X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fsubscribe.php;h=0bc522867e39ca4a62ffd12a5ebf417a85441ba5;hb=b4e649fe906a793cd5e62d6390065ea5d41c40db;hp=9a1d43fa5df4786b5f97f61013575e5b51c481e2;hpb=024dc6c09817da701cff275a29d41ae2d4d777e9;p=quix0rs-gnu-social.git diff --git a/actions/subscribe.php b/actions/subscribe.php index 9a1d43fa5d..0bc522867e 100644 --- a/actions/subscribe.php +++ b/actions/subscribe.php @@ -19,80 +19,64 @@ if (!defined('LACONICA')) { exit(1); } -class SubscribeAction extends Action { - function handle($args) { - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_t('Not logged in.')); - return; - } - - $other_nickname = $this->arg('subscribeto'); - - $other = User::staticGet('nickname', $other_nickname); - - if (!$other) { - common_user_error(_t('No such user.')); - return; - } - - $user = common_current_user(); - - if ($user->isSubscribed($other)) { - common_user_error(_t('Already subscribed!.')); - return; - } - - $sub = new Subscription(); - $sub->subscriber = $user->id; - $sub->subscribed = $other->id; - - $sub->created = DB_DataObject_Cast::dateTime(); # current time - - if (!$sub->insert()) { - common_server_error(_t('Couldn\'t create subscription.')); - return; - } - - $this->notify($other, $user); - - common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname))); - } - - function notify($listenee, $listener) { - # XXX: add other notifications (Jabber, SMS) here - # XXX: queue this and handle it offline - $this->notify_email($listenee, $listener); - } - - function notify_email($listenee, $listener) { - if ($listenee->email) { - global $config; - $profile = $listenee->getProfile(); - $other = $listener->getProfile(); - $name = $profile->getBestName(); - $other_name = $other->getBestName(); - $recipients = $listenee->email; - $headers['From'] = mail_notify_from(); - $headers['To'] = $name . ' <' . $listenee->email . '>'; - $headers['Subject'] = $other_name . _t(' is now listening to your notices on ') . $config['site']['name']; - - $body = - ($other->fullname) ? - ($other->fullname . ' (' . $other->nickname . ')') : $other->nickname; - - $body .= _t(' is now listening to your notices on ') . $config['site']['name'] . '.'; - $body .= "\n\n"; - $body .= "\t".$other->profileurl; - $body .= "\n\n"; - $body .= _t('Faithfully yours, '); - $body .= "\n"; - $body .= $config['site']['name']; - $body .= "\n"; - - mail_send($recipients, $headers, $body); - } - } -} \ No newline at end of file +class SubscribeAction extends Action +{ + + function handle($args) + { + parent::handle($args); + + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + return; + } + + $user = common_current_user(); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); + return; + } + + # CSRF protection + + $token = $this->trimmed('token'); + + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token. Try again, please.')); + return; + } + + $other_id = $this->arg('subscribeto'); + + $other = User::staticGet('id', $other_id); + + if (!$other) { + $this->clientError(_('Not a local user.')); + return; + } + + $result = subs_subscribe_to($user, $other); + + if($result != true) { + $this->clientError($result); + return; + } + + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8'); + $this->elementStart('head'); + $this->element('title', null, _('Subscribed')); + $this->elementEnd('head'); + $this->elementStart('body'); + $unsubscribe = new UnsubscribeForm($this, $other->getProfile()); + $unsubscribe->show(); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + common_redirect(common_local_url('subscriptions', array('nickname' => + $user->nickname)), + 303); + } + } +}