diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/functions_user.php | 35 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/base.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/oauth/oauth.php | 9 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/provider_interface.php | 6 |
4 files changed, 47 insertions, 5 deletions
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 9cd662027e..815f07d2e4 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -500,6 +500,9 @@ function user_delete($mode, $user_ids, $retain_username = true) $num_users_delta = 0; + // Get auth provider collection in case accounts might need to be unlinked + $provider_collection = $phpbb_container->get('auth.provider_collection'); + // Some things need to be done in the loop (if the query changes based // on which user is currently being deleted) $added_guest_posts = 0; @@ -510,6 +513,38 @@ function user_delete($mode, $user_ids, $retain_username = true) avatar_delete('user', $user_row); } + // Unlink accounts + foreach ($provider_collection as $provider_name => $auth_provider) + { + $provider_data = $auth_provider->get_auth_link_data($user_id); + + if ($provider_data !== null) + { + $link_data = array( + 'user_id' => $user_id, + 'link_method' => 'user_delete', + ); + + // BLOCK_VARS might contain hidden fields necessary for unlinking accounts + if (isset($provider_data['BLOCK_VARS']) && is_array($provider_data['BLOCK_VARS'])) + { + foreach ($provider_data['BLOCK_VARS'] as $provider_service) + { + if (!array_key_exists('HIDDEN_FIELDS', $provider_service)) + { + $provider_service['HIDDEN_FIELDS'] = array(); + } + + $auth_provider->unlink_account(array_merge($link_data, $provider_service['HIDDEN_FIELDS'])); + } + } + else + { + $auth_provider->unlink_account($link_data); + } + } + } + // Decrement number of users if this user is active if ($user_row['user_type'] != USER_INACTIVE && $user_row['user_type'] != USER_IGNORE) { diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 4c49070eaf..dea27ccc25 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -61,7 +61,7 @@ abstract class base implements \phpbb\auth\provider\provider_interface /** * {@inheritdoc} */ - public function get_auth_link_data() + public function get_auth_link_data($user_id = 0) { return; } diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c0ce3f1fba..be0fbf5831 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -553,13 +553,13 @@ class oauth extends \phpbb\auth\provider\base /** * {@inheritdoc} */ - public function get_auth_link_data() + public function get_auth_link_data($user_id = 0) { $block_vars = array(); // Get all external accounts tied to the current user $data = array( - 'user_id' => (int) $this->user->data['user_id'], + 'user_id' => ($user_id <= 0) ? (int) $this->user->data['user_id'] : (int) $user_id, ); $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' WHERE ' . $this->db->sql_build_array('SELECT', $data); @@ -616,10 +616,13 @@ class oauth extends \phpbb\auth\provider\base return 'LOGIN_LINK_MISSING_DATA'; } + // Remove user specified in $link_data if possible + $user_id = isset($link_data['user_id']) ? $link_data['user_id'] : $this->user->data['user_id']; + // Remove the link $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_account_assoc . " WHERE provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "' - AND user_id = " . (int) $this->user->data['user_id']; + AND user_id = " . (int) $user_id; $this->db->sql_query($sql); // Clear all tokens belonging to the user on this servce diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php index 613297cefc..35e0f559a1 100644 --- a/phpBB/phpbb/auth/provider/provider_interface.php +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -166,6 +166,10 @@ interface provider_interface /** * Returns an array of data necessary to build the ucp_auth_link page * + * @param int $user_id User ID for whom the data should be retrieved. + * defaults to 0, which is not a valid ID. The method + * should fall back to the current user's ID in this + * case. * @return array|null If this function is not implemented on an auth * provider then it returns null. If it is implemented * it will return an array of up to four elements of @@ -181,7 +185,7 @@ interface provider_interface * 'VARS' => array(...), * ) */ - public function get_auth_link_data(); + public function get_auth_link_data($user_id = 0); /** * Unlinks an external account from a phpBB account. |