src/Module/Item/Ignore.php

   1 <?php
   2
   3 namespace Friendica\Module\Item;
   4
   5 use Friendica\App;
   6 use Friendica\BaseModule;
   7 use Friendica\Core\L10n\L10n;
   8 use Friendica\Core\Session;
   9 use Friendica\Core\System;
  10 use Friendica\Database\Database;
  11 use Friendica\DI;
  12 use Friendica\Model\Item;
  13 use Friendica\Network\HTTPException;
  14
  15 /**
  16  * Module for ignoring threads or user items
  17  */
  18 class Ignore extends BaseModule
  19 {
  20         public static function rawContent(array $parameters = [])
  21         {
  22                 $l10n = DI::l10n();
  23
  24                 if (!Session::isAuthenticated()) {
  25                         throw new HttpException\ForbiddenException($l10n->t('Access denied.'));
  26                 }
  27
  28                 $args = DI::args();
  29                 $dba = DI::dba();
  30
  31                 $message_id = intval($args->get(2));
  32
  33                 if (empty($message_id) || !is_int($message_id)) {
  34                         throw new HTTPException\BadRequestException();
  35                 }
  36
  37                 $thread = Item::selectFirstThreadForUser(local_user(), ['uid', 'ignored'], ['iid' => $message_id]);
  38                 if (!$dba->isResult($thread)) {
  39                         throw new HTTPException\BadRequestException();
  40                 }
  41
  42                 // Numeric values are needed for the json output further below
  43                 $ignored = !empty($thread['ignored']) ? 0 : 1;
  44
  45                 switch ($thread['uid'] ?? 0) {
  46                         // if the thread is from the current user
  47                         case local_user():
  48                                 $dba->update('thread', ['ignored' => $ignored], ['iid' => $message_id]);
  49                                 break;
  50                         // 0 (null will get transformed to 0) => it's a public post
  51                         case 0:
  52                                 $dba->update('user-item', ['ignored' => $ignored], ['iid' => $message_id, 'uid' => local_user()], true);
  53                                 break;
  54                         // Throws a BadRequestException and not a ForbiddenException on purpose
  55                         // Avoids harvesting existing, but forbidden IIDs (security issue)
  56                         default:
  57                                 throw new HTTPException\BadRequestException();
  58                 }
  59
  60                 // See if we've been passed a return path to redirect to
  61                 $return_path = $_REQUEST['return'] ?? '';
  62                 if (!empty($return_path)) {
  63                         $rand = '_=' . time();
  64                         if (strpos($return_path, '?')) {
  65                                 $rand = "&$rand";
  66                         } else {
  67                                 $rand = "?$rand";
  68                         }
  69
  70                         DI::baseUrl()->redirect($return_path . $rand);
  71                 }
  72
  73                 // the json doesn't really matter, it will either be 0 or 1
  74                 System::jsonExit($ignored);
  75         }
  76 }