From f2418991cd7cf41467e8d0d8f78bda88463d44ad Mon Sep 17 00:00:00 2001 From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com> Date: Sun, 22 Jan 2023 22:10:00 +0100 Subject: [PATCH 1/2] add admin action to delete accounts --- Controllers/UserController.php | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/Controllers/UserController.php b/Controllers/UserController.php index a58cd1a..2134123 100644 --- a/Controllers/UserController.php +++ b/Controllers/UserController.php @@ -128,16 +128,38 @@ final class UserController } public function deleteAction(Array $A_urlParams = null, Array $A_postParams = null) + { + if (count($A_urlParams) ==0 ) { + self::userDeleteAction($A_urlParams, $A_postParams); + }else{ + self::adminDeleteAction($A_urlParams, $A_postParams); + } + } + + private function userDeleteAction(Array $A_urlParams = null, Array $A_postParams = null) { Session::login_or_die(); $O_userModel = new UserModel(); - $O_userModel->deleteByID($_SESSION["ID"]); Session::destroy_session(); header("Location: /"); } + + private function adminDeleteAction(Array $A_urlParams = null, Array $A_postParams = null) + { + Session::admin_or_die(); + + $I_user_id = Utils::intOrDie($A_urlParams[0]); + + + $O_userModel = new UserModel(); + $O_userModel->deleteByID($I_user_id); + + echo "Le compte à été supprimé avec succès"; + + } } From 1c181eb90754fbe94fe2110e4d38f13f4a029268 Mon Sep 17 00:00:00 2001 From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com> Date: Mon, 23 Jan 2023 14:17:47 +0100 Subject: [PATCH 2/2] anonymise account before deleting it --- Models/UserModel.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/Models/UserModel.php b/Models/UserModel.php index 43b417a..511effc 100644 --- a/Models/UserModel.php +++ b/Models/UserModel.php @@ -74,7 +74,21 @@ final class UserModel extends UserSessionModel $stmt->execute(); } + public function anonymiseByID($I_id){ + $O_model = Model::get(); + + $stmt = $O_model->prepare("UPDATE RECIPE SET AUTHOR_ID = NULL WHERE AUTHOR_ID = :id"); + $stmt->bindParam("id", $I_id); + $stmt->execute(); + + $stmt = $O_model->prepare("UPDATE APPRECIATION SET AUTHOR_ID = NULL WHERE AUTHOR_ID = :id"); + $stmt->bindParam("id", $I_id); + $stmt->execute(); + } + public function deleteByID($I_id){ + self::anonymiseByID($I_id); + $O_model = Model::get(); $stmt = $O_model->prepare("DELETE FROM USER WHERE ID=:id"); $stmt->bindParam("id", $I_id);