Compare commits
3 Commits
d30282bd54
...
41ddbcab9e
Author | SHA1 | Date | |
---|---|---|---|
41ddbcab9e | |||
12adccac3a | |||
555dd0573d |
@ -11,5 +11,5 @@ $Err_RDP_InvalidArgs = "rdp.invalidargs"; // Invalid arguments supplied to
|
||||
$Err_DP_IDNotFound = "dp.idnotfound"; // Resource not found by requested ID
|
||||
$Err_DP_AlreadyLoggedIn = "dp.alreadyloggedin"; // User already logged into account
|
||||
$Err_DP_RegClosed = "dp.regclosed"; // Registration is closed
|
||||
|
||||
$Err_DP_NotEnoughRole = "dp.notenoughrole"
|
||||
?>
|
34
api/user/delete.php
Normal file
34
api/user/delete.php
Normal file
@ -0,0 +1,34 @@
|
||||
<?php
|
||||
require_once("../_auth.php");
|
||||
require_once("../_utils.php");
|
||||
require_once("./index.php");
|
||||
|
||||
function User_Delete($id){
|
||||
global $db;
|
||||
$s = $db->prepare("delete from users where id = $id");
|
||||
$s->bind_param("s",$id);
|
||||
return $s->execute() !== false;
|
||||
}
|
||||
|
||||
if (ThisFileIsRequested(__FILE__)) {
|
||||
require_once("../_json.php");
|
||||
|
||||
if (isset($_REQUEST["id"])) {
|
||||
if (!ctype_digit($_REQUEST["id"]))
|
||||
ReturnJSONError($Err_RDP_InvalidID, "id must be numeric");
|
||||
if(!User_HasRole("admin")){
|
||||
ReturnJSONError($Err_DP_NotEnoughRole,"You need to be admin to delete other accounts");
|
||||
}
|
||||
$UserID = intval($_REQUEST["id"]);
|
||||
} else {
|
||||
if ($LOGGED_IN)
|
||||
$UserID = $_SESSION["userid"];
|
||||
else
|
||||
ReturnJSONError($Err_RDP_InvalidID, "id must be specified or valid session must be provided");
|
||||
}
|
||||
$result = User_Delete($UserID);
|
||||
session_unset();
|
||||
session_destroy();
|
||||
ReturnJSONData(["success" => $result]);
|
||||
}
|
||||
?>
|
Loading…
Reference in New Issue
Block a user