Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.892
diff -u -p -r1.892 user.module
--- modules/user/user.module	3 Feb 2008 19:23:01 -0000	1.892
+++ modules/user/user.module	7 Feb 2008 01:37:22 -0000
@@ -871,6 +871,11 @@ function user_edit_access($account) {
   return (($GLOBALS['user']->uid == $account->uid) || user_access('administer users')) && $account->uid > 0;
 }
 
+function user_delete_access($account) {
+  global $user;
+  return user_access('administer users') && $user->uid != $account->uid;
+}
+
 function user_load_self($arg) {
   $arg[1] = user_load($GLOBALS['user']->uid);
   return $arg;
@@ -1059,8 +1064,8 @@ function user_menu() {
     'title' => 'Delete',
     'page callback' => 'drupal_get_form',
     'page arguments' => array('user_confirm_delete', 1),
-    'access callback' => 'user_access',
-    'access arguments' => array('administer users'),
+    'access callback' => 'user_delete_access',
+    'access arguments' => array(1),
     'type' => MENU_CALLBACK,
     'file' => 'user.pages.inc',
   );
@@ -1833,13 +1838,20 @@ function user_multiple_role_edit($accoun
 }
 
 function user_multiple_delete_confirm(&$form_state) {
+  global $user;
   $edit = $form_state['post'];
 
   $form['accounts'] = array('#prefix' => '<ul>', '#suffix' => '</ul>', '#tree' => TRUE);
   // array_filter() returns only elements with TRUE values.
   foreach (array_filter($edit['accounts']) as $uid => $value) {
-    $user = db_result(db_query('SELECT name FROM {users} WHERE uid = %d', $uid));
-    $form['accounts'][$uid] = array('#type' => 'hidden', '#value' => $uid, '#prefix' => '<li>', '#suffix' => check_plain($user) ."</li>\n");
+    // Users cannot delete themselves to prevent accidents.
+    if ($user->uid == $uid) {
+      drupal_set_message(t('You cannot delete your own account - %name was removed from the deletion list.', array('%name' => $user->name)), 'error');
+    }
+    else {
+      $name = db_result(db_query('SELECT name FROM {users} WHERE uid = %d', $uid));
+      $form['accounts'][$uid] = array('#type' => 'hidden', '#value' => $uid, '#prefix' => '<li>', '#suffix' => check_plain($name) ."</li>\n");
+    }
   }
   $form['operation'] = array('#type' => 'hidden', '#value' => 'delete');
 
Index: modules/user/user.pages.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.pages.inc,v
retrieving revision 1.11
diff -u -p -r1.11 user.pages.inc
--- modules/user/user.pages.inc	8 Jan 2008 10:35:43 -0000	1.11
+++ modules/user/user.pages.inc	7 Feb 2008 01:37:22 -0000
@@ -238,7 +238,7 @@ function user_profile_form($form_state, 
   $form['_category'] = array('#type' => 'value', '#value' => $category);
   $form['_account'] = array('#type' => 'value', '#value' => $account);
   $form['submit'] = array('#type' => 'submit', '#value' => t('Save'), '#weight' => 30);
-  if (user_access('administer users')) {
+  if (user_delete_access($account)) {
     $form['delete'] = array(
       '#type' => 'submit',
       '#value' => t('Delete'),