mod/removeme.php

   1 <?php
   2 /**
   3  * @file mod/removeme.php
   4  */
   5
   6 use Friendica\App;
   7 use Friendica\Core\Renderer;
   8 use Friendica\Database\DBA;
   9 use Friendica\DI;
  10 use Friendica\Model\User;
  11 use Friendica\Util\Strings;
  12
  13 function removeme_post(App $a)
  14 {
  15         if (!local_user()) {
  16                 return;
  17         }
  18
  19         if (!empty($_SESSION['submanage'])) {
  20                 return;
  21         }
  22
  23         if (empty($_POST['qxz_password'])) {
  24                 return;
  25         }
  26
  27         if (empty($_POST['verify'])) {
  28                 return;
  29         }
  30
  31         if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
  32                 return;
  33         }
  34
  35         // send notification to admins so that they can clean um the backups
  36         // send email to admins
  37         $admin_mails = explode(",", str_replace(" ", "", DI::config()->get('config', 'admin_email')));
  38         foreach ($admin_mails as $mail) {
  39                 $admin = DBA::selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => $mail]);
  40                 if (!DBA::isResult($admin)) {
  41                         continue;
  42                 }
  43
  44                 $email = DI::emailer()
  45                            ->newSystemMail((!empty($admin['language'])) ? DI::l10n()->withLang($admin['language']) : DI::l10n()->withLang('en'))
  46                            ->withMessage(DI::l10n()->t('[Friendica System Notify]') . ' ' . DI::l10n()->t('User deleted their account'),
  47                                    DI::l10n()->t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'),
  48                                    DI::l10n()->t('The user id is %d', local_user()))
  49                            ->forUser($admin['uid'] ?? 0)
  50                            ->withRecipient($admin['email'])
  51                            ->build();
  52                 DI::emailer()->send($email);
  53         }
  54
  55         if (User::getIdFromPasswordAuthentication($a->user, trim($_POST['qxz_password']))) {
  56                 User::remove($a->user['uid']);
  57
  58                 unset($_SESSION['authenticated']);
  59                 unset($_SESSION['uid']);
  60                 DI::baseUrl()->redirect();
  61                 // NOTREACHED
  62         }
  63 }
  64
  65 function removeme_content(App $a)
  66 {
  67         if (!local_user()) {
  68                 DI::baseUrl()->redirect();
  69         }
  70
  71         $hash = Strings::getRandomHex();
  72
  73         require_once("mod/settings.php");
  74         settings_init($a);
  75
  76         $_SESSION['remove_account_verify'] = $hash;
  77
  78         $tpl = Renderer::getMarkupTemplate('removeme.tpl');
  79         $o = Renderer::replaceMacros($tpl, [
  80                 '$basedir' => DI::baseUrl()->get(),
  81                 '$hash' => $hash,
  82                 '$title' => DI::l10n()->t('Remove My Account'),
  83                 '$desc' => DI::l10n()->t('This will completely remove your account. Once this has been done it is not recoverable.'),
  84                 '$passwd' => DI::l10n()->t('Please enter your password for verification:'),
  85                 '$submit' => DI::l10n()->t('Remove My Account')
  86         ]);
  87
  88         return $o;
  89 }