Merge pull request #6198 from MrPetovan/task/user-removal-improvements

User removal improvements
pull/6203/head
Tobias Diekershoff 2018-11-25 08:45:45 +01:00 committed by GitHub
commit 8fda63ca86
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 27 additions and 18 deletions

View File

@ -1783,7 +1783,11 @@ function admin_page_users_post(App $a)
} }
if (x($_POST, 'page_users_delete')) { if (x($_POST, 'page_users_delete')) {
foreach ($users as $uid) { foreach ($users as $uid) {
User::remove($uid); if (local_user() != $uid) {
User::remove($uid);
} else {
notice(L10n::t('You can\'t remove yourself'));
}
} }
notice(L10n::tt("%s user deleted", "%s users deleted", count($users))); notice(L10n::tt("%s user deleted", "%s users deleted", count($users)));
} }
@ -1828,11 +1832,15 @@ function admin_page_users(App $a)
} }
switch ($a->argv[2]) { switch ($a->argv[2]) {
case "delete": case "delete":
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't'); if (local_user() != $uid) {
// delete user BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');
User::remove($uid); // delete user
User::remove($uid);
notice(L10n::t("User '%s' deleted", $user['username']) . EOL); notice(L10n::t("User '%s' deleted", $user['username']));
} else {
notice(L10n::t('You can\'t remove yourself'));
}
break; break;
case "block": case "block":
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't'); BaseModule::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');

View File

@ -57,8 +57,12 @@ function removeme_post(App $a)
]); ]);
} }
if (User::authenticate($a->user, trim($_POST['qxz_password']))) { if (User::getIdFromPasswordAuthentication($a->user, trim($_POST['qxz_password']))) {
User::remove($a->user['uid']); User::remove($a->user['uid']);
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
$a->internalRedirect();
// NOTREACHED // NOTREACHED
} }
} }

View File

@ -9,6 +9,7 @@ use DivineOmega\PasswordExposed;
use Exception; use Exception;
use Friendica\Core\Addon; use Friendica\Core\Addon;
use Friendica\Core\Config; use Friendica\Core\Config;
use Friendica\Core\Hook;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
@ -732,7 +733,7 @@ class User
Dear %1$s, Dear %1$s,
Thank you for registering at %2$s. Your account has been created. Thank you for registering at %2$s. Your account has been created.
', ',
$preamble, $user['username'], $sitename $user['username'], $sitename
)); ));
$body = Strings::deindent(L10n::t(' $body = Strings::deindent(L10n::t('
The login details are as follows: The login details are as follows:
@ -782,7 +783,7 @@ class User
public static function remove($uid) public static function remove($uid)
{ {
if (!$uid) { if (!$uid) {
return; return false;
} }
$a = get_app(); $a = get_app();
@ -791,28 +792,24 @@ class User
$user = DBA::selectFirst('user', [], ['uid' => $uid]); $user = DBA::selectFirst('user', [], ['uid' => $uid]);
Addon::callHooks('remove_user', $user); Hook::callAll('remove_user', $user);
// save username (actually the nickname as it is guaranteed // save username (actually the nickname as it is guaranteed
// unique), so it cannot be re-registered in the future. // unique), so it cannot be re-registered in the future.
DBA::insert('userd', ['username' => $user['nickname']]); DBA::insert('userd', ['username' => $user['nickname']]);
// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php) // The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc(DateTimeFormat::utcNow() . " + 7 day")], ['uid' => $uid]); DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc('now + 7 day')], ['uid' => $uid]);
Worker::add(PRIORITY_HIGH, "Notifier", "removeme", $uid); Worker::add(PRIORITY_HIGH, 'Notifier', 'removeme', $uid);
// Send an update to the directory // Send an update to the directory
$self = DBA::selectFirst('contact', ['url'], ['uid' => $uid, 'self' => true]); $self = DBA::selectFirst('contact', ['url'], ['uid' => $uid, 'self' => true]);
Worker::add(PRIORITY_LOW, "Directory", $self['url']); Worker::add(PRIORITY_LOW, 'Directory', $self['url']);
// Remove the user relevant data // Remove the user relevant data
Worker::add(PRIORITY_LOW, "RemoveUser", $uid); Worker::add(PRIORITY_LOW, 'RemoveUser', $uid);
if ($uid == local_user()) { return true;
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
$a->internalRedirect();
}
} }
/** /**