/** * Delete a user * @param type $userId * @return string */ public function deleteUser($userId) { // check for valid user id, ie. hex $check = new \w34u\ssp\CheckData(); if ($check->check('hex', $userId) !== 0) { SSP_Divert($this->cfg->totalAdminScript); } // delete a user, not the current if (strcasecmp($userId, $this->session->userId) != 0) { if (isset($_POST["deleteUser"])) { $where = array("UserId" => $userId); $this->db->delete($this->cfg->userMiscTable, $where, "SSP Admin: deleting user misc data"); $this->db->delete($this->cfg->userTable, $where, "SSP Admin: deleting user login data"); SSP_Divert($this->cfg->totalAdminScript); } elseif (isset($_POST["preserveUser"])) { SSP_Divert($this->cfg->totalAdminScript); } else { // prompt to delete user $where = array("UserId" => $userId); $user = $this->db->get($this->cfg->userMiscTable, $where, "SSP Admin: Getting data to prompt for user delete"); if ($user) { $content = get_object_vars($user); $content["path"] = SSP_Path(); $page = new Template($content, "userListerDeletePrompt.tpl", false); $mainContent = array(); $mainContent["title"] = " - delete user " . $user->FirstName . " " . $user->FamilyName; $mainContent["content"] = $page->output(); $tpl = $this->tpl($mainContent); return $tpl->output(); } else { SSP_Divert($this->cfg->totalAdminScript); } } } }