Skip to content

Commit

Permalink
added deleting user
Browse files Browse the repository at this point in the history
  • Loading branch information
@dmistas
dmistas committed Feb 2, 2021
1 parent 4f8b341 commit 77d5aef
Show file tree
Hide file tree
Showing 7 changed files with 107 additions and 16 deletions.
39 changes: 39 additions & 0 deletions delete.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
<?php
session_start();
include_once 'functions.php';
// если не авторизован, перенаправляем на login
if (is_not_logged_in()) {
redirect_to('page_login.php');
exit();
}

$user_id = $_GET['id'];
// Есть ли права на редактирование
if (!is_admin() && $user_id !== $_SESSION['user']['id']) {
set_flash_message('danger', 'Недостаточно прав для редактирования');
redirect_to('users.php');
exit();
}
// Формируем путь для редиректа
$redirect_path = ($user_id == $_SESSION['user']['id']) ? "page_register.php" : "users.php";

// Удаляем изображение аватара
$img_path = get_user_by_id($user_id)['img'];
delete_img($img_path);

$is_deleted_user = delete_user($user_id);
if (!$is_deleted_user) {
set_flash_message('danger', 'Ошибка при удалении');
redirect_to('users.php');
exit();
}

// Усли не админ, закрываем сессию
if (!is_admin()) {
logout();
}

set_flash_message('success', 'Пользователь был удален');
redirect_to($redirect_path);


61 changes: 56 additions & 5 deletions functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,8 @@ function create_upload_file_name(array $file)
*
* @return boolean
*/
function has_image(string $image_path){
function has_image(string $image_path)
{
return file_exists($image_path);
}

Expand All @@ -80,6 +81,41 @@ function upload_avatar(int $user_id, array $img)
return false;
}

/**
* Удаление изображения пользователя
*
* @param string $img_path
*
* @return boolean
*/
function delete_img(string $img_path): bool
{
if (has_image($img_path)) {
return unlink($img_path);
}
return false;
}

/**
* Удалить пользователя по id
*
* @param int $user_id
*
* @return boolean
*/
function delete_user(int $user_id)
{
global $pdo;
$query = "DELETE FROM users
WHERE id = :id";
$params = [
'id' => intval($user_id),
];
$statement = $pdo->prepare($query);
$statement->execute($params);
return boolval($statement);
}

/**
* Записать в БД путь до изображения аватара
*
Expand All @@ -94,7 +130,7 @@ function set_avatar_path(int $user_id, string $path)
$query = "UPDATE users SET img=:img
WHERE id = :id";
$params = [
'id' => $user_id,
'id' => intval($user_id),
'img' => $path,
];
$statement = $pdo->prepare($query);
Expand Down Expand Up @@ -139,8 +175,9 @@ function set_status(int $user_id, string $status)
*
* @return boolean
*/
function is_valid_passwords(string $password, string $confirmed_password){
return ($password===$confirmed_password)&&!empty($password);
function is_valid_passwords(string $password, string $confirmed_password)
{
return ($password === $confirmed_password) && !empty($password);
}

/**
Expand All @@ -153,7 +190,8 @@ function is_valid_passwords(string $password, string $confirmed_password){
*
* @return boolean
*/
function edit_credentials(int $user_id, string $email, string $password){
function edit_credentials(int $user_id, string $email, string $password)
{
global $pdo;

$query = "UPDATE users SET email=:email, password=:password
Expand Down Expand Up @@ -218,6 +256,19 @@ function is_not_logged_in()
return (!isset($_SESSION['user']) && empty($_SESSION['user']));
}

/**
* Функция выхода из аккаунта
*
* @return void
*/
function logout()
{
if (isset($_SESSION['user']))
unset($_SESSION['user']);
session_destroy();
}


/**
* Функция авторизации пользователя
*
Expand Down
5 changes: 1 addition & 4 deletions logout.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,6 @@
<?php
session_start();
include_once 'functions.php';
if (isset($_SESSION['user'])) {
unset($_SESSION['user']);
session_destroy();
}
logout();
redirect_to('page_login.php');

12 changes: 8 additions & 4 deletions page_register.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,11 +65,15 @@
</h2>
</div>
<div class="col-xl-6 ml-auto mr-auto">
<?php
if (isset($_SESSION['success'])) {
display_flash_message("success");
}
if (isset($_SESSION['danger'])) {
display_flash_message("danger");
}
?>
<div class="card p-4 rounded-plus bg-faded">
<?php
if (isset($_SESSION['danger'])) {
display_flash_message("danger");
} ?>
<form id="js-login" novalidate="" action="register.php" method="post">
<div class="form-group">
<label class="form-label" for="emailverify">Email</label>
Expand Down
2 changes: 1 addition & 1 deletion security.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
exit();
}
// Есть ли права на редактирование
if (!is_admin() ?? $_POST['id'] !== $_SESSION['user']['id']) {
if (!is_admin() && $_POST['id'] !== $_SESSION['user']['id']) {
set_flash_message('danger', 'Недостаточно прав для редактирования');
redirect_to('users.php');
exit();
Expand Down
2 changes: 1 addition & 1 deletion test.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@
// этот файл не участвует в работе сайта
session_start();
include_once 'functions.php';
echo is_valid_passwords("1","1");
d(get_user_by_id(42));
2 changes: 1 addition & 1 deletion users.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ class="fs-xl text-truncate text-truncate-lg text-info">
<i class="fa fa-camera"></i>
Загрузить аватар
</a>
<a href="index.php?delete&id=<?= $user['id'] ?>" class="dropdown-item"
<a href="delete.php?delete&id=<?= $user['id'] ?>" class="dropdown-item"
onclick="return confirm('are you sure?');">
<i class="fa fa-window-close"></i>
Удалить
Expand Down

0 comments on commit 77d5aef

Please sign in to comment.