remove self

2011-02-03 03:58:47 -08:00 · 2011-02-03 03:58:47 -08:00 · a4cbdc2414
parent 01c83f0e93
commit a4cbdc2414
7 changed files with 79 additions and 5 deletions
--- a/include/Contact.php
+++ b/include/Contact.php
@ -6,6 +6,10 @@
 // authorisation to do this.
 function user_remove($uid) {
 	if(! $uid)
 		return;
 	$a = get_app();
 	logger('Removing user: ' . $uid);
 	q("DELETE FROM `contact` WHERE `uid` = %d", intval($uid));
 	q("DELETE FROM `group` WHERE `uid` = %d", intval($uid));
 	q("DELETE FROM `group_member` WHERE `uid` = %d", intval($uid));
@ -19,7 +23,7 @@ function user_remove($uid) {
 	if($uid == local_user()) {
 		unset($_SESSION['authenticated']);
 		unset($_SESSION['uid']);
-		killme();
+		goaway($a->get_baseurl());
 	}
 }
--- a/mod/removeme.php
+++ b/mod/removeme.php
@ -0,0 +1,50 @@
 <?php
 function removeme_post(&$a) {
 	if(! local_user())
 		return;
 	if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password']))))
 		return;
 	if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify']))))
 		return;
 	if($_POST['verify'] !== $_SESSION['remove_account_verify'])
 		return;
 	$encrypted = hash('whirlpool',trim($_POST['qxz_password']));
 	if((strlen($a->user['password'])) && ($encrypted === $a->user['password'])) {
 		require_once('include/Contact.php');
 		user_remove($a->user['uid']);
 		// NOTREACHED
 	}
 }
 function removeme_content(&$a) {
 	if(! local_user())
 		goaway($a->get_baseurl());
 	$hash = random_string();
 	$_SESSION['remove_account_verify'] = $hash;
 	$tpl = load_view_file('view/removeme.tpl');
 	$o .= replace_macros($tpl, array(
 		'$basedir' => $a->get_baseurl(),
 		'$hash' => $hash,
 		'$title' => t('Remove My Account'),
 		'$desc' => t('This will completely remove your account. Once this has been done it is not recoverable.'),
 		'$passwd' => t('Please enter your password for verification:'),
 		'$submit' => t('Remove My Account')
 	));
 	return $o;		
 }
--- a/view/de/settings.tpl
+++ b/view/de/settings.tpl
@ -5,7 +5,7 @@
 $nickname_block
-<form action="settings" id="settings-form" method="post" autocomplete="false" >
+<form action="settings" id="settings-form" method="post" autocomplete="off" >
 <h3 class="settings-heading">Grundeinstellungen</h3>
--- a/view/en/settings.tpl
+++ b/view/en/settings.tpl
@ -5,7 +5,7 @@
 $nickname_block
-<form action="settings" id="settings-form" method="post" autocomplete="false" >
+<form action="settings" id="settings-form" method="post" autocomplete="off" >
 <h3 class="settings-heading">Basic Settings</h3>
--- a/view/fr/settings.tpl
+++ b/view/fr/settings.tpl
@ -5,7 +5,7 @@
 $nickname_block
-<form action="settings" id="settings-form" method="post" autocomplete="false" >
+<form action="settings" id="settings-form" method="post" autocomplete="off" >
 <h3 class="settings-heading">Basic Settings</h3>
--- a/view/it/settings.tpl
+++ b/view/it/settings.tpl
@ -6,7 +6,7 @@
 $nickname_block
-<form action="settings" id="settings-form" method="post" autocomplete="false" >
+<form action="settings" id="settings-form" method="post" autocomplete="off" >
 <h3 class="settings-heading">Impostazioni base</h3>
--- a/view/removeme.tpl
+++ b/view/removeme.tpl
@ -0,0 +1,20 @@
 <h1>$title</h1>
 <div id="remove-account-wrapper">
 <div id="remove-account-desc">$desc</div>
 <form action="$basedir/removeme" autocomplete="off" method="post" >
 <input type="hidden" name="verify" value="$hash" />
 <div id="remove-account-pass-wrapper">
 <label id="remove-account-pass-label" for="remove-account-pass">$passwd</label>
 <input type="password" id="remove-account-pass" name="qxz_password" />
 </div>
 <div id="remove-account-pass-end"></div>
 <input type="submit" name="submit" value="$submit" />
 </form>
 </div>