diff options
Diffstat (limited to 'views/user')
| -rw-r--r-- | views/user/delete/index.php | 2 | ||||
| -rw-r--r-- | views/user/index.php | 22 |
2 files changed, 14 insertions, 10 deletions
diff --git a/views/user/delete/index.php b/views/user/delete/index.php index d1ce8b9..cdc61ac 100644 --- a/views/user/delete/index.php +++ b/views/user/delete/index.php @@ -8,7 +8,7 @@ catch(Exception $e) {} ?> -<?php if ($to_delete !== null && $user->UID === $to_delete->UID): ?> +<?php if ($to_delete !== null && ($user->UID === $to_delete->UID || $user->Role === 'Admin')): ?> <h1>Are you sure you want to delete <?= $to_delete->Username ?>?</h1> <form action="#" method="POST" class="font-115 flex-col-centered max-width-20 center-margin"> diff --git a/views/user/index.php b/views/user/index.php index 82c95c8..40995d2 100644 --- a/views/user/index.php +++ b/views/user/index.php @@ -1,7 +1,9 @@ <?php $user = null; + $loggedin = null; try { $user = Database\User::fromDB($username); + $loggedin = Database\Cookie::fromDB($TOKEN); } catch(Exception $e) {} ?> @@ -15,16 +17,18 @@ <div class="user-blank-afterspace"></div> <section id="user-buttons" hidden> - <form action="/list/new" method="GET"> - <input type="submit" value="Create a new list"> - </form> - <form action="/user/settings" method="GET"> - <input type="submit" value="Account settings"> - </form> - <?php if ($user->Role === 'Admin'): ?> - <form action="/admin" method="GET"> - <input type="submit" value="Admin panel"> + <?php if ($user !== null && $loggedin !== null && $user->UID === $loggedin->UID): ?> + <form action="/list/new" method="GET"> + <input type="submit" value="Create a new list"> </form> + <form action="/user/settings" method="GET"> + <input type="submit" value="Account settings"> + </form> + <?php if ($user->Role === 'Admin'): ?> + <form action="/admin" method="GET"> + <input type="submit" value="Admin panel"> + </form> + <?php endif; ?> <?php endif; ?> </section> <script type="text/javascript"> |