drupal/core/modules/user/user.pages.inc

<?php

/**
 * @file
 * User page callback file for the user module.
 */

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Drupal\Component\Utility\Crypt;

/**
 * Menu callback; process one time login link and redirects to the user page on success.
 */
function user_pass_reset($form, &$form_state, $uid, $timestamp, $hashed_pass, $action = NULL) {
  global $user;

  // When processing the one-time login link, we have to make sure that a user
  // isn't already logged in.
  if ($user->isAuthenticated()) {
    // The existing user is already logged in.
    if ($user->id() == $uid) {
      drupal_set_message(t('You are logged in as %user. <a href="!user_edit">Change your password.</a>', array('%user' => $user->getUsername(), '!user_edit' => url("user/" . $user->id() . "/edit"))));
    }
    // A different user is already logged in on the computer.
    else {
      $reset_link_account = user_load($uid);
      if (!empty($reset_link_account)) {
        drupal_set_message(t('Another user (%other_user) is already logged into the site on this computer, but you tried to use a one-time link for user %resetting_user. Please <a href="!logout">logout</a> and try using the link again.',
          array('%other_user' => $user->getUsername(), '%resetting_user' => $reset_link_account->getUsername(), '!logout' => url('user/logout'))));
      } else {
        // Invalid one-time link specifies an unknown user.
        drupal_set_message(t('The one-time login link you clicked is invalid.'));
      }
    }
    return new RedirectResponse(url('<front>', array('absolute' => TRUE)));
  }
  else {
    // Time out, in seconds, until login URL expires.
    $timeout = \Drupal::config('user.settings')->get('password_reset_timeout');
    $current = REQUEST_TIME;
    $account = user_load($uid);
    // Verify that the user exists and is active.
    if ($timestamp <= $current && $account && $account->isActive()) {
      // No time out for first time login.
      if ($account->getLastLoginTime() && $current - $timestamp > $timeout) {
        drupal_set_message(t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'));
        return new RedirectResponse(url('user/password', array('absolute' => TRUE)));
      }
      elseif ($account->isAuthenticated() && $timestamp >= $account->getLastLoginTime() && $timestamp <= $current && $hashed_pass == user_pass_rehash($account->getPassword(), $timestamp, $account->getLastLoginTime())) {
        // First stage is a confirmation form, then login
        if ($action == 'login') {
          // Set the new user.
          // user_login_finalize() also updates the login timestamp of the
          // user, which invalidates further use of the one-time login link.
          user_login_finalize($account);
          watchdog('user', 'User %name used one-time login link at time %timestamp.', array('%name' => $account->getUsername(), '%timestamp' => $timestamp));
          drupal_set_message(t('You have just used your one-time login link. It is no longer necessary to use this link to log in. Please change your password.'));
          // Let the user's password be changed without the current password check.
          $token = Crypt::randomStringHashed(55);
          $_SESSION['pass_reset_' . $user->id()] = $token;
          return new RedirectResponse(url('user/' . $user->id() . '/edit', array(
            'query' => array('pass-reset-token' => $token),
            'absolute' => TRUE,
          )));
        }
        else {
          if (!$account->getLastLoginTime()) {
            // No expiration for first time login.
            $form['message'] = array('#markup' => t('<p>This is a one-time login for %user_name.</p><p>Click on this button to log in to the site and change your password.</p>', array('%user_name' => $account->getUsername())));
          }
          else {
            $form['message'] = array('#markup' => t('<p>This is a one-time login for %user_name and will expire on %expiration_date.</p><p>Click on this button to log in to the site and change your password.</p>', array('%user_name' => $account->getUsername(), '%expiration_date' => format_date($timestamp + $timeout))));
          }
          $form['help'] = array('#markup' => '<p>' . t('This login can be used only once.') . '</p>');
          $form['actions'] = array('#type' => 'actions');
          $form['actions']['submit'] = array('#type' => 'submit', '#value' => t('Log in'));
          $form['#action'] = url("user/reset/$uid/$timestamp/$hashed_pass/login");
          return $form;
        }
      }
      else {
        drupal_set_message(t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.'));
        return new RedirectResponse(url('user/password', array('absolute' => TRUE)));
      }
    }
    else {
      // Deny access, no more clues.
      // Everything will be in the watchdog's URL for the administrator to check.
      throw new AccessDeniedHttpException();
    }
  }
}

/**
 * Prepares variables for user templates.
 *
 * Default template: user.html.twig.
 *
 * @param array $variables
 *   An associative array containing:
 *   - account: The user account.
 */
function template_preprocess_user(&$variables) {
  $account = $variables['elements']['#user'];

  // Helpful $content variable for templates.
  foreach (element_children($variables['elements']) as $key) {
    $variables['content'][$key] = $variables['elements'][$key];
  }

  // Preprocess fields.
  field_attach_preprocess($account, $variables['elements'], $variables);

  // Set up attributes.
  $variables['attributes']['class'][] = 'profile';
}

/**
 * Menu callback; Cancel a user account via e-mail confirmation link.
 *
 * @see user_cancel_confirm_form()
 * @see user_cancel_url()
 *
 * @deprecated Use \Drupal\user\Controller\UserController::confirmCancel()
 */
function user_cancel_confirm($account, $timestamp = 0, $hashed_pass = '') {
  // Time out in seconds until cancel URL expires; 24 hours = 86400 seconds.
  $timeout = 86400;
  $current = REQUEST_TIME;

  // Basic validation of arguments.
  $account_data = \Drupal::service('user.data')->get('user', $account->id());
  if (isset($account_data['cancel_method']) && !empty($timestamp) && !empty($hashed_pass)) {
    // Validate expiration and hashed password/login.
    if ($timestamp <= $current && $current - $timestamp < $timeout && $account->id() && $timestamp >= $account->getLastLoginTime() && $hashed_pass == user_pass_rehash($account->getPassword(), $timestamp, $account->getLastLoginTime())) {
      $edit = array(
        'user_cancel_notify' => isset($account_data['cancel_notify']) ? $account_data['cancel_notify'] : \Drupal::config('user.settings')->get('notify.status_canceled'),
      );
      user_cancel($edit, $account->id(), $account_data['cancel_method']);
      // Since user_cancel() is not invoked via Form API, batch processing needs
      // to be invoked manually and should redirect to the front page after
      // completion.
      return batch_process('');
    }
    else {
      drupal_set_message(t('You have tried to use an account cancellation link that has expired. Please request a new one using the form below.'));
      return new RedirectResponse(url("user/" . $account->id() . "/cancel", array('absolute' => TRUE)));
    }
  }
  throw new AccessDeniedHttpException();
}
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`<?php`

			`/**`
			`* @file`
			`* User page callback file for the user module.`
			`*/`

- Patch #1591618 by Niklas Fiekas, aspilicious: remove menu_execute_active_handler(). 2012-07-09 20:20:56 +00:00			`use Symfony\Component\HttpFoundation\Request;`
Switch to RedirectResponse for the /user page. 2012-09-20 03:34:47 +00:00			`use Symfony\Component\HttpFoundation\RedirectResponse;`
- Patch #1591604 by underq, chrisdolby, Albert Volkman, pfrenssen: replace drupal_access_denied() with throw AccessDeniedHttpException. 2012-06-04 12:06:09 +00:00			`use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;`
- Patch #1591618 by Niklas Fiekas, aspilicious: remove menu_execute_active_handler(). 2012-07-09 20:20:56 +00:00			`use Symfony\Component\HttpKernel\HttpKernelInterface;`
Issue #1929288 by ParisLiakos, Dave Reid: Move cryptographic functions to Crypt component. 2013-05-02 04:46:53 +00:00			`use Drupal\Component\Utility\Crypt;`
- Patch #1591604 by underq, chrisdolby, Albert Volkman, pfrenssen: replace drupal_access_denied() with throw AccessDeniedHttpException. 2012-06-04 12:06:09 +00:00
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`/**`
			`* Menu callback; process one time login link and redirects to the user page on success.`
			`*/`
#571086 by sun and merlinofchaos: Added a 'wrapper callback' that executes before a form builder function, to facilitate common form elements. Clean-up from form_builder changes from CTools patch. Has nice side-benefit of making all form functions' signatures consistent. 2009-09-18 00:12:48 +00:00			`function user_pass_reset($form, &$form_state, $uid, $timestamp, $hashed_pass, $action = NULL) {`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`global $user;`

#545230 by rfay: Fixed one-time login link error messages. 2009-08-23 04:50:25 +00:00			`// When processing the one-time login link, we have to make sure that a user`
			`// isn't already logged in.`
Issue #2039199 by Berdir: Convert ->uid to ->id(), isAnonymous() and isAuthenticated(). 2013-07-11 17:29:02 +00:00			`if ($user->isAuthenticated()) {`
#545230 by rfay: Fixed one-time login link error messages. 2009-08-23 04:50:25 +00:00			`// The existing user is already logged in.`
Issue #2039199 by Berdir: Convert ->uid to ->id(), isAnonymous() and isAuthenticated(). 2013-07-11 17:29:02 +00:00			`if ($user->id() == $uid) {`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`drupal_set_message(t('You are logged in as %user. <a href="!user_edit">Change your password.</a>', array('%user' => $user->getUsername(), '!user_edit' => url("user/" . $user->id() . "/edit"))));`
#545230 by rfay: Fixed one-time login link error messages. 2009-08-23 04:50:25 +00:00			`}`
			`// A different user is already logged in on the computer.`
			`else {`
			`$reset_link_account = user_load($uid);`
			`if (!empty($reset_link_account)) {`
			`drupal_set_message(t('Another user (%other_user) is already logged into the site on this computer, but you tried to use a one-time link for user %resetting_user. Please <a href="!logout">logout</a> and try using the link again.',`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`array('%other_user' => $user->getUsername(), '%resetting_user' => $reset_link_account->getUsername(), '!logout' => url('user/logout'))));`
#545230 by rfay: Fixed one-time login link error messages. 2009-08-23 04:50:25 +00:00			`} else {`
			`// Invalid one-time link specifies an unknown user.`
			`drupal_set_message(t('The one-time login link you clicked is invalid.'));`
			`}`
			`}`
Issue #1668866 by ParisLiakos, aspilicious, tim.plunkett, pdrake, g.oechsler, dawehner, Berdir, corvus_ch, damiankloip, disasm, marcingy, neclimdul: Replace drupal_goto() with RedirectResponse. 2013-06-19 16:07:30 +00:00			`return new RedirectResponse(url('<front>', array('absolute' => TRUE)));`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`}`
			`else {`
Issue #1814558 by LinL: Convert user_password_reset_timeout() variable to use config system. 2012-11-02 17:35:51 +00:00			`// Time out, in seconds, until login URL expires.`
Issue #2053489 by chx, tim.plunkett: Standardize on \Drupal throughout core. 2013-09-16 03:58:06 +00:00			`$timeout = \Drupal::config('user.settings')->get('password_reset_timeout');`
- Patch #305645 by pwolanin: ['REQUEST_TIME'] -> REQUEST_TIME. Improved developer experience. 2008-09-17 07:11:59 +00:00			`$current = REQUEST_TIME;`
Issue #1184272 by Berdir, corvus_ch, sun: Remove deprecated $conditions support from entity controller. 2012-08-21 15:38:04 +00:00			`$account = user_load($uid);`
			`// Verify that the user exists and is active.`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`if ($timestamp <= $current && $account && $account->isActive()) {`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`// No time out for first time login.`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`if ($account->getLastLoginTime() && $current - $timestamp > $timeout) {`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`drupal_set_message(t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'));`
Issue #1668866 by ParisLiakos, aspilicious, tim.plunkett, pdrake, g.oechsler, dawehner, Berdir, corvus_ch, damiankloip, disasm, marcingy, neclimdul: Replace drupal_goto() with RedirectResponse. 2013-06-19 16:07:30 +00:00			`return new RedirectResponse(url('user/password', array('absolute' => TRUE)));`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`}`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`elseif ($account->isAuthenticated() && $timestamp >= $account->getLastLoginTime() && $timestamp <= $current && $hashed_pass == user_pass_rehash($account->getPassword(), $timestamp, $account->getLastLoginTime())) {`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`// First stage is a confirmation form, then login`
			`if ($action == 'login') {`
#152497 by JohnAlbin, bdragon, moshe weitzman, chx and myself: several user login tasks, such as session id regeneration were not performed in all cases, so centralize this 2007-12-13 12:53:47 +00:00			`// Set the new user.`
- Patch #497612 by Moshe Weitzman et al: harden user login by correctly using the form API. Complete commit now. Thank you, thank you. 2009-06-30 11:32:08 +00:00			`// user_login_finalize() also updates the login timestamp of the`
