mod/removeme.php

   1 <?php
   2 /**
   3  * @file mod/removeme.php
   4  */
   5
   6 use Friendica\App;
   7 use Friendica\Core\Config;
   8 use Friendica\Core\L10n;
   9 use Friendica\Core\System;
  10 use Friendica\Database\DBA;
  11 use Friendica\Model\User;
  12
  13 require_once 'include/enotify.php';
  14
  15 function removeme_post(App $a)
  16 {
  17         if (!local_user()) {
  18                 return;
  19         }
  20
  21         if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
  22                 return;
  23         }
  24
  25         if ((!x($_POST, 'qxz_password')) || (!strlen(trim($_POST['qxz_password'])))) {
  26                 return;
  27         }
  28
  29         if ((!x($_POST, 'verify')) || (!strlen(trim($_POST['verify'])))) {
  30                 return;
  31         }
  32
  33         if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
  34                 return;
  35         }
  36
  37         // send notification to admins so that they can clean um the backups
  38         // send email to admins
  39         $admin_mails = explode(",", str_replace(" ", "", Config::get('config', 'admin_email')));
  40         foreach ($admin_mails as $mail) {
  41                 $admin = DBA::selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => $mail]);
  42                 if (!DBA::isResult($admin)) {
  43                         continue;
  44                 }
  45                 notification([
  46                         'type'         => SYSTEM_EMAIL,
  47                         'subject'      => L10n::t('[Friendica System Notify]') . ' ' . L10n::t('User deleted their account'),
  48                         'preamble'     => L10n::t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'),
  49                         'body'         => L10n::t('The user id is %d', local_user()),
  50                         'to_email'     => $admin['email'],
  51                         'to_name'      => $admin['username'],
  52                         'uid'          => $admin['uid'],
  53                         'language'     => $admin['language'] ? $admin['language'] : 'en',
  54                         'show_in_notification_page' => false
  55                 ]);
  56         }
  57
  58         if (User::authenticate($a->user, trim($_POST['qxz_password']))) {
  59                 User::remove($a->user['uid']);
  60                 // NOTREACHED
  61         }
  62 }
  63
  64 function removeme_content(App $a)
  65 {
  66         if (!local_user()) {
  67                 goaway(System::baseUrl());
  68         }
  69
  70         $hash = random_string();
  71
  72         require_once("mod/settings.php");
  73         settings_init($a);
  74
  75         $_SESSION['remove_account_verify'] = $hash;
  76
  77         $tpl = get_markup_template('removeme.tpl');
  78         $o = replace_macros($tpl, [
  79                 '$basedir' => System::baseUrl(),
  80                 '$hash' => $hash,
  81                 '$title' => L10n::t('Remove My Account'),
  82                 '$desc' => L10n::t('This will completely remove your account. Once this has been done it is not recoverable.'),
  83                 '$passwd' => L10n::t('Please enter your password for verification:'),
  84                 '$submit' => L10n::t('Remove My Account')
  85         ]);
  86
  87         return $o;
  88 }