diff options
| author | Christopher Smith <chris@jalakai.co.uk> | 2013-07-31 18:14:26 +0200 |
|---|---|---|
| committer | Christopher Smith <chris@jalakai.co.uk> | 2013-07-31 18:14:26 +0200 |
| commit | 2a7abf2d7fee6a2d6418e5ad4b79e37e6049bd92 (patch) | |
| tree | b4d8b38bd7113d0e02b7eb7a53da0d3b5354712b | |
| parent | 07ff0babae240ba072a3bc8b83a989c4305c24cd (diff) | |
| download | rpg-2a7abf2d7fee6a2d6418e5ad4b79e37e6049bd92.tar.gz rpg-2a7abf2d7fee6a2d6418e5ad4b79e37e6049bd92.tar.bz2 | |
FS#2751 - self deletion of user account
| -rw-r--r-- | inc/actions.php | 28 | ||||
| -rw-r--r-- | inc/auth.php | 39 | ||||
| -rw-r--r-- | inc/confutils.php | 3 | ||||
| -rw-r--r-- | inc/html.php | 17 | ||||
| -rw-r--r-- | inc/lang/en/lang.php | 7 | ||||
| -rw-r--r-- | lib/plugins/config/lang/en/lang.php | 1 | ||||
| -rw-r--r-- | lib/plugins/config/settings/config.metadata.php | 2 | ||||
| -rw-r--r-- | lib/tpl/dokuwiki/css/_forms.css | 5 |
8 files changed, 92 insertions, 10 deletions
diff --git a/inc/actions.php b/inc/actions.php index da3414eb2..bf124c887 100644 --- a/inc/actions.php +++ b/inc/actions.php @@ -92,14 +92,26 @@ function act_dispatch(){ $ACT = 'login'; } - //update user profile - if ($ACT == 'profile') { + // user profile changes + if (in_array($ACT, array('profile','profile_delete'))) { if(!$_SERVER['REMOTE_USER']) { $ACT = 'login'; } else { - if(updateprofile()) { - msg($lang['profchanged'],1); - $ACT = 'show'; + switch ($ACT) { + case 'profile' : + if(updateprofile()) { + msg($lang['profchanged'],1); + $ACT = 'show'; + } + break; + case 'profile_delete' : + if(auth_deleteprofile()){ + msg($lang['profdeleted'],1); + $ACT = 'show'; + } else { + $ACT = 'profile'; + } + break; } } } @@ -247,7 +259,7 @@ function act_validate($act) { //disable all acl related commands if ACL is disabled if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin', 'subscribe','unsubscribe','profile','revert', - 'resendpwd'))){ + 'resendpwd','profile_delete'))){ msg('Command unavailable: '.htmlspecialchars($act),-1); return 'show'; } @@ -258,7 +270,7 @@ function act_validate($act) { if(!in_array($act,array('login','logout','register','save','cancel','edit','draft', 'preview','search','show','check','index','revisions', 'diff','recent','backlink','admin','subscribe','revert', - 'unsubscribe','profile','resendpwd','recover', + 'unsubscribe','profile','profile_delete','resendpwd','recover', 'draftdel','sitemap','media')) && substr($act,0,7) != 'export_' ) { msg('Command unknown: '.htmlspecialchars($act),-1); return 'show'; @@ -287,7 +299,7 @@ function act_permcheck($act){ }else{ $permneed = AUTH_CREATE; } - }elseif(in_array($act,array('login','search','recent','profile','index', 'sitemap'))){ + }elseif(in_array($act,array('login','search','recent','profile','profile_delete','index', 'sitemap'))){ $permneed = AUTH_NONE; }elseif($act == 'revert'){ $permneed = AUTH_ADMIN; diff --git a/inc/auth.php b/inc/auth.php index 537d44c01..75ba9a9ba 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -901,6 +901,45 @@ function updateprofile() { return false; } +function auth_deleteprofile(){ + global $conf; + global $lang; + /* @var auth_basic $auth */ + global $auth; + /* @var Input $INPUT */ + global $INPUT; + + if(!$INPUT->post->bool('delete')) return false; + if(!checkSecurityToken()) return false; + + // action prevented or auth module disallows + if(!actionOK('profile_delete') || !$auth->canDo('delUser')) { + msg($lang['profnodelete'], -1); + return false; + } + + if(!$INPUT->post->bool('confirm_delete')){ + msg($lang['profconfdeletemissing'], -1); + return false; + } + + if($conf['profileconfirm']) { + if(!$auth->checkPass($_SERVER['REMOTE_USER'], $INPUT->post->str('oldpass'))) { + msg($lang['badpassconfirm'], -1); + return false; + } + } + + $deleted[] = $_SERVER['REMOTE_USER']; + if($result = $auth->triggerUserMod('delete', array($deleted))) { + // force and immediate logout including removing the sticky cookie + auth_logoff(); + return true; + } + + return false; +} + /** * Send a new password * diff --git a/inc/confutils.php b/inc/confutils.php index 404cc6050..02be0089c 100644 --- a/inc/confutils.php +++ b/inc/confutils.php @@ -261,6 +261,9 @@ function actionOK($action){ if (is_null($auth) || !$auth->canDo('Profile')) { $disabled[] = 'profile'; } + if (is_null($auth) || !