X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fremoveme.php;h=ee0a4c275b6f1f56745649596152593d051003d6;hb=ca9f8e7420d925fb316f8841f338a4583d94fe51;hp=40033624d8889ac330a8be2c7f725febef8e2cfc;hpb=b61479ba6eb66a5d23ff997f204319bf934783e0;p=friendica.git diff --git a/mod/removeme.php b/mod/removeme.php index 40033624d8..ee0a4c275b 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -1,20 +1,46 @@ . + * + */ + +use Friendica\App; +use Friendica\Core\Renderer; +use Friendica\Database\DBA; +use Friendica\DI; +use Friendica\Model\User; +use Friendica\Util\Strings; + +function removeme_post(App $a) +{ + if (!local_user()) { return; } - if (x($_SESSION,'submanage') && intval($_SESSION['submanage'])) { + if (!empty($_SESSION['submanage'])) { return; } - if ((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password'])))) { + if (empty($_POST['qxz_password'])) { return; } - if ((! x($_POST,'verify')) || (! strlen(trim($_POST['verify'])))) { + if (empty($_POST['verify'])) { return; } @@ -22,39 +48,59 @@ function removeme_post(App $a) { return; } - $encrypted = hash('whirlpool',trim($_POST['qxz_password'])); + // send notification to admins so that they can clean um the backups + // send email to admins + $admin_mails = explode(",", str_replace(" ", "", DI::config()->get('config', 'admin_email'))); + foreach ($admin_mails as $mail) { + $admin = DBA::selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => $mail]); + if (!DBA::isResult($admin)) { + continue; + } + + $email = DI::emailer() + ->newSystemMail() + ->withMessage( + DI::l10n()->t('[Friendica System Notify]') . ' ' . DI::l10n()->t('User deleted their account'), + DI::l10n()->t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'), + DI::l10n()->t('The user id is %d', local_user())) + ->forUser($admin) + ->withRecipient($admin['email']) + ->build(); + DI::emailer()->send($email); + } + + if (User::getIdFromPasswordAuthentication($a->user, trim($_POST['qxz_password']))) { + User::remove($a->user['uid']); - if ((strlen($a->user['password'])) && ($encrypted === $a->user['password'])) { - require_once('include/Contact.php'); - user_remove($a->user['uid']); + unset($_SESSION['authenticated']); + unset($_SESSION['uid']); + DI::baseUrl()->redirect(); // NOTREACHED } - } -function removeme_content(App $a) { - - if (! local_user()) { - goaway(z_root()); +function removeme_content(App $a) +{ + if (!local_user()) { + DI::baseUrl()->redirect(); } - $hash = random_string(); + $hash = Strings::getRandomHex(); require_once("mod/settings.php"); settings_init($a); $_SESSION['remove_account_verify'] = $hash; - $tpl = get_markup_template('removeme.tpl'); - $o .= replace_macros($tpl, array( - '$basedir' => App::get_baseurl(), + $tpl = Renderer::getMarkupTemplate('removeme.tpl'); + $o = Renderer::replaceMacros($tpl, [ + '$basedir' => DI::baseUrl()->get(), '$hash' => $hash, - '$title' => t('Remove My Account'), - '$desc' => t('This will completely remove your account. Once this has been done it is not recoverable.'), - '$passwd' => t('Please enter your password for verification:'), - '$submit' => t('Remove My Account') - )); + '$title' => DI::l10n()->t('Remove My Account'), + '$desc' => DI::l10n()->t('This will completely remove your account. Once this has been done it is not recoverable.'), + '$passwd' => DI::l10n()->t('Please enter your password for verification:'), + '$submit' => DI::l10n()->t('Remove My Account') + ]); return $o; - }