From: Fabrixxm <fabrix.xm@gmail.com>
Date: Tue, 23 Jun 2015 08:39:28 +0000 (+0200)
Subject: admin: allow deletion of any users but yourself
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=3168b4431775b1fc3365d10df5416efb1db5996f;p=friendica.git
admin: allow deletion of any users but yourself
fix #1625
---
diff --git a/mod/admin.php b/mod/admin.php
index 78735262c2..abdf7162df 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -792,7 +792,7 @@ function admin_page_users_post(&$a){
$nu_nickname = ( x($_POST, 'new_user_nickname') ? $_POST['new_user_nickname'] : '');
$nu_email = ( x($_POST, 'new_user_email') ? $_POST['new_user_email'] : '');
- check_form_security_token_redirectOnErr('/admin/users', 'admin_users');
+ check_form_security_token_redirectOnErr($a->get_baseurl().'/admin/users', 'admin_users');
if (!($nu_name==="") && !($nu_email==="") && !($nu_nickname==="")) {
require_once('include/user.php');
@@ -946,11 +946,8 @@ function admin_page_users(&$a){
intval($a->pager['itemspage'])
);
- function _setup_users($e){
- $a = get_app();
-
- $adminlist = explode(",", str_replace(" ", "", $a->config['admin_email']));
-
+ $adminlist = explode(",", str_replace(" ", "", $a->config['admin_email']));
+ $_setup_users = function ($e) use ($adminlist){
$accounts = Array(
t('Normal Account'),
t('Soapbox Account'),
@@ -963,10 +960,11 @@ function admin_page_users(&$a){
$e['lastitem_date'] = relative_date($e['lastitem_date']);
//$e['is_admin'] = ($e['email'] === $a->config['admin_email']);
$e['is_admin'] = in_array($e['email'], $adminlist);
+ $e['is_deletable'] = (intval($e['uid']) != local_user());
$e['deleted'] = ($e['account_removed']?relative_date($e['account_expires_on']):False);
return $e;
- }
- $users = array_map("_setup_users", $users);
+ };
+ $users = array_map($_setup_users, $users);
// Get rid of dashes in key names, Smarty3 can't handle them
diff --git a/view/templates/admin_users.tpl b/view/templates/admin_users.tpl
index fc3c6377f1..3354cfe1a2 100644
--- a/view/templates/admin_users.tpl
+++ b/view/templates/admin_users.tpl
@@ -70,18 +70,18 @@
<td class='lastitem_date'>{{$u.lastitem_date}}</td>
<td class='login_date'>{{$u.page_flags}} {{if $u.is_admin}}({{$siteadmin}}){{/if}} {{if $u.account_expired}}({{$accountexpired}}){{/if}}</td>
<td class="checkbox">
- {{if $u.is_admin}}
-
- {{else}}
- <input type="checkbox" class="users_ckbx" id="id_user_{{$u.uid}}" name="user[]" value="{{$u.uid}}"/></td>
- {{/if}}
+ {{if $u.is_deletable}}
+ <input type="checkbox" class="users_ckbx" id="id_user_{{$u.uid}}" name="user[]" value="{{$u.uid}}"/></td>
+ {{else}}
+
+ {{/if}}
<td class="tools">
- {{if $u.is_admin}}
-
- {{else}}
- <a href="{{$baseurl}}/admin/users/block/{{$u.uid}}?t={{$form_security_token}}" title='{{if $u.blocked}}{{$unblock}}{{else}}{{$block}}{{/if}}'><span class='icon block {{if $u.blocked==0}}dim{{/if}}'></span></a>
- <a href="{{$baseurl}}/admin/users/delete/{{$u.uid}}?t={{$form_security_token}}" title='{{$delete}}' onclick="return confirm_delete('{{$u.name}}')"><span class='icon drop'></span></a>
- {{/if}}
+ {{if $u.is_deletable}}
+ <a href="{{$baseurl}}/admin/users/block/{{$u.uid}}?t={{$form_security_token}}" title='{{if $u.blocked}}{{$unblock}}{{else}}{{$block}}{{/if}}'><span class='icon block {{if $u.blocked==0}}dim{{/if}}'></span></a>
+ <a href="{{$baseurl}}/admin/users/delete/{{$u.uid}}?t={{$form_security_token}}" title='{{$delete}}' onclick="return confirm_delete('{{$u.name}}')"><span class='icon drop'></span></a>
+ {{else}}
+
+ {{/if}}
</td>
</tr>
{{/foreach}}
diff --git a/view/theme/quattro/templates/admin_users.tpl b/view/theme/quattro/templates/admin_users.tpl
index 249f1f6728..7f5ae2dfbc 100644
--- a/view/theme/quattro/templates/admin_users.tpl
+++ b/view/theme/quattro/templates/admin_users.tpl
@@ -70,18 +70,18 @@
<td class='lastitem_date'>{{$u.lastitem_date}}</td>
<td class='login_date'>{{$u.page_flags}} {{if $u.is_admin}}({{$siteadmin}}){{/if}} {{if $u.account_expired}}({{$accountexpired}}){{/if}}</td>
<td class="checkbox">
- {{if $u.is_admin}}
-
- {{else}}
- <input type="checkbox" class="users_ckbx" id="id_user_{{$u.uid}}" name="user[]" value="{{$u.uid}}"/></td>
- {{/if}}
+ {{if $u.is_deletable}}
+ <input type="checkbox" class="users_ckbx" id="id_user_{{$u.uid}}" name="user[]" value="{{$u.uid}}"/></td>
+ {{else}}
+
+ {{/if}}
<td class="tools">
- {{if $u.is_admin}}
-
- {{else}}
- <a href="{{$baseurl}}/admin/users/block/{{$u.uid}}?t={{$form_security_token}}" title='{{if $u.blocked}}{{$unblock}}{{else}}{{$block}}{{/if}}'><span class='icon {{if $u.blocked==0}}unlock{{else}}lock{{/if}}'></span></a>
- <a href="{{$baseurl}}/admin/users/delete/{{$u.uid}}?t={{$form_security_token}}" title='{{$delete}}' onclick="return confirm_delete('{{$u.name}}')"><span class='icon delete'></span></a>
- {{/if}}
+ {{if $u.is_deletable}}
+ <a href="{{$baseurl}}/admin/users/block/{{$u.uid}}?t={{$form_security_token}}" title='{{if $u.blocked}}{{$unblock}}{{else}}{{$block}}{{/if}}'><span class='icon {{if $u.blocked==0}}unlock{{else}}lock{{/if}}'></span></a>
+ <a href="{{$baseurl}}/admin/users/delete/{{$u.uid}}?t={{$form_security_token}}" title='{{$delete}}' onclick="return confirm_delete('{{$u.name}}')"><span class='icon delete'></span></a>
+ {{else}}
+
+ {{/if}}
</td>
</tr>
{{/foreach}}