2010-12-14 17:38:43 +00:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* StatusNet - the distributed open-source microblogging tool
|
|
|
|
* Copyright (C) 2010, StatusNet, Inc.
|
|
|
|
*
|
|
|
|
* Delete your own account
|
2011-01-14 19:48:17 +00:00
|
|
|
*
|
2010-12-14 17:38:43 +00:00
|
|
|
* PHP version 5
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as published by
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*
|
|
|
|
* @category Account
|
|
|
|
* @package StatusNet
|
|
|
|
* @author Evan Prodromou <evan@status.net>
|
|
|
|
* @copyright 2010 StatusNet, Inc.
|
|
|
|
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
|
|
|
|
* @link http://status.net/
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (!defined('STATUSNET')) {
|
|
|
|
// This check helps protect against security problems;
|
|
|
|
// your code file can't be executed directly from the web.
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Action to delete your own account
|
2011-01-14 19:48:17 +00:00
|
|
|
*
|
2010-12-14 17:38:43 +00:00
|
|
|
* Note that this is distinct from DeleteuserAction, which see. I thought
|
|
|
|
* that making that action do both things (delete another user and delete the
|
|
|
|
* current user) would open a lot of holes. I'm open to refactoring, however.
|
|
|
|
*
|
|
|
|
* @category Account
|
|
|
|
* @package StatusNet
|
|
|
|
* @author Evan Prodromou <evan@status.net>
|
|
|
|
* @copyright 2010 StatusNet, Inc.
|
|
|
|
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
|
|
|
|
* @link http://status.net/
|
|
|
|
*/
|
|
|
|
class DeleteaccountAction extends Action
|
|
|
|
{
|
|
|
|
private $_complete = false;
|
2019-04-26 00:34:17 +01:00
|
|
|
private $_error = null;
|
2010-12-14 17:38:43 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* For initializing members of the class.
|
|
|
|
*
|
2019-04-26 00:34:17 +01:00
|
|
|
* @param array $args misc. arguments
|
2010-12-14 17:38:43 +00:00
|
|
|
*
|
|
|
|
* @return boolean true
|
2019-04-26 00:34:17 +01:00
|
|
|
* @throws ClientException
|
2010-12-14 17:38:43 +00:00
|
|
|
*/
|
2019-04-26 00:34:17 +01:00
|
|
|
function prepare(array $args = [])
|
2010-12-14 17:38:43 +00:00
|
|
|
{
|
2019-04-26 00:34:17 +01:00
|
|
|
parent::prepare($args);
|
2011-01-14 19:48:17 +00:00
|
|
|
|
2010-12-14 17:38:43 +00:00
|
|
|
$cur = common_current_user();
|
|
|
|
|
|
|
|
if (empty($cur)) {
|
2011-01-14 19:48:17 +00:00
|
|
|
// TRANS: Client exception displayed trying to delete a user account while not logged in.
|
2019-04-26 00:34:17 +01:00
|
|
|
throw new ClientException(_("Only logged-in users can delete their account."), 403);
|
2010-12-14 17:38:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (!$cur->hasRight(Right::DELETEACCOUNT)) {
|
2011-01-14 19:48:17 +00:00
|
|
|
// TRANS: Client exception displayed trying to delete a user account without have the rights to do that.
|
2010-12-14 17:38:43 +00:00
|
|
|
throw new ClientException(_("You cannot delete your account."), 403);
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Handler method
|
|
|
|
*
|
|
|
|
* @return void
|
2019-04-26 00:34:17 +01:00
|
|
|
* @throws AuthorizationException
|
|
|
|
* @throws ServerException
|
2010-12-14 17:38:43 +00:00
|
|
|
*/
|
2019-04-26 00:34:17 +01:00
|
|
|
function handle()
|
2010-12-14 17:38:43 +00:00
|
|
|
{
|
2019-04-26 00:34:17 +01:00
|
|
|
parent::handle();
|
2010-12-14 17:38:43 +00:00
|
|
|
|
|
|
|
if ($this->isPost()) {
|
|
|
|
$this->deleteAccount();
|
|
|
|
} else {
|
|
|
|
$this->showPage();
|
|
|
|
}
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Delete the current user's account
|
2011-01-14 19:48:17 +00:00
|
|
|
*
|
2010-12-14 17:38:43 +00:00
|
|
|
* Checks for the "I am sure." string to make sure the user really
|
|
|
|
* wants to delete their account.
|
|
|
|
*
|
|
|
|
* Then, marks the account as deleted and begins the deletion process
|
|
|
|
* (actually done by a back-end handler).
