|
|
|
|
@ -259,9 +259,36 @@
|
|
|
|
|
else if($function == "delete_account")
|
|
|
|
|
{
|
|
|
|
|
//remove account and data from sync server
|
|
|
|
|
// 1. verify user auth
|
|
|
|
|
// 2. get collections + data and remove data
|
|
|
|
|
// 3. remove user account
|
|
|
|
|
// 1. verify user auth, needs $auth_pw passed to function.
|
|
|
|
|
if($auth_pw == '')
|
|
|
|
|
{
|
|
|
|
|
log_error("user.php : delete account, no auth password given");
|
|
|
|
|
report_problem(WEAVE_ERROR_MISSING_PASSWORD, 400);
|
|
|
|
|
}
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
$existingHash = $db->get_password_hash(); //passes $username internally
|
|
|
|
|
$hash = WeaveHashFactory::factory();
|
|
|
|
|
|
|
|
|
|
if ( ! $hash->verify(fix_utf8_encoding($auth_pw), $existingHash) )
|
|
|
|
|
{
|
|
|
|
|
log_error("Auth failed 2 {");
|
|
|
|
|
log_error(" User pw: ". $auth_user ."|".$auth_pw ."|md5:". md5($auth_pw) ."|fix:". fix_utf8_encoding($auth_pw) ."|fix md5 ". md5(fix_utf8_encoding($auth_pw)));
|
|
|
|
|
log_error(" Url_user: ".$url_user);
|
|
|
|
|
log_error(" Existing hash: ".$existingHash);
|
|
|
|
|
log_error("}");
|
|
|
|
|
report_problem('Authentication failed', '401');
|
|
|
|
|
} else {
|
|
|
|
|
// 2. get collections + data and remove data
|
|
|
|
|
// 3. remove user account
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
catch(Exception $e)
|
|
|
|
|
{
|
|
|
|
|
header("X-Weave-Backoff: 1800");
|
|
|
|
|
log_error($e->getMessage(), $e->getCode());
|
|
|
|
|
report_problem($e->getMessage(), $e->getCode());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
|
wolfbeast
10 years ago