diff options
Diffstat (limited to 'app/model')
-rw-r--r-- | app/model/common.mod.php | 56 | ||||
-rw-r--r-- | app/model/deleteacct.mod.php | 49 |
2 files changed, 105 insertions, 0 deletions
diff --git a/app/model/common.mod.php b/app/model/common.mod.php index 7630dfa..5e6373c 100644 --- a/app/model/common.mod.php +++ b/app/model/common.mod.php @@ -14,6 +14,16 @@ class CommonModel extends MasterModel ); /* + * Constructor + */ + function __construct() + { + parent::__construct(); + $this->common_handleFormSubmissions($_REQUEST['input'], $_FILES['attachment']); + $this->common_deflt(); + } + + /* * Default action */ function common_deflt() @@ -48,6 +58,7 @@ class CommonModel extends MasterModel case "common-setting-admin": $this->saveSettingAdmin($input); break; case "common-setting-allusers-adduser": $this->saveSettingAllusersAdduser($input); break; case "common-setting-allusers-edituser": $this->saveSettingAllusersEdituser($input, $attachment); break; + case "common-setting-allusers-deluser": $this->saveSettingAllusersDeluser($input); break; } } @@ -273,6 +284,51 @@ class CommonModel extends MasterModel else $this->logFormErrors($form); } + + /* + * Allow admin to remove user accounts + */ + function saveSettingAllusersDeluser($input) + { + $form = new Form(); + $form->field_text("guid"); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + $user = new User($form->guid); + + if ($user->type != "user") + { + $this->logError("Invalid user GUID"); + return; + } + + if ($user->admin && $user->getNumAdmins() == 1) + { + $this->logError("Account not deleted - Cannot remove the last admin account"); + return; + } + + $user->delObj(); + + if (!$this->getCurrentUser()) + { + /* did user delete their own account? */ + $this->redirectTo($this->ar() . "/"); + } + } } ?> diff --git a/app/model/deleteacct.mod.php b/app/model/deleteacct.mod.php new file mode 100644 index 0000000..89aca14 --- /dev/null +++ b/app/model/deleteacct.mod.php @@ -0,0 +1,49 @@ +<?php + +require_once "model/common.mod.php"; +require_once "class/form.class.php"; +require_once "class/user.class.php"; + +class DeleteacctModel extends CommonModel +{ + /* + * Default action + */ + function deflt() + { + } + + /* + * Delete current user's account + */ + function del($input) + { + $form = new Form(); + $form->field_text("password", null, false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user->validatePassword($form->password)) + { + $this->logError("Account not deleted - Password was incorrect"); + return; + } + + if ($user->admin && $user->getNumAdmins() == 1) + { + $this->logError("Account not deleted - Cannot remove the last admin account"); + return; + } + + $user->delObj(); + $this->redirectTo($this->ar() . "/"); + } +} + +?> |