#152497 by JohnAlbin, bdragon, moshe weitzman, chx and myself: several user login tasks, such as session id regeneration were not performed in all cases, so centralize this 2007-12-13 12:53:47 +00:00			`// user, which invalidates further use of the one-time login link.`
Issue #1987896 by tim.plunkett, kgoel, vijaycs85: Convert user_page() to a new style controller. 2013-06-27 08:23:39 +00:00			`user_login_finalize($account);`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`watchdog('user', 'User %name used one-time login link at time %timestamp.', array('%name' => $account->getUsername(), '%timestamp' => $timestamp));`
#546356 by jhodgdon and threexk: Change 'login' verb to 'log in' in user interface. 2010-01-11 16:25:16 +00:00			`drupal_set_message(t('You have just used your one-time login link. It is no longer necessary to use this link to log in. Please change your password.'));`
#86299 by pwolanin, neochief, fwalch, thePanz, et al: Security hardening: Add 'current password' field to 'change password form'. 2010-02-11 03:19:21 +00:00			`// Let the user's password be changed without the current password check.`
Issue #1929288 by ParisLiakos, Dave Reid: Move cryptographic functions to Crypt component. 2013-05-02 04:46:53 +00:00			`$token = Crypt::randomStringHashed(55);`
Issue #2039199 by Berdir: Convert ->uid to ->id(), isAnonymous() and isAuthenticated(). 2013-07-11 17:29:02 +00:00			`$_SESSION['pass_reset_' . $user->id()] = $token;`
			`return new RedirectResponse(url('user/' . $user->id() . '/edit', array(`
Issue #1668866 by ParisLiakos, aspilicious, tim.plunkett, pdrake, g.oechsler, dawehner, Berdir, corvus_ch, damiankloip, disasm, marcingy, neclimdul: Replace drupal_goto() with RedirectResponse. 2013-06-19 16:07:30 +00:00			`'query' => array('pass-reset-token' => $token),`
			`'absolute' => TRUE,`
			`)));`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`}`
			`else {`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`if (!$account->getLastLoginTime()) {`
Issue #1914628 by Nephele: Fixed New user one-time-login link incorrectly states that email link will expire. 2013-03-17 05:42:17 +00:00			`// No expiration for first time login.`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`$form['message'] = array('#markup' => t('<p>This is a one-time login for %user_name.</p><p>Click on this button to log in to the site and change your password.</p>', array('%user_name' => $account->getUsername())));`
Issue #1914628 by Nephele: Fixed New user one-time-login link incorrectly states that email link will expire. 2013-03-17 05:42:17 +00:00			`}`
			`else {`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`$form['message'] = array('#markup' => t('<p>This is a one-time login for %user_name and will expire on %expiration_date.</p><p>Click on this button to log in to the site and change your password.</p>', array('%user_name' => $account->getUsername(), '%expiration_date' => format_date($timestamp + $timeout))));`
Issue #1914628 by Nephele: Fixed New user one-time-login link incorrectly states that email link will expire. 2013-03-17 05:42:17 +00:00			`}`
- Patch #252013 by Eaton, pwolanin, Susurrus et al: drupal_render() now printes #markup, not #value. 2008-07-16 21:59:29 +00:00			`$form['help'] = array('#markup' => '<p>' . t('This login can be used only once.') . '</p>');`
- Patch #482816 by sun, Rob Loach: make a consistent wrapper around submit buttons. 2010-04-24 14:49:14 +00:00			`$form['actions'] = array('#type' => 'actions');`
			`$form['actions']['submit'] = array('#type' => 'submit', '#value' => t('Log in'));`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`$form['#action'] = url("user/reset/$uid/$timestamp/$hashed_pass/login");`
			`return $form;`
			`}`
			`}`
			`else {`
#546356 by jhodgdon and threexk: Change 'login' verb to 'log in' in user interface. 2010-01-11 16:25:16 +00:00			`drupal_set_message(t('You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.'));`
Issue #1668866 by ParisLiakos, aspilicious, tim.plunkett, pdrake, g.oechsler, dawehner, Berdir, corvus_ch, damiankloip, disasm, marcingy, neclimdul: Replace drupal_goto() with RedirectResponse. 2013-06-19 16:07:30 +00:00			`return new RedirectResponse(url('user/password', array('absolute' => TRUE)));`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`}`
			`}`
			`else {`
			`// Deny access, no more clues.`
			`// Everything will be in the watchdog's URL for the administrator to check.`
- Patch #1591604 by underq, chrisdolby, Albert Volkman, pfrenssen: replace drupal_access_denied() with throw AccessDeniedHttpException. 2012-06-04 12:06:09 +00:00			`throw new AccessDeniedHttpException();`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`}`
			`}`
			`}`

