src/Module/Item/Ignore.php

   1 <?php
   2
   3 namespace Friendica\Module\Item;
   4
   5 use Friendica\App;
   6 use Friendica\BaseModule;
   7 use Friendica\Core\L10n\L10n;
   8 use Friendica\Core\Session;
   9 use Friendica\Core\System;
  10 use Friendica\Database\Database;
  11 use Friendica\DI;
  12 use Friendica\Model\Item;
  13 use Friendica\Network\HTTPException;
  14
  15 /**
  16  * Module for ignoring threads or user items
  17  */
  18 class Ignore extends BaseModule
  19 {
  20         public static function rawContent(array $parameters = [])
  21         {
  22                 /** @var L10n $l10n */
  23                 $l10n = self::getClass(L10n::class);
  24
  25                 if (!Session::isAuthenticated()) {
  26                         throw new HttpException\ForbiddenException($l10n->t('Access denied.'));
  27                 }
  28
  29                 /** @var App\Arguments $args */
  30                 $args = self::getClass(App\Arguments::class);
  31                 /** @var Database $dba */
  32                 $dba = self::getClass(Database::class);
  33
  34                 $message_id = intval($args->get(2));
  35
  36                 if (empty($message_id) || !is_int($message_id)) {
  37                         throw new HTTPException\BadRequestException();
  38                 }
  39
  40                 $thread = Item::selectFirstThreadForUser(local_user(), ['uid', 'ignored'], ['iid' => $message_id]);
  41                 if (!$dba->isResult($thread)) {
  42                         throw new HTTPException\BadRequestException();
  43                 }
  44
  45                 // Numeric values are needed for the json output further below
  46                 $ignored = !empty($thread['ignored']) ? 0 : 1;
  47
  48                 switch ($thread['uid'] ?? 0) {
  49                         // if the thread is from the current user
  50                         case local_user():
  51                                 $dba->update('thread', ['ignored' => $ignored], ['iid' => $message_id]);
  52                                 break;
  53                         // 0 (null will get transformed to 0) => it's a public post
  54                         case 0:
  55                                 $dba->update('user-item', ['ignored' => $ignored], ['iid' => $message_id, 'uid' => local_user()], true);
  56                                 break;
  57                         // Throws a BadRequestException and not a ForbiddenException on purpose
  58                         // Avoids harvesting existing, but forbidden IIDs (security issue)
  59                         default:
  60                                 throw new HTTPException\BadRequestException();
  61                 }
  62
  63                 // See if we've been passed a return path to redirect to
  64                 $return_path = $_REQUEST['return'] ?? '';
  65                 if (!empty($return_path)) {
  66                         $rand = '_=' . time();
  67                         if (strpos($return_path, '?')) {
  68                                 $rand = "&$rand";
  69                         } else {
  70                                 $rand = "?$rand";
  71                         }
  72
  73                         DI::app()->internalRedirect($return_path . $rand);
  74                 }
  75
  76                 // the json doesn't really matter, it will either be 0 or 1
  77                 System::jsonExit($ignored);
  78         }
  79 }