Merge pull request #6198 from MrPetovan/task/user-removal-improvements

User removal improvements
This commit is contained in:
Tobias Diekershoff 2018-11-25 08:45:45 +01:00 committed by GitHub
commit 8fda63ca86
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 27 additions and 18 deletions

View file

@ -1783,7 +1783,11 @@ function admin_page_users_post(App $a)
}
if (x($_POST, 'page_users_delete')) {
foreach ($users as $uid) {
User::remove($uid);
if (local_user() != $uid) {
User::remove($uid);
} else {
notice(L10n::t('You can\'t remove yourself'));
}
}
notice(L10n::tt("%s user deleted", "%s users deleted", count($users)));
}
@ -1828,11 +1832,15 @@ function admin_page_users(App $a)
}
switch ($a->argv[2]) {
case "delete":
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');
// delete user
User::remove($uid);
if (local_user() != $uid) {
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');
// delete user
User::remove($uid);
notice(L10n::t("User '%s' deleted", $user['username']) . EOL);
notice(L10n::t("User '%s' deleted", $user['username']));
} else {
notice(L10n::t('You can\'t remove yourself'));
}
break;
case "block":
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');

View file

@ -57,8 +57,12 @@ function removeme_post(App $a)
]);
}
if (User::authenticate($a->user, trim($_POST['qxz_password']))) {
if (User::getIdFromPasswordAuthentication($a->user, trim($_POST['qxz_password']))) {
User::remove($a->user['uid']);
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
$a->internalRedirect();
// NOTREACHED
}
}

View file

@ -9,6 +9,7 @@ use DivineOmega\PasswordExposed;
use Exception;
use Friendica\Core\Addon;
use Friendica\Core\Config;
use Friendica\Core\Hook;
use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Friendica\Core\PConfig;
@ -732,7 +733,7 @@ class User
Dear %1$s,
Thank you for registering at %2$s. Your account has been created.
',
$preamble, $user['username'], $sitename
$user['username'], $sitename
));
$body = Strings::deindent(L10n::t('
The login details are as follows:
@ -782,7 +783,7 @@ class User
public static function remove($uid)
{
if (!$uid) {
return;
return false;
}
$a = get_app();
@ -791,28 +792,24 @@ class User
$user = DBA::selectFirst('user', [], ['uid' => $uid]);
Addon::callHooks('remove_user', $user);
Hook::callAll('remove_user', $user);
// save username (actually the nickname as it is guaranteed
// unique), so it cannot be re-registered in the future.
DBA::insert('userd', ['username' => $user['nickname']]);
// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc(DateTimeFormat::utcNow() . " + 7 day")], ['uid' => $uid]);
Worker::add(PRIORITY_HIGH, "Notifier", "removeme", $uid);
DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc('now + 7 day')], ['uid' => $uid]);
Worker::add(PRIORITY_HIGH, 'Notifier', 'removeme', $uid);
// Send an update to the directory
$self = DBA::selectFirst('contact', ['url'], ['uid' => $uid, 'self' => true]);
Worker::add(PRIORITY_LOW, "Directory", $self['url']);
Worker::add(PRIORITY_LOW, 'Directory', $self['url']);
// Remove the user relevant data
Worker::add(PRIORITY_LOW, "RemoveUser", $uid);
Worker::add(PRIORITY_LOW, 'RemoveUser', $uid);
if ($uid == local_user()) {
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
$a->internalRedirect();
}
return true;
}
/**