Admin: Fix delete user

7 years ago · d7c88805ca
parent 6cdaa955cc
commit d7c88805ca
2 changed files with 12 additions and 7 deletions
--- a/main/admin/user_list.php
+++ b/main/admin/user_list.php
@ -66,6 +66,8 @@ if ($variables) {
    }
 }

+$currentUser = api_get_current_user();
+
 Session::write('variables_to_show', $variablesToShow);

 $htmlHeadXtra[] = '<script>
@ -796,7 +798,7 @@ function modify_filter($user_id, $url_params, $row)
 */
 function active_filter($active, $params, $row)
 {
-    $_user = api_get_user_info();
+    $currentUser = api_get_current_user();

    if ($active == '1') {
        $action = 'Lock';
@ -818,7 +820,7 @@ function active_filter($active, $params, $row)
            [],
            16
        );
-    } elseif ($row['0'] != $_user['user_id']) {
+    } elseif ($row['0'] != $currentUser->getId()) {
        // you cannot lock yourself out otherwise you could disable all the
        // accounts including your own => everybody is locked out and nobody
        // can change it anymore.
@ -887,7 +889,7 @@ if (!empty($action)) {
                    $number_of_affected_users = 0;
                    if (is_array($_POST['id'])) {
                        foreach ($_POST['id'] as $index => $user_id) {
-                            if ($user_id != $_user['user_id']) {
+                            if ($user_id != $currentUser->getId()) {
                                if (UserManager::delete_user($user_id)) {
                                    $number_of_affected_users++;
                                }
@ -913,7 +915,7 @@ if (!empty($action)) {
                    $number_of_affected_users = 0;
                    if (is_array($_POST['id'])) {
                        foreach ($_POST['id'] as $index => $user_id) {
-                            if ($user_id != $_user['user_id']) {
+                            if ($user_id != $currentUser->getId()) {
                                if (UserManager::disable($user_id)) {
                                    $number_of_affected_users++;
                                }
@ -939,7 +941,7 @@ if (!empty($action)) {
                    $number_of_affected_users = 0;
                    if (is_array($_POST['id'])) {
                        foreach ($_POST['id'] as $index => $user_id) {
-                            if ($user_id != $_user['user_id']) {
+                            if ($user_id != $currentUser->getId()) {
                                if (UserManager::enable($user_id)) {
                                    $number_of_affected_users++;
                                }
--- a/main/inc/lib/usermanager.lib.php
+++ b/main/inc/lib/usermanager.lib.php
@ -749,6 +749,8 @@ class UserManager
        $table_group = Database::get_course_table(TABLE_GROUP_USER);
        $table_work = Database::get_course_table(TABLE_STUDENT_PUBLICATION);

+        $user = api_get_user_entity($user_id);
+
        // Unsubscribe the user from all groups in all his courses
        $sql = "SELECT c.id 
                FROM $table_course c 
@ -916,8 +918,9 @@ class UserManager
        $app_plugin->performActionsWhenDeletingItem('user', $user_id);

        // Delete user from database
-        $sql = "DELETE FROM $table_user WHERE id = '".$user_id."'";
-        Database::query($sql);
+        $em->remove($user);
+
+        $em->flush();

        // Add event to system log
        $user_id_manager = api_get_user_id();