public function deleteAction()
{
$id = $this->getRequest()->getParam('id');
if (!$id) {
$this->getResponse()->setStatus(0)->setBody(__('user does not exist'))->toJson();
}
$user_rs = Admin_UsersModel::get(array('id' => $id));
if (!$user_rs) {
$this->getResponse()->setStatus(0)->setBody(__('user does not exist'))->toJson();
}
if (is_null($this->getRequest()->getPost('confirmed'))) {
$this->getResponse()->setStatus(2)->setBody(__('Are you sure?'))->toJson();
}
if ($id != s()->user->id && $user_rs->is_developer) {
$this->getResponse()->setStatus(0)->setBody('how about no?')->toJson();
}
Admin_UsersModel::delete(array('id' => $id));
// Refresh the user's session
if ($id == s()->user->id) {
Cms_UserData::refresh(array(Cms_UserData::ATTR_ALL));
} else {
Cms_UserData::injectRefresh($id, array(Cms_UserData::ATTR_ALL));
}
$this->getResponse()->setStatus(1)->setBody(__('user deleted'))->toJson();
}
public function indexAction()
{
if ($this->getRequest()->getPost('user') == '' || $this->getRequest()->getPost('pass') == '') {
$this->getResponse()->setStatus(0)->setBody(__('Enter username and password'))->toJson();
}
/*if (!Core_LinkExploit::checkOnce($this->getRequest()->getPost('token'), 'login')) {
$this->getResponse()->setStatus(0)->setBody(__('Invalid Data Submitted'))->toJson();
}*/
$user_rs = Admin_UsersModel::get(array('user' => $this->getRequest()->getPost('user'), 'password' => Core_Security::generate($this->getRequest()->getPost('pass'))));
if (!$user_rs) {
$this->getResponse()->setStatus(0)->setBody(__('Wrong username and/or password'))->toJson();
}
// now login the user
if (Admin_UsersHelper::login($user_rs->id)) {
$this->getResponse()->setStatus(1)->toJson();
}
}
