deleteaccount: Implement form handler

1 files changed, 47 insertions, 0 deletions

diff --git a/app/model/deleteaccount.php b/app/model/deleteaccount.php
new file mode 100644
index 0000000..8153f0f
--- /dev/null
+++ b/app/model/deleteaccount.php
@@ -0,0 +1,47 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/user.class.php";
+
+/*
+ * Action: deleteaccount - Remove one's own user account
+ */
+if (isAction("deleteaccount"))
+{
+    $form = new form();
+    $form->text("passwd", false);
+
+    if (!$form->populate(input()))
+        return;
+
+    $user = user::getCurrent();
+
+    if (!$user->validatePasswd($form->passwd))
+    {
+        logError(WARNING, "Account not deleted, password was incorrect");
+        return;
+    }
+
+    if ($user->admin == 1 && count(user::getAllAdmin_ordByUname()) == 1)
+    {
+        logError(ERROR, "Account not deleted, can not remove the last administrator");
+        return;
+    }
+
+    $user->delObj();
+    location("/");
+}
+
+?>