From fc94a638cd16dce8ed0d2772d29432f99396a70f Mon Sep 17 00:00:00 2001 From: Christian Vogeley Date: Thu, 14 Aug 2014 20:17:57 +0200 Subject: Some work on account deletion --- include/Contact.php | 13 ++++++--- mod/admin.php | 2 +- mod/removeaccount.php | 66 ++++++++++++++++++++++++++++++++++++++++++++++ mod/removeme.php | 2 +- view/tpl/removeaccount.tpl | 22 ++++++++++++++++ 5 files changed, 99 insertions(+), 6 deletions(-) create mode 100644 mod/removeaccount.php create mode 100644 view/tpl/removeaccount.tpl diff --git a/include/Contact.php b/include/Contact.php index 100854f0d..47b1763cb 100644 --- a/include/Contact.php +++ b/include/Contact.php @@ -162,7 +162,7 @@ function user_remove($uid) { } -function account_remove($account_id,$local = true) { +function account_remove($account_id,$local = true,$unset_session=true) { logger('account_remove: ' . $account_id); @@ -196,7 +196,7 @@ function account_remove($account_id,$local = true) { ); if($x) { foreach($x as $xx) { - channel_remove($xx['channel_id'],$local); + channel_remove($xx['channel_id'],$local,false); } } @@ -204,11 +204,16 @@ function account_remove($account_id,$local = true) { intval($account_id) ); + if ($unset_session) { + unset($_SESSION['authenticated']); + unset($_SESSION['uid']); + goaway(get_app()->get_baseurl()); + } return $r; } -function channel_remove($channel_id, $local = true) { +function channel_remove($channel_id, $local = true, $unset_session=true) { if(! $channel_id) return; @@ -292,7 +297,7 @@ function channel_remove($channel_id, $local = true) { proc_run('php','include/directory.php',$channel_id); - if($channel_id == local_user()) { + if($channel_id == local_user() && $unset_session) { unset($_SESSION['authenticated']); unset($_SESSION['uid']); goaway($a->get_baseurl()); diff --git a/mod/admin.php b/mod/admin.php index 464edddd4..d9ca998ac 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -672,7 +672,7 @@ function admin_page_users(&$a){ check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); // delete user require_once("include/Contact.php"); - account_remove($uid,true); + account_remove($uid,true,false); notice( sprintf(t("User '%s' deleted"), $account[0]['account_email']) . EOL); }; break; diff --git a/mod/removeaccount.php b/mod/removeaccount.php new file mode 100644 index 000000000..1f9dbcafa --- /dev/null +++ b/mod/removeaccount.php @@ -0,0 +1,66 @@ +get_account(); + $account_id = get_account_id(); + + if(! account_verify_password($account['account_email'],$_POST['qxz_password'])) + return; + + if($account['account_password_changed'] != '0000-00-00 00:00:00') { + $d1 = datetime_convert('UTC','UTC','now - 48 hours'); + if($account['account_password_changed'] > d1) { + notice( t('Account removals are not allowed within 48 hours of changing the account password.') . EOL); + return; + } + } + + require_once('include/Contact.php'); + + $global_remove = intval($_POST['global']); + + account_remove($account_id,true); + +} + + + +function removeaccount_content(&$a) { + + if(! local_user()) + goaway(z_root()); + + $hash = random_string(); + + $_SESSION['remove_account_verify'] = $hash; + $tpl = get_markup_template('removeaccount.tpl'); + $o .= replace_macros($tpl, array( + '$basedir' => $a->get_baseurl(), + '$hash' => $hash, + '$title' => t('Remove This Account'), + '$desc' => t('This will completely remove this account including all its channels from the network. Once this has been done it is not recoverable.'), + '$passwd' => t('Please enter your password for verification:'), + '$global' => array('global', t('Remove this account, all its channels and all its channel clones from the network'), false, t('By default only the instances of the channels located on this hub will be removed from the network')), + '$submit' => t('Remove Account') + )); + + return $o; + +} \ No newline at end of file diff --git a/mod/removeme.php b/mod/removeme.php index 095570480..13bf6cf63 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -35,7 +35,7 @@ function removeme_post(&$a) { $global_remove = intval($_POST['global']); - channel_remove(local_user(),1 - $global_remove); + channel_remove(local_user(),1 - $global_remove,true); } diff --git a/view/tpl/removeaccount.tpl b/view/tpl/removeaccount.tpl new file mode 100644 index 000000000..b7378806b --- /dev/null +++ b/view/tpl/removeaccount.tpl @@ -0,0 +1,22 @@ +

{{$title}}

+ +
+ +
{{$desc}}
+ +
+ + +
+ + +
+
+ +{{include file="field_checkbox.tpl" field=$global}} + + + +
+
+ -- cgit v1.2.3