mirror/php-monstra
1
0
Fork 0
mirror of https://github.com/monstra-cms/monstra.git synced 2025-08-05 12:48:00 +02:00
Code Issues Releases Wiki Activity

#158 deleting users - fixed by Oleg Gatseluk

Browse Source
This commit is contained in:
Awilum
2013-11-23 15:19:12 +04:00
parent b23bb4b218
commit 9e2a7bc23b
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/box/users/users.admin.php
View File

@@ -185,7 +185,7 @@ class UsersAdmin extends Backend
// -------------------------------------
case "delete":
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) {
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin')) && (int)$_SESSION['user_id'] != (int)Request::get('user_id')) {
if (Security::check(Request::get('token'))) {

5
plugins/box/users/views/backend/index.view.php
View File

@@ -44,9 +44,12 @@
<td>
<div class="pull-right">
<?php echo Html::anchor(__('Edit', 'users'), 'index.php?id=users&action=edit&user_id='.$user['id'], array('class' => 'btn btn-small')); ?>
<?php echo Html::anchor(__('Delete', 'users'),
<?php
if ((int)$user['id'] != (int)$_SESSION['user_id']) {
echo Html::anchor(__('Delete', 'users'),
'index.php?id=users&action=delete&user_id='.$user['id'].'&token='.Security::token(),
array('class' => 'btn btn-small', 'onclick' => "return confirmDelete('".__('Delete user: :user', 'users', array(':user' => Html::toText($user['login'])))."')"));
}
?>
</div>
</td>