source: trunk/gm_system/users/user_del.php@ 638

Last change on this file since 638 was 638, checked in by barny, 16 years ago
File size: 3.4 KB
Line 
1<?php
2/*
3 $Id: user_del.php 2180 2009-04-07 09:33:17Z andrewsimpson $
4
5 (c) 2002 - 2009 Andrew Simpson <andrew.simpson at paradise.net.nz>
6
7 WebCollab
8 ---------------------------------------
9
10 This program is free software; you can redistribute it and/or modify it under the
11 terms of the GNU General Public License as published by the Free Software Foundation;
12 either version 2 of the License, or (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful, but WITHOUT ANY
15 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
16 PARTICULAR PURPOSE. See the GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License along with this
19 program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave,
20 Cambridge, MA 02139, USA.
21
22 Function:
23 ---------
24
25 Database deletion of users
26
27*/
28
29//security check
30if(! defined('UID' ) ) {
31 die('Direct file access not permitted' );
32}
33
34//admins only
35if(! ADMIN ){
36 error('Unauthorised access', 'This function is for admins only.' );
37}
38
39//includes
40include_once(BASE.'includes/admin_config.php' );
41include_once(BASE.'includes/email.php' );
42include_once(BASE.'lang/lang_email.php' );
43
44//get some stupid errors
45if(! @safe_integer($_POST['userid']) ) {
46 error('User delete', 'No userid specified' );
47}
48
49$userid = $_POST['userid'];
50
51if(empty($_POST['action'] ) ){
52 error('User delete', 'No action specified' );
53}
54
55//check for valid form token
56$token = (isset($_POST['token'])) ? (safe_data($_POST['token'])) : null;
57token_check($token );
58
59//if user aborts, let the script carry onto the end
60ignore_user_abort(TRUE);
61
62switch($_POST['action'] ){
63
64 case 'permdel':
65
66 if(db_result(db_query('SELECT COUNT(*) FROM '.PRE.'users WHERE id='.$userid.' AND deleted=\'t\'' ), 0, 0 ) == 1 ) {
67
68 //kiss your ass goodbye :)
69 db_begin();
70
71 //free up any tasks owned (should be none)
72 @db_query('UPDATE '.PRE.'tasks SET owner=0 WHERE owner='.$userid );
73
74 //remove user from forum messages
75 db_query('UPDATE '.PRE.'forum SET userid=0 WHERE userid='.$userid );
76
77 //delete user FROM login tables
78 db_query('DELETE FROM '.PRE.'logins WHERE user_id='.$userid );
79
80 //delete from seen table
81 db_query('DELETE FROM '.PRE.'seen WHERE userid='.$userid );
82
83 //delete from usergroups_users
84 db_query('DELETE FROM '.PRE.'usergroups_users WHERE userid='.$userid );
85
86 //delete from users table
87 db_query('DELETE FROM '.PRE.'users WHERE id='.$userid );
88
89 db_commit();
90 }
91
92 break;
93
94 case 'del':
95
96 //if user exists we can delete them
97 if(db_result(db_query('SELECT COUNT(*) FROM '.PRE.'users WHERE id='.$userid ), 0, 0 ) ) {
98 //mark user as deleted
99 db_begin();
100 db_query('UPDATE '.PRE.'users SET deleted=\'t\' WHERE id='.$userid );
101
102 //free all tasks that that user has done
103 @db_query('UPDATE '.PRE.'tasks SET owner=0 WHERE owner='.$userid );
104 db_commit();
105
106 //get the users' info
107 $q = db_query('SELECT email FROM '.PRE.'users WHERE id='.$userid );
108 $email = db_result($q, 0, 0 );
109
110 //mail the user that he/she had been deleted
111 email($email, $title_delete_user, $email_delete_user );
112 }
113 break;
114
115 default:
116 error('User delete action handler', 'Invalid request given');
117 break;
118
119}
120
121header('Location: '.BASE_URL.'users.php?x='.X.'&action=manage');
122
123?>
Note: See TracBrowser for help on using the repository browser.