X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fapiblockcreate.php;h=d73c24c38f041ddbafccae92addede0839728c7a;hb=673bef2fdae9db750f4daf5bfe7d639eb2ec2acc;hp=1cab2df5d0d9584ebf9d982aa69eb0dc1ccb622d;hpb=67c387c6a0dc80a5c9beac9d73717763a2ba96f4;p=quix0rs-gnu-social.git diff --git a/actions/apiblockcreate.php b/actions/apiblockcreate.php index 1cab2df5d0..d73c24c38f 100644 --- a/actions/apiblockcreate.php +++ b/actions/apiblockcreate.php @@ -23,7 +23,7 @@ * @package StatusNet * @author Evan Prodromou * @author Zach Copley - * @copyright 2009 StatusNet, Inc. + * @copyright 2009-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -32,8 +32,6 @@ if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR . '/lib/apiauth.php'; - /** * Blocks the user specified in the ID parameter as the authenticating user. * Destroys a friendship to the blocked user if it exists. Returns the @@ -46,9 +44,10 @@ require_once INSTALLDIR . '/lib/apiauth.php'; * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ - class ApiBlockCreateAction extends ApiAuthAction { + protected $needPost = true; + var $other = null; /** @@ -59,13 +58,11 @@ class ApiBlockCreateAction extends ApiAuthAction * @return boolean success flag * */ - - function prepare($args) + protected function prepare(array $args=array()) { parent::prepare($args); - $this->user = $this->auth_user; - $this->other = $this->getTargetUser($this->arg('id')); + $this->other = $this->getTargetProfile($this->arg('id')); return true; } @@ -79,36 +76,38 @@ class ApiBlockCreateAction extends ApiAuthAction * * @return void */ - - function handle($args) + protected function handle() { - parent::handle($args); + parent::handle(); - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->clientError( - _('This method requires a POST.'), - 400, - $this->format - ); - return; + if (empty($this->user) || empty($this->other)) { + // TRANS: Client error displayed when trying to block a non-existing user or a user from another site. + $this->clientError(_('No such user.'), 404); } - if (empty($this->user) || empty($this->other)) { - $this->clientError(_('No such user!'), 404, $this->format); - return; + // Don't allow blocking yourself! + + if ($this->user->id == $this->other->id) { + // TRANS: Client error displayed when users try to block themselves. + $this->clientError(_("You cannot block yourself!"), 403); + } + + if (!$this->user->hasBlocked($this->other)) { + if (Event::handle('StartBlockProfile', array($this->user, $this->other))) { + $result = $this->user->block($this->other); + if ($result) { + Event::handle('EndBlockProfile', array($this->user, $this->other)); + } + } } - if ($this->user->hasBlocked($this->other) - || $this->user->block($this->other) - ) { + if ($this->user->hasBlocked($this->other)) { $this->initDocument($this->format); $this->showProfile($this->other, $this->format); $this->endDocument($this->format); } else { - $this->serverError(_('Block user failed.'), 500, $this->format); + // TRANS: Server error displayed when blocking a user has failed. + $this->serverError(_('Block user failed.'), 500); } - } - } -