Congegni
/
sintonia
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

-cc-2126: user should not be able to delete himself 

added server side check
This commit is contained in:
martin 2011-05-16 22:37:54 -04:00
parent df3b24d3ad
commit a937dcb5ac
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
airtime_mvc/application/controllers/UserController.php
View File

@ -83,10 +83,16 @@ class UserController extends Zend_Controller_Action
public function removeUserAction() public function removeUserAction()
{ {
// action body // action body
$id = $this->_getParam('id'); $delId = $this->_getParam('id');
$user = new User($id);
$userInfo = Zend_Auth::getInstance()->getStorage()->read();
$this->view->entries = $user->delete(); $userId = $userInfo->id;
if ($delId != $userId){
$user = new User($delId);
$this->view->entries = $user->delete();
}
} }