Issue #3175 Email confirmation and database update/delete processing added. Testing required.

2025-07-24 16:31:48 +02:00 · 2018-07-12 15:31:11 -07:00
parent 4453251bb8
commit ce244935c0
4 changed files with 187 additions and 4 deletions
--- a/e107_admin/users.php
+++ b/e107_admin/users.php
@@ -2511,7 +2511,8 @@ class users_admin_form_ui extends e_admin_form_ui
 			'<span class="label label-success label-status">'.LAN_ACTIVE.'</span>',
 			"<span class='label label-important label-danger label-status'>".LAN_BANNED."</span>",
 			"<span class='label label-default label-status'>".LAN_NOTVERIFIED."</span>",
-			"<span class='label label-info label-status'>".LAN_BOUNCED."</span>"
+			"<span class='label label-info label-status'>".LAN_BOUNCED."</span>",
+			"<span class='label label-important label-danger label-status'>".USRLAN_56."</span>", // Deleted
 		);
 		
 		if($mode == 'filter' || $mode == 'batch')
--- a/e107_languages/English/lan_usersettings.php
+++ b/e107_languages/English/lan_usersettings.php
@@ -147,4 +147,11 @@ define("LAN_USET_6", "Subscribe to our mailing-list(s) and/or sections of this s
 // define("LAN_USET_8", "Signature / Time zone");

