From 32e4e9606fb2ac95b236913fcc0a98a7ee23bccd Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sat, 21 May 2016 21:44:53 -0400
Subject: Add MVC Deleteacct

This will prompt the user for their password if they opt to delete their
own account.  This is to prevent malicious attempt by others to trick
users into having there accounts deleted by way of a XSS attack.
---
 app/view/deleteacct/default.view.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 app/view/deleteacct/default.view.php

(limited to 'app/view/deleteacct')

diff --git a/app/view/deleteacct/default.view.php b/app/view/deleteacct/default.view.php
new file mode 100644
index 0000000..b078861
--- /dev/null
+++ b/app/view/deleteacct/default.view.php
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+
+<html lang="en">
+    <head>
+        <?php include "view/common/head.view.php"; ?>
+        <title>Scrott - Delete user account</title>
+    </head>
+
+    <body>
+        <?php include "view/common/topp.view.php"; ?>
+        <?php include "view/common/foot.view.php"; ?>
+    </body>
+</html>
-- 
cgit v1.2.3


From a99a0afd57a109f581c676b8dd3622dd3e901553 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sun, 22 May 2016 01:59:53 -0400
Subject: Create view for delete account MVC

This page prompts for user password before actually deleteing their
account.
---
 app/view/deleteacct/default.view.php | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'app/view/deleteacct')

diff --git a/app/view/deleteacct/default.view.php b/app/view/deleteacct/default.view.php
index b078861..de32202 100644
--- a/app/view/deleteacct/default.view.php
+++ b/app/view/deleteacct/default.view.php
@@ -8,6 +8,30 @@
 
     <body>
         <?php include "view/common/topp.view.php"; ?>
+
+        <div class="container">
+            <div class="panel panel-danger">
+                <div class="panel-heading">Warning: Deleting your user account!</div>
+
+                <div class="panel-body text-center">
+                    <form method="post" action="<?=$mod->ap()?>">
+                        <input type="hidden" name="input[action]" value="delete" />
+                        <h1>Are you sure?!</h1>
+                        <h4>Please confirm you want to delete your Scrott account.  Type your current password in the box below and click the confirm button</h4>
+
+                        <div class="form-group">
+                            <label>Password</label>
+                            <input type="password" name="input[password]" class="form-control" autofocus />
+                        </div>
+
+                        <button type="submit" class="btn btn-danger btn-lg">
+                            <span class="glyphicon glyphicon-trash"></span> Confirm Delete Account
+                        </button>
+                    </form>
+                </div>
+            </div>
+        </div>
+
         <?php include "view/common/foot.view.php"; ?>
     </body>
 </html>
-- 
cgit v1.2.3