From 501c9a57f16c1bf86d2dd13c6f9062ad5c39dfa3 Mon Sep 17 00:00:00 2001
From: Kevin Reed <knreed@us.ibm.com>
Date: Wed, 18 Apr 2018 17:39:47 -0500
Subject: [PATCH] web: At request of David, consolidate form and action pages
 into a single php file

---
 html/user/delete_account_confirm.php        | 65 +++++++++++++++------
 html/user/delete_account_confirm_action.php | 45 --------------
 html/user/delete_account_request.php        | 49 +++++++++++-----
 html/user/delete_account_request_action.php | 36 ------------
 4 files changed, 83 insertions(+), 112 deletions(-)
 delete mode 100644 html/user/delete_account_confirm_action.php
 delete mode 100644 html/user/delete_account_request_action.php

diff --git a/html/user/delete_account_confirm.php b/html/user/delete_account_confirm.php
index 9dd31d83c4..4961092726 100644
--- a/html/user/delete_account_confirm.php
+++ b/html/user/delete_account_confirm.php
@@ -20,25 +20,56 @@ require_once("../inc/util.inc");
 require_once("../inc/account.inc");
 require_once("../inc/delete_account.inc");
 require_once("../inc/token.inc");
+require_once("../inc/boinc_db.inc");
+require_once("../inc/user_util.inc");
 
-$userid = get_int("id");
-$token = get_str("token");
+function delete_account_confirm_form() {
+    //Make sure the token is still valid
+    $userid = get_int("id");
+    $token = get_str("token");
+    check_delete_account_token($userid, $token);
+    
+    page_head(tra("Delete Account"));
+    
+    echo "<p>".tra("Thank you for verifying ownership of your account.")."</p>"
+         ."<p>".tra("You can now delete your account by entering in your password below and clicking the \"Delete Account\" button.")."</p>"
+         ."<p>".tra("As a reminder, your account <b>cannot be recovered</b> once you delete it.")."</p>"
+         ."<br/>";
+    
+    form_start(secure_url_base()."delete_account_confirm_action.php", "post");
+    form_input_hidden("token",$token);
+    form_input_hidden("id",$userid);
+    form_input_text(tra("Password"), "passwd", "", "password",'id="passwd"',passwd_visible_checkbox("passwd"));
+    form_submit(tra("Delete Account"));
+    form_end();
+    
+    page_tail();
+}
 
-check_delete_account_token($userid, $token);
+function delete_account_confirm_action() {
+    //Make sure the token is still valid
+    $userid = post_int("id");
+    $token = post_str("token");
+    check_delete_account_token($userid, $token);
+    
+    //Verify password
+    $user = BoincUser::lookup_id($userid);
+    $passwd = post_str("passwd");
+    check_passwd_ui($user, $passwd);
+    
+    //do account delete
+    
+    page_head(tra("Account Deleted"));
+    
+    echo "<p>".tra("Your account has been deleted.  If you want to contribute to ".PROJECT." in the future you will need to create a new account.")."</p>";
+    
+    page_tail();
+}
 
-page_head(tra("Delete Account"));
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    delete_account_confirm_action();
+} else {
+    delete_account_confirm_form();
+}
 
-echo "<p>".tra("Thank you for verifying ownership of your account.")."</p>"
-     ."<p>".tra("You can now delete your account by entering in your password below and clicking the \"Delete Account\" button.")."</p>"
-     ."<p>".tra("As a reminder, your account <b>cannot be recovered</b> once you delete it.")."</p>"
-     ."<br/>";
-
-form_start(secure_url_base()."delete_account_confirm_action.php", "post");
-form_input_hidden("token",$token);
-form_input_hidden("id",$userid);
-form_input_text(tra("Password"), "passwd", "", "password",'id="passwd"',passwd_visible_checkbox("passwd"));
-form_submit(tra("Delete Account"));
-form_end();
-
-page_tail();
 ?>
\ No newline at end of file
diff --git a/html/user/delete_account_confirm_action.php b/html/user/delete_account_confirm_action.php
deleted file mode 100644
index 0f523f01dc..0000000000
--- a/html/user/delete_account_confirm_action.php
+++ /dev/null
@@ -1,45 +0,0 @@
-<?php
-// This file is part of BOINC.
-// https://boinc.berkeley.edu
-// Copyright (C) 2018 University of California
-//
-// BOINC is free software; you can redistribute it and/or modify it
-// under the terms of the GNU Lesser General Public License
-// as published by the Free Software Foundation,
-// either version 3 of the License, or (at your option) any later version.
-//
-// BOINC is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-// See the GNU Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public License
-// along with BOINC.  If not, see <https://www.gnu.org/licenses/>.
-
-require_once("../inc/util.inc");
-require_once("../inc/account.inc");
-require_once("../inc/token.inc");
-require_once("../inc/boinc_db.inc");
-require_once("../inc/user_util.inc");
-require_once("../inc/delete_account.inc");
-
-//Make sure the token is still valid
-$userid = post_int("id");
-$token = post_str("token");
-
-check_delete_account_token($userid, $token);
-
-//Verify password
-$user = BoincUser::lookup_id($userid);
-$passwd = post_str("passwd");
-
-check_passwd_ui($user, $passwd);
-
-//do account delete
-
-page_head(tra("Account Deleted"));
-
-echo "<p>".tra("Your account has been deleted.  If you want to contribute to ".PROJECT." in the future you will need to create a new account.")."</p>";
-
-page_tail();
-?>
\ No newline at end of file
diff --git a/html/user/delete_account_request.php b/html/user/delete_account_request.php
index e1fbf6f2f2..276c358eb9 100644
--- a/html/user/delete_account_request.php
+++ b/html/user/delete_account_request.php
@@ -19,24 +19,45 @@
 require_once("../inc/util.inc");
 require_once("../inc/account.inc");
 require_once("../inc/delete_account.inc");
+require_once("../inc/user_util.inc");
+require_once("../inc/email.inc");
 
