Various changes to make it work on my side.

2025-01-17 04:38:27 +01:00 · 2018-07-13 16:12:56 +02:00 · 2018-07-13 16:12:56 +02:00 · 99e4be5124
commit 99e4be5124
parent ce244935c0
2 changed files with 10 additions and 5 deletions
--- a/e107_plugins/user/e_user.php
+++ b/e107_plugins/user/e_user.php
@ -31,6 +31,7 @@ class user_user // plugin-folder + '_user'
 	 */
 	function delete($uid)
 	{
+		$us = e107::getUserSession();

 		$config = array();

@ -41,6 +42,7 @@ class user_user // plugin-folder + '_user'
 			'user_email'        => 'noreply-'.$uid.'@nowhere.com',
 			'user_ip'           => '',
 			'user_lastvisit'    => time(),
+			'user_password'     => $us->HashPassword($us->generateRandomString("#??????????#"), 'Deleted-Login-'.$uid),
 			'user_ban'          => 5, // 'deleted' status'
 			// etc.
 			'WHERE'             => 'user_id = '.$uid,
--- a/usersettings.php
+++ b/usersettings.php
@ -39,7 +39,7 @@ if (!USER)
 	exit();
 }

-if ((!ADMIN || !getperms("4")) && e_QUERY && e_QUERY != "update" )
+if ((!ADMIN || !getperms("4")) && e_QUERY && e_QUERY != "update" && substr(e_QUERY, 0, 4) !== 'del=')
 {
 	header('location:'.e_BASE.'usersettings.php');
 	exit();
@ -205,7 +205,7 @@ class usersettings_front // Begin Usersettings rewrite.

 	private function processUserDelete($hash)
 	{
-		if(!e107::getDb()->select('user',"user_id = ".USERID." AND user_sess=".$hash." LIMIT 1")) // user must be logged in AND have correct hash.
+		if(!e107::getDb()->select('user', '*',"user_id = ".USERID." AND user_sess='".$hash."' LIMIT 1")) // user must be logged in AND have correct hash.
 		{
 			return false;
 		}
@ -227,13 +227,13 @@ class usersettings_front // Begin Usersettings rewrite.
 				{
 					//echo "<h3>UPDATE ".$table."</h3>";
 				//	print_a($query);
-					$sql->update($table,$query); // todo check query ran successfully.
+					$sql->update($table, $query); // todo check query ran successfully.
 				}
 				elseif($mode === 'delete')
 				{
 					//echo "<h3>DELETE ".$table."</h3>";
 					//print_a($query);
-					$sql->delete($table,$query); //  todo check query ran successfully.
+					$sql->delete($table, $query['WHERE']); //  todo check query ran successfully.
 				}

 			}
@ -287,8 +287,11 @@ class usersettings_front // Begin Usersettings rewrite.

 		if(!empty($_GET['del'])) // delete account via confirmation email link.
 		{
+
 			echo $this->processUserDelete($_GET['del']);
-			e107::getSession()->destroy();
+			//e107::getSession()->destroy();
+			e107::getUser()->logout();
+			return null;
 		}

 		/* todo subject of removal */