update($METHOD['username']); header('Location: /user/' . $METHOD['username']); break; case 'password': $user->update($user->Username, $METHOD['password']); header('Location: /user/' . $user->Username); break; } exit(); } function on_delete() { global $TOKEN; global $METHOD; global $user_status; $user_status = ""; $user = null; try { $user = Database\Cookie::fromDB($TOKEN); } catch (Exception $e) { $user_status = 'Invalid token!'; return; } $to_delete = null; try { $to_delete = Database\User::fromDBuid($METHOD['uid']); } catch(Exception $e) { $list_status = "The user you're trying to delete doesn't exist!"; return; } if ($user->UID !== $to_delete->UID && $user->Role !== 'Admin') { $list_status = 'You have no permission to delete this user!'; return; } $to_delete->delete(); header('Location: /'); exit(); }