Refbase update_2021-01-28_15_58
This commit is contained in:
root
125
user_removal.php
Normal file
125
user_removal.php
Normal file
@@ -0,0 +1,125 @@
|
||||
<?php
|
||||
// Project: Web Reference Database (refbase) <http://www.refbase.net>
|
||||
// Copyright: Matthias Steffens <mailto:refbase@extracts.de> and the file's
|
||||
// original author(s).
|
||||
//
|
||||
// This code is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY. Please see the GNU General Public
|
||||
// License for more details.
|
||||
//
|
||||
// File: ./user_removal.php
|
||||
// Repository: $HeadURL: file:///svn/p/refbase/code/branches/bleeding-edge/user_removal.php $
|
||||
// Author(s): Matthias Steffens <mailto:refbase@extracts.de>
|
||||
//
|
||||
// Created: 16-Apr-02, 10:54
|
||||
// Modified: $Date: 2015-02-16 20:53:19 +0000 (Mon, 16 Feb 2015) $
|
||||
// $Author: karnesky $
|
||||
// $Revision: 1405 $
|
||||
|
||||
// This script deletes a user from the 'users' and 'auth' tables.
|
||||
// The script can be only called by the admin. If the removal succeeds, it redirects to 'users.php'.
|
||||
// Note that there's no further verification! If you clicked 'Delete User' on 'user_receipt.php' the user will be killed immediately.
|
||||
|
||||
|
||||
// Incorporate some include files:
|
||||
include 'initialize/db.inc.php'; // 'db.inc.php' is included to hide username and password
|
||||
include 'includes/include.inc.php'; // include common functions
|
||||
include 'initialize/ini.inc.php'; // include common variables
|
||||
|
||||
// --------------------------------------------------------------------
|
||||
|
||||
// START A SESSION:
|
||||
// call the 'start_session()' function (from 'include.inc.php') which will also read out available session variables:
|
||||
start_session(true);
|
||||
|
||||
// Extract the 'userID' parameter from the request:
|
||||
if (isset($_REQUEST['userID']))
|
||||
$userID = $_REQUEST['userID'];
|
||||
else
|
||||
$userID = "";
|
||||
|
||||
// Check if the admin is logged in
|
||||
if (!(isset($_SESSION['loginEmail']) && ($loginEmail == $adminLoginEmail))) // ('$adminLoginEmail' is specified in 'ini.inc.php')
|
||||
{
|
||||
// save an error message:
|
||||
$HeaderString = "You must be logged in as admin to remove any users!";
|
||||
|
||||
// save the URL of the currently displayed page:
|
||||
$referer = $_SERVER['HTTP_REFERER'];
|
||||
|
||||
// Write back session variables:
|
||||
saveSessionVariable("HeaderString", $HeaderString); // function 'saveSessionVariable()' is defined in 'include.inc.php'
|
||||
saveSessionVariable("referer", $referer);
|
||||
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
// Check the correct parameters have been passed
|
||||
if (empty($userID))
|
||||
{
|
||||
// save an error message:
|
||||
$HeaderString = "Incorrect parameters to script 'user_removal.php'!";
|
||||
|
||||
// Write back session variables:
|
||||
saveSessionVariable("HeaderString", $HeaderString); // function 'saveSessionVariable()' is defined in 'include.inc.php'
|
||||
|
||||
// Redirect the browser back to the calling page
|
||||
header("Location: " . $referer); // variable '$referer' is globally defined in function 'start_session()' in 'include.inc.php'
|
||||
exit;
|
||||
}
|
||||
|
||||
// --------------------------------------------------------------------
|
||||
|
||||
// CONSTRUCT SQL QUERY:
|
||||
// If the admin is logged in:
|
||||
if (isset($_SESSION['loginEmail']) && ($loginEmail == $adminLoginEmail)) // -> perform a delete action:
|
||||
{
|
||||
// DELETE - construct queries to delete the relevant record(s)
|
||||
// ... from the users table:
|
||||
$queryArray[] = "DELETE FROM $tableUsers WHERE user_id = " . quote_smart($userID);
|
||||
|
||||
// ... from the auth table:
|
||||
$queryArray[] = "DELETE FROM $tableAuth WHERE user_id = " . quote_smart($userID);
|
||||
|
||||
// ... from the user_permissions table:
|
||||
$queryArray[] = "DELETE FROM $tableUserPermissions WHERE user_id =" . quote_smart($userID);
|
||||
|
||||
// ... from the user_formats table:
|
||||
$queryArray[] = "DELETE FROM $tableUserFormats WHERE user_id =" . quote_smart($userID);
|
||||
|
||||
// ... from the user_styles table:
|
||||
$queryArray[] = "DELETE FROM $tableUserStyles WHERE user_id =" . quote_smart($userID);
|
||||
|
||||
// ... from the user_types table:
|
||||
$queryArray[] = "DELETE FROM $tableUserTypes WHERE user_id =" . quote_smart($userID);
|
||||
|
||||
// ... from the user_options table:
|
||||
$queryArray[] = "DELETE FROM $tableUserOptions WHERE user_id =" . quote_smart($userID);
|
||||
}
|
||||
|
||||
// --------------------------------------------------------------------
|
||||
|
||||
// (1) OPEN CONNECTION, (2) SELECT DATABASE
|
||||
connectToMySQLDatabase(); // function 'connectToMySQLDatabase()' is defined in 'include.inc.php'
|
||||
|
||||
// (3) RUN the queries on the database through the connection:
|
||||
foreach($queryArray as $query)
|
||||
$result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
|
||||
|
||||
// ----------------------------------------------
|
||||
|
||||
// (4) File a message and go back to the list of users:
|
||||
// save an informative message:
|
||||
$HeaderString = "User was deleted successfully!";
|
||||
|
||||
// Write back session variables:
|
||||
saveSessionVariable("HeaderString", $HeaderString); // function 'saveSessionVariable()' is defined in 'include.inc.php'
|
||||
|
||||
header("Location: users.php"); // re-direct to the list of users
|
||||
|
||||
// (5) CLOSE the database connection:
|
||||
disconnectFromMySQLDatabase(); // function 'disconnectFromMySQLDatabase()' is defined in 'include.inc.php'
|
||||
|
||||
// --------------------------------------------------------------------
|
||||
?>
|
||||
Reference in New Issue
Block a user