summaryrefslogtreecommitdiffstats
path: root/application/controllers
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2016-08-20 23:11:34 +0200
committerFlorian Pritz <bluewind@xinu.at>2016-08-21 15:40:56 +0200
commit2875f7095562b302f13e1ef7e8cfd581cfc984bf (patch)
tree94f15793153b0a55319479cf91e993525da1a010 /application/controllers
parent1ce6e4b4f78b633296db099acf8b18577906a6a4 (diff)
Allow users to delete their accounts
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/controllers')
-rw-r--r--application/controllers/user.php61
1 files changed, 61 insertions, 0 deletions
diff --git a/application/controllers/user.php b/application/controllers/user.php
index 891ef9451..a298d1076 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -241,6 +241,67 @@ class User extends MY_Controller {
$this->load->view('footer', $this->data);
}
+ public function delete_account()
+ {
+ $this->muser->require_access();
+ $this->duser->require_implemented("can_delete_account");
+
+ if ($_SERVER["REQUEST_METHOD"] == "GET") {
+ return $this->_delete_account_form();
+ } elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
+ return $this->_delete_account_process();
+ }
+ }
+
+ public function _delete_account_form()
+ {
+ $this->data['username'] = $this->muser->get_username();
+
+ $this->load->view('header', $this->data);
+ $this->load->view($this->var->view_dir.'delete_account_form', $this->data);
+ $this->load->view('footer', $this->data);
+ }
+
+ public function _delete_account_process()
+ {
+ $username = $this->muser->get_username();
+ $password = $this->input->post("password");
+
+ $useremail = $this->muser->get_email($this->muser->get_userid());
+
+ if ($this->muser->delete_user($username, $password)) {
+ $this->muser->logout();
+
+ $this->load->library("email");
+ $this->email->from($this->config->item("email_from"));
+ $this->email->to($useremail);
+ $this->email->subject("FileBin account deleted");
+ $this->email->message(""
+ ."Your FileBin account '${username}' at ".site_url()."\n"
+ ."has been permemently deleted.\n"
+ ."\n"
+ ."The request has been sent from the IP address '${_SERVER["REMOTE_ADDR"]}'\n"
+ ."and was confirmed with your password.\n"
+ ."\n"
+ ."Thank you for using FileBin!\n"
+ );
+ $this->email->send();
+ unset($this->data['username']);
+ unset($this->data['user_logged_in']);
+
+ $this->load->view('header', $this->data);
+ $this->load->view($this->var->view_dir.'delete_account_success', $this->data);
+ $this->load->view('footer', $this->data);
+ return;
+ } else {
+ $this->data['alerts'][] = array(
+ "type" => "danger",
+ "message" => "Your password was incorrect",
+ );
+ return $this->_delete_account_form();
+ }
+ }
+
// This routes the different steps of a password reset
function reset_password()
{