diff --git a/index.php b/index.php
index a6d089f..5d34a63 100644
--- a/index.php
+++ b/index.php
@@ -85,6 +85,22 @@ if ($user === false) {
)
);
}
+ } else if ($intent === "delete-account") {
+ $pw = $_POST["password"];
+
+ if (!$pw) {
+ $err = $lang["account"]["errors"]["bad_request"];
+ } else if (password_verify($pw, $user["password_hash"])) {
+ pg_delete(
+ $db, "users",
+ array("username" => $user["username"])
+ );
+ header("Location: logout.php");
+ http_response_code(302);
+ exit();
+ } else {
+ $err = $lang["account"]["errors"]["incorrect_password"];
+ }
} else if ($intent === "update-texts") {
foreach ($_POST as $ident => $value) {
if (preg_match("/^(?:section-[a-f0-9]{64}-name)|(?:row-[a-f0-9]{64}-(?:name|format))$/", $ident)) {
@@ -431,6 +447,17 @@ foreach ($sections as $section) {
+
+
+
diff --git a/lang/en-US.json b/lang/en-US.json
index 36e4e1d..bf2257f 100644
--- a/lang/en-US.json
+++ b/lang/en-US.json
@@ -109,6 +109,13 @@
"button": "Save"
},
+ "delete": {
+ "title": "Delete Account",
+ "password": "Password",
+ "confirmation": "This is irriversible and cannot be undone.",
+ "button": "Delete"
+ },
+
"title": "Account",
"current": "Currently logged in as %u.",
"log_out": "Log out?"
diff --git a/logout.php b/logout.php
index 6fe1170..f321bdf 100644
--- a/logout.php
+++ b/logout.php
@@ -1,5 +1,6 @@