delete_user.php
changeset 82 c255196bc447
parent 73 8a239565e9b3
child 110 455405c757e1
--- a/delete_user.php	Wed Mar 12 20:45:56 2008 +0000
+++ b/delete_user.php	Tue Mar 25 22:45:31 2008 +0000
@@ -20,103 +20,87 @@
  */
 
 require_once("inc/toolkit.inc.php");
+include_once("inc/header.inc.php");
 
-$id = ($_POST["id"]) ? $_POST["id"] : $_GET["id"];
+verify_permission(user_edit_own) ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
+verify_permission(user_edit_others) ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
+
+if (!(isset($_GET['id']) && v_num($_GET['id']))) {
+	error(ERR_INV_INPUT);
+	include_once("inc/footer.inc.php");
+	exit;
+} else {
+	$uid = $_GET['id'];
+}
+
+if ($_POST['commit']) {
+	if (delete_user($uid,$_POST['zone'])) {
+		success(SUC_USER_DEL);	
+	}
+} else {
+
+	if (($uid != $_SESSION['userid'] && !verify_permission(user_edit_others)) || ($uid == $_SESSION['userid'] && !verify_permission(user_edit_own))) {
+		error(ERR_PERM_DEL_USER);
+		include_once("inc/footer.inc.php");
+		exit;
+	} else {
+		$fullname = get_fullname_from_userid($uid);
+		$zones = get_zones("own",$uid);
+
+		echo "     <h2>" . _('Delete user') . " \"" . $fullname . "\"</h2>\n";
+		echo "     <form method=\"post\">\n";
+		echo "      <table>\n";
+
+		if (count($zones) > 0) {
 
-if(isset($id)) 
-{
-	if($_POST["confirm"] == '1') 
-	{                
-                $domain = is_array($_POST["domain"]) ? $_POST["domain"] : $domain = array();
-                $delete = is_array($_POST["delete"]) ? $_POST["delete"] : $delete = array();
-                
-		if(count($domain) > 0) 
-		{
-			foreach ($domain as $dom => $newowner) 
-			{
-				if (!in_array($dom, $delete)) 
-				{
-					add_owner($dom, $newowner);
-                                }
-                        }
-                }
-                if(count($delete) > 0) 
-                {
-                	foreach ($delete as $del) 
-                	{
-                		delete_domain($del);
+			$users = show_users();
+
+			echo "       <tr>\n";
+			echo "        <td colspan=\"5\">\n";
+
+			echo "         " . _('You are about to delete a user. This user is owner for a number of zones. Please decide what to do with these zones.') . "\n";
+			echo "        </td>\n";
+			echo "       </tr>\n";
+
+			echo "       <tr>\n";
+			echo "        <th>" . _('Zone') . "</th>\n";
+			echo "        <th>" . _('Delete') . "</th>\n";
+			echo "        <th>" . _('Leave') . "</th>\n";
+			echo "        <th>" . _('Add new owner') . "</th>\n";
+			echo "        <th>" . _('Owner to be added') . "</th>\n";
+			echo "       </tr>\n";
+
+			foreach ($zones as $zone) {
+				echo "       <input type=\"hidden\" name=\"zone[" . $zone['id'] . "][zid]\" value=\"" . $zone['id'] . "\">\n";
+				echo "       <tr>\n";
+				echo "        <td>" . $zone['name'] . "</td>\n";
+				echo "        <td><input type=\"radio\" name=\"zone[" . $zone['id'] . "][target]\" value=\"delete\"></td>\n";
+				echo "        <td><input type=\"radio\" name=\"zone[" . $zone['id'] . "][target]\" value=\"leave\" CHECKED></td>\n";
+				echo "        <td><input type=\"radio\" name=\"zone[" . $zone['id'] . "][target]\" value=\"new_owner\"></td>\n";
+				echo "        <td>\n";
+				echo "         <select name=\"zone[" . $zone['id'] . "][newowner]\">\n";
+
+				foreach ($users as $user) {
+					echo "          <option value=\"" . $user["id"] . "\">" . $user["fullname"] . "</option>\n";
+				}
+
+				echo "         </select>\n";
+				echo "        </td>\n";
+				echo "       </tr>\n";
+
 			}
 		}
-		
-                delete_user($id);
-                clean_page("users.php");
-        }
-        include_once("inc/header.inc.php");
-        ?>
-	
-    <h3><?php echo _('Delete user'); ?> "<?php echo get_fullname_from_userid($id) ?>"</h3>
-     <form method="post">
-        <?php
-        $domains = get_domains_from_userid($id);
-        if (count($domains) > 0) 
-        {
-        	echo _('This user has access to the following zone(s)'); ?> :<BR><?php
-                $users = show_users($id);
-                if(count($users) < 1) 
-                {
-                        $add = " CHECKED DISABLED";
-                        $no_users = 1;
-                }
-                ?>
-                <table>
-                 <tr>
-		  <td class="n">Delete</td>
-		  <td class="n">Name</td>
-		<?php if (!$no_users) { ?>
-		  <td class="n">New owner</td>
-		<?php } ?>
-		 </tr>
-                <?php
-                foreach ($domains as $d) 
-                {
-                        ?>
-                 <tr>
-		  <td class="n" align="center"><?php
-                        if ($no_users) 
-                     	{ 
-                     		?><input type="hidden" name="delete[]" value="<?php echo $d["id"] ?>"><?php
-                        } 
-                        ?><input type="checkbox"<?php echo $add ?> name="delete[]" value="<?php echo $d["id"] ?>"></td><td class="n"><?php echo $d["name"] ?></td><td class="n"><?php 
-                        if (!$no_users) 
-                        { 
-                        	?><select name="domain[<?php echo $d["id"] ?>]"><?php
-                        	foreach($users as $u) 
-                        	{
-                        	        ?><option value="<?php echo $u["id"] ?>"><?php echo $u["fullname"] ?></option><?php
-                        	}
-                        	?></select></td><?php 
-                        } 
-                        ?></tr><?php
-                }
-                ?></table><?php
-        }
-        
-        $message = _('You are going to delete this user, are you sure?');
-        if(($numrows = $db->queryOne("SELECT count(id) FROM zones WHERE owner=".$db->quote($id))) != 0)
-        {
-        	$message .= " " . _('This user has access to ') . $numrows . _(' zones, by deleting him you will also delete these zones.');
-        }
+		echo "       <tr>\n";
+		echo "        <td colspan=\"5\">\n";
+
+		echo "         " . _('Really delete this user?') . "\n";
+		echo "        </td>\n";
+		echo "       </tr>\n";
 
-        ?>
-        <font class="warning"><?php echo $message ?></font><br>
-        <input type="hidden" name="id" value="<?php echo $id ?>">
-        <input type="hidden" name="confirm" value="1">
-        <input type="submit" class="button" value="<?php echo _('Yes'); ?>"> <input type="button" class="button" OnClick="location.href='users.php'" value="<?php echo _('No'); ?>"></FORM>
-        <?php
-        include_once("inc/footer.inc.php");
-} 
-else 
-{
-        message("Nothing to do!");
+		echo "      </table>\n";
+		echo "     <input type=\"submit\" class=\"button\" name=\"commit\" value=\"" . _('Comit changes') . "\">\n";
+		echo "     </form>\n";
+	}
 }
-
+include_once("inc/footer.inc.php");
+?>