Merge pull request #12025 from annando/no-boot-src-module

[friendica.git] / mod / removeme.php

<?php
/**
 * @copyright Copyright (C) 2010-2022, the Friendica project
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 *
 */

use Friendica\App;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Util\Strings;

function removeme_post(App $a)
{
        if (!Session::getLocalUser()) {
                return;
        }

        if (!empty($_SESSION['submanage'])) {
                return;
        }

        if (empty($_POST['qxz_password'])) {
                return;
        }

        if (empty($_POST['verify'])) {
                return;
        }

        if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
                return;
        }

        // send notification to admins so that they can clean um the backups
        // send email to admins
        $admin_mails = explode(",", str_replace(" ", "", DI::config()->get('config', 'admin_email')));
        foreach ($admin_mails as $mail) {
                $admin = DBA::selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => $mail]);
                if (!DBA::isResult($admin)) {
                        continue;
                }

                $l10n = DI::l10n()->withLang($admin['language']);

                $email = DI::emailer()
                        ->newSystemMail()
                        ->withMessage(
                                $l10n->t('[Friendica System Notify]') . ' ' . $l10n->t('User deleted their account'),
                                $l10n->t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'),
                                $l10n->t('The user id is %d', Session::getLocalUser()))
                        ->forUser($admin)
                        ->withRecipient($admin['email'])
                        ->build();
                DI::emailer()->send($email);
        }

        if (User::getIdFromPasswordAuthentication($a->getLoggedInUserId(), trim($_POST['qxz_password']))) {
                User::remove($a->getLoggedInUserId());

                unset($_SESSION['authenticated']);
                unset($_SESSION['uid']);
                DI::baseUrl()->redirect();
                // NOTREACHED
        }
}

function removeme_content(App $a)
{
        if (!Session::getLocalUser()) {
                DI::baseUrl()->redirect();
        }

        $hash = Strings::getRandomHex();

        require_once("mod/settings.php");
        settings_init($a);

        $_SESSION['remove_account_verify'] = $hash;

        $tpl = Renderer::getMarkupTemplate('removeme.tpl');
        $o = Renderer::replaceMacros($tpl, [
                '$basedir' => DI::baseUrl()->get(),
                '$hash' => $hash,
                '$title' => DI::l10n()->t('Remove My Account'),
                '$desc' => DI::l10n()->t('This will completely remove your account. Once this has been done it is not recoverable.'),
                '$passwd' => DI::l10n()->t('Please enter your password for verification:'),
                '$submit' => DI::l10n()->t('Remove My Account')
        ]);

        return $o;
}