Twitter-compatible API - properly encode and decode UTF-8 HTML entities

[quix0rs-gnu-social.git] / actions / showmessage.php

diff --git a/actions/showmessage.php b/actions/showmessage.php
index 184060aa914508ffab31de9ed9dec9f3d3ee95fe..c171ffe0b596b790bd5b458dbcae1a0393ed9026 100644 (file)
--- a/actions/showmessage.php
+++ b/actions/showmessage.php
@@ -27,9 +27,7 @@ class ShowmessageAction extends MailboxAction {
 
                Action::handle($args);
 
-               $id = $this->trimmed('id');
-
-               $message = Message::staticGet('id', $id);
+               $message = $this->get_message();
 
                if (!$message) {
                        $this->client_error(_('No such message.'), 404);
@@ -38,19 +36,16 @@ class ShowmessageAction extends MailboxAction {
                
                $cur = common_current_user();
                
-               if (!$cur ||
-                       $cur->id != $message->from_profile &&
-                       $cur->id != $message->to_profile) 
-               {
-                       $this->client_error(_('Only the sender and recipient may read this message.'), 404);
+               if ($cur && ($cur->id == $message->from_profile || $cur->id == $message->to_profile)) {
+                       $this->show_page($cur, 1);
+               } else {
+                       $this->client_error(_('Only the sender and recipient may read this message.'), 403);
                        return;
                }
-                       
-               $this->show_page($cur, 1);
        }
        
        function get_message() {
-               $id = $this->trimmed('id');
+               $id = $this->trimmed('message');
                $message = Message::staticGet('id', $id);
                return $message;
        }
@@ -74,9 +69,12 @@ class ShowmessageAction extends MailboxAction {
                }
                return $title;
        }
-       
+
        function get_messages($user, $page) {
-               return $this->get_message();
+               $message = new Message();
+               $message->id = $this->trimmed('message');
+               $message->find();
+               return $message;
        }
        
        function get_message_profile($message) {
@@ -94,5 +92,9 @@ class ShowmessageAction extends MailboxAction {
        function get_instructions() {
                return '';
        }
+       
+       function views_menu() {
+               return;
+       }
 }
        
\ No newline at end of file