From 0343169cb1de2bac8133f598af9b0086057c3ece Mon Sep 17 00:00:00 2001
From: Jeff Teunissen <deek@d2dc.net>
Date: Wed, 6 Jun 2001 06:16:19 +0000
Subject: [PATCH] Re-commit my "delete user" changes.

---
 members/deluser.php | 117 +++++++++++++++++++++++---------------------
 1 file changed, 61 insertions(+), 56 deletions(-)

diff --git a/members/deluser.php b/members/deluser.php
index bac1a6a..95a27d9 100644
--- a/members/deluser.php
+++ b/members/deluser.php
@@ -1,56 +1,61 @@
-<?	// Preamble
-	$pageName = "Admin - Delete User";
-	$focused = "home";					// Dock icon name to gets a border
-	$need = 'auth';
-	require("../parts/preamble.php");	// Load most of document
-?>	
-<?
-	if ($u_username) {
-		need('sql');
-
-		$u_username = AddSlashes($u_username);
-		
-		$conn = mysql_connect (sqlHost, sqlUser, sqlPass);
-		if ($conn) {
-			$query1 = "DELETE FROM members WHERE u_username = '$u_username'";
-
-			$result = mysql_db_query (sqlDB, $query1, $conn);
-			if ($result) {
-				$numRows = mysql_affected_rows ($conn);
-				if ($numRows) {
-					echo '<P>User removed from members dbase successfully.';
-				} else {
-					echo '<P>There was an error in your input. The error was ' . mysql_error ($conn);
-				}
-			} else {
-				echo '<P>There was an error in your input. The error was ' . mysql_error ($conn);
-			}
-			$query2 = "DELETE FROM devel_plans WHERE p_user = '$p_username'";
-			$result2 = mysql_db_query (sqlDB, $query2, $conn);
-			if ($result2) {
-				$numRows2 = mysql_affected_rows ($conn);
-				if ($numRows2) {
-					echo '<P>User removed from plan dbase successfully.';
-					echo '<P>This webpage will self-destruct in 30 seconds.';
-				} else {
-					echo '<P>There was an error in your input. The error was ' . mysql_error ($conn);
-				}
-			} else {
-				echo '<P>There was an error in your input. The error was ' . mysql_error ($conn);
-			}
-			mysql_close ($conn);
-		} else {
-			echo 'You suck, butthead.';
-		}
-	} else {
-?>
-<FORM action="deluser.php" method="post">
-<P>Good morning Mr. Phipps, who will we be deleting today?
-<P>Username:&nbsp;&nbsp; <INPUT type="text" name="u_username" size="12"></INPUT>
-</FORM>
-<?
-	}
-?>
-<?
-	require (siteHome ."/parts/postamble.php");	// Finish this sucker up
-?>
+<?	// Preamble
+	$pageName = "Admin - Delete User";
+	$focused = "home";					// Dock icon name to get a border
+	$need = 'auth';
+	require '../parts/preamble.php';	// Load most of document
+?>	
+<?
+	if ($userInfo[u_admin] == 'Y' && $u_username) {
+		need ('sql');
+
+		$u_username = AddSlashes ($u_username);
+		
+		$conn = mysql_connect (sqlHost, sqlUser, sqlPass);
+		if ($conn) {
+			$query = "DELETE FROM members WHERE u_username = '$u_username'";
+
+			$result = mysql_db_query (sqlDB, $query, $conn);
+			if ($result) {
+				$numRows = mysql_affected_rows ($conn);
+				if ($numRows) {
+					echo '<P>User removed from members dbase successfully.';
+				} else {
+					echo '<P>User was not found in members database.';
+				}
+			} else {
+				echo '<P>There was an error in your input. The error was ' . mysql_error ($conn);
+			}
+
+			$query = "DELETE FROM devel_plans WHERE p_user = '$p_username'";
+			$result = mysql_db_query (sqlDB, $query, $conn);
+			if ($result) {
+				$numRows = mysql_affected_rows ($conn);
+				if ($numRows) {
+					echo '<P>User removed from plan dbase successfully.';
+					echo '<P>This webpage will self-destruct in 30 seconds.';
+				} else {
+					echo '<P>User was not found in plan database.';
+				}
+			} else {
+				echo '<P>There was an error in your input. The error was ' . mysql_error ($conn);
+			}
+			mysql_close ($conn);
+		} else {
+			echo '<P>You suck, butthead.';
+		}
+	} else {
+		if ($userInfo[u_admin] == 'Y') {
+?>
+<FORM action="deluser.php" method="post">
+	<P>Good morning Mr. Phelps, who will we be eliminating today?
+	<P>Username: <INPUT type="text" name="u_username" size="12"></INPUT>
+</FORM>
+<?
+		} else {
+			echo 'You are not authorized to view this page. Now go away or I shall taunt you a second time!';
+		}
+	}
+?>
+<?
+	require siteHome . '/parts/postamble.php';	// Finish this sucker up
+?>