From ef60b955555ea1d22da8494a34440c3fd2d8b190 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Wed, 30 Dec 2015 15:48:41 +0100 Subject: add a more secure way to delete users containing a password request --- includes/controller/users_controller.php | 55 ++++++++++++++++++++++++++++++++ includes/engelsystem_provider.php | 1 + includes/mailer/users_mailer.php | 9 ++++++ includes/model/User_model.php | 9 ++++++ includes/pages/admin_user.php | 25 ++------------- includes/view/User_view.php | 17 ++++++++++ 6 files changed, 94 insertions(+), 22 deletions(-) create mode 100644 includes/mailer/users_mailer.php diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php index c560e79a..404b7f9b 100644 --- a/includes/controller/users_controller.php +++ b/includes/controller/users_controller.php @@ -27,10 +27,65 @@ function users_controller() { } } +/** + * Delete a user, requires to enter own password for reasons. + */ +function user_delete_controller() { + global $privileges, $user; + + if (isset($_REQUEST['user_id'])) { + $user_source = User($_REQUEST['user_id']); + } else + $user_source = $user; + + if (! in_array('admin_user', $privileges)) + redirect(page_link_to('')); + + // You cannot delete yourself + if ($user['UID'] == $user_source['UID']) { + error(_("You cannot delete yourself.")); + redirect(user_link($user)); + } + + if (isset($_REQUEST['submit'])) { + $ok = true; + + if (! (isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))) { + $ok = false; + error(_("Your password is incorrect. Please try it again.")); + } + + if ($ok) { + $result = User_delete($user_source['UID']); + if ($result === false) + engelsystem_error('Unable to delete user.'); + + mail_user_delete($user_source); + success(_("User deleted.")); + engelsystem_log(sprintf("Deleted %s", User_Nick_render($user_source))); + + redirect(users_link()); + } + } + + return array( + sprintf(_("Delete %s"), $user_source['Nick']), + User_delete_view($user_source) + ); +} + function users_link() { return page_link_to('users'); } +function user_edit_link($user) { + return page_link_to('admin_user') . '&user_id=' . $user['UID']; +} + +function user_delete_link($user) { + return page_link_to('users') . '&action=delete&user_id=' . $user['UID']; +} + function user_link($user) { return page_link_to('users') . '&action=view&user_id=' . $user['UID']; } diff --git a/includes/engelsystem_provider.php b/includes/engelsystem_provider.php index 30bfae7d..fa5e86a4 100644 --- a/includes/engelsystem_provider.php +++ b/includes/engelsystem_provider.php @@ -48,6 +48,7 @@ require_once realpath(__DIR__ . '/../includes/helper/error_helper.php'); require_once realpath(__DIR__ . '/../includes/helper/email_helper.php'); require_once realpath(__DIR__ . '/../includes/mailer/shifts_mailer.php'); +require_once realpath(__DIR__ . '/../includes/mailer/users_mailer.php'); require_once realpath(__DIR__ . '/../config/config.default.php'); if (file_exists(realpath(__DIR__ . '/../config/config.php'))) diff --git a/includes/mailer/users_mailer.php b/includes/mailer/users_mailer.php new file mode 100644 index 00000000..b08af92b --- /dev/null +++ b/includes/mailer/users_mailer.php @@ -0,0 +1,9 @@ + \ No newline at end of file diff --git a/includes/model/User_model.php b/includes/model/User_model.php index d051b3e9..e1bb2733 100644 --- a/includes/model/User_model.php +++ b/includes/model/User_model.php @@ -4,6 +4,15 @@ * User model */ +/** + * Delete a user + * + * @param int $user_id + */ +function User_delete($user_id) { + return sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($user_id) . "'"); +} + /** * Update user. * diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 6d327d7f..516bd1e4 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -113,9 +113,9 @@ function admin_user() { $html .= "
"; } - $html .= "
\n"; - $html .= "\n"; - $html .= "
"; + $html .= buttons([ + button(user_delete_link($user_source), glyph('lock') . _("delete"), 'btn-danger') + ]); $html .= "
"; } else { @@ -156,25 +156,6 @@ function admin_user() { } break; - case 'delete': - if ($user['UID'] != $id) { - $user_source = User($id); - if ($user_source === false) - engelsystem_error("Unable to load user."); - if ($user_source == null) { - error(_('This user does not exist.')); - redirect(users_link()); - } - - sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); - sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'"); - engelsystem_log("Deleted user " . User_Nick_render($user_source)); - $html .= success("Benutzer gelöscht!", true); - } else { - $html .= error("Du kannst Dich nicht selber löschen!", true); - } - break; - case 'save': $force_active = $user['force_active']; if (in_array('admin_active', $privileges)) diff --git a/includes/view/User_view.php b/includes/view/User_view.php index e5ed7e0e..09668d6f 100644 --- a/includes/view/User_view.php +++ b/includes/view/User_view.php @@ -19,6 +19,23 @@ $tshirt_sizes = array( 'XL-G' => "XL Girl" ); +/** + * Gui for deleting user with password field. + */ +function User_delete_view($user) { + return page_with_title(sprintf(_("Delete %s"), User_Nick_render($user)), [ + msg(), + buttons([ + button(user_edit_link($user), glyph('chevron-left') . _("back")) + ]), + error(_("Do you really want to delete the user including all his shifts and every other piece of his data?"), true), + form([ + form_password('password', _("Your password")), + form_submit('submit', _("Delete")) + ]) + ]); +} + /** * View for editing the number of given vouchers */ -- cgit v1.2.3-70-g09d2