-if (!defined('LACONICA')) { exit(1); }
-
-require_once(INSTALLDIR.'/lib/deleteaction.php');
-
-class DeletenoticeAction extends DeleteAction {
- function handle($args) {
- parent::handle($args);
- # XXX: Ajax!
-
- if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- $this->delete_notice();
- } else if ($_SERVER['REQUEST_METHOD'] == 'GET') {
- $this->show_form();
- }
- }
-
- function get_instructions() {
- return _('You are about to permanently delete a notice. Once this is done, it cannot be undone.');
- }
-
- function get_title() {
- return _('Delete notice');
- }
-
- function show_form($error=NULL) {
- $user = common_current_user();
-
- common_show_header($this->get_title(), array($this, 'show_header'), $error,
- array($this, 'show_top'));
- common_element_start('form', array('id' => 'notice_delete_form',
- 'method' => 'post',
- 'action' => common_local_url('deletenotice')));
- common_hidden('token', common_session_token());
- common_hidden('notice', $this->trimmed('notice'));
- common_element_start('p');
- common_element('span', array('id' => 'confirmation_text'), _('Are you sure you want to delete this notice?'));
-
- common_element('input', array('id' => 'submit_no',
- 'name' => 'submit',
- 'type' => 'submit',
- 'value' => _('No')));
- common_element('input', array('id' => 'submit_yes',
- 'name' => 'submit',
- 'type' => 'submit',
- 'value' => _('Yes')));
- common_element_end('p');
- common_element_end('form');
- common_show_footer();
- }
-
- function delete_notice() {
- # CSRF protection
- $token = $this->trimmed('token');
- if (!$token || $token != common_session_token()) {
- $this->show_form(_('There was a problem with your session token. Try again, please.'));
- return;
- }
- $url = common_get_returnto();
- $confirmed = $this->trimmed('submit');
- if ($confirmed == _('Yes')) {
- $user = common_current_user();
- $notice_id = $this->trimmed('notice');
- $notice = Notice::staticGet($notice_id);
- $replies = new Reply;
- $replies->get('notice_id', $notice_id);
-
- common_dequeue_notice($notice);
- if (common_config('memcached', 'enabled')) {
- $notice->blowSubsCache();
- }
- $replies->delete();
- $notice->delete();
- } else {
- if ($url) {
- common_set_returnto(NULL);
- } else {
- $url = common_local_url('public');
- }
- }
- common_redirect($url);
- }
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+ exit(1);
+}
+
+class DeletenoticeAction extends Action
+{
+ var $error = null;
+ var $user = null;
+ var $notice = null;
+ var $profile = null;
+ var $user_profile = null;
+
+ function prepare($args)
+ {
+ parent::prepare($args);
+
+ $this->user = common_current_user();
+ $notice_id = $this->trimmed('notice');
+ $this->notice = Notice::staticGet($notice_id);
+
+ if (!$this->notice) {
+ common_user_error(_('No such notice.'));
+ exit;
+ }
+
+ $this->profile = $this->notice->getProfile();
+ $this->user_profile = $this->user->getProfile();
+
+ return true;
+ }
+
+ function handle($args)
+ {
+ parent::handle($args);
+
+ if (!common_logged_in()) {
+ common_user_error(_('Not logged in.'));
+ exit;
+ } else if ($this->notice->profile_id != $this->user_profile->id &&
+ !$this->user->hasRight(Right::DELETEOTHERSNOTICE)) {
+ common_user_error(_('Can\'t delete this notice.'));
+ exit;
+ }
+ // XXX: Ajax!
+
+ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $this->deleteNotice();
+ } else if ($_SERVER['REQUEST_METHOD'] == 'GET') {
+ $this->showForm();
+ }
+ }
+
+ /**
+ * Show the page notice
+ *
+ * Shows instructions for the page
+ *
+ * @return void
+ */
+
+ function showPageNotice()
+ {
+ $instr = $this->getInstructions();
+ $output = common_markup_to_html($instr);
+
+ $this->elementStart('div', 'instructions');
+ $this->raw($output);
+ $this->elementEnd('div');
+ }
+
+ function getInstructions()
+ {
+ return _('You are about to permanently delete a notice. ' .
+ 'Once this is done, it cannot be undone.');
+ }
+
+ function title()
+ {
+ return _('Delete notice');
+ }
+
+ /**
+ * Wrapper for showing a page
+ *
+ * Stores an error and shows the page
+ *
+ * @param string $error Error, if any
+ *
+ * @return void
+ */
+
+ function showForm($error = null)
+ {
+ $this->error = $error;
+ $this->showPage();
+ }
+
+ /**
+ * Insert delete notice form into the content
+ *
+ * @return void
+ */
+
+ function showContent()
+ {
+ $this->elementStart('form', array('id' => 'form_notice_delete',
+ 'class' => 'form_settings',
+ 'method' => 'post',
+ 'action' => common_local_url('deletenotice')));
+ $this->elementStart('fieldset');
+ $this->element('legend', null, _('Delete notice'));
+ $this->hidden('token', common_session_token());
+ $this->hidden('notice', $this->trimmed('notice'));
+ $this->element('p', null, _('Are you sure you want to delete this notice?'));
+ $this->submit('form_action-no', _('No'), 'submit form_action-primary', 'no', _("Do not delete this notice"));
+ $this->submit('form_action-yes', _('Yes'), 'submit form_action-secondary', 'yes', _('Delete this notice'));
+ $this->elementEnd('fieldset');
+ $this->elementEnd('form');
+ }
+
+ function deleteNotice()
+ {
+ // CSRF protection
+ $token = $this->trimmed('token');
+
+ if (!$token || $token != common_session_token()) {
+ $this->showForm(_('There was a problem with your session token. ' .
+ 'Try again, please.'));
+ return;
+ }
+
+ if ($this->arg('yes')) {
+ $this->notice->delete();
+ }
+
+ $url = common_get_returnto();
+
+ if ($url) {
+ common_set_returnto(null);
+ } else {
+ $url = common_local_url('public');
+ }
+
+ common_redirect($url, 303);
+ }