add a more secure way to delete users containing a password request

author: Philip Häusler <msquare@notrademark.de> 2015-12-30 15:48:41 +0100
committer: Philip Häusler <msquare@notrademark.de> 2015-12-30 15:48:41 +0100
commit: ef60b955555ea1d22da8494a34440c3fd2d8b190 (patch)
tree: fbe409ee1e4426fab4ea10a51fde324350a4f2fd /includes/view/User_view.php
parent: 1983db901b9b7ea9b87a66ed38f030369dc3a0a4 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/includes/view/User_view.php b/includes/view/User_view.php
index e5ed7e0e..09668d6f 100644
--- a/includes/view/User_view.php
+++ b/includes/view/User_view.php
@@ -20,6 +20,23 @@ $tshirt_sizes = array(
 );
 
 /**
+ * Gui for deleting user with password field.
+ */
+function User_delete_view($user) {
+  return page_with_title(sprintf(_("Delete %s"), User_Nick_render($user)), [
+      msg(),
+      buttons([
+          button(user_edit_link($user), glyph('chevron-left') . _("back")) 
+      ]),
+      error(_("Do you really want to delete the user including all his shifts and every other piece of his data?"), true),
+      form([
+          form_password('password', _("Your password")),
+          form_submit('submit', _("Delete")) 
+      ]) 
+  ]);
+}
+
+/**
  * View for editing the number of given vouchers
  */
 function User_edit_vouchers_view($user) {
author	Philip Häusler <msquare@notrademark.de>	2015-12-30 15:48:41 +0100
committer	Philip Häusler <msquare@notrademark.de>	2015-12-30 15:48:41 +0100
commit	ef60b955555ea1d22da8494a34440c3fd2d8b190 (patch)
tree	fbe409ee1e4426fab4ea10a51fde324350a4f2fd /includes/view/User_view.php
parent	1983db901b9b7ea9b87a66ed38f030369dc3a0a4 (diff)