}
$this->assign('u', $u);
$this->page('manage/users/view');
$this->getToken();
$this->getExtendedToken();
if (isset($_GET['updated'])) {
$this->assign('message', 'The user password have been updated.');
}
break;
case 'delete':
if (!$this->request(3) || !$this->request(4)) {
break;
}
$this->acceptExtendedToken($this->request(4));
// can not delete current user
if (Session::Get(Authentification::SESSION_USER_ID) == intval($this->request(3))) {
$this->errorPage('Unable to delete your own account', 'You can not delete yourself. Please ask another administrator to do it!', FALSE);
}
$u = new User();
$u->loadFromId(intval($this->request(3)));
if (!$u->exists()) {
break;
}
if (!empty($_POST)) {
$this->acceptToken();
try {
if (empty($_POST['delete'])) {
throw new \Exception('Nobody will be deleted until you check the box…');
}
if (empty($_POST['user_id']) || $_POST['user_id'] != intval($this->request(3))) {
$this->hackAttempt();
public function isLogged()
{
return Session::Exists(self::SESSION_LOGGED) && Session::Get(self::SESSION_LOGGED);
}
public function getExtendedToken()
{
$token = Session::Exists('current_ext_token') ? Session::Get('current_ext_token') : Token::Generate(TRUE);
Session::Add('current_ext_token', $token);
$this->template->assign('extended_token', $token);
return $token;
}
