mod/removeme.php

   1 <?php
   2 /**
   3  * @file mod/removeme.php
   4  */
   5
   6 use Friendica\App;
   7 use Friendica\Core\Config;
   8 use Friendica\Core\L10n;
   9 use Friendica\Core\Renderer;
  10 use Friendica\Core\System;
  11 use Friendica\Database\DBA;
  12 use Friendica\Model\User;
  13 use Friendica\Util\Strings;
  14
  15 require_once 'include/enotify.php';
  16
  17 function removeme_post(App $a)
  18 {
  19         if (!local_user()) {
  20                 return;
  21         }
  22
  23         if (!empty($_SESSION['submanage'])) {
  24                 return;
  25         }
  26
  27         if (empty($_POST['qxz_password'])) {
  28                 return;
  29         }
  30
  31         if (empty($_POST['verify'])) {
  32                 return;
  33         }
  34
  35         if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
  36                 return;
  37         }
  38
  39         // send notification to admins so that they can clean um the backups
  40         // send email to admins
  41         $admin_mails = explode(",", str_replace(" ", "", Config::get('config', 'admin_email')));
  42         foreach ($admin_mails as $mail) {
  43                 $admin = DBA::selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => $mail]);
  44                 if (!DBA::isResult($admin)) {
  45                         continue;
  46                 }
  47                 notification([
  48                         'type'         => SYSTEM_EMAIL,
  49                         'subject'      => L10n::t('[Friendica System Notify]') . ' ' . L10n::t('User deleted their account'),
  50                         'preamble'     => L10n::t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'),
  51                         'body'         => L10n::t('The user id is %d', local_user()),
  52                         'to_email'     => $admin['email'],
  53                         'to_name'      => $admin['username'],
  54                         'uid'          => $admin['uid'],
  55                         'language'     => $admin['language'] ? $admin['language'] : 'en',
  56                         'show_in_notification_page' => false
  57                 ]);
  58         }
  59
  60         if (User::getIdFromPasswordAuthentication($a->user, trim($_POST['qxz_password']))) {
  61                 User::remove($a->user['uid']);
  62
  63                 unset($_SESSION['authenticated']);
  64                 unset($_SESSION['uid']);
  65                 $a->internalRedirect();
  66                 // NOTREACHED
  67         }
  68 }
  69
  70 function removeme_content(App $a)
  71 {
  72         if (!local_user()) {
  73                 $a->internalRedirect();
  74         }
  75
  76         $hash = Strings::getRandomHex();
  77
  78         require_once("mod/settings.php");
  79         settings_init($a);
  80
  81         $_SESSION['remove_account_verify'] = $hash;
  82
  83         $tpl = Renderer::getMarkupTemplate('removeme.tpl');
  84         $o = Renderer::replaceMacros($tpl, [
  85                 '$basedir' => $a->getBaseURL(),
  86                 '$hash' => $hash,
  87                 '$title' => L10n::t('Remove My Account'),
  88                 '$desc' => L10n::t('This will completely remove your account. Once this has been done it is not recoverable.'),
  89                 '$passwd' => L10n::t('Please enter your password for verification:'),
  90                 '$submit' => L10n::t('Remove My Account')
  91         ]);
  92
  93         return $o;
  94 }