|
|
|
|
*
|
|
|
|
* If successful it logs the user out, and shows a brief completion message.
|
|
|
|
*
|
|
|
|
* @return void
|
2019-04-26 00:34:17 +01:00
|
|
|
* @throws AuthorizationException
|
|
|
|
* @throws ServerException
|
2010-12-14 17:38:43 +00:00
|
|
|
*/
|
|
|
|
function deleteAccount()
|
|
|
|
{
|
|
|
|
$this->checkSessionToken();
|
2011-01-14 19:48:17 +00:00
|
|
|
// !!! If this string is changed, it also needs to be changed in DeleteAccountForm::formData()
|
|
|
|
// TRANS: Confirmation text for user deletion. The user has to type this exactly the same, including punctuation.
|
|
|
|
$iamsure = _('I am sure.');
|
2019-04-26 00:34:17 +01:00
|
|
|
if ($this->trimmed('iamsure') != $iamsure) {
|
2011-01-14 19:48:17 +00:00
|
|
|
// TRANS: Notification for user about the text that must be input to be able to delete a user account.
|
|
|
|
// TRANS: %s is the text that needs to be input.
|
2011-01-19 23:13:46 +00:00
|
|
|
$this->_error = sprintf(_('You must write "%s" exactly in the box.'), $iamsure);
|
2010-12-14 17:38:43 +00:00
|
|
|
$this->showPage();
|
2019-04-26 00:34:17 +01:00
|
|
|
return null;
|
2010-12-14 17:38:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
$cur = common_current_user();
|
|
|
|
|
|
|
|
// Mark the account as deleted and shove low-level deletion tasks
|
|
|
|
// to background queues. Removing a lot of posts can take a while...
|
|
|
|
|
|
|
|
if (!$cur->hasRole(Profile_role::DELETED)) {
|
|
|
|
$cur->grantRole(Profile_role::DELETED);
|
|
|
|
}
|
|
|
|
|
|
|
|
$qm = QueueManager::get();
|
|
|
|
$qm->enqueue($cur, 'deluser');
|
|
|
|
|
|
|
|
// The user is really-truly logged out
|
|
|
|
|
|
|
|
common_set_user(null);
|
|
|
|
common_real_login(false); // not logged in
|
|
|
|
common_forgetme(); // don't log back in!
|
|
|
|
|
|
|
|
$this->_complete = true;
|
|
|
|
$this->showPage();
|
|
|
|
}
|
|
|
|
|
2019-04-26 00:34:17 +01:00
|
|
|
/**
|
|
|
|
* Return true if read only.
|
|
|
|
*
|
|
|
|
* MAY override
|
|
|
|
*
|
|
|
|
* @param array $args other arguments
|
|
|
|
*
|
|
|
|
* @return boolean is read only action?
|
|
|
|
*/
|
|
|
|
function isReadOnly($args)
|
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return last modified, if applicable.
|
|
|
|
*
|
|
|
|
* MAY override
|
|
|
|
*
|
|
|
|
* @return string last modified http header
|
|
|
|
*/
|
|
|
|
function lastModified()
|
|
|
|
{
|
|
|
|
// For comparison with If-Last-Modified
|
|
|
|
// If not applicable, return null
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return etag, if applicable.
|
|
|
|
*
|
|
|
|
* MAY override
|
|
|
|
*
|
|
|
|
* @return string etag http header
|
|
|
|
*/
|
|
|
|
function etag()
|
|
|
|
{
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2010-12-14 17:38:43 +00:00
|
|
|
/**
|
|
|
|
* Shows the page content.
|
2011-01-14 19:48:17 +00:00
|
|
|
*
|
2010-12-14 17:38:43 +00:00
|
|
|
* If the deletion is complete, just shows a completion message.
|
|
|
|
*
|
|
|
|
* Otherwise, shows the deletion form.
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
function showContent()
|
|
|
|
{
|
|
|
|
if ($this->_complete) {
|
2011-01-14 19:48:17 +00:00
|
|
|
$this->element('p', 'confirmation',
|
2019-04-26 00:34:17 +01:00
|
|
|
// TRANS: Confirmation that a user account has been deleted.
|
|
|
|
_('Account deleted.'));
|
|
|
|
return null;
|
2010-12-14 17:38:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (!empty($this->_error)) {
|
|
|
|
$this->element('p', 'error', $this->_error);
|
|
|
|
$this->_error = null;
|
|
|
|
}
|
|
|
|
|
|
|
|
$form = new DeleteAccountForm($this);
|
|
|
|
$form->show();
|
|
|
|
}
|
2011-01-14 19:48:17 +00:00
|
|
|
|
2010-12-14 17:38:43 +00:00
|
|
|
/**
|
|
|
|
* Show the title of the page
|
|
|
|
*
|
|
|
|
* @return string title
|
|
|
|
*/
|
|
|
|
|
|
|
|
function title()
|
|
|
|
{
|
2011-01-14 19:48:17 +00:00
|
|
|
// TRANS: Page title for page on which a user account can be deleted.
