harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Some work on account deletion

Browse Source
This commit is contained in:
Christian Vogeley 2014-08-14 20:17:57 +02:00
parent 94ed44e76e
commit fc94a638cd
5 changed files with 99 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
include/Contact.php
View File

@ -162,7 +162,7 @@ function user_remove($uid) {
} }
function account_remove($account_id,$local = true) { function account_remove($account_id,$local = true,$unset_session=true) {
logger('account_remove: ' . $account_id); logger('account_remove: ' . $account_id);
@ -196,7 +196,7 @@ function account_remove($account_id,$local = true) {
); );
if($x) { if($x) {
foreach($x as $xx) { foreach($x as $xx) {
channel_remove($xx['channel_id'],$local); channel_remove($xx['channel_id'],$local,false);
} }
} }
@ -204,11 +204,16 @@ function account_remove($account_id,$local = true) {
intval($account_id) intval($account_id)
); );
if ($unset_session) {
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
goaway(get_app()->get_baseurl());
}
return $r; return $r;
} }
function channel_remove($channel_id, $local = true) { function channel_remove($channel_id, $local = true, $unset_session=true) {
if(! $channel_id) if(! $channel_id)
return; return;
@ -292,7 +297,7 @@ function channel_remove($channel_id, $local = true) {
proc_run('php','include/directory.php',$channel_id); proc_run('php','include/directory.php',$channel_id);
if($channel_id == local_user()) { if($channel_id == local_user() && $unset_session) {
unset($_SESSION['authenticated']); unset($_SESSION['authenticated']);
unset($_SESSION['uid']); unset($_SESSION['uid']);
goaway($a->get_baseurl()); goaway($a->get_baseurl());

2
mod/admin.php
View File

@ -672,7 +672,7 @@ function admin_page_users(&$a){
check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
// delete user // delete user
require_once("include/Contact.php"); require_once("include/Contact.php");
account_remove($uid,true); account_remove($uid,true,false);
notice( sprintf(t("User '%s' deleted"), $account[0]['account_email']) . EOL); notice( sprintf(t("User '%s' deleted"), $account[0]['account_email']) . EOL);
}; break; }; break;

66
mod/removeaccount.php Normal file
View File

@ -0,0 +1,66 @@
<?php
function removeaccount_post(&$a) {
if(! local_user())
return;
if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
return;
if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password']))))
return;
if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify']))))
return;
if($_POST['verify'] !== $_SESSION['remove_account_verify'])
return;
$account = $a->get_account();
$account_id = get_account_id();
if(! account_verify_password($account['account_email'],$_POST['qxz_password']))
return;
if($account['account_password_changed'] != '0000-00-00 00:00:00') {
$d1 = datetime_convert('UTC','UTC','now - 48 hours');
if($account['account_password_changed'] > d1) {
notice( t('Account removals are not allowed within 48 hours of changing the account password.') . EOL);
return;
}
}
require_once('include/Contact.php');
$global_remove = intval($_POST['global']);
account_remove($account_id,true);
}
function removeaccount_content(&$a) {
if(! local_user())
goaway(z_root());
$hash = random_string();
$_SESSION['remove_account_verify'] = $hash;
$tpl = get_markup_template('removeaccount.tpl');
$o .= replace_macros($tpl, array(
'$basedir' => $a->get_baseurl(),
'$hash' => $hash,
'$title' => t('Remove This Account'),
'$desc' => t('This will completely remove this account including all its channels from the network. Once this has been done it is not recoverable.'),
'$passwd' => t('Please enter your password for verification:'),
'$global' => array('global', t('Remove this account, all its channels and all its channel clones from the network'), false, t('By default only the instances of the channels located on this hub will be removed from the network')),
'$submit' => t('Remove Account')
));
return $o;
}

2
mod/removeme.php
View File

@ -35,7 +35,7 @@ function removeme_post(&$a) {
$global_remove = intval($_POST['global']); $global_remove = intval($_POST['global']);
channel_remove(local_user(),1 - $global_remove); channel_remove(local_user(),1 - $global_remove,true);
} }

22
view/tpl/removeaccount.tpl Normal file
View File

@ -0,0 +1,22 @@
<h1>{{$title}}</h1>
<div id="remove-account-wrapper">
<div id="remove-account-desc">{{$desc}}</div>
<form action="{{$basedir}}/removeaccount" autocomplete="off" method="post" >
<input type="hidden" name="verify" value="{{$hash}}" />
<div id="remove-account-pass-wrapper">
<label id="remove-account-pass-label" for="remove-account-pass">{{$passwd}}</label>
<input type="password" id="remove-account-pass" name="qxz_password" />
</div>
<div id="remove-account-pass-end"></div>
{{include file="field_checkbox.tpl" field=$global}}
<input type="submit" name="submit" value="{{$submit}}" />
</form>
</div>