-
Notifications
You must be signed in to change notification settings - Fork 0
/
remove_profile.php
126 lines (106 loc) · 3.77 KB
/
remove_profile.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<?php
/*
Profile remove page. Part of Runosydan.net.
Copyright (C) 2009 Aleksi Räsänen <aleksi.rasanen@runosydan.net>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
session_start();
// This site cannot be seen if user is not logged in.
if(! isset( $_SESSION['username'] ) )
header( 'Location: index.php' );
// create_site_top and create_site_menu is defined in
// file general_functions.php
require 'general_functions.php';
// If user has not pressed Account Remove button, then show the form
if(! isset( $_GET['action'] ) )
{
create_site_top();
create_top_menu();
echo '<div class="remove_profile">';
echo '<h3>Käyttäjätunnuksen poisto</h3>';
echo '<p>Voit poistaa käyttäjätunnuksesti painamalla alempana olevaa '
. 'painiketta sekä antamalla salasanasi alempana olevaan laatikkoon. '
. '<br><br><b>Huomaa että käyttäjätunnuksen palauttaminen '
. 'ei ole mahdollista</b>, vaan kaikki tiedot poistetaan '
. 'tietokannasta (mukaanlukien kirjoittamasi kommentit sekä '
. 'saamasi kommentit). Voit tietenkin myöhemmin tehdä '
. 'käyttäjätunnuksen uudelleen mikäli tahdot.</p>';
echo '<form method="post" action="remove_profile.php?action=remove">';
echo 'Salasanasi: <input type="password" name="password"> ';
echo '<input type="submit" value="Poista tunnus">';
echo '</form>';
}
// User pressed account remove button, try to remove account
else
{
// Search user by ID.
$q = 'SELECT password FROM rs_users WHERE id="' . $_SESSION['id'] . '"';
$ret = $db->query( $q );
// User found (If it is not found, then something is wrong...)?
if( $db->numRows( $ret ) > 0 )
{
$ret = $db->fetchAssoc( $ret );
// Make sure that given password match with the password
// that is stored to database.
if( $ret[0]['password'] == sha1( $_POST['password'] ) )
{
try
{
// Remove user account
$q = 'DELETE FROM rs_users WHERE id='
. $_SESSION['id'];
$db->query( $q );
// Remove all poems by this user
$q = 'DELETE FROM rs_poem WHERE user_id='
. $_SESSION['id'];
$db->query( $q );
// Remove all comments for this user poems
$q = 'DELETE FROM rs_comments WHERE poet_id='
. $_SESSION['id'];
$db->query( $q );
// Delete all comments written by this user
$q = 'DELETE FROM rs_comments WHERE commenter_id='
. $_SESSION['id'];
$db->query( $q );
}
catch( Exception $e )
{
echo 'Virhe tietokantayhteydessä!';
}
// Remove also login information from sessions.
unset( $_SESSION['username'] );
unset( $_SESSION['id'] );
create_site_top();
create_top_menu();
echo '<div class="remove_profile">';
echo '<br>';
echo 'Käyttäjätunnuksesi on nyt poistettu!<br><br>';
echo '<a href="index.php">Etusivulle</a><br><br>';
echo '</div>';
}
// Given password did not match with the password
// what was on the database!
else
{
create_site_top();
create_top_menu();
echo '<div class="remove_profile">';
echo '<br>';
echo 'Antamasi salasana oli väärä!<br><br>';
echo '<a href="remove_profile.php">Palaa takaisin</a><br><br>';
echo '</div>';
}
}
}
echo '<br>';
echo '</div>';
?>