FS#2751 - self deletion of user account
This commit is contained in:
parent
07ff0babae
commit
2a7abf2d7f
|
@ -92,14 +92,26 @@ function act_dispatch(){
|
|||
$ACT = 'login';
|
||||
}
|
||||
|
||||
//update user profile
|
||||
if ($ACT == 'profile') {
|
||||
// user profile changes
|
||||
if (in_array($ACT, array('profile','profile_delete'))) {
|
||||
if(!$_SERVER['REMOTE_USER']) {
|
||||
$ACT = 'login';
|
||||
} else {
|
||||
if(updateprofile()) {
|
||||
msg($lang['profchanged'],1);
|
||||
$ACT = 'show';
|
||||
switch ($ACT) {
|
||||
case 'profile' :
|
||||
if(updateprofile()) {
|
||||
msg($lang['profchanged'],1);
|
||||
$ACT = 'show';
|
||||
}
|
||||
break;
|
||||
case 'profile_delete' :
|
||||
if(auth_deleteprofile()){
|
||||
msg($lang['profdeleted'],1);
|
||||
$ACT = 'show';
|
||||
} else {
|
||||
$ACT = 'profile';
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -247,7 +259,7 @@ function act_validate($act) {
|
|||
//disable all acl related commands if ACL is disabled
|
||||
if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
|
||||
'subscribe','unsubscribe','profile','revert',
|
||||
'resendpwd'))){
|
||||
'resendpwd','profile_delete'))){
|
||||
msg('Command unavailable: '.htmlspecialchars($act),-1);
|
||||
return 'show';
|
||||
}
|
||||
|
@ -258,7 +270,7 @@ function act_validate($act) {
|
|||
if(!in_array($act,array('login','logout','register','save','cancel','edit','draft',
|
||||
'preview','search','show','check','index','revisions',
|
||||
'diff','recent','backlink','admin','subscribe','revert',
|
||||
'unsubscribe','profile','resendpwd','recover',
|
||||
'unsubscribe','profile','profile_delete','resendpwd','recover',
|
||||
'draftdel','sitemap','media')) && substr($act,0,7) != 'export_' ) {
|
||||
msg('Command unknown: '.htmlspecialchars($act),-1);
|
||||
return 'show';
|
||||
|
@ -287,7 +299,7 @@ function act_permcheck($act){
|
|||
}else{
|
||||
$permneed = AUTH_CREATE;
|
||||
}
|
||||
}elseif(in_array($act,array('login','search','recent','profile','index', 'sitemap'))){
|
||||
}elseif(in_array($act,array('login','search','recent','profile','profile_delete','index', 'sitemap'))){
|
||||
$permneed = AUTH_NONE;
|
||||
}elseif($act == 'revert'){
|
||||
$permneed = AUTH_ADMIN;
|
||||
|
|
39
inc/auth.php
39
inc/auth.php
|
@ -901,6 +901,45 @@ function updateprofile() {
|
|||
return false;
|
||||
}
|
||||
|
||||
function auth_deleteprofile(){
|
||||
global $conf;
|
||||
global $lang;
|
||||
/* @var auth_basic $auth */
|
||||
global $auth;
|
||||
/* @var Input $INPUT */
|
||||
global $INPUT;
|
||||
|
||||
if(!$INPUT->post->bool('delete')) return false;
|
||||
if(!checkSecurityToken()) return false;
|
||||
|
||||
// action prevented or auth module disallows
|
||||
if(!actionOK('profile_delete') || !$auth->canDo('delUser')) {
|
||||
msg($lang['profnodelete'], -1);
|
||||
return false;
|
||||
}
|
||||
|
||||
if(!$INPUT->post->bool('confirm_delete')){
|
||||
msg($lang['profconfdeletemissing'], -1);
|
||||
return false;
|
||||
}
|
||||
|
||||
if($conf['profileconfirm']) {
|
||||
if(!$auth->checkPass($_SERVER['REMOTE_USER'], $INPUT->post->str('oldpass'))) {
|
||||
msg($lang['badpassconfirm'], -1);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
$deleted[] = $_SERVER['REMOTE_USER'];
|
||||
if($result = $auth->triggerUserMod('delete', array($deleted))) {
|
||||
// force and immediate logout including removing the sticky cookie
|
||||
auth_logoff();
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Send a new password
|
||||
*
|
||||
|
|
|
@ -261,6 +261,9 @@ function actionOK($action){
|
|||
if (is_null($auth) || !$auth->canDo('Profile')) {
|
||||
$disabled[] = 'profile';
|
||||
}
|
||||
if (is_null($auth) || !$auth->canDo('delUser')) {
|
||||
$disabled[] = 'profile_delete';
|
||||
}
|
||||
if (is_null($auth)) {
|
||||
$disabled[] = 'login';
|
||||
}
|
||||
|
|
17
inc/html.php
17
inc/html.php
|
@ -1381,6 +1381,23 @@ function html_updateprofile(){
|
|||
$form->addElement(form_makeButton('reset', '', $lang['btn_reset']));
|
||||
$form->endFieldset();
|
||||
html_form('updateprofile', $form);
|
||||
|
||||
if ($auth->canDo('delUser') && actionOK('profile_delete')) {
|
||||
$form_profiledelete = new Doku_Form(array('id' => 'dw__profiledelete'));
|
||||
$form_profiledelete->startFieldset($lang['profdeleteuser']);
|
||||
