aboutsummaryrefslogtreecommitdiff
path: root/actions/admin/user/removeadmin.php
diff options
context:
space:
mode:
authorcash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-11-17 12:38:14 +0000
committercash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-11-17 12:38:14 +0000
commitfc7f4e880ddfed812438fabc791c5f5056f541e6 (patch)
tree41e6146d1dc35e149b75047c9deef3f937765051 /actions/admin/user/removeadmin.php
parent66b0b9fe69ed698249b35ccfa8b601110fa99964 (diff)
downloadelgg-fc7f4e880ddfed812438fabc791c5f5056f541e6.tar.gz
elgg-fc7f4e880ddfed812438fabc791c5f5056f541e6.tar.bz2
Closes #1422 admin user actions now check for self before banning, deleting, or removing admin privileges
git-svn-id: http://code.elgg.org/elgg/trunk@7332 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'actions/admin/user/removeadmin.php')
-rw-r--r--actions/admin/user/removeadmin.php5
1 files changed, 5 insertions, 0 deletions
diff --git a/actions/admin/user/removeadmin.php b/actions/admin/user/removeadmin.php
index 468670940..97bfc396b 100644
--- a/actions/admin/user/removeadmin.php
+++ b/actions/admin/user/removeadmin.php
@@ -11,6 +11,11 @@ admin_gatekeeper();
$guid = get_input('guid');
$user = get_entity($guid);
+if ($guid == get_loggedin_userid()) {
+ register_error(elgg_echo('admin:user:self:removeadmin:no'));
+ forward(REFERER);
+}
+
if (($user instanceof ElggUser) && ($user->canEdit())) {
if ($user->removeAdmin()) {
system_message(elgg_echo('admin:user:removeadmin:yes'));