Commit 92de1f90 authored by Steven Wittens's avatar Steven Wittens
Browse files

#75289: Don't allow user 1 to be blocked or deleted

parent aae945c3
...@@ -1301,7 +1301,7 @@ function user_edit_form($uid, $edit, $register = FALSE) { ...@@ -1301,7 +1301,7 @@ function user_edit_form($uid, $edit, $register = FALSE) {
'#required' => TRUE, '#required' => TRUE,
); );
} }
if ($admin) { if ($admin && $uid != 1) {
$form['account']['status'] = array('#type' => 'radios', '#title' => t('Status'), '#default_value' => isset($edit['status']) ? $edit['status'] : 1, '#options' => array(t('Blocked'), t('Active'))); $form['account']['status'] = array('#type' => 'radios', '#title' => t('Status'), '#default_value' => isset($edit['status']) ? $edit['status'] : 1, '#options' => array(t('Blocked'), t('Active')));
} }
if (user_access('administer access control')) { if (user_access('administer access control')) {
...@@ -1385,6 +1385,9 @@ function user_edit($category = 'account') { ...@@ -1385,6 +1385,9 @@ function user_edit($category = 'account') {
$edit = $_POST['op'] ? $_POST : (array)$account; $edit = $_POST['op'] ? $_POST : (array)$account;
if (arg(2) == 'delete') { if (arg(2) == 'delete') {
if ($account->uid == 1) {
return drupal_not_found();
}
if ($edit['confirm']) { if ($edit['confirm']) {
user_delete($edit, $account->uid); user_delete($edit, $account->uid);
drupal_goto('admin/user/user'); drupal_goto('admin/user/user');
...@@ -1394,6 +1397,9 @@ function user_edit($category = 'account') { ...@@ -1394,6 +1397,9 @@ function user_edit($category = 'account') {
} }
} }
else if ($_POST['op'] == t('Delete')) { else if ($_POST['op'] == t('Delete')) {
if ($account->uid == 1) {
return drupal_not_found();
}
if ($_REQUEST['destination']) { if ($_REQUEST['destination']) {
$destination = drupal_get_destination(); $destination = drupal_get_destination();
unset($_REQUEST['destination']); unset($_REQUEST['destination']);
...@@ -1406,7 +1412,7 @@ function user_edit($category = 'account') { ...@@ -1406,7 +1412,7 @@ function user_edit($category = 'account') {
$form['_category'] = array('#type' => 'value', '#value' => $category); $form['_category'] = array('#type' => 'value', '#value' => $category);
$form['_account'] = array('#type' => 'value', '#value' => $account); $form['_account'] = array('#type' => 'value', '#value' => $account);
$form['submit'] = array('#type' => 'submit', '#value' => t('Submit'), '#weight' => 30); $form['submit'] = array('#type' => 'submit', '#value' => t('Submit'), '#weight' => 30);
if (user_access('administer users')) { if (user_access('administer users') && $account->uid != 1) {
$form['delete'] = array('#type' => 'submit', '#value' => t('Delete'), '#weight' => 31); $form['delete'] = array('#type' => 'submit', '#value' => t('Delete'), '#weight' => 31);
} }
$form['#attributes']['enctype'] = 'multipart/form-data'; $form['#attributes']['enctype'] = 'multipart/form-data';
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment