MantisBT: master-1.2.x 1d837ae7

Author Committer Branch Timestamp Parent
dhx dhx master-1.2.x 2009-08-07 06:24:59 master-1.2.x 17ae3fc0
Affected Issues  0010687: Administrators shouldn't be allowed to delete their own account
Changeset

Fix 0010687: call auth_logout before user_delete

auth_logout() does stuff that requires a valid user ID. When a user
attempts to delete their own account, we should first ensure that
they're logged out as per normal. Then we can delete their account as a
last step before redirecting them elsehwere.

The html headers/footers and redirect message have also been adjusted
for ease of use, and to ensure that the user doesn't miss the notice
about their account being deleted successfully.

mod - account_delete.php Diff File