Commit 92c7ba51 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Check user is not deleted on form submission (bug #494484)


Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent 50329033
......@@ -1346,15 +1346,21 @@ function pieform_validate(Pieform $form, $values) {
throw new UserException('Invalid session key');
}
// Check to make sure the user has not been suspended, so that they cannot
// Check to make sure the user has not been suspended or deleted, so that they cannot
// perform any action
if ($USER) {
$record = get_record_sql('SELECT suspendedctime, suspendedreason
$record = get_record_sql('SELECT suspendedctime, suspendedreason, deleted
FROM {usr}
WHERE id = ?', array($USER->get('id')));
if ($record && $record->suspendedctime) {
if ($record) {
if ($record->suspendedctime) {
throw new UserException(get_string('accountsuspended', 'mahara', $record->suspendedctime, $record->suspendedreason));
}
if ($record->deleted) {
$USER->logout();
throw new AccessDeniedException(get_string('accountdeleted', 'mahara'));
}
}
}
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment