From 49dad00570381761c4c73090121ac17d29f1087f Mon Sep 17 00:00:00 2001
From: Michael Vogel <icarus@dabo.de>
Date: Sat, 25 Aug 2018 21:48:50 +0000
Subject: [PATCH] Issue 5260: Ensure that user data is really deleted (#5666)

* Issue 5260: Ensure that user data is really deleted

* Missing files
---
 src/Model/User.php        |  5 ++++-
 src/Worker/CronJobs.php   |  6 ++++++
 src/Worker/RemoveUser.php | 25 +++++++++++++++++++++++++
 3 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 src/Worker/RemoveUser.php

diff --git a/src/Model/User.php b/src/Model/User.php
index cfb2da997f..a43ef06f97 100644
--- a/src/Model/User.php
+++ b/src/Model/User.php
@@ -730,13 +730,16 @@ class User
 		DBA::insert('userd', ['username' => $user['nickname']]);
 
 		// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
-		DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utcNow()], ['uid' => $uid]);
+		DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc($t . " + 7 day")], ['uid' => $uid]);
 		Worker::add(PRIORITY_HIGH, "Notifier", "removeme", $uid);
 
 		// Send an update to the directory
 		$self = DBA::selectFirst('contact', ['url'], ['uid' => $uid, 'self' => true]);
 		Worker::add(PRIORITY_LOW, "Directory", $self['url']);
 
+		// Remove the user relevant data
+		Worker::add(PRIORITY_LOW, "RemoveUser", $uid);
+
 		if ($uid == local_user()) {
 			unset($_SESSION['authenticated']);
 			unset($_SESSION['uid']);
diff --git a/src/Worker/CronJobs.php b/src/Worker/CronJobs.php
index 950dd71af6..098bce4d96 100644
--- a/src/Worker/CronJobs.php
+++ b/src/Worker/CronJobs.php
@@ -120,6 +120,12 @@ class CronJobs
 		// delete user records for recently removed accounts
 		$users = DBA::select('user', ['uid'], ["`account_removed` AND `account_expires_on` < UTC_TIMESTAMP() - INTERVAL 3 DAY"]);
 		while ($user = DBA::fetch($users)) {
+			// Delete the contacts of this user
+			$self = DBA::selectFirst('contact', ['nurl'], ['self' => true, 'uid' => $user['uid']]);
+			if (DBA::isResult($self)) {
+				DBA::delete('contact', ['nurl' => $self['nurl'], 'self' => false]);
+			}
+
 			DBA::delete('user', ['uid' => $user['uid']]);
 		}
 	}
diff --git a/src/Worker/RemoveUser.php b/src/Worker/RemoveUser.php
new file mode 100644
index 0000000000..dfa5ccc097
--- /dev/null
+++ b/src/Worker/RemoveUser.php
@@ -0,0 +1,25 @@
+<?php
+/**
+ * @file src/Worker/RemoveUser.php
+ * @brief Removes orphaned data from deleted users
+ */
+namespace Friendica\Worker;
+
+use Friendica\Database\DBA;
+use Friendica\Model\Item;
+
+require_once 'include/dba.php';
+
+class RemoveUser {
+	public static function execute($uid)
+	{
+		// Only delete if the user is archived
+		$condition = ['account_removed' => true, 'uid' => $uid];
+		if (!DBA::exists('user', $condition)) {
+			return;
+		}
+
+		// Now we delete all user items
+		Item::delete(['uid' => $uid], PRIORITY_LOW);
+	}
+}