Skip to content

O
OpnSense
Commit b5deb070 authored by Franco Fichtner's avatar Franco Fichtner
Browse files
Options

system: prevent user from deleting itself; closes #1031 

Bravely assisted by: @ShaRose

(cherry picked from commit 768d5e81)
parent 0b173753
Hide whitespace changes
Inline Side-by-side
Showing with 11 additions and 7 deletions
src/www/system_usermanager.php
View file @ b5deb070
...@@ -165,13 +165,17 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -165,13 +165,17 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if ($act == "deluser" && isset($id)) { if ($act == "deluser" && isset($id)) {
// drop user // drop user
local_user_del($a_user[$id]); if ($_SESSION['Username'] === $a_user[$id]['name']) {
$userdeleted = $a_user[$id]['name']; $input_errors[] = gettext('You cannot delete yourself.');
unset($a_user[$id]); } else {
write_config(); local_user_del($a_user[$id]);
$savemsg = gettext("User")." {$userdeleted} ". gettext("successfully deleted"); $userdeleted = $a_user[$id]['name'];
header("Location: system_usermanager.php?savemsg=".$savemsg); unset($a_user[$id]);
exit; write_config();
$savemsg = gettext("User")." {$userdeleted} ". gettext("successfully deleted");
header("Location: system_usermanager.php?savemsg=".$savemsg);
exit;
}
} elseif ($act == "delcert" && isset($id)) { } elseif ($act == "delcert" && isset($id)) {
// remove certificate association // remove certificate association
$certdeleted = lookup_cert($a_user[$id]['cert'][$pconfig['certid']]); $certdeleted = lookup_cert($a_user[$id]['cert'][$pconfig['certid']]);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023