Remove CSRF protection from username/password login and from OpenID login.

[quix0rs-gnu-social.git] / actions / apifriendshipsdestroy.php

diff --git a/actions/apifriendshipsdestroy.php b/actions/apifriendshipsdestroy.php
index d48a577562af968e259899c56e5a32edb8a79933..551d016823ba143a1057cbac84ca6cbda0f1962e 100644 (file)
--- a/actions/apifriendshipsdestroy.php
+++ b/actions/apifriendshipsdestroy.php
@@ -24,7 +24,7 @@
  * @author    Dan Moore <dan@moore.cx>
  * @author    Evan Prodromou <evan@status.net>
  * @author    Zach Copley <zach@status.net>
- * @copyright 2009 StatusNet, Inc.
+ * @copyright 2009-2010 StatusNet, Inc.
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  * @link      http://status.net/
  */
@@ -67,7 +67,7 @@ class ApiFriendshipsDestroyAction extends ApiAuthAction
         parent::prepare($args);
 
         $this->user   = $this->auth_user;
-        $this->other  = $this->getTargetUser($id);
+        $this->other  = $this->getTargetProfile($this->arg('id'));
 
         return true;
     }
@@ -125,8 +125,7 @@ class ApiFriendshipsDestroyAction extends ApiAuthAction
         }
 
         // throws an exception on error
-        Subscription::cancel($this->user->getProfile(),
-                             $this->other->getProfile());
+        Subscription::cancel($this->user->getProfile(), $this->other);
 
         $this->initDocument($this->format);
         $this->showProfile($this->other, $this->format);