			`/**`
Issue #1898468 by Cottser, joelpittet, rteijeiro, c4rl, steveoliver, scor, jenlampton, idflood, shanethehat, thedavidmeister: [READY] user.module - Convert PHPTemplate templates to Twig. 2013-05-24 16:55:47 +00:00			`* Prepares variables for user templates.`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`*`
Issue #1898468 by Cottser, joelpittet, rteijeiro, c4rl, steveoliver, scor, jenlampton, idflood, shanethehat, thedavidmeister: [READY] user.module - Convert PHPTemplate templates to Twig. 2013-05-24 16:55:47 +00:00			`* Default template: user.html.twig.`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`*`
Issue #1898468 by Cottser, joelpittet, rteijeiro, c4rl, steveoliver, scor, jenlampton, idflood, shanethehat, thedavidmeister: [READY] user.module - Convert PHPTemplate templates to Twig. 2013-05-24 16:55:47 +00:00			`* @param array $variables`
			`* An associative array containing:`
			`* - account: The user account.`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`*/`
Issue #1857324 by Berdir, tim.plunkett: Use default theme name and entity key in $build for user entity. 2012-12-13 12:11:18 +00:00			`function template_preprocess_user(&$variables) {`
			`$account = $variables['elements']['#user'];`
#560608 by pounard, plach, and yched: Fixed missing calls to field_attach_preprocess(). 2010-01-10 00:41:28 +00:00
Issue #1857324 by Berdir, tim.plunkett: Use default theme name and entity key in $build for user entity. 2012-12-13 12:11:18 +00:00			`// Helpful $content variable for templates.`
#564632 by moshe weitzman: Unify various _build() functions and remove duplicate copy of content. 2009-09-10 12:33:46 +00:00			`foreach (element_children($variables['elements']) as $key) {`
Issue #1857324 by Berdir, tim.plunkett: Use default theme name and entity key in $build for user entity. 2012-12-13 12:11:18 +00:00			`$variables['content'][$key] = $variables['elements'][$key];`
#564632 by moshe weitzman: Unify various _build() functions and remove duplicate copy of content. 2009-09-10 12:33:46 +00:00			`}`
#560608 by pounard, plach, and yched: Fixed missing calls to field_attach_preprocess(). 2010-01-10 00:41:28 +00:00
			`// Preprocess fields.`
Issue #1874300 by Berdir, swentel: Remove $entity_type argument from field.module functions that receive a single $entity. 2013-01-07 11:22:28 +00:00			`field_attach_preprocess($account, $variables['elements'], $variables);`
Issue #1898468 by Cottser, joelpittet, rteijeiro, c4rl, steveoliver, scor, jenlampton, idflood, shanethehat, thedavidmeister: [READY] user.module - Convert PHPTemplate templates to Twig. 2013-05-24 16:55:47 +00:00
			`// Set up attributes.`
			`$variables['attributes']['class'][] = 'profile';`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`}`

