// email change successful echo '<p style="color:green;">Mail has been successfuly changed!</p>'; } elseif (!empty($_POST['email'])) { // email change request $result = user::change_email($_SESSION['user']['id'], $_POST['email']); if ($result) { redirect('?p=account&action=email&ok'); die; } else { echo '<p>Impossible to change email!</p>'; } } } elseif ($action == 'delete') { if (!empty($_POST['csrf_token'])) { $token = $_POST['csrf_token']; $valid = csrf::check($token, $_SESSION['token']); if ($valid) { $result = user::delete($_SESSION['user']['id']); if ($result) { redirect('?p=disconnect&delete'); die; } else { echo '<p>Impossible to delete this account!</p>'; } } else { echo '<p style="color:red;">Wrong CSRF token!</p>'; } } } else { // unknown action }