Forums are great communication tools for the exchange of ideas, for people teaching others about a specific area of interest, or even for just general social communication. The fact that they are usually so specialized helps get them high up in search results as well as contributing considerably to bodies of knowledge. True, there's a lot of misinformation and putdowns, but this invariably occurs when people communicate. One must learn to take what one learns with a grain of salt.

On to the PHP code. As usual, we start with config.php, since without it, the MySQL-based forum would not be viable. You cannot relate to a db without knowing the magic words. Next, the security of the page is dealt with by ensuring the page visitor has a username that's in the database. Note that the various pages on our forum app use both forms and URL query strings to transfer data between pages, so both POST and GET are checked for username, and if neither works, the visitor is sent to the login script. Not only is the db checked for a valid username, the username is checked to make sure it has only 6 to 20 letters, numbers or underscore in it and no other characters—otherwise, it's off to the login script. If a hacker has put something nasty in the query string, he'll end up at the login script. All our forum app scripts have this same username checker at the top of the PHP section—except for the login script.

When the user is on the forum home page, there's an option to Delete Account. This link leads to this page whose code you see below. How this script works is that the user sees a form with the statement "This will Delete Your Account," and if s/he clicks submit, his or her account will get deleted in the members table, and the topics table (forum_question) and the replies table (forum_answer) will get any records associated with this user deleted too. However, there is also a link at the bottom of the form that says "Return to Forum—do NOT delete anything!" If this gets clicked, no deleting happens.

When the form is submitted, a hidden input field named answer sends a value of "1" to the action script—itself. This tells the script the form was submitted so the deletion was desired. If the form was submitted, the array ids[] is declared and the forum_question table where the topics are stored is searched for our user's name in the topics_username field and all ids of the user's topics are saved in this array using the PHP array_push() function. Then we loop through forum_answer looking for these ids and where question_id = $ids[$counter], we delete the record. Next we delete records from forum_question where the name in the topics_username field is our user's name. Then we delete the record in the members table that has our user's username. If this succeeds, the user sees the message "The account deleting was successfully accomplished." Otherwise s/he gets a "Deleting failed." message.

SAVE THIS PAGE AS: cms-delete-account.php

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Delete Forum Account—Content Management System (CMS)</TITLE>
<meta name="description" content="Delete Forum Account—Content Management System (CMS)">
<meta name="keywords" content="forums,forum,Content Management System,Content Management System Articles,php,CMS,javascript, dhtml, DHTML">
</head>
<body bgcolor="green">

<?php
include_once"config.php";

$U=$_POST['username'];if (!isset($U)){$U=$_GET['username'];}
if (isset($U)&&preg_match("/[A-Za-z0-9_]{6,20}$/",$U)){$check_user_data = mysql_query("SELECT * FROM members WHERE username='$U'") or die(mysql_error());if(mysql_num_rows($check_user_data)==0){unset($U);}}else{unset($U);}
if (!isset($U)){echo '<script language="javascript">alert("Please login.");window.location="login.php"; </script>';}

$A=$_POST['answer'];if($A=="1"){

$ids=array();
$res = mysql_query("SELECT id FROM forum_question WHERE topics_username = '$U'") or die(mysql_error());
while ($row = mysql_fetch_row($res)) {
array_push ($ids, $row[0]);}

$number=mysql_num_rows($res);

if($number<>0){for ($counter = 0; $counter < $number; $counter++) {
$sql="DELETE FROM forum_answer WHERE question_id='$ids[$counter]'";
$result=mysql_query($sql) or die('Error ,deleting failed');}}

$sql="DELETE FROM forum_question WHERE topics_username = '$U'";
$result=mysql_query($sql) or die('Error ,deleting failed');

$sql="DELETE FROM members WHERE username = '$U'";
$result=mysql_query($sql) or die('Error ,deleting failed');

$rc = mysql_affected_rows();
if ($rc>0){echo '<script language="javascript">alert("The account deleting was successfully accomplished.");window.location ="login.php"; </script>';}
else{echo '<script language="javascript">alert("Deleting failed.");window.location = "cms-forum.php?username='.$U.'"; </script>';}

mysql_close();
}
?>

<form id="form1" name="form1" method="post" action="cms-delete-account.php">
<table style='margin:100px 0 0 50px;background-color:#eee' width="400" border="1" align="center" cellpadding="0" cellspacing="1">
<tr>
<td><input type="hidden" name="username" value=" "><input type="hidden" name="answer" value="1"></td>
</tr>
<tr>
<td>This will delete your account, <? echo stripslashes($U); ?>.</td>
</tr>
<tr>
<td align=center><input type="submit" name="Submit" value="Submit"></td>
</tr>
<tr>
<td><a href="cms-forum.php?username=<? echo stripslashes($U); ?>"><B>Return to Forum—do NOT delete anything!</B></a></td>
</tr>
</table>
</form>

<script type="text/javascript">

var u = <?php echo json_encode($U); ?>;
u=u.replace(/\\/g,'');
document.form1.username.value=u;

</script>

</body>
</html>