1. Auth the user against the database using their email/passwd 2. Change the last auth value to a year ago. 3. Display a message that they have until the next quarter hour to change their mind about deleting their account, and if they decide to keep it, to pop into their mailbox. 4. cron the vdeloldusers to run at */15.
How about a suid program that you could pass an email address and password to and it would outright delete the account? It could be run as any user, and would take care of authentication and deletion in one shot.
-- Tom Collins [EMAIL PROTECTED] http://sniffter.com/ - info on the Sniffter hand-held Network Tester
