Project

General

Profile

1
<?php
2

    
3
/**
4
 *
5
 * @category        admin
6
 * @package         pages
7
 * @author          Ryan Djurovich (2004-2009), WebsiteBaker Project
8
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher
13
 * @version         $Id: delete.php 1815 2012-11-11 00:19:38Z Luisehahne $
14
 * @filesource		$HeadURL: svn://isteam.dynxs.de/wb-archiv/branches/2.8.x/wb/admin/users/delete.php $
15
 * @lastmodified    $Date: 2012-11-11 01:19:38 +0100 (Sun, 11 Nov 2012) $
16
 *
17
 */
18

    
19
/* -------------------------------------------------------- */
20
// Must include code to stop this file being accessed directly
21
if(!defined('WB_URL')) {
22
	require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php');
23
	throw new IllegalFileException();
24
}
25
/* -------------------------------------------------------- */
26
function delete_user($admin, &$aActionRequest)
27
{
28
	global $TEXT, $MESSAGE;
29
	$database = WbDatabase::getInstance();
30
    $aUserID = array();
31
    $bRetVal = false;
32
    if(isset($aActionRequest['user_id']) && !is_array($aActionRequest['user_id'])) {
33
        $aUserID[] = $aActionRequest['user_id'];
34
    } else {
35
        $aUserID = $aActionRequest['user_id'];
36
    }
37

    
38
    foreach ( $aUserID AS $key => $value)
39
    {
40
        switch ($_SERVER['REQUEST_METHOD']) :
41
			case 'GET': // insert/update user
42
                $_GET['user_id'] =$aUserID[$key];
43
				break;
44
			default: // show userlist with empty modify mask
45
                $_POST['user_id'] =$aUserID[$key];
46
		endswitch; // end of switch
47
		$user_id = intval($admin->checkIDKEY('user_id', 0, $_SERVER['REQUEST_METHOD']));
48

    
49
		// Check if user id is a valid number and doesnt equal 1
50
		if($user_id == 0){
51
			msgQueue::add($MESSAGE['GENERIC_FORGOT_OPTIONS'] );
52
            return $bRetVal;
53
        }
54

    
55
		if( ($user_id < 2 ) )
56
		{
57
			// if($admin_header) { $admin->print_header(); }
58
			msgQueue::add($MESSAGE['GENERIC_SECURITY_ACCESS'] );
59
            return $bRetVal;
60
		}
61

    
62
		if( ($msg = msgQueue::getError()) == '')
63
		{
64
			$sql  = 'SELECT `active` FROM `'.TABLE_PREFIX.'users` '.
65
                    'WHERE `user_id` = '.$user_id;
66
            if( ($iDeleteUser = $database->get_one($sql)) != null ) {
67
                if($iDeleteUser) {
68
    				// Delete the user
69
        			$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET '.
70
                            '`active` = 0 '.
71
                            'WHERE `user_id` = '.$user_id;
72
                    if( $database->query($sql) ) {
73
                        msgQueue::add($TEXT['USERS_DELETED'], true);
74
                    }
75
                } else {
76
        			$sql  = 'DELETE FROM `'.TABLE_PREFIX.'users` '.
77
                            'WHERE `user_id` = '.$user_id;
78
                    if( $database->query($sql) ) {
79
                        msgQueue::add($MESSAGE['USERS_DELETED'], true);
80
                    }
81
                }
82
                $bRetVal = true;
83
            }
84
            if($database->is_error()) {
85
                msgQueue::add( implode('<br />',explode(';',$database->get_error())) );
86
                $bRetVal = false;
87
           }
88
		}
89
    }
90
    if(isset($aActionRequest['clearmsg'])) { msgQueue::clear();  }
91
    return $user_id;
92
}
93

    
94
if(!isset($aActionRequest)) {
95
    $requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
96
    $aActionRequest = (isset(${$requestMethod})) ? ${$requestMethod} : null;
97
    $aActionRequest['clearmsg'] = true;
98
}
(2-2/7)