diff --git a/TODO b/TODO index 28b9cb0..10f1db0 100755 --- a/TODO +++ b/TODO @@ -9,7 +9,3 @@ install.php : ============= * Link beside password field to toggle visible / not visible * TRUNCATE before CREATE TABLE in install.php - -index.php : -=========== -* Delete user (+ check if not you) diff --git a/inc/Storage.class.php b/inc/Storage.class.php index 67233be..1539e59 100644 --- a/inc/Storage.class.php +++ b/inc/Storage.class.php @@ -165,4 +165,27 @@ class Storage { $this->id = (!isset($this->id) ? $this->connection->lastInsertId() : $this->id); } + + public function delete() { + $query = 'DELETE FROM '.MYSQL_PREFIX.$this->TABLE_NAME.' WHERE '; + + $i = false; + foreach($this->fields as $field=>$type) { + if(!empty($this->$field)) { + if($i) { $query .= ' AND '; } else { $i = true; } + + $query .= $field.'=:'.$field; + } + } + + $query = $this->connection->prepare($query); + + foreach($this->fields as $field=>$type) { + if(!empty($this->$field)) { + $query->bindParam(':'.$field, $this->$field); + } + } + + $query->execute(); + } } diff --git a/index.php b/index.php index b7db423..4701124 100644 --- a/index.php +++ b/index.php @@ -127,9 +127,10 @@ case 'delete_user': if($_GET['user_id'] != $current_user->getId()) { $user = new User(); + $user->setId($_GET['user_id']); $user->delete(); - header('location: index.php'); + header('location: index.php?do=edit_users'); exit(); } break;