Hi Andy,
I know that you can use something like the following to insert a value into an existing field in a logged in user's record in the accounts table in CMSB
mysql_query("INSERT INTO `{$TABLE_PREFIX}accounts` SET
updatedDate = NOW(),
updatedByUserNum = '0'")
or die("MySQL Error Creating Record:<br/>\n". htmlspecialchars(mysql_error()) . "\n");
$userNum = mysql_insert_id();
?>
You might be able to use something like this and change the values to your table and the record to be deleted (this code will delete a current user's account!!!).
// delete account
if (@$_POST['deleteAccount']) {
if ($CURRENT_USER['isAdmin']) { die("Error: Deleting admin accounts is not permitted!"); }
// delete uploads
$GLOBALS['tableName'] = 'accounts';
eraseRecordsUploads( $CURRENT_USER['num'] );
// delete account
$query = mysql_escapef("DELETE FROM `{$TABLE_PREFIX}accounts` WHERE num = ?", $CURRENT_USER['num']);
mysql_query($query) or die("MySQL Error:<br/>\n". htmlspecialchars(mysql_error()) . "\n");
<form method="post" action="?" onsubmit="return confirm('Are you sure you want to delete your account?')">
<input type="submit" name="deleteAccount" value="Delete Account" />
</form>
but I'd certainly back up everything and runs some thorough tests before you roll this out. There should also be some way to insure that only the particular member can access only their authorized records.
Front end access to a database is a pretty scary thing in these times of hackers and such, but probably can be made reasonably secure.
If you're using the website membership plugin, take a look at the user profile form
Another approach might be to flag a record for deletion by changing the value of an approved_for_deletion check box by using something like this using something like the INSERT INTO code above.
approved_for_deletion = '0',
then either set these to auto delete after a period of time (cron job?) or ask for confirmation of the list to be deleted from your client before deleting (the possibility to change their mind and set the check box value to 0).
After you've come up with a workable plan, I'd pass it on to the Ross at consulting, and check for any vulnerability issues.
Please post your solution so we can all learn from it. (don't post any personal or compromising information)
Best of luck,
Jerry Kornbluth
The first CMS Builder reference book is now available on-line!
Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php