$form_profiledelete->addHidden('do', 'profile_delete');
|
||||
$form_profiledelete->addHidden('delete', '1');
|
||||
$form_profiledelete->addElement(form_makeCheckboxField('confirm_delete', '1', $lang['profconfdelete'],'dw__confirmdelete','', array('required' => 'required')));
|
||||
if ($conf['profileconfirm']) {
|
||||
$form_profiledelete->addElement(form_makeTag('br'));
|
||||
$form_profiledelete->addElement(form_makePasswordField('oldpass', $lang['oldpass'], '', 'block', array('size'=>'50', 'required' => 'required')));
|
||||
}
|
||||
$form_profiledelete->addElement(form_makeButton('submit', '', $lang['btn_deleteuser']));
|
||||
$form_profiledelete->endFieldset();
|
||||
|
||||
html_form('profiledelete', $form_profiledelete);
|
||||
}
|
||||
|
||||
print '</div>'.NL;
|
||||
}
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ $lang['btn_revert'] = 'Restore';
|
|||
$lang['btn_register'] = 'Register';
|
||||
$lang['btn_apply'] = 'Apply';
|
||||
$lang['btn_media'] = 'Media Manager';
|
||||
$lang['btn_deleteuser'] = 'Remove My Account';
|
||||
|
||||
$lang['loggedinas'] = 'Logged in as';
|
||||
$lang['user'] = 'Username';
|
||||
|
@ -63,6 +64,7 @@ $lang['fullname'] = 'Real name';
|
|||
$lang['email'] = 'E-Mail';
|
||||
$lang['profile'] = 'User Profile';
|
||||
$lang['badlogin'] = 'Sorry, username or password was wrong.';
|
||||
$lang['badpassconfirm'] = 'Sorry, the password was wrong';
|
||||
$lang['minoredit'] = 'Minor Changes';
|
||||
$lang['draftdate'] = 'Draft autosaved on'; // full dformat date will be added
|
||||
$lang['nosecedit'] = 'The page was changed in the meantime, section info was out of date loaded full page instead.';
|
||||
|
@ -81,6 +83,11 @@ $lang['profna'] = 'This wiki does not support profile modificatio
|
|||
$lang['profnochange'] = 'No changes, nothing to do.';
|
||||
$lang['profnoempty'] = 'An empty name or email address is not allowed.';
|
||||
$lang['profchanged'] = 'User profile successfully updated.';
|
||||
$lang['profnodelete'] = 'This wiki does not support deleting users';
|
||||
$lang['profdeleteuser'] = 'Delete Account';
|
||||
$lang['profdeleted'] = 'Your user account has been deleted from this wiki';
|
||||
$lang['profconfdelete'] = 'I wish to remove my account from this wiki. <br/> This action can not be undone.';
|
||||
$lang['profconfdeletemissing'] = 'Confirmation check box not ticked';
|
||||
|
||||
$lang['pwdforget'] = 'Forgotten your password? Get a new one';
|
||||
$lang['resendna'] = 'This wiki does not support password resending.';
|
||||
|
|
|
@ -104,6 +104,7 @@ $lang['disableactions'] = 'Disable DokuWiki actions';
|
|||
$lang['disableactions_check'] = 'Check';
|
||||
$lang['disableactions_subscription'] = 'Subscribe/Unsubscribe';
|
||||
$lang['disableactions_wikicode'] = 'View source/Export Raw';
|
||||
$lang['disableactions_profile_delete'] = 'Delete Own Account';
|
||||
$lang['disableactions_other'] = 'Other actions (comma separated)';
|
||||
$lang['auth_security_timeout'] = 'Authentication Security Timeout (seconds)';
|
||||
$lang['securecookie'] = 'Should cookies set via HTTPS only be sent via HTTPS by the browser? Disable this option when only the login of your wiki is secured with SSL but browsing the wiki is done unsecured.';
|
||||
|
|
|
@ -126,7 +126,7 @@ $meta['manager'] = array('string');
|
|||
$meta['profileconfirm'] = array('onoff');
|
||||
$meta['rememberme'] = array('onoff');
|
||||
$meta['disableactions'] = array('disableactions',
|
||||
'_choices' => array('backlink','index','recent','revisions','search','subscription','register','resendpwd','profile','edit','wikicode','check'),
|
||||
'_choices' => array('backlink','index','recent','revisions','search','subscription','register','resendpwd','profile','profile_delete','edit','wikicode','check'),
|
||||
'_combine' => array('subscription' => array('subscribe','unsubscribe'), 'wikicode' => array('source','export_raw')));
|
||||
$meta['auth_security_timeout'] = array('numeric');
|
||||
$meta['securecookie'] = array('onoff');
|
||||
|
|
|
@ -79,7 +79,10 @@
|
|||
#dw__register fieldset {
|
||||
padding-bottom: 0.7em;
|
||||
}
|
||||
|
||||
#dw__profiledelete {
|
||||
display: block;
|
||||
margin-top: 2.8em;
|
||||
}
|
||||
|
||||
/**
|
||||
* Styles for the subscription page
|
||||
|
|
Loading…
Reference in New Issue