#8 by sun and most of #drupal: Users can now cancel their accounts. Fixing the 8th issue, almost 8 years later, on January 8th, after working 8 days full-time on it. GREAT WORK :D 2009-01-08 08:42:13 +00:00			`/**`
			`* Menu callback; Cancel a user account via e-mail confirmation link.`
			`*`
			`* @see user_cancel_confirm_form()`
			`* @see user_cancel_url()`
Issue #2089635 by tim.plunkett, disasm, larowlan: Convert non-test non-form page callbacks to routes and controllers. 2013-09-18 18:30:30 +00:00			`*`
			`* @deprecated Use \Drupal\user\Controller\UserController::confirmCancel()`
#8 by sun and most of #drupal: Users can now cancel their accounts. Fixing the 8th issue, almost 8 years later, on January 8th, after working 8 days full-time on it. GREAT WORK :D 2009-01-08 08:42:13 +00:00			`*/`
			`function user_cancel_confirm($account, $timestamp = 0, $hashed_pass = '') {`
			`// Time out in seconds until cancel URL expires; 24 hours = 86400 seconds.`
			`$timeout = 86400;`
			`$current = REQUEST_TIME;`

			`// Basic validation of arguments.`
Issue #2053489 by chx, tim.plunkett: Standardize on \Drupal throughout core. 2013-09-16 03:58:06 +00:00			`$account_data = \Drupal::service('user.data')->get('user', $account->id());`
Issue #347988 by sun, Berdir, dawehner, Damien Tournoud, moshe weitzman: Move $user->data into own table. 2012-11-27 22:26:22 +00:00			`if (isset($account_data['cancel_method']) && !empty($timestamp) && !empty($hashed_pass)) {`
#8 by sun and most of #drupal: Users can now cancel their accounts. Fixing the 8th issue, almost 8 years later, on January 8th, after working 8 days full-time on it. GREAT WORK :D 2009-01-08 08:42:13 +00:00			`// Validate expiration and hashed password/login.`
Issue #2045275 by Berdir: Convert user properties to methods. 2013-07-24 19:40:03 +00:00			`if ($timestamp <= $current && $current - $timestamp < $timeout && $account->id() && $timestamp >= $account->getLastLoginTime() && $hashed_pass == user_pass_rehash($account->getPassword(), $timestamp, $account->getLastLoginTime())) {`
#8 by sun and most of #drupal: Users can now cancel their accounts. Fixing the 8th issue, almost 8 years later, on January 8th, after working 8 days full-time on it. GREAT WORK :D 2009-01-08 08:42:13 +00:00			`$edit = array(`
Issue #2053489 by chx, tim.plunkett: Standardize on \Drupal throughout core. 2013-09-16 03:58:06 +00:00			`'user_cancel_notify' => isset($account_data['cancel_notify']) ? $account_data['cancel_notify'] : \Drupal::config('user.settings')->get('notify.status_canceled'),`
#8 by sun and most of #drupal: Users can now cancel their accounts. Fixing the 8th issue, almost 8 years later, on January 8th, after working 8 days full-time on it. GREAT WORK :D 2009-01-08 08:42:13 +00:00			`);`
Issue #347988 by sun, Berdir, dawehner, Damien Tournoud, moshe weitzman: Move $user->data into own table. 2012-11-27 22:26:22 +00:00			`user_cancel($edit, $account->id(), $account_data['cancel_method']);`
#8 by sun and most of #drupal: Users can now cancel their accounts. Fixing the 8th issue, almost 8 years later, on January 8th, after working 8 days full-time on it. GREAT WORK :D 2009-01-08 08:42:13 +00:00			`// Since user_cancel() is not invoked via Form API, batch processing needs`
			`// to be invoked manually and should redirect to the front page after`
			`// completion.`
Issue #1668866 by ParisLiakos, aspilicious, tim.plunkett, pdrake, g.oechsler, dawehner, Berdir, corvus_ch, damiankloip, disasm, marcingy, neclimdul: Replace drupal_goto() with RedirectResponse. 2013-06-19 16:07:30 +00:00			`return batch_process('');`
#8 by sun and most of #drupal: Users can now cancel their accounts. Fixing the 8th issue, almost 8 years later, on January 8th, after working 8 days full-time on it. GREAT WORK :D 2009-01-08 08:42:13 +00:00			`}`
			`else {`
			`drupal_set_message(t('You have tried to use an account cancellation link that has expired. Please request a new one using the form below.'));`
Issue #2039199 by Berdir: Convert ->uid to ->id(), isAnonymous() and isAuthenticated(). 2013-07-11 17:29:02 +00:00			`return new RedirectResponse(url("user/" . $account->id() . "/cancel", array('absolute' => TRUE)));`
#8 by sun and most of #drupal: Users can now cancel their accounts. Fixing the 8th issue, almost 8 years later, on January 8th, after working 8 days full-time on it. GREAT WORK :D 2009-01-08 08:42:13 +00:00			`}`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`}`
- Patch #1591604 by underq, chrisdolby, Albert Volkman, pfrenssen: replace drupal_access_denied() with throw AccessDeniedHttpException. 2012-06-04 12:06:09 +00:00			`throw new AccessDeniedHttpException();`
#166742 by Crell and dvessel: split user module (for performance reasons) 2007-09-10 13:14:38 +00:00			`}`