$auth->canDo('delUser')) { + $disabled[] = 'profile_delete'; + } if (is_null($auth)) { $disabled[] = 'login'; } diff --git a/inc/html.php b/inc/html.php index fb39fcb3c..5e3388a52 100644 --- a/inc/html.php +++ b/inc/html.php @@ -1381,6 +1381,23 @@ function html_updateprofile(){ $form->addElement(form_makeButton('reset', '', $lang['btn_reset'])); $form->endFieldset(); html_form('updateprofile', $form); + + if ($auth->canDo('delUser') && actionOK('profile_delete')) { + $form_profiledelete = new Doku_Form(array('id' => 'dw__profiledelete')); + $form_profiledelete->startFieldset($lang['profdeleteuser']); + $form_profiledelete->addHidden('do', 'profile_delete'); + $form_profiledelete->addHidden('delete', '1'); + $form_profiledelete->addElement(form_makeCheckboxField('confirm_delete', '1', $lang['profconfdelete'],'dw__confirmdelete','', array('required' => 'required'))); + if ($conf['profileconfirm']) { + $form_profiledelete->addElement(form_makeTag('br')); + $form_profiledelete->addElement(form_makePasswordField('oldpass', $lang['oldpass'], '', 'block', array('size'=>'50', 'required' => 'required'))); + } + $form_profiledelete->addElement(form_makeButton('submit', '', $lang['btn_deleteuser'])); + $form_profiledelete->endFieldset(); + + html_form('profiledelete', $form_profiledelete); + } + print '</div>'.NL; } diff --git a/inc/lang/en/lang.php b/inc/lang/en/lang.php index cdad6c9a6..d4acfad6e 100644 --- a/inc/lang/en/lang.php +++ b/inc/lang/en/lang.php @@ -51,6 +51,7 @@ $lang['btn_revert'] = 'Restore'; $lang['btn_register'] = 'Register'; $lang['btn_apply'] = 'Apply'; $lang['btn_media'] = 'Media Manager'; +$lang['btn_deleteuser'] = 'Remove My Account'; $lang['loggedinas'] = 'Logged in as'; $lang['user'] = 'Username'; @@ -63,6 +64,7 @@ $lang['fullname'] = 'Real name'; $lang['email'] = 'E-Mail'; $lang['profile'] = 'User Profile'; $lang['badlogin'] = 'Sorry, username or password was wrong.'; +$lang['badpassconfirm'] = 'Sorry, the password was wrong'; $lang['minoredit'] = 'Minor Changes'; $lang['draftdate'] = 'Draft autosaved on'; // full dformat date will be added $lang['nosecedit'] = 'The page was changed in the meantime, section info was out of date loaded full page instead.'; @@ -81,6 +83,11 @@ $lang['profna'] = 'This wiki does not support profile modificatio $lang['profnochange'] = 'No changes, nothing to do.'; $lang['profnoempty'] = 'An empty name or email address is not allowed.'; $lang['profchanged'] = 'User profile successfully updated.'; +$lang['profnodelete'] = 'This wiki does not support deleting users'; +$lang['profdeleteuser'] = 'Delete Account'; +$lang['profdeleted'] = 'Your user account has been deleted from this wiki'; +$lang['profconfdelete'] = 'I wish to remove my account from this wiki. <br/> This action can not be undone.'; +$lang['profconfdeletemissing'] = 'Confirmation check box not ticked'; $lang['pwdforget'] = 'Forgotten your password? Get a new one'; $lang['resendna'] = 'This wiki does not support password resending.'; diff --git a/lib/plugins/config/lang/en/lang.php b/lib/plugins/config/lang/en/lang.php index 83c843b3a..9558e53dc 100644 --- a/lib/plugins/config/lang/en/lang.php +++ b/lib/plugins/config/lang/en/lang.php @@ -104,6 +104,7 @@ $lang['disableactions'] = 'Disable DokuWiki actions'; $lang['disableactions_check'] = 'Check'; $lang['disableactions_subscription'] = 'Subscribe/Unsubscribe'; $lang['disableactions_wikicode'] = 'View source/Export Raw'; +$lang['disableactions_profile_delete'] = 'Delete Own Account'; $lang['disableactions_other'] = 'Other actions (comma separated)'; $lang['auth_security_timeout'] = 'Authentication Security Timeout (seconds)'; $lang['securecookie'] = 'Should cookies set via HTTPS only be sent via HTTPS by the browser? Disable this option when only the login of your wiki is secured with SSL but browsing the wiki is done unsecured.'; diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php index 22e76a013..ffff15af5 100644 --- a/lib/plugins/config/settings/config.metadata.php +++ b/lib/plugins/config/settings/config.metadata.php @@ -126,7 +126,7 @@ $meta['manager'] = array('string'); $meta['profileconfirm'] = array('onoff'); $meta['rememberme'] = array('onoff'); $meta['disableactions'] = array('disableactions', - '_choices' => array('backlink','index','recent','revisions','search','subscription','register','resendpwd','profile','edit','wikicode','check'), + '_choices' => array('backlink','index','recent','revisions','search','subscription','register','resendpwd','profile','profile_delete','edit','wikicode','check'), '_combine' => array('subscription' => array('subscribe','unsubscribe'), 'wikicode' => array('source','export_raw'))); $meta['auth_security_timeout'] = array('numeric'); $meta['securecookie'] = array('onoff'); diff --git a/lib/tpl/dokuwiki/css/_forms.css b/lib/tpl/dokuwiki/css/_forms.css index 6744750ba..84b7db8e1 100644 --- a/lib/tpl/dokuwiki/css/_forms.css +++ b/lib/tpl/dokuwiki/css/_forms.css @@ -79,7 +79,10 @@ #dw__register fieldset { padding-bottom: 0.7em; } - +#dw__profiledelete { + display: block; + margin-top: 2.8em; +} /** * Styles for the subscription page |