manage_user_delete.php

   1 <?php
   2 # MantisBT - A PHP based bugtracking system
   3
   4 # MantisBT is free software: you can redistribute it and/or modify
   5 # it under the terms of the GNU General Public License as published by
   6 # the Free Software Foundation, either version 2 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # MantisBT is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU General Public License
  15 # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * @package MantisBT
  19  * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
  20  * @copyright Copyright (C) 2002 - 2010  MantisBT Team - mantisbt-dev@lists.sourceforge.net
  21  * @link http://www.mantisbt.org
  22  *
  23  * @uses core.php
  24  * @uses access_api.php
  25  * @uses authentication_api.php
  26  * @uses config_api.php
  27  * @uses constant_inc.php
  28  * @uses form_api.php
  29  * @uses gpc_api.php
  30  * @uses helper_api.php
  31  * @uses html_api.php
  32  * @uses lang_api.php
  33  * @uses print_api.php
  34  * @uses user_api.php
  35  */
  36
  37 require_once( 'core.php' );
  38 require_api( 'access_api.php' );
  39 require_api( 'authentication_api.php' );
  40 require_api( 'config_api.php' );
  41 require_api( 'constant_inc.php' );
  42 require_api( 'form_api.php' );
  43 require_api( 'gpc_api.php' );
  44 require_api( 'helper_api.php' );
  45 require_api( 'html_api.php' );
  46 require_api( 'lang_api.php' );
  47 require_api( 'print_api.php' );
  48 require_api( 'user_api.php' );
  49
  50 form_security_validate('manage_user_delete');
  51
  52 auth_reauthenticate();
  53 access_ensure_global_level( config_get( 'manage_user_threshold' ) );
  54
  55 $f_user_id      = gpc_get_int( 'user_id' );
  56
  57 $t_user = user_get_row( $f_user_id );
  58
  59 # check that we are not deleting the last administrator account
  60 $t_admin_threshold = config_get_global( 'admin_site_threshold' );
  61 if ( user_is_administrator( $f_user_id ) &&
  62          user_count_level( $t_admin_threshold ) <= 1 ) {
  63         trigger_error( ERROR_USER_CHANGE_LAST_ADMIN, ERROR );
  64 }
  65
  66 # If an administrator is trying to delete their own account, use
  67 # account_delete.php instead as it is handles logging out and redirection
  68 # of users who have just deleted their own accounts.
  69 if ( auth_get_current_user_id() == $f_user_id ) {
  70         form_security_purge( 'manage_user_delete' );
  71         print_header_redirect( 'account_delete.php?account_delete_token=' . form_security_token( 'account_delete' ), true, false );
  72 }
  73
  74 helper_ensure_confirmed( lang_get( 'delete_account_sure_msg' ) .
  75         '<br/>' . lang_get( 'username_label' ) . lang_get( 'word_separator' ) . $t_user['username'],
  76         lang_get( 'delete_account_button' ) );
  77
  78 user_delete( $f_user_id );
  79
  80 form_security_purge('manage_user_delete');
  81
  82 html_page_top( null, 'manage_user_page.php' );
  83 ?>
  84
  85 <br />
  86 <div align="center">
  87 <?php
  88 echo lang_get( 'operation_successful' ) . '<br />';
  89 print_bracket_link( 'manage_user_page.php', lang_get( 'proceed' ) );
  90 ?>
  91 </div>
  92
  93 <?php
  94 html_page_bottom();