close #15 New account delete option

2015-09-13 16:53:42 +02:00
parent a1dbbe39d5
commit 5ffb03e73a
16 changed files with 474 additions and 122 deletions
--- a/app/main/controller/api/user.php
+++ b/app/main/controller/api/user.php
@@ -14,6 +14,13 @@ use Exception;

 class User extends Controller\Controller{

+    /**
+     * valid reasons for captcha images
+     * @var array
+     */
+    private static $captchaReason = ['createAccount', 'deleteAccount'];
+
+
    /**
     * login function
     * @param $f3
@@ -87,20 +94,39 @@ class User extends Controller\Controller{
     * @param $f3
     */
    public function getCaptcha($f3){
+        $data = $f3->get('POST');

-        $img = new \Image();
+        $return = (object) [];
+        $return->error = [];

-        $imgDump = $img->captcha(
-            'fonts/oxygen-bold-webfont.ttf',
-            14,
-            6,
-            'SESSION.captcha_code',
-            '',
-            '0x66C84F',
-            '0x313335'
-        )->dump();
+        // check if reason for captcha generation is valid
+        if(
+            isset($data['reason']) &&
+            in_array( $data['reason'], self::$captchaReason)
+        ){
+            $reason = $data['reason'];

-        echo $f3->base64( $imgDump,  'image/png');
+            $img = new \Image();
+
+            $imgDump = $img->captcha(
+                'fonts/oxygen-bold-webfont.ttf',
+                14,
+                6,
+                'SESSION.' . $reason,
+                '',
+                '0x66C84F',
+                '0x313335'
+            )->dump();
+
+            $return->img = $f3->base64( $imgDump,  'image/png');
+        }else{
+            $captchaError = (object) [];
+            $captchaError->type = 'error';
+            $captchaError->message = 'Could not create captcha image';
+            $return->error[] = $captchaError;
+        }
+
+        echo json_encode($return);
    }

    /**
@@ -270,10 +296,10 @@ class User extends Controller\Controller{
        $return = (object) [];
        $return->error = [];

-        $captcha = $f3->get('SESSION.captcha_code');
+        $captcha = $f3->get('SESSION.createAccount');

        // reset captcha -> forces user to enter new one
-        $f3->clear('SESSION.captcha_code');
+        $f3->clear('SESSION.createAccount');

        $newUserData = null;

@@ -598,4 +624,71 @@ class User extends Controller\Controller{

        echo json_encode($return);
    }
+
+    /**
+     * delete current user account from DB
+     * @param $f3
+     */
+    public function deleteAccount($f3){
+        $data = $f3->get('POST.formData');
+        $return = (object) [];
+
+        $captcha = $f3->get('SESSION.deleteAccount');
+
+        // reset captcha -> forces user to enter new one
+        $f3->clear('SESSION.deleteAccount');
+
+        if(
+            isset($data['captcha']) &&
+            !empty($data['captcha']) &&
+            $data['captcha'] === $captcha
+        ){
+            $user = $this->_getUser(0);
+
+            $validUser = $this->_verifyUser( $user->name, $data['password']);
+
+            if(
+                is_object($validUser) &&
+                is_object($user) &&
+                $user->id === $validUser->id
+            ){
+                // send delete account mail
+                $msg = 'Hello ' . $user->name . ',<br><br>';
+                $msg .= 'your account data has been successfully deleted.';
+
+                $mailController = new MailController();
+                $status = $mailController->sendDeleteAccount($user->email, $msg);
+
+                if($status){
+                    // save log
+                    $logText = "id: %s, name: %s, ip: %s";
+                    self::getLogger( $this->f3->get('PATHFINDER.LOGFILES.DELETE_ACCOUNT') )->write(
+                        sprintf($logText, $user->id, $user->name, $f3->get('IP'))
+                    );
+
+                    // remove user
+                    $user->erase();
+
+                    $this->logOut($f3);
+                    die();
+                }
+            }else{
+                // password does not match current user pw
+                $passwordError = (object) [];
+                $passwordError->type = 'error';
+                $passwordError->message = 'Invalid password';
+                $return->error[] = $passwordError;
+            }
+        }else{
+            // captcha not valid -> return error
+            $captchaError = (object) [];
+            $captchaError->type = 'error';
+            $captchaError->message = 'Captcha does not match';
+            $return->error[] = $captchaError;
+        }
+
+        echo json_encode($return);
+    }
+
+
 }