Merge branch '1.0.x' of git://gitorious.org/statusnet/mainline

[quix0rs-gnu-social.git] / actions / nudge.php

diff --git a/actions/nudge.php b/actions/nudge.php
index 2685774a5099d31aba6b051dbe1261bca7f0a68b..32ae8587cc5567d6da8fc36a9d5c71e8bb344e99 100644 (file)
--- a/actions/nudge.php
+++ b/actions/nudge.php
@@ -1,7 +1,19 @@
 <?php
-/*
- * Laconica - a distributed open-source microblogging tool
- * Copyright (C) 2008, Controlez-Vous, Inc.
+
+/**
+ * User by ID action class.
+ *
+ * PHP version 5
+ *
+ * @category Action
+ * @package  StatusNet
+ * @author   Evan Prodromou <evan@status.net>
+ * @author   Robin Millette <millette@status.net>
+ * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link     http://status.net/
+ *
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2008, 2009, StatusNet, Inc.
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as published by
@@ -17,49 +29,104 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-if (!defined('LACONICA')) { exit(1); }
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+    exit(1);
+}
+
+require_once INSTALLDIR.'/lib/mail.php';
+
+/**
+ * Nudge a user action class.
+ *
+ * @category Action
+ * @package  StatusNet
+ * @author   Evan Prodromou <evan@status.net>
+ * @author   Robin Millette <millette@status.net>
+ * @author   Sarven Capadisli <csarven@status.net>
+ * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link     http://status.net/
+ */
+class NudgeAction extends Action
+{
+     /**
+     * Class handler.
+     *
+     * @param array $args array of arguments
+     *
+     * @return nothing
+     */
+    function handle($args)
+    {
+        parent::handle($args);
+
+        if (!common_logged_in()) {
+            $this->clientError(_('Not logged in.'));
+            return;
+        }
+
+        $user  = common_current_user();
+        $other = User::staticGet('nickname', $this->arg('nickname'));
 
-require_once(INSTALLDIR.'/lib/mail.php');
+        if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+            common_redirect(common_local_url('showstream',
+                array('nickname' => $other->nickname)));
+            return;
+        }
 
-class NudgeAction extends Action {
+        // CSRF protection
+        $token = $this->trimmed('token');
 
-       function handle($args) {
-               parent::handle($args);
+        if (!$token || $token != common_session_token()) {
+            $this->clientError(_('There was a problem with your session token. Try again, please.'));
+            return;
+        }
 
-               if (!common_logged_in()) {
-                       common_user_error(_('Not logged in.'));
-                       return;
-               }
+        if (!$other->email || !$other->emailnotifynudge) {
+            $this->clientError(_('This user doesn\'t allow nudges or hasn\'t confirmed or set their email yet.'));
+            return;
+        }
 
-               $user = common_current_user();
-               $other_nickname = common_canonical_nickname($args['nickname']);
-               $other = User::staticGet('nickname', $other_nickname);
-               $this->notify($user, $other);
+        $this->notify($user, $other);
 
-               if ($this->boolean('ajax')) {
-                       common_start_html('text/xml');
-                       common_element_start('head');
-                       common_element('title', null, _('Nudge sent'));
-                       common_element_end('head');
-                       common_element_start('body');
-                       common_nudge_response();
-                       common_element_end('body');
-                       common_element_end('html');
-               } else {
+        if ($this->boolean('ajax')) {
+            $this->startHTML('text/xml;charset=utf-8');
+            $this->elementStart('head');
+            $this->element('title', null, _('Nudge sent'));
+            $this->elementEnd('head');
+            $this->elementStart('body');
+            $this->element('p', array('id' => 'nudge_response'), _('Nudge sent!'));
+            $this->elementEnd('body');
+            $this->elementEnd('html');
+        } else {
             // display a confirmation to the user
-                       common_redirect(common_local_url('showstream',
-                                                                                        array('nickname' => $other->nickname)));
-               }
-       }
+            common_redirect(common_local_url('showstream',
+                                             array('nickname' => $other->nickname)),
+                            303);
+        }
+    }
 
-       function notify($user, $other) {
-               if ($other && $other->id != $user->id) {
-                       if ($other->email && $other->emailnotifynudge) {
-                               mail_notify_nudge($user, $other);
-                       }
-                       # XXX: notify by IM
-                       # XXX: notify by SMS
-               }
-       }
+     /**
+     * Do the actual notification
+     *
+     * @param class $user  nudger
+     * @param class $other nudgee
+     *
+     * @return nothing
+     */
+    function notify($user, $other)
+    {
+        if ($other->id != $user->id) {
+            if ($other->email && $other->emailnotifynudge) {
+                mail_notify_nudge($user, $other);
+            }
+            // XXX: notify by IM
+            // XXX: notify by SMS
+        }
+    }
 
+    function isReadOnly($args)
+    {
+        return true;
+    }
 }
+