Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

93 lines
2.4KB

  1. <?php
  2. /**
  3. * @file mod/removeme.php
  4. */
  5. use Friendica\App;
  6. use Friendica\Core\Config;
  7. use Friendica\Core\L10n;
  8. use Friendica\Core\Renderer;
  9. use Friendica\Core\System;
  10. use Friendica\Database\DBA;
  11. use Friendica\Model\User;
  12. use Friendica\Util\Strings;
  13. function removeme_post(App $a)
  14. {
  15. if (!local_user()) {
  16. return;
  17. }
  18. if (!empty($_SESSION['submanage'])) {
  19. return;
  20. }
  21. if (empty($_POST['qxz_password'])) {
  22. return;
  23. }
  24. if (empty($_POST['verify'])) {
  25. return;
  26. }
  27. if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
  28. return;
  29. }
  30. // send notification to admins so that they can clean um the backups
  31. // send email to admins
  32. $admin_mails = explode(",", str_replace(" ", "", Config::get('config', 'admin_email')));
  33. foreach ($admin_mails as $mail) {
  34. $admin = DBA::selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => $mail]);
  35. if (!DBA::isResult($admin)) {
  36. continue;
  37. }
  38. notification([
  39. 'type' => SYSTEM_EMAIL,
  40. 'subject' => L10n::t('[Friendica System Notify]') . ' ' . L10n::t('User deleted their account'),
  41. 'preamble' => L10n::t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'),
  42. 'body' => L10n::t('The user id is %d', local_user()),
  43. 'to_email' => $admin['email'],
  44. 'to_name' => $admin['username'],
  45. 'uid' => $admin['uid'],
  46. 'language' => $admin['language'] ? $admin['language'] : 'en',
  47. 'show_in_notification_page' => false
  48. ]);
  49. }
  50. if (User::getIdFromPasswordAuthentication($a->user, trim($_POST['qxz_password']))) {
  51. User::remove($a->user['uid']);
  52. unset($_SESSION['authenticated']);
  53. unset($_SESSION['uid']);
  54. $a->internalRedirect();
  55. // NOTREACHED
  56. }
  57. }
  58. function removeme_content(App $a)
  59. {
  60. if (!local_user()) {
  61. $a->internalRedirect();
  62. }
  63. $hash = Strings::getRandomHex();
  64. require_once("mod/settings.php");
  65. settings_init($a);
  66. $_SESSION['remove_account_verify'] = $hash;
  67. $tpl = Renderer::getMarkupTemplate('removeme.tpl');
  68. $o = Renderer::replaceMacros($tpl, [
  69. '$basedir' => $a->getBaseURL(),
  70. '$hash' => $hash,
  71. '$title' => L10n::t('Remove My Account'),
  72. '$desc' => L10n::t('This will completely remove your account. Once this has been done it is not recoverable.'),
  73. '$passwd' => L10n::t('Please enter your password for verification:'),
  74. '$submit' => L10n::t('Remove My Account')
  75. ]);
  76. return $o;
  77. }