+-----------------------------------------------------------------------+
| program/steps/settings/delete_identity.inc |
| |
- | This file is part of the RoundCube Webmail client |
- | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland |
+ | This file is part of the Roundcube Webmail client |
+ | Copyright (C) 2005-2009, Roundcube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
| Author: Thomas Bruederli <roundcube@gmail.com> |
+-----------------------------------------------------------------------+
- $Id: delete_identity.inc 543 2007-04-28 18:07:12Z thomasb $
+ $Id: delete_identity.inc 4025 2010-09-30 13:24:33Z alec $
*/
-if (($ids = get_input_value('_iid', RCUBE_INPUT_GET)) && preg_match('/^[0-9]+(,[0-9]+)*$/', $ids))
+$iid = get_input_value('_iid', RCUBE_INPUT_GPC);
+
+// check request token
+if (!$OUTPUT->ajax_call && !$RCMAIL->check_request(RCUBE_INPUT_GPC)) {
+ $OUTPUT->show_message('invalidrequest', 'error');
+ rcmail_overwrite_action('identities');
+ return;
+}
+
+if ($iid && preg_match('/^[0-9]+(,[0-9]+)*$/', $iid))
{
- $DB->query(
- "UPDATE ".get_table_name('identities')."
- SET del=1
- WHERE user_id=?
- AND identity_id IN (".$ids.")",
- $_SESSION['user_id']);
+ $plugin = $RCMAIL->plugins->exec_hook('identity_delete', array('id' => $iid));
+
+ $deleted = !$plugin['abort'] ? $USER->delete_identity($iid) : $plugin['result'];
- $count = $DB->affected_rows();
- if ($count)
- $OUTPUT->show_message('deletedsuccessfully', 'confirmation');
+ if ($deleted)
+ $OUTPUT->show_message('deletedsuccessfully', 'confirmation', null, false);
+ else
+ $OUTPUT->show_message($plugin['message'] ? $plugin['message'] : 'nodeletelastidentity', 'error', null, false);
// send response
if ($OUTPUT->ajax_call)
$OUTPUT->send();
}
-
if ($OUTPUT->ajax_call)
exit;
-
// go to identities page
rcmail_overwrite_action('identities');
-
-?>