if (!defined('LACONICA')) { exit(1); }
class SubscribeAction extends Action {
+
function handle($args) {
parent::handle($args);
if (!common_logged_in()) {
- common_user_error(_t('Not logged in.'));
+ common_user_error(_('Not logged in.'));
return;
}
- $other_nickname = $this->arg('subscribeto');
-
- $other = User::staticGet('nickname', $other_nickname);
+ $user = common_current_user();
- if (!$other) {
- common_user_error(_t('No such user.'));
+ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+ common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)));
return;
}
- $user = common_current_user();
+ # CSRF protection
- if ($user->isSubscribed($other)) {
- common_user_error(_t('Already subscribed!.'));
+ $token = $this->trimmed('token');
+
+ if (!$token || $token != common_session_token()) {
+ $this->client_error(_('There was a problem with your session token. Try again, please.'));
return;
}
- $sub = new Subscription();
- $sub->subscriber = $user->id;
- $sub->subscribed = $other->id;
+ $other_id = $this->arg('subscribeto');
+
+ $other = User::staticGet('id', $other_id);
+
+ if (!$other) {
+ $this->client_error(_('Not a local user.'));
+ return;
+ }
- $sub->created = DB_DataObject_Cast::dateTime(); # current time
+ $result = subs_subscribe_to($user, $other);
- if (!$sub->insert()) {
- common_server_error(_t('Couldn\'t create subscription.'));
+ if($result != true) {
+ common_user_error($result);
return;
}
- common_redirect(common_local_url('subscriptions', array('nickname' =>
+ if ($this->boolean('ajax')) {
+ common_start_html('text/xml');
+ common_element_start('head');
+ common_element('title', null, _('Subscribed'));
+ common_element_end('head');
+ common_element_start('body');
+ common_unsubscribe_form($other->getProfile());
+ common_element_end('body');
+ common_element_end('html');
+ } else {
+ common_redirect(common_local_url('subscriptions', array('nickname' =>
$user->nickname)));
+ }
}
-}
\ No newline at end of file
+}
projects / quix0rs-gnu-social.git / blobdiff