 define("LAN_USET_50", "Delete Account");
-define("LAN_USET_51", "Are you sure? This procedure cannot be reversed! Once completed, your account and any personal data that you have entered on this site will be permanently lost and you will no longer be able to login.");
+define("LAN_USET_51", "Are you sure? This procedure cannot be reversed! Once completed, your account and any personal data that you have entered on this site will be permanently lost and you will no longer be able to login.");
+define("LAN_USET_52", "A confirmation email has been sent to [x]. Please click the link in the email to permanently delete your account.");
+define("LAN_USET_53", "Account Removal Confirmation");
+define("LAN_USET_54", "Confirmation Email Sent");
+define("LAN_USET_55", "Please click the following link to complete the deletion of your account.");
+define("LAN_USET_56", "Your account has been successfully deleted.");
+
+
--- a/e107_plugins/user/e_user.php
+++ b/e107_plugins/user/e_user.php
@@ -0,0 +1,61 @@
+<?php
+/*
+ * e107 website system
+ *
+ * Copyright (C) 2008-2014 e107 Inc (e107.org)
+ * Released under the terms and conditions of the
+ * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
+ *
+ */
+
+if (!defined('e107_INIT')) { exit; }
+
+// v2.x Standard 
+class user_user // plugin-folder + '_user'
+{		
+		
+/*	function profile($udata)  // display on user profile page.
+	{
+
+		$var = array(
+			0 => array('label' => "Label", 'text' => "Some text to display", 'url'=> e_PLUGIN_ABS."_blank/blank.php")
+		);
+		
+		return $var;
+	}*/
+
+
+	/**
+	 * Experimental and subject to change without notice.
+	 * @return mixed
+	 */
+	function delete($uid)
+	{
+
+		$config = array();
+
+		$config['user'] =  array(
+		//	'user_id'           => '[primary]',
+			'user_name'         => 'Deleted-User-'.$uid,
+			'user_loginname'    => 'Deleted-Login-'.$uid,
+			'user_email'        => 'noreply-'.$uid.'@nowhere.com',
+			'user_ip'           => '',
+			'user_lastvisit'    => time(),
+			'user_ban'          => 5, // 'deleted' status'
+			// etc.
+			'WHERE'             => 'user_id = '.$uid,
+			'MODE'              => 'update'
+		);
+
+		$config['user_extended'] = array(
+			'WHERE'             => 'user_extended_id = '.$uid,
+			'MODE'              => 'delete'
+		);
+
+		return $config;
+
+	}
+
+
+	
+}
--- a/usersettings.php
+++ b/usersettings.php
@@ -138,6 +138,114 @@ class usersettings_front // Begin Usersettings rewrite.
 	{
 		return $this->template[$id];
 	}
+	
+	
+	
+	private function sendDeleteConfirmationEmail()
+	{
+		$tp = e107::getParser();
+
+		$message = defset('LAN_USET_52', "A confirmation email has been sent to [x]. Please click the link in the email to permanently delete your account."); // Load LAN with fall-back.
+		$subject = defset("LAN_USET_53", "Account Removal Confirmation"); // Load LAN with fall-back.
+		$caption = defset('LAN_USET_54', "Confirmation Email Sent"); // Load LAN with fall-back.
+
+		$hash = e107::getUserSession()->generateRandomString("#**************************************************************************#");
+
+		$link = SITEURL."usersettings.php?del=".$hash; // Security measure - user must be logged in to utilize the link.
+
+		$text = LAN_USET_55; // "Please click the following link to complete the deletion of your account.";
+		$text .= "<br /><br />";
+		$text .= "<a href='".$link."' target='_blank'>".$link."</a>";
+
+
+		$eml = array(
+			'subject' 		=> $subject,
+			'html'			=> true,
+			'priority'      => 1,
+			'template'		=> 'default',
+			'body'			=> $text,
+		);
+
+		if(e107::getEmail()->sendEmail(USEREMAIL,USERNAME, $eml))
+		{
+			$update = array(
+				'user_sess' => $hash,
+				'WHERE' => 'user_id = '.USERID
+			);
+
+			e107::getDb()->update('user',$update);
+
+			$alert = $tp->lanVars($message, USEREMAIL);
+			return e107::getMessage()->setTitle($caption, E_MESSAGE_INFO)->addInfo($alert)->render();
+
+		}
+
+		//todo Email Failure message.
+		return null;
+
+
+
+	}
+
+/*
+	private function processUserDeleteFields($vars)
+	{
+		$qry = array();
+
+		foreach($vars as $field => $var)
+		{
+
+
+
+		}
+
+		return $qry;
+	}*/
+
+
+	private function processUserDelete($hash)
+	{
+		if(!e107::getDb()->select('user',"user_id = ".USERID." AND user_sess=".$hash." LIMIT 1")) // user must be logged in AND have correct hash.
+		{
+			return false;
+		}
+
+		$arr = e107::getAddonConfig('e_user', '', 'delete', USERID);
+
+		$sql = e107::getDb();
+
+		foreach($arr as $plugin)
+		{
+			foreach($plugin as $table => $query)
+			{
+				$mode = $query['MODE'];
+				unset($query['MODE']);
+
+				// $query = $this->processUserDeleteFields($query); //optional pre-processing..
+
+				if($mode === 'update')
+				{
+					//echo "<h3>UPDATE ".$table."</h3>";
+				//	print_a($query);
+					$sql->update($table,$query); // todo check query ran successfully.
+				}
+				elseif($mode === 'delete')
+				{
+					//echo "<h3>DELETE ".$table."</h3>";
+					//print_a($query);
+					$sql->delete($table,$query); //  todo check query ran successfully.
+				}
+
+			}
+
+
+		}
+
+		$alert = defset('LAN_USET_56', "Your account has been successfully deleted.");
+
+		return e107::getMessage()->addSuccess($alert)->render();
+
+	}

 	/**
 	 * @return bool
@@ -172,9 +280,15 @@ class usersettings_front // Begin Usersettings rewrite.
 		$adminEdit          = false; // @deprecated		// FALSE if editing own data. TRUE if admin edit


-		if(!empty($_POST['delete_account']))
+		if(!empty($_POST['delete_account'])) // button clicked.
 		{
-			echo e107::getMessage()->addWarning("This feature is currently under development. Your data has not been modified")->render(); // do not LAN.
+			echo $this->sendDeleteConfirmationEmail();
+		}
+
+		if(!empty($_GET['del'])) // delete account via confirmation email link.
+		{
+			echo $this->processUserDelete($_GET['del']);
+			e107::getSession()->destroy();
 		}

 		/* todo subject of removal */