From 2a7abf2d7fee6a2d6418e5ad4b79e37e6049bd92 Mon Sep 17 00:00:00 2001
From: Christopher Smith <chris@jalakai.co.uk>
Date: Wed, 31 Jul 2013 18:14:26 +0200
Subject: FS#2751 - self deletion of user account

---
 inc/actions.php | 28 ++++++++++++++++++++--------
 1 file changed, 20 insertions(+), 8 deletions(-)

(limited to 'inc/actions.php')

diff --git a/inc/actions.php b/inc/actions.php
index da3414eb2..bf124c887 100644
--- a/inc/actions.php
+++ b/inc/actions.php
@@ -92,14 +92,26 @@ function act_dispatch(){
             $ACT = 'login';
         }
 
-        //update user profile
-        if ($ACT == 'profile') {
+        // user profile changes
+        if (in_array($ACT, array('profile','profile_delete'))) {
             if(!$_SERVER['REMOTE_USER']) {
                 $ACT = 'login';
             } else {
-                if(updateprofile()) {
-                    msg($lang['profchanged'],1);
-                    $ACT = 'show';
+                switch ($ACT) {
+                    case 'profile' :
+                        if(updateprofile()) {
+                            msg($lang['profchanged'],1);
+                            $ACT = 'show';
+                        }
+                        break;
+                    case 'profile_delete' :
+                        if(auth_deleteprofile()){
+                            msg($lang['profdeleted'],1);
+                            $ACT = 'show';
+                        } else {
+                            $ACT = 'profile';
+                        }
+                        break;
                 }
             }
         }
@@ -247,7 +259,7 @@ function act_validate($act) {
     //disable all acl related commands if ACL is disabled
     if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
                     'subscribe','unsubscribe','profile','revert',
-                    'resendpwd'))){
+                    'resendpwd','profile_delete'))){
         msg('Command unavailable: '.htmlspecialchars($act),-1);
         return 'show';
     }
@@ -258,7 +270,7 @@ function act_validate($act) {
     if(!in_array($act,array('login','logout','register','save','cancel','edit','draft',
                     'preview','search','show','check','index','revisions',
                     'diff','recent','backlink','admin','subscribe','revert',
-                    'unsubscribe','profile','resendpwd','recover',
+                    'unsubscribe','profile','profile_delete','resendpwd','recover',
                     'draftdel','sitemap','media')) && substr($act,0,7) != 'export_' ) {
         msg('Command unknown: '.htmlspecialchars($act),-1);
         return 'show';
@@ -287,7 +299,7 @@ function act_permcheck($act){
         }else{
             $permneed = AUTH_CREATE;
         }
-    }elseif(in_array($act,array('login','search','recent','profile','index', 'sitemap'))){
+    }elseif(in_array($act,array('login','search','recent','profile','profile_delete','index', 'sitemap'))){
         $permneed = AUTH_NONE;
     }elseif($act == 'revert'){
         $permneed = AUTH_ADMIN;
-- 
cgit v1.2.3