/** * deleteAction * Delete a record previously selected by the cmspages * @return unknown_type */ public function deleteAction() { $id = intval($this->getRequest()->getParam('id')); $identity = Zend_Auth::getInstance()->getIdentity(); $adminCount = count(AdminUser::getUserbyRoleID(1)); if (is_numeric($id)) { /* Security checks * - administrators cannod be deleted by unprivileged users * - you can't delete the latest administrator * - you can't delete yourself */ //* you can't delete yourself if ($id == $identity['user_id']) { $this->_helper->redirector('list', 'profile', 'admin', array('mex' => $this->translator->translate('You cannot delete yourself.'), 'status' => 'danger')); die; } //* administrators cannod be deleted by unprivileged users if (AdminRoles::isAdministrator($id)) { if ((int) $identity['role_id'] != 1) { $this->_helper->redirector('list', 'profile', 'admin', array('mex' => $this->translator->translate('The administrator profile can only be deleted by an administrator.'), 'status' => 'danger')); die; } } //* you can't delete the latest administrator if (AdminRoles::isAdministrator($id) && $adminCount <= 1) { $this->_helper->redirector('list', 'profile', 'admin', array('mex' => $this->translator->translate('You cannot delete the latest administrator'), 'status' => 'danger')); die; } //* all good, delete AdminUser::deleteUser($id); } return $this->_helper->redirector('index', 'profile'); }