protected function certificate_remove() { // Delete if (!Session::isLoggedIn()) { return Error::set('You are not logged in!'); } if (empty($_POST['hash'])) { return Error::set('No certificate hash was found.'); } $certs = new certs(ConnectionFactory::get('mongo'), ConnectionFactory::get('redis')); $cert = $certs->get($_POST['hash'], false); if ($cert == null) { return Error::set('Invalid certificate hash.'); } if (substr($cert, 0, strpos($cert, ':')) != Session::getVar('_id')) { return Error::set('You are not allowed to remove this certificate.'); } $users = new users(ConnectionFactory::get('mongo')); $users->removeCert(Session::getVar('_id'), $_POST['hash']); $certs->removeCert($_POST['hash']); header('Location: ' . Url::format('/user/settings')); }