X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fremoveme.php;h=ee0a4c275b6f1f56745649596152593d051003d6;hb=9cd9ad647d0a81d29ee3091b99776ee63a27e622;hp=904606fd57cb77b69a1a0b7ef48a9025ff012f25;hpb=04dceb955109eed93db5da1bd6c6d4cdd411a9be;p=friendica.git diff --git a/mod/removeme.php b/mod/removeme.php index 904606fd57..ee0a4c275b 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -1,54 +1,106 @@ . + * + */ + +use Friendica\App; +use Friendica\Core\Renderer; +use Friendica\Database\DBA; +use Friendica\DI; +use Friendica\Model\User; +use Friendica\Util\Strings; + +function removeme_post(App $a) +{ + if (!local_user()) { return; + } - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) + if (!empty($_SESSION['submanage'])) { return; + } - if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password'])))) + if (empty($_POST['qxz_password'])) { return; + } - if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify'])))) + if (empty($_POST['verify'])) { return; + } - if($_POST['verify'] !== $_SESSION['remove_account_verify']) + if ($_POST['verify'] !== $_SESSION['remove_account_verify']) { return; + } - $encrypted = hash('whirlpool',trim($_POST['qxz_password'])); + // send notification to admins so that they can clean um the backups + // send email to admins + $admin_mails = explode(",", str_replace(" ", "", DI::config()->get('config', 'admin_email'))); + foreach ($admin_mails as $mail) { + $admin = DBA::selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => $mail]); + if (!DBA::isResult($admin)) { + continue; + } + + $email = DI::emailer() + ->newSystemMail() + ->withMessage( + DI::l10n()->t('[Friendica System Notify]') . ' ' . DI::l10n()->t('User deleted their account'), + DI::l10n()->t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'), + DI::l10n()->t('The user id is %d', local_user())) + ->forUser($admin) + ->withRecipient($admin['email']) + ->build(); + DI::emailer()->send($email); + } + + if (User::getIdFromPasswordAuthentication($a->user, trim($_POST['qxz_password']))) { + User::remove($a->user['uid']); - if((strlen($a->user['password'])) && ($encrypted === $a->user['password'])) { - require_once('include/Contact.php'); - user_remove($a->user['uid']); + unset($_SESSION['authenticated']); + unset($_SESSION['uid']); + DI::baseUrl()->redirect(); // NOTREACHED } - } -function removeme_content(&$a) { - - if(! local_user()) - goaway(z_root()); +function removeme_content(App $a) +{ + if (!local_user()) { + DI::baseUrl()->redirect(); + } - $hash = random_string(); + $hash = Strings::getRandomHex(); - require_once("mod/settings.php"); - settings_init($a); + require_once("mod/settings.php"); + settings_init($a); $_SESSION['remove_account_verify'] = $hash; - $tpl = get_markup_template('removeme.tpl'); - $o .= replace_macros($tpl, array( - '$basedir' => $a->get_baseurl(), + $tpl = Renderer::getMarkupTemplate('removeme.tpl'); + $o = Renderer::replaceMacros($tpl, [ + '$basedir' => DI::baseUrl()->get(), '$hash' => $hash, - '$title' => t('Remove My Account'), - '$desc' => t('This will completely remove your account. Once this has been done it is not recoverable.'), - '$passwd' => t('Please enter your password for verification:'), - '$submit' => t('Remove My Account') - )); + '$title' => DI::l10n()->t('Remove My Account'), + '$desc' => DI::l10n()->t('This will completely remove your account. Once this has been done it is not recoverable.'), + '$passwd' => DI::l10n()->t('Please enter your password for verification:'), + '$submit' => DI::l10n()->t('Remove My Account') + ]); return $o; - }