { + $this->logError("Account not deleted - Cannot remove the last admin account"); + return; + } + + $user->delObj(); + $this->redirectTo($this->ar() . "/"); + } } ?> |