From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Sun, 25 Nov 2018 01:59:38 +0000 (-0500)
Subject: Add self-removal prevention in mod/admin
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=1501b998fadd2aee398440ab8b0835c417d2918f;p=friendica.git

Add self-removal prevention in mod/admin
---

diff --git a/mod/admin.php b/mod/admin.php
index 5bf55423e5..2a703cb413 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -1780,7 +1780,11 @@ function admin_page_users_post(App $a)
 	}
 	if (x($_POST, 'page_users_delete')) {
 		foreach ($users as $uid) {
-			User::remove($uid);
+			if (local_user() != $uid) {
+				User::remove($uid);
+			} else {
+				notice(L10n::t('You can\'t remove yourself'));
+			}
 		}
 		notice(L10n::tt("%s user deleted", "%s users deleted", count($users)));
 	}
@@ -1825,11 +1829,15 @@ function admin_page_users(App $a)
 		}
 		switch ($a->argv[2]) {
 			case "delete":
-				BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');
-				// delete user
-				User::remove($uid);
+				if (local_user() != $uid) {
+					BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');
+					// delete user
+					User::remove($uid);
 
-				notice(L10n::t("User '%s' deleted", $user['username']) . EOL);
+					notice(L10n::t("User '%s' deleted", $user['username']));
+				} else {
+					notice(L10n::t('You can\'t remove yourself'));
+				}
 				break;
 			case "block":
 				BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');