|
2010-12-14 17:38:43 +00:00
|
|
|
return _('Delete account');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Form for deleting your account
|
2011-01-14 19:48:17 +00:00
|
|
|
*
|
2010-12-14 17:38:43 +00:00
|
|
|
* Note that this mostly is here to keep you from accidentally deleting your
|
|
|
|
* account.
|
|
|
|
*
|
|
|
|
* @category Account
|
|
|
|
* @package StatusNet
|
|
|
|
* @author Evan Prodromou <evan@status.net>
|
|
|
|
* @copyright 2010 StatusNet, Inc.
|
|
|
|
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
|
|
|
|
* @link http://status.net/
|
|
|
|
*/
|
|
|
|
class DeleteAccountForm extends Form
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Class of the form.
|
|
|
|
*
|
|
|
|
* @return string the form's class
|
|
|
|
*/
|
|
|
|
function formClass()
|
|
|
|
{
|
|
|
|
return 'form_profile_delete';
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* URL the form posts to
|
|
|
|
*
|
|
|
|
* @return string the form's action URL
|
|
|
|
*/
|
|
|
|
function action()
|
|
|
|
{
|
|
|
|
return common_local_url('deleteaccount');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Output form data
|
2011-01-14 19:48:17 +00:00
|
|
|
*
|
2010-12-14 17:38:43 +00:00
|
|
|
* Instructions plus an 'i am sure' entry box.
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
function formData()
|
|
|
|
{
|
|
|
|
$cur = common_current_user();
|
|
|
|
|
2011-01-14 19:48:17 +00:00
|
|
|
// TRANS: Form text for user deletion form.
|
2019-04-26 00:34:17 +01:00
|
|
|
$msg = '<p>' . _('This will <strong>permanently delete</strong> your account data from this server.') . '</p>';
|
2010-12-14 17:38:43 +00:00
|
|
|
|
|
|
|
if ($cur->hasRight(Right::BACKUPACCOUNT)) {
|
2011-01-14 19:48:17 +00:00
|
|
|
// TRANS: Additional form text for user deletion form shown if a user has account backup rights.
|
|
|
|
// TRANS: %s is a URL to the backup page.
|
2019-04-26 00:34:17 +01:00
|
|
|
$msg .= '<p>' . sprintf(_('You are strongly advised to <a href="%s">back up your data</a> before deletion.'),
|
|
|
|
common_local_url('backupaccount')) . '</p>';
|
2010-12-14 17:38:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
$this->out->elementStart('p');
|
|
|
|
$this->out->raw($msg);
|
|
|
|
$this->out->elementEnd('p');
|
|
|
|
|
2011-01-14 19:48:17 +00:00
|
|
|
// !!! If this string is changed, it also needs to be changed in class DeleteaccountAction.
|
|
|
|
// TRANS: Confirmation text for user deletion. The user has to type this exactly the same, including punctuation.
|
|
|
|
$iamsure = _("I am sure.");
|
2010-12-14 17:38:43 +00:00
|
|
|
$this->out->input('iamsure',
|
2019-04-26 00:34:17 +01:00
|
|
|
// TRANS: Field label for delete account confirmation entry.
|
|
|
|
_('Confirm'),
|
|
|
|
null,
|
|
|
|
// TRANS: Input title for the delete account field.
|
|
|
|
// TRANS: %s is the text that needs to be input.
|
|
|
|
sprintf(_('Enter "%s" to confirm that ' .
|
|
|
|
'you want to delete your account.'), $iamsure));
|
2010-12-14 17:38:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Buttons for the form
|
2011-01-14 19:48:17 +00:00
|
|
|
*
|
2010-12-14 17:38:43 +00:00
|
|
|
* In this case, a single submit button
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
function formActions()
|
|
|
|
{
|
|
|
|
$this->out->submit('submit',
|
2019-04-26 00:34:17 +01:00
|
|
|
// TRANS: Button text for user account deletion.
|
|
|
|
_m('BUTTON', 'Delete'),
|
|
|
|
'submit',
|
|
|
|
null,
|
|
|
|
// TRANS: Button title for user account deletion.
|
|
|
|
_('Permanently delete your account.'));
|
2010-12-14 17:38:43 +00:00
|
|
|
}
|
|
|
|
}
|