We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

delete-profile.php 3.75 KB
Newer Older
1
<?php
elleo's avatar
elleo committed
2

3
/* GNU FM -- a free network service for sharing your music listening habits
elleo's avatar
elleo committed
4

5
   Copyright (C) 2009 Free Software Foundation, Inc
elleo's avatar
elleo committed
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU Affero General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU Affero General Public License for more details.

   You should have received a copy of the GNU Affero General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.

*/

22 23 24
require_once ('templating.php');
require_once ('data/User.php');
require_once ('utils/random_code_generator.php');
25
require_once($install_path . '/../turtle/temp-utils.php'); // this is extremely dodgy and shameful
elleo's avatar
elleo committed
26

27 28 29 30 31 32
if ($logged_in == false) {
	$smarty->assign('error', 'Error!');
	$smarty->assign('details', 'Not logged in! You shouldn\'t be here!');
	$smarty->display('error.tpl');
	die ();
} elseif ( isset ($_GET['code'])) {
clint's avatar
clint committed
33
	$adodb->Execute('DELETE FROM Delete_Request WHERE expires < ' . (int)(time()));
clint's avatar
clint committed
34

clint's avatar
clint committed
35
	$username = $this_user->name;
36
	$code = $_GET['code'];
clint's avatar
clint committed
37 38 39 40 41
try {
	$res = $adodb->GetRow('SELECT * FROM Delete_Request WHERE username = ' . $adodb->qstr($username) . ' AND code = ' . $adodb->qstr($code));
}
catch (exception $e) {
		exit;
42
	}
clint's avatar
clint committed
43
	if (!$res) {
44 45 46 47 48 49
		$error = 'Invalid code.';
		$smarty->assign('error', 'Error!');
		$smarty->assign('details', $error);
		$smarty->display('error.tpl');
		die ();
	} else {
50
		try {
51
		$adodb->Execute('DELETE FROM Scrobble_Sessions WHERE userid = ' . $adodb->qstr($this_user->uniqueid));
clint's avatar
clint committed
52 53 54 55 56
		$adodb->Execute('DELETE FROM Delete_Request WHERE username = ' . $adodb->qstr($username));
		$adodb->Execute('DELETE FROM Auth WHERE username = ' . $adodb->qstr($username));
		$adodb->Execute('DELETE FROM Group_Members WHERE member = ' . (int)($this_user->uniqueid));
		$adodb->Execute('DELETE FROM Radio_Sessions WHERE username = ' . $adodb->qstr($username));
		$adodb->Execute('DELETE FROM Recovery_Request WHERE username = ' . $adodb->qstr($username));
57
		$adodb->Execute('DELETE FROM Scrobbles WHERE userid = ' . username_to_uniqueid($username));
clint's avatar
clint committed
58 59 60 61
		$adodb->Execute('DELETE FROM User_Relationship_Flags WHERE uid1 = ' . (int)($this_user->uniqueid));
		$adodb->Execute('DELETE FROM User_Relationship_Flags WHERE uid2 = ' . (int)($this_user->uniqueid));
		$adodb->Execute('DELETE FROM User_Relationships WHERE uid1 = ' . (int)($this_user->uniqueid));
		$adodb->Execute('DELETE FROM User_Relationships WHERE uid2 = ' . (int)($this_user->uniqueid));
62 63 64 65 66 67 68
		$adodb->Execute('DELETE FROM Users WHERE uniqueid = ' . ($this_user->uniqueid));
		} catch (exception $e) {
			$smarty->assign('error', 'Error!');
			$smarty->assign('details', 'Something went amiss.');
			$smarty->display('error.tpl');
			die ();
		}
69
		session_destroy();
elleo's avatar
elleo committed
70
		header('Location: index.php');
71 72 73
	}
} else {
	$code = generateCode();
clint's avatar
clint committed
74 75
	$username = $this_user->name;
	$email = $this_user->email;
76
	$expire = time()+86400;
clint's avatar
clint committed
77
	$adodb->Execute('INSERT INTO Delete_Request (code, expires, username) VALUES (' . $adodb->qstr($code) . ', ' . $adodb->qstr($expire) . "," .  $adodb->qstr($username) . ')');
elleo's avatar
elleo committed
78 79
	$url = $base_url . '/delete-profile.php?code=' . $code;
	$content = "Hi!\n\nSomeone from the IP address " . $_SERVER['REMOTE_ADDR'] . " requested account deletion at libre.fm.  To remove this account click: \n\n" . $url . "\n\n- The Libre.fm Team";
80 81
	$headers = 'From: Libre.fm <account@libre.fm>';
	$subject = 'Libre.fm Account Delete Request - Action needed!';
clint's avatar
clint committed
82
	mail($email, $subject, $content, $headers);
clint's avatar
clint committed
83
	$smarty->display('delete-profile.tpl');
84 85
}
?>