Merge branch '0.9.x' into activityexport

[quix0rs-gnu-social.git] / actions / unsubscribe.php

diff --git a/actions/unsubscribe.php b/actions/unsubscribe.php
index b1e2b642568026cc62df626c9913105819fa3bbd..57ca15d687442b8cbff85de3c02dd1c7aaac353f 100644 (file)
--- a/actions/unsubscribe.php
+++ b/actions/unsubscribe.php
@@ -1,7 +1,18 @@
 <?php
-/*
- * Laconica - a distributed open-source microblogging tool
- * Copyright (C) 2008, Controlez-Vous, Inc.
+/**
+ * Unsubscribe handler
+ *
+ * PHP version 5
+ *
+ * @category Action
+ * @package  StatusNet
+ * @author   Evan Prodromou <evan@status.net>
+ * @author   Robin Millette <millette@status.net>
+ * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link     http://status.net/
+ *
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2008, 2009, StatusNet, Inc.
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as published by
@@ -17,6 +28,20 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+    exit(1);
+}
+
+/**
+ * Unsubscribe handler
+ *
+ * @category Action
+ * @package  StatusNet
+ * @author   Evan Prodromou <evan@status.net>
+ * @author   Robin Millette <millette@status.net>
+ * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link     http://status.net/
+ */
 class UnsubscribeAction extends Action
 {
 
@@ -31,36 +56,38 @@ class UnsubscribeAction extends Action
         $user = common_current_user();
 
         if ($_SERVER['REQUEST_METHOD'] != 'POST') {
-            common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)));
+            common_redirect(common_local_url('subscriptions',
+                                             array('nickname' => $user->nickname)));
             return;
         }
 
-        # CSRF protection
+        /* Use a session token for CSRF protection. */
 
         $token = $this->trimmed('token');
 
         if (!$token || $token != common_session_token()) {
-            $this->clientError(_('There was a problem with your session token. Try again, please.'));
+            $this->clientError(_('There was a problem with your session token. ' .
+                                 'Try again, please.'));
             return;
         }
 
         $other_id = $this->arg('unsubscribeto');
 
         if (!$other_id) {
-            $this->clientError(_('No profile id in request.'));
+            $this->clientError(_('No profile ID in request.'));
             return;
         }
 
         $other = Profile::staticGet('id', $other_id);
 
-        if (!$other_id) {
-            $this->clientError(_('No profile with that id.'));
+        if (!$other) {
+            $this->clientError(_('No profile with that ID.'));
             return;
         }
 
         $result = subs_unsubscribe_to($user, $other);
 
-        if ($result != true) {
+        if (is_string($result)) {
             $this->clientError($result);
             return;
         }
@@ -76,8 +103,9 @@ class UnsubscribeAction extends Action
             $this->elementEnd('body');
             $this->elementEnd('html');
         } else {
-            common_redirect(common_local_url('subscriptions', array('nickname' =>
-                                                                    $user->nickname)));
+            common_redirect(common_local_url('subscriptions',
+                                             array('nickname' => $user->nickname)),
+                            303);
         }
     }
 }