remove self

10 years ago · a4cbdc2414
--- a/include/Contact.php
+++ b/include/Contact.php
@ -6,6 +6,10 @@
 // authorisation to do this.

 function user_remove($uid) {
 	if(! $uid)
 		return;
 	$a = get_app();
 	logger('Removing user: ' . $uid);
 	q("DELETE FROM `contact` WHERE `uid` = %d", intval($uid));
 	q("DELETE FROM `group` WHERE `uid` = %d", intval($uid));
 	q("DELETE FROM `group_member` WHERE `uid` = %d", intval($uid));
@ -19,7 +23,7 @@ function user_remove($uid) {
 	if($uid == local_user()) {
 		unset($_SESSION['authenticated']);
 		unset($_SESSION['uid']);
 		killme();
 		goaway($a->get_baseurl());
 	}
 }

--- a/mod/removeme.php
+++ b/mod/removeme.php
@ -0,0 +1,50 @@
 <?php

 function removeme_post(&$a) {

 	if(! local_user())
 		return;

 	if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password']))))
 		return;

 	if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify']))))
 		return;

 	if($_POST['verify'] !== $_SESSION['remove_account_verify'])
 		return;

 	$encrypted = hash('whirlpool',trim($_POST['qxz_password']));

 	if((strlen($a->user['password'])) && ($encrypted === $a->user['password'])) {
 		require_once('include/Contact.php');
 		user_remove($a->user['uid']);
 		// NOTREACHED
 	}

 }



 function removeme_content(&$a) {

 	if(! local_user())
 		goaway($a->get_baseurl());

 	$hash = random_string();

 	$_SESSION['remove_account_verify'] = $hash;

 	$tpl = load_view_file('view/removeme.tpl');
 	$o .= replace_macros($tpl, array(
 		'$basedir' => $a->get_baseurl(),
 		'$hash' => $hash,
 		'$title' => t('Remove My Account'),
 		'$desc' => t('This will completely remove your account. Once this has been done it is not recoverable.'),
 		'$passwd' => t('Please enter your password for verification:'),
 		'$submit' => t('Remove My Account')
 	));

 	return $o;		

 }
--- a/view/de/settings.tpl
+++ b/view/de/settings.tpl
@ -5,7 +5,7 @@
 $nickname_block


 <form action="settings" id="settings-form" method="post" autocomplete="false" >
 <form action="settings" id="settings-form" method="post" autocomplete="off" >


 <h3 class="settings-heading">Grundeinstellungen</h3>
--- a/view/en/settings.tpl
+++ b/view/en/settings.tpl
@ -5,7 +5,7 @@
 $nickname_block


 <form action="settings" id="settings-form" method="post" autocomplete="false" >
 <form action="settings" id="settings-form" method="post" autocomplete="off" >


 <h3 class="settings-heading">Basic Settings</h3>
--- a/view/fr/settings.tpl
+++ b/view/fr/settings.tpl
@ -5,7 +5,7 @@
 $nickname_block


 <form action="settings" id="settings-form" method="post" autocomplete="false" >
 <form action="settings" id="settings-form" method="post" autocomplete="off" >


 <h3 class="settings-heading">Basic Settings</h3>
--- a/view/it/settings.tpl
+++ b/view/it/settings.tpl
@ -6,7 +6,7 @@
 $nickname_block


 <form action="settings" id="settings-form" method="post" autocomplete="false" >
 <form action="settings" id="settings-form" method="post" autocomplete="off" >


 <h3 class="settings-heading">Impostazioni base</h3>
--- a/view/removeme.tpl
+++ b/view/removeme.tpl
@ -0,0 +1,20 @@
 <h1>$title</h1>

 <div id="remove-account-wrapper">

 <div id="remove-account-desc">$desc</div>

 <form action="$basedir/removeme" autocomplete="off" method="post" >
 <input type="hidden" name="verify" value="$hash" />

 <div id="remove-account-pass-wrapper">
 <label id="remove-account-pass-label" for="remove-account-pass">$passwd</label>
 <input type="password" id="remove-account-pass" name="qxz_password" />
 </div>
 <div id="remove-account-pass-end"></div>

 <input type="submit" name="submit" value="$submit" />

 </form>
 </div>