 $user = get_logged_in_user();
 
-page_head(tra("Delete Account"));
+function delete_account_request_form($user) {
+    page_head(tra("Delete Account"));
+    
+    echo "<p>".tra("You have the ability to delete your account.  Please note that this <b>cannot be undone</b> once it is completed.")."</p>"
+        ."<p>".tra("The process works as follows:")."</p>"
+        ."<ul>"
+        ."<li>".tra("Enter in your password below and click on the \"Send Confirmation Email\" button")."</li>"
+        ."<li>".tra("You will receive an email which contains a link.  Click on that link")."</li>"
+        ."<li>".tra("On the page displayed, you will need to re-enter your password and then click \"Delete Account\"")."</li>"
+        ."<li>".tra("Your account will then be immediately deleted")
+        ."</ul><br/>";
+    
+    form_start(secure_url_base()."delete_account_request.php", "post");
+    form_input_text(tra("Password"), "passwd", "", "password",'id="passwd"',passwd_visible_checkbox("passwd"));
+    form_submit(tra("Send Confirmation Email"));
+    form_end();
+    
+    page_tail();
+}
 
-echo "<p>".tra("You have the ability to delete your account.  Please note that this <b>cannot be undone</b> once it is completed.")."</p>"
-    ."<p>".tra("The process works as follows:")."</p>"
-    ."<ul>"
-    ."<li>".tra("Enter in your password below and click on the \"Send Confirmation Email\" button")."</li>"
-    ."<li>".tra("You will receive an email which contains a link.  Click on that link")."</li>"
-    ."<li>".tra("On the page displayed, you will need to re-enter your password and then click \"Delete Account\"")."</li>"
-    ."<li>".tra("Your account will then be immediately deleted")
-    ."</ul><br/>";
+function delete_account_request_action($user) {
+    $passwd = post_str("passwd");
+    check_passwd_ui($user, $passwd);
+    send_confirm_delete_email($user);
+    
+    page_head(tra("Confirmation Email Sent"));
+    echo "<p>".tra("The email to confirm your request to delete your account has been sent.")."</p>";
+    page_tail();
+}
 
-form_start(secure_url_base()."delete_account_request_action.php", "post");
-form_input_text(tra("Password"), "passwd", "", "password",'id="passwd"',passwd_visible_checkbox("passwd"));
-form_submit(tra("Send Confirmation Email"));
-form_end();
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    delete_account_request_action($user);
+} else {
+    delete_account_request_form($user);
+}
 
-page_tail();
 ?>
\ No newline at end of file
diff --git a/html/user/delete_account_request_action.php b/html/user/delete_account_request_action.php
deleted file mode 100644
index 155d7450c4..0000000000
--- a/html/user/delete_account_request_action.php
+++ /dev/null
@@ -1,36 +0,0 @@
-<?php
-// This file is part of BOINC.
-// https://boinc.berkeley.edu
-// Copyright (C) 2018 University of California
-//
-// BOINC is free software; you can redistribute it and/or modify it
-// under the terms of the GNU Lesser General Public License
-// as published by the Free Software Foundation,
-// either version 3 of the License, or (at your option) any later version.
-//
-// BOINC is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-// See the GNU Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public License
-// along with BOINC.  If not, see <https://www.gnu.org/licenses/>.
-
-require_once("../inc/util.inc");
-require_once("../inc/account.inc");
-require_once("../inc/user_util.inc");
-require_once("../inc/email.inc");
-require_once("../inc/delete_account.inc");
-
-//Verify password
-$user = get_logged_in_user();
-$passwd = post_str("passwd");
-
-check_passwd_ui($user, $passwd);
-
-send_confirm_delete_email($user);
-
-page_head(tra("Confirmation Email Sent"));
-echo "<p>".tra("The email to confirm your request to delete your account has been sent.")."</p>";
-page_tail();
-?>
\ No newline at end of file