$aForm = array_merge($_DATA->getForm(), array(array('', '', 'submit', 'Change password'))); lovd_viewForm($aForm); print '</FORM>' . "\n\n"; $_T->printFooter(); exit; } if (PATH_COUNT == 2 && ctype_digit($_PE[1]) && ACTION == 'delete') { // URL: /users/00001?delete // Delete a specific user. $nID = sprintf('%05d', $_PE[1]); define('PAGE_TITLE', 'Delete user account #' . $nID); define('LOG_EVENT', 'UserDelete'); lovd_requireAUTH(LEVEL_MANAGER); require ROOT_PATH . 'class/object_users.php'; $_DATA = new LOVD_User(); $zData = $_DATA->loadEntry($nID); require ROOT_PATH . 'inc-lib-form.php'; // Require special clearance, user must be of higher level (and therefore automatically cannot delete himself). if ($zData['level'] >= $_AUTH['level']) { // Simple solution: if level is not lower than what you have, you're out. // This is a hack-attempt. // FIXME: This function and its use is a bit messy. lovd_showPageAccessDenied('Tried to delete user ID ' . $nID . ' (' . $_SETT['user_levels'][$zData['level']] . ')', PAGE_TITLE, 'Not allowed to delete this user. This event has been logged.'); exit; } // Deleting a user makes the current user curator of the deleted user's genes if there is no curator left for them. // Find curated genes and see if they're alone. $aCuratedGenes = $_DB->query('SELECT DISTINCT geneid FROM ' . TABLE_CURATES . ' WHERE geneid NOT IN (SELECT DISTINCT geneid FROM ' . TABLE_CURATES . ' WHERE userid != ? AND allow_edit = 1)', array($nID))->fetchAllColumn(); // Define this here, since it's repeated. // Array which will make up the form table. $aForm = array(array('POST', '', '', '', '40%', '14', '60%'), array('Deleting user', '', 'print', '<SPAN style="font-family: monospace;"><I>' . $zData['username'] . '</I></SPAN>, ' . $zData['name'] . ' (' . $_SETT['user_levels'][$zData['level']] . ')'), !count($aCuratedGenes) ? false : array(' ', '', 'print', '<B>This user is the only curator of ' . count($aCuratedGenes) . ' gene' . (count($aCuratedGenes) == 1 ? '' : 's') . ': ' . implode(', ', $aCuratedGenes) . '. You will become the curator of ' . (count($aCuratedGenes) == 1 ? 'this gene' : 'these genes') . ' once this user is deleted.</B>'), 'skip', array('Enter your password for authorization', '', 'password', 'password', 20), array('', '', 'submit', 'Delete user'));