<?php $user_guid = (int) get_input('user_guid'); $type = get_input('type'); $user = get_user($user_guid); if (!$user instanceof ElggUser || !$user->canEdit()) { register_error(elgg_echo('actionunauthorized')); forward(REFERER); } if ($user->isAdmin()) { register_error(elgg_echo('account_removal:actions:remove:error:user_guid:admin')); forward(REFERER); } if (!in_array($type, ['remove', 'disable'])) { register_error(elgg_echo('account_removal:actions:remove:error:type_match')); forward(REFERER); } // check if group owner $group_admins_allowed = elgg_get_plugin_setting('groupadmins_allowed', 'account_removal'); $group_options = ['type' => 'group', 'owner_guid' => $user->getGUID(), 'count' => true]; if ($group_admins_allowed !== 'yes' && elgg_get_entities($group_options)) { register_error(elgg_echo('account_removal:actions:remove:error:group_owner')); forward(REFERER); } // user requests removal, generate token and sent confirm mail account_removal_send_notification($type, $user_guid); system_message(elgg_echo('account_removal:actions:remove:success:request')); forward("settings/user/{$user->username}");
if (!empty($confirm_token) && acount_removal_validate_confirm_token($confirm_token, $type, $user_guid)) { // prepend the reason with users own request $reason = elgg_echo("account_removal:disable:default") . ". " . $reason; // send a thank you e-mail account_removal_send_thank_notification($action, $user_guid); // user has supplied a token, so we can do the action if ($action == "disable") { $user->ban($reason, false); logout(); } elseif ($action == "remove") { delete_entity($user->getGUID(), false); } system_message(elgg_echo("account_removal:actions:remove:success:" . $action)); $forward_url = ""; } elseif (!empty($confirm_token) && !acount_removal_validate_confirm_token($confirm_token, $action, $user_guid)) { // token mismatch register_error(elgg_echo("account_removal:actions:remove:error:token_mismatch")); } else { // user requests removal, generate token and sent confirm mail account_removal_send_notification($action, $user_guid); system_message(elgg_echo("account_removal:actions:remove:success:request")); $forward_url = "settings/user/" . $user->username; } } else { register_error(elgg_echo("account_removal:actions:remove:error:type_match")); } } } else { register_error(elgg_echo("account_removal:actions:remove:error:user_guid:unknown")); } forward($forward_url);