Esempio n. 1
0
    if (Privilege::hasAdmin($_SESSION['privileges'])) {
        ?>
                            <li><a>Config</a>
                                <ul>
                                    <li><a href="groups.php">Groups</a></li>
                                    <li><a href="rules.php">Rules</a></li>
                                    <li><a href="lang.php">Lang</a></li>
                                    <li><a href="magic.php">Magic</a></li>
                                </ul>
                            </li>
                        <?php 
    }
    ?>
                        <li><a href="account.php">Account</a>
                        <?php 
    if (Privilege::hasSuperAdmin($_SESSION['privileges'])) {
        ?>
                            <li><a href="admin.php">Admin</a>
                        <?php 
    }
    ?>
                    </ul>
                </nav>
            </div>
        <?php 
}
?>
    </div>
    <div class="grid-container">
        <div class="grid-100">
            <div class="well text-center">
<?php

session_start();
require_once "../config.php";
require_once "Privilege.php";
if ($_SESSION['online'] && Privilege::hasSuperAdmin($_SESSION['privileges'])) {
    $id = $_POST['id'];
    $stmt = $db->prepare("SELECT privileges FROM " . $prefix . "users WHERE id=?");
    $stmt->bind_param("i", $id);
    $stmt->execute();
    $stmt->store_result();
    $stmt->bind_result($priv);
    if ($stmt->num_rows > 0) {
        while ($stmt->fetch()) {
            if ($priv == "superadmin") {
                echo "You cannot delete the superadmin";
                die;
            }
        }
        $stmt->close();
    }
    $stmt = $db->prepare("DELETE FROM " . $prefix . "users WHERE id = ?");
    $stmt->bind_param("i", $id);
    if ($stmt->execute()) {
        echo "User deleted successfully";
    } else {
        echo "Could not delete user";
    }
    $stmt->close();
}