From ef60b955555ea1d22da8494a34440c3fd2d8b190 Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Wed, 30 Dec 2015 15:48:41 +0100
Subject: add a more secure way to delete users containing a password request

---
 includes/view/User_view.php | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'includes/view/User_view.php')

diff --git a/includes/view/User_view.php b/includes/view/User_view.php
index e5ed7e0e..09668d6f 100644
--- a/includes/view/User_view.php
+++ b/includes/view/User_view.php
@@ -19,6 +19,23 @@ $tshirt_sizes = array(
     'XL-G' => "XL Girl" 
 );
 
+/**
+ * Gui for deleting user with password field.
+ */
+function User_delete_view($user) {
+  return page_with_title(sprintf(_("Delete %s"), User_Nick_render($user)), [
+      msg(),
+      buttons([
+          button(user_edit_link($user), glyph('chevron-left') . _("back")) 
+      ]),
+      error(_("Do you really want to delete the user including all his shifts and every other piece of his data?"), true),
+      form([
+          form_password('password', _("Your password")),
+          form_submit('submit', _("Delete")) 
+      ]) 
+  ]);
+}
+
 /**
  * View for editing the number of given vouchers
  */
-- 
cgit v1.2.3-54-g00ecf