<?php
-/*
- * Laconica - a distributed open-source microblogging tool
- * Copyright (C) 2008, Controlez-Vous, Inc.
+/**
+ * Unsubscribe handler
+ *
+ * PHP version 5
+ *
+ * @category Action
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @author Robin Millette <millette@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link http://status.net/
+ *
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2008, 2009, StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-class UnsubscribeAction extends Action {
-
- function handle($args) {
- parent::handle($args);
- if (!common_logged_in()) {
- common_user_error(_('Not logged in.'));
- return;
- }
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+ exit(1);
+}
+
+/**
+ * Unsubscribe handler
+ *
+ * @category Action
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @author Robin Millette <millette@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link http://status.net/
+ */
+class UnsubscribeAction extends Action
+{
+
+ function handle($args)
+ {
+ parent::handle($args);
+ if (!common_logged_in()) {
+ $this->clientError(_('Not logged in.'));
+ return;
+ }
+
+ $user = common_current_user();
+
+ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+ common_redirect(common_local_url('subscriptions',
+ array('nickname' => $user->nickname)));
+ return;
+ }
- $user = common_current_user();
+ /* Use a session token for CSRF protection. */
- if ($_SERVER['REQUEST_METHOD'] != 'POST') {
- common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)));
- return;
- }
+ $token = $this->trimmed('token');
- $other_nickname = $this->arg('unsubscribeto');
- $other = User::staticGet('nickname', $other_nickname);
- if (!$other) {
- common_user_error(_('No such user.'));
- return;
- }
+ if (!$token || $token != common_session_token()) {
+ $this->clientError(_('There was a problem with your session token. ' .
+ 'Try again, please.'));
+ return;
+ }
- if (!$user->isSubscribed($other)) {
- common_server_error(_('Not subscribed!.'));
- }
+ $other_id = $this->arg('unsubscribeto');
- $sub = DB_DataObject::factory('subscription');
+ if (!$other_id) {
+ $this->clientError(_('No profile id in request.'));
+ return;
+ }
- $sub->subscriber = $user->id;
- $sub->subscribed = $other->id;
+ $other = Profile::staticGet('id', $other_id);
- $sub->find(true);
+ if (!$other) {
+ $this->clientError(_('No profile with that ID.'));
+ return;
+ }
- // note we checked for existence above
+ $result = subs_unsubscribe_to($user, $other);
- if (!$sub->delete()) {
- common_server_error(_('Couldn\'t delete subscription.'));
- return;
- }
+ if (is_string($result)) {
+ $this->clientError($result);
+ return;
+ }
- common_redirect(common_local_url('subscriptions', array('nickname' =>
- $user->nickname)));
- }
+ if ($this->boolean('ajax')) {
+ $this->startHTML('text/xml;charset=utf-8');
+ $this->elementStart('head');
+ $this->element('title', null, _('Unsubscribed'));
+ $this->elementEnd('head');
+ $this->elementStart('body');
+ $subscribe = new SubscribeForm($this, $other);
+ $subscribe->show();
+ $this->elementEnd('body');
+ $this->elementEnd('html');
+ } else {
+ common_redirect(common_local_url('subscriptions',
+ array('nickname' => $user->nickname)),
+ 303);
+ }
+ }
}