function UserController::confirmCancel
Same name in other branches
- 9 core/modules/user/src/Controller/UserController.php \Drupal\user\Controller\UserController::confirmCancel()
- 10 core/modules/user/src/Controller/UserController.php \Drupal\user\Controller\UserController::confirmCancel()
- 11.x core/modules/user/src/Controller/UserController.php \Drupal\user\Controller\UserController::confirmCancel()
Confirms cancelling a user account via an email link.
Parameters
\Drupal\user\UserInterface $user: The user account.
int $timestamp: The timestamp.
string $hashed_pass: The hashed password.
Return value
\Symfony\Component\HttpFoundation\RedirectResponse A redirect response.
1 string reference to 'UserController::confirmCancel'
- user.routing.yml in core/
modules/ user/ user.routing.yml - core/modules/user/user.routing.yml
File
-
core/
modules/ user/ src/ Controller/ UserController.php, line 337
Class
- UserController
- Controller routines for user routes.
Namespace
Drupal\user\ControllerCode
public function confirmCancel(UserInterface $user, $timestamp = 0, $hashed_pass = '') {
// Time out in seconds until cancel URL expires; 24 hours = 86400 seconds.
$timeout = 86400;
$current = REQUEST_TIME;
// Basic validation of arguments.
$account_data = $this->userData
->get('user', $user->id());
if (isset($account_data['cancel_method']) && !empty($timestamp) && !empty($hashed_pass)) {
// Validate expiration and hashed password/login.
if ($timestamp <= $current && $current - $timestamp < $timeout && $user->id() && $timestamp >= $user->getLastLoginTime() && hash_equals($hashed_pass, user_pass_rehash($user, $timestamp))) {
$edit = [
'user_cancel_notify' => isset($account_data['cancel_notify']) ? $account_data['cancel_notify'] : $this->config('user.settings')
->get('notify.status_canceled'),
];
user_cancel($edit, $user->id(), $account_data['cancel_method']);
// Since user_cancel() is not invoked via Form API, batch processing
// needs to be invoked manually and should redirect to the front page
// after completion.
return batch_process('<front>');
}
else {
$this->messenger()
->addError($this->t('You have tried to use an account cancellation link that has expired. Please request a new one using the form below.'));
return $this->redirect('entity.user.cancel_form', [
'user' => $user->id(),
], [
'absolute' => TRUE,
]);
}
}
throw new AccessDeniedHttpException();
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.