// email change successful
echo '<p style="color:green;">Mail has been successfuly changed!</p>';
} elseif (!empty($_POST['email'])) {
// email change request
$result = user::change_email($_SESSION['user']['id'], $_POST['email']);
if ($result) {
redirect('?p=account&action=email&ok');
die;
} else {
echo '<p>Impossible to change email!</p>';
}
}
} elseif ($action == 'delete') {
if (!empty($_POST['csrf_token'])) {
$token = $_POST['csrf_token'];
$valid = csrf::check($token, $_SESSION['token']);
if ($valid) {
$result = user::delete($_SESSION['user']['id']);
if ($result) {
redirect('?p=disconnect&delete');
die;
} else {
echo '<p>Impossible to delete this account!</p>';
}
} else {
echo '<p style="color:red;">Wrong CSRF token!</p>';
}
}
} else {
// unknown action
}