From 2875f7095562b302f13e1ef7e8cfd581cfc984bf Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sat, 20 Aug 2016 23:11:34 +0200 Subject: Allow users to delete their accounts Signed-off-by: Florian Pritz --- application/controllers/user.php | 61 +++++++++++++++++++++++ application/views/user/delete_account_form.php | 27 ++++++++++ application/views/user/delete_account_success.php | 8 +++ application/views/user/profile.php | 6 +++ public_html/data/css/style.css | 5 ++ 5 files changed, 107 insertions(+) create mode 100644 application/views/user/delete_account_form.php create mode 100644 application/views/user/delete_account_success.php diff --git a/application/controllers/user.php b/application/controllers/user.php index 891ef9451..a298d1076 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -241,6 +241,67 @@ class User extends MY_Controller { $this->load->view('footer', $this->data); } + public function delete_account() + { + $this->muser->require_access(); + $this->duser->require_implemented("can_delete_account"); + + if ($_SERVER["REQUEST_METHOD"] == "GET") { + return $this->_delete_account_form(); + } elseif ($_SERVER["REQUEST_METHOD"] == "POST") { + return $this->_delete_account_process(); + } + } + + public function _delete_account_form() + { + $this->data['username'] = $this->muser->get_username(); + + $this->load->view('header', $this->data); + $this->load->view($this->var->view_dir.'delete_account_form', $this->data); + $this->load->view('footer', $this->data); + } + + public function _delete_account_process() + { + $username = $this->muser->get_username(); + $password = $this->input->post("password"); + + $useremail = $this->muser->get_email($this->muser->get_userid()); + + if ($this->muser->delete_user($username, $password)) { + $this->muser->logout(); + + $this->load->library("email"); + $this->email->from($this->config->item("email_from")); + $this->email->to($useremail); + $this->email->subject("FileBin account deleted"); + $this->email->message("" + ."Your FileBin account '${username}' at ".site_url()."\n" + ."has been permemently deleted.\n" + ."\n" + ."The request has been sent from the IP address '${_SERVER["REMOTE_ADDR"]}'\n" + ."and was confirmed with your password.\n" + ."\n" + ."Thank you for using FileBin!\n" + ); + $this->email->send(); + unset($this->data['username']); + unset($this->data['user_logged_in']); + + $this->load->view('header', $this->data); + $this->load->view($this->var->view_dir.'delete_account_success', $this->data); + $this->load->view('footer', $this->data); + return; + } else { + $this->data['alerts'][] = array( + "type" => "danger", + "message" => "Your password was incorrect", + ); + return $this->_delete_account_form(); + } + } + // This routes the different steps of a password reset function reset_password() { diff --git a/application/views/user/delete_account_form.php b/application/views/user/delete_account_form.php new file mode 100644 index 000000000..dbb28531d --- /dev/null +++ b/application/views/user/delete_account_form.php @@ -0,0 +1,27 @@ +
+
+

Account deletion

+

+ Here you can permanently delete your account on this FileBin installation.
+ WARNING: All your data will be irrevocably deleted. +

+
+
+ + +
+
+ +
+ +
+
+
+
+
+
+ +
+
+
+ diff --git a/application/views/user/delete_account_success.php b/application/views/user/delete_account_success.php new file mode 100644 index 000000000..72d7ff12b --- /dev/null +++ b/application/views/user/delete_account_success.php @@ -0,0 +1,8 @@ +
+
+

Account deletion successful

+

+ Your account has been successfully deleted. Thank you for using FileBin! +

+
+
diff --git a/application/views/user/profile.php b/application/views/user/profile.php index 6e0a7089f..1aa22ec10 100644 --- a/application/views/user/profile.php +++ b/application/views/user/profile.php @@ -38,3 +38,9 @@ + +
+ +
+

If you want to permanently delete your account, please click ">here.

+
diff --git a/public_html/data/css/style.css b/public_html/data/css/style.css index 4d29e89fd..57366d3d6 100644 --- a/public_html/data/css/style.css +++ b/public_html/data/css/style.css @@ -37,6 +37,11 @@ margin:0 9px; border-left:1px solid #e1e1e1; } + +.vertical-space-small { + height: 50px; +} + @media (max-width: 768px) { .dont-float { float: left; -- cgit v1.2.3-24-g4f1b