Issue 5260: Ensure that user data is really deleted (#5666)

* Issue 5260: Ensure that user data is really deleted

* Missing files

src/Model/User.php

@@ -730,13 +730,16 @@ class User
 		DBA::insert('userd', ['username' => $user['nickname']]);
 
 		// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
-		DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utcNow()], ['uid' => $uid]);
+		DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc($t . " + 7 day")], ['uid' => $uid]);
 		Worker::add(PRIORITY_HIGH, "Notifier", "removeme", $uid);
 
 		// Send an update to the directory
 		$self = DBA::selectFirst('contact', ['url'], ['uid' => $uid, 'self' => true]);
 		Worker::add(PRIORITY_LOW, "Directory", $self['url']);
 
+		// Remove the user relevant data
+		Worker::add(PRIORITY_LOW, "RemoveUser", $uid);
+
 		if ($uid == local_user()) {
 			unset($_SESSION['authenticated']);
 			unset($_SESSION['uid']);

src/Worker/CronJobs.php

@@ -120,6 +120,12 @@ class CronJobs
 		// delete user records for recently removed accounts
 		$users = DBA::select('user', ['uid'], ["`account_removed` AND `account_expires_on` < UTC_TIMESTAMP() - INTERVAL 3 DAY"]);
 		while ($user = DBA::fetch($users)) {
+			// Delete the contacts of this user
+			$self = DBA::selectFirst('contact', ['nurl'], ['self' => true, 'uid' => $user['uid']]);
+			if (DBA::isResult($self)) {
+				DBA::delete('contact', ['nurl' => $self['nurl'], 'self' => false]);
+			}
+
 			DBA::delete('user', ['uid' => $user['uid']]);
 		}
 	}

src/Worker/RemoveUser.php

@@ -0,0 +1,25 @@
+<?php
+/**
+ * @file src/Worker/RemoveUser.php
+ * @brief Removes orphaned data from deleted users
+ */
+namespace Friendica\Worker;
+
+use Friendica\Database\DBA;
+use Friendica\Model\Item;
+
+require_once 'include/dba.php';
+
+class RemoveUser {
+	public static function execute($uid)
+	{
+		// Only delete if the user is archived
+		$condition = ['account_removed' => true, 'uid' => $uid];
+		if (!DBA::exists('user', $condition)) {
+			return;
+		}
+
+		// Now we delete all user items
+		Item::delete(['uid' => $uid], PRIORITY_LOW);
+	}
+}