loginAsUser = function() {
if (confirm('<?=$loginAsUserConfirm?>')) {
location.href = "<?=$this->url('/dashboard/users/search', 'sign_in_as_user', $uo->getUserID(), $valt->generate('sudo'))?>";
}
}
</script>
<? } /*else { ?>
<? print $ih->button_js(t('Sign In as User'), 'alert(\'' . t('You do not have permission to sign in as other users.') . '\')', 'left', 'ccm-button-inactive');?>
<? }*/ ?>
<? } ?>
<?
$cu = new User();
$tp = new TaskPermission();
if ($tp->canDeleteUser()) {
$delConfirmJS = t('Are you sure you want to permanently remove this user?');
if ($uo->getUserID() == USER_SUPER_ID) { ?>
<?=t('You may not remove the super user account.')?>
<? } else if (!$tp->canDeleteUser()) { ?>
<?=t('You do not have permission to perform this action.');
} else if ($uo->getUserID() == $cu->getUserID()) {
echo t('You cannot delete your own user account.');
}else{ ?>
<script type="text/javascript">
deleteUser = function() {
if (confirm('<?=$delConfirmJS?>')) {
location.href = "<?=$this->url('/dashboard/users/search', 'delete', $uo->getUserID(), $valt->generate('delete_account'))?>";
}
}
public function delete($delUserId, $token = null){
$u=new User();
try {
$delUI=UserInfo::getByID($delUserId);
if(!($delUI instanceof UserInfo)) {
throw new Exception(t('Invalid user ID.'));
}
if (!PermissionKey::getByHandle('access_user_search')->validate($delUI)) {
throw new Exception(t('Access Denied.'));
}
$tp = new TaskPermission();
if (!$tp->canDeleteUser()) {
throw new Exception(t('You do not have permission to perform this action.'));
}
if ($delUserId == USER_SUPER_ID) {
throw new Exception(t('You may not remove the super user account.'));
}
if($delUserId==$u->getUserID()) {
throw new Exception(t('You cannot delete your own user account.'));
}
$valt = Loader::helper('validation/token');
if (!$valt->validate('delete_account', $token)) {
throw new Exception($valt->getErrorMessage());
}
$delUI->delete();
$resultMsg=t('User deleted successfully.');
$_REQUEST=array();
$_GET=array();
$_POST=array();
$this->set('message', $resultMsg);
} catch (Exception $e) {
$this->set('error', $e);
}
$this->view();
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$searchInstance = Loader::helper('text')->entities($_REQUEST['searchInstance']);
if (!strlen($searchInstance)) {
$searchInstance = 'user';
}
$form = Loader::helper('form');
$ih = Loader::helper('concrete/interface');
$tp = new TaskPermission();
$u = new User();
$sk = PermissionKey::getByHandle('access_user_search');
$tp = new TaskPermission();
if (!$tp->canDeleteUser()) {
die(t("Access Denied."));
}
$users = array();
$excluded = false;
$excluded_user_ids = array();
$excluded_user_ids[] = $u->getUserID();
// can't delete yourself
$excluded_user_ids[] = USER_SUPER_ID;
// can't delete the super user (admin)
if (is_array($_REQUEST['uID'])) {
foreach ($_REQUEST['uID'] as $uID) {
$ui = UserInfo::getByID($uID);
if (!$sk->validate($ui) || in_array($ui->getUserID(), $excluded_user_ids)) {
$excluded = true;
} else {
$users[] = $ui;
}
