aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/Contact.php6
-rw-r--r--mod/removeme.php50
-rw-r--r--view/de/settings.tpl2
-rw-r--r--view/en/settings.tpl2
-rw-r--r--view/fr/settings.tpl2
-rw-r--r--view/it/settings.tpl2
-rw-r--r--view/removeme.tpl20
7 files changed, 79 insertions, 5 deletions
diff --git a/include/Contact.php b/include/Contact.php
index 98d3e7c0b..7cac3c0e0 100644
--- a/include/Contact.php
+++ b/include/Contact.php
@@ -6,6 +6,10 @@
// authorisation to do this.
function user_remove($uid) {
+ if(! $uid)
+ return;
+ $a = get_app();
+ logger('Removing user: ' . $uid);
q("DELETE FROM `contact` WHERE `uid` = %d", intval($uid));
q("DELETE FROM `group` WHERE `uid` = %d", intval($uid));
q("DELETE FROM `group_member` WHERE `uid` = %d", intval($uid));
@@ -19,7 +23,7 @@ function user_remove($uid) {
if($uid == local_user()) {
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
- killme();
+ goaway($a->get_baseurl());
}
}
diff --git a/mod/removeme.php b/mod/removeme.php
new file mode 100644
index 000000000..62b9a6d13
--- /dev/null
+++ b/mod/removeme.php
@@ -0,0 +1,50 @@
+<?php
+
+function removeme_post(&$a) {
+
+ if(! local_user())
+ return;
+
+ if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password']))))
+ return;
+
+ if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify']))))
+ return;
+
+ if($_POST['verify'] !== $_SESSION['remove_account_verify'])
+ return;
+
+ $encrypted = hash('whirlpool',trim($_POST['qxz_password']));
+
+ if((strlen($a->user['password'])) && ($encrypted === $a->user['password'])) {
+ require_once('include/Contact.php');
+ user_remove($a->user['uid']);
+ // NOTREACHED
+ }
+
+}
+
+
+
+function removeme_content(&$a) {
+
+ if(! local_user())
+ goaway($a->get_baseurl());
+
+ $hash = random_string();
+
+ $_SESSION['remove_account_verify'] = $hash;
+
+ $tpl = load_view_file('view/removeme.tpl');
+ $o .= replace_macros($tpl, array(
+ '$basedir' => $a->get_baseurl(),
+ '$hash' => $hash,
+ '$title' => t('Remove My Account'),
+ '$desc' => t('This will completely remove your account. Once this has been done it is not recoverable.'),
+ '$passwd' => t('Please enter your password for verification:'),
+ '$submit' => t('Remove My Account')
+ ));
+
+ return $o;
+
+} \ No newline at end of file
diff --git a/view/de/settings.tpl b/view/de/settings.tpl
index 6259c171a..0ef50546f 100644
--- a/view/de/settings.tpl
+++ b/view/de/settings.tpl
@@ -5,7 +5,7 @@
$nickname_block
-<form action="settings" id="settings-form" method="post" autocomplete="false" >
+<form action="settings" id="settings-form" method="post" autocomplete="off" >
<h3 class="settings-heading">Grundeinstellungen</h3>
diff --git a/view/en/settings.tpl b/view/en/settings.tpl
index 5e1bfabf4..97d67cbf6 100644
--- a/view/en/settings.tpl
+++ b/view/en/settings.tpl
@@ -5,7 +5,7 @@
$nickname_block
-<form action="settings" id="settings-form" method="post" autocomplete="false" >
+<form action="settings" id="settings-form" method="post" autocomplete="off" >
<h3 class="settings-heading">Basic Settings</h3>
diff --git a/view/fr/settings.tpl b/view/fr/settings.tpl
index 5e1bfabf4..97d67cbf6 100644
--- a/view/fr/settings.tpl
+++ b/view/fr/settings.tpl
@@ -5,7 +5,7 @@
$nickname_block
-<form action="settings" id="settings-form" method="post" autocomplete="false" >
+<form action="settings" id="settings-form" method="post" autocomplete="off" >
<h3 class="settings-heading">Basic Settings</h3>
diff --git a/view/it/settings.tpl b/view/it/settings.tpl
index 2ff259acc..3b68923cf 100644
--- a/view/it/settings.tpl
+++ b/view/it/settings.tpl
@@ -6,7 +6,7 @@
$nickname_block
-<form action="settings" id="settings-form" method="post" autocomplete="false" >
+<form action="settings" id="settings-form" method="post" autocomplete="off" >
<h3 class="settings-heading">Impostazioni base</h3>
diff --git a/view/removeme.tpl b/view/removeme.tpl
new file mode 100644
index 000000000..a3ca8d4cf
--- /dev/null
+++ b/view/removeme.tpl
@@ -0,0 +1,20 @@
+<h1>$title</h1>
+
+<div id="remove-account-wrapper">
+
+<div id="remove-account-desc">$desc</div>
+
+<form action="$basedir/removeme" autocomplete="off" method="post" >
+<input type="hidden" name="verify" value="$hash" />
+
+<div id="remove-account-pass-wrapper">
+<label id="remove-account-pass-label" for="remove-account-pass">$passwd</label>
+<input type="password" id="remove-account-pass" name="qxz_password" />
+</div>
+<div id="remove-account-pass-end"></div>
+
+<input type="submit" name="submit" value="$submit" />
+
+</form>
+</div>
+