X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fsubscribe.php;h=b1243f393333fdea7245bead2c7c1bda9738e982;hb=ddb656fcd2a3233b26e28987d2f3425944908d30;hp=64abda00431c0d9fbcf3a060f17510ade1a44849;hpb=8dd513a8e434bb72f773dac75ec3124d2532d4a3;p=quix0rs-gnu-social.git diff --git a/actions/subscribe.php b/actions/subscribe.php index 64abda0043..b1243f3933 100644 --- a/actions/subscribe.php +++ b/actions/subscribe.php @@ -1,7 +1,9 @@ . + * + * PHP version 5 + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2008-2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3 + * @link http://status.net/ */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Subscription action + * + * Subscribing to a profile. Does not work for OMB 0.1 remote subscriptions, + * but may work for other remote subscription protocols, like OStatus. + * + * Takes parameters: + * + * - subscribeto: a profile ID + * - token: session token to prevent CSRF attacks + * - ajax: boolean; whether to return Ajax or full-browser results + * + * Only works if the current user is logged in. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2008-2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3 + * @link http://status.net/ + */ + +class SubscribeAction extends Action +{ + var $user; + var $other; + + /** + * Check pre-requisites and instantiate attributes + * + * @param Array $args array of arguments (URL, GET, POST) + * + * @return boolean success flag + */ -class SubscribeAction extends Action { + function prepare($args) + { + parent::prepare($args); - function handle($args) { - parent::handle($args); + // Only allow POST requests - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - return; - } + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError(_('This action only accepts POST requests.')); + return false; + } + + // CSRF protection - $user = common_current_user(); + $token = $this->trimmed('token'); - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); - return; - } + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token.'. + ' Try again, please.')); + return false; + } - # CSRF protection + // Only for logged-in users - $token = $this->trimmed('token'); + $this->user = common_current_user(); - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } + if (empty($this->user)) { + $this->clientError(_('Not logged in.')); + return false; + } - $other_id = $this->arg('subscribeto'); + // Profile to subscribe to - $other = User::staticGet('id', $other_id); + $other_id = $this->arg('subscribeto'); - if (!$other) { - $this->client_error(_('Not a local user.')); - return; + $this->other = Profile::staticGet('id', $other_id); + + if (empty($this->other)) { + $this->clientError(_('No such profile.')); + return false; } - $result = subs_subscribe_to($user, $other); - - if($result != true) { - common_user_error($result); - return; - } - - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Subscribed')); - common_element_end('head'); - common_element_start('body'); - common_unsubscribe_form($other->getProfile()); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname))); + // OMB 0.1 doesn't have a mechanism for local-server- + // originated subscription. + + $omb01 = Remote_profile::staticGet('id', $other_id); + + if (!empty($omb01)) { + $this->clientError(_('You cannot subscribe to an OMB 0.1'. + ' remote profile with this action.')); + return false; + } + + return true; + } + + /** + * Handle request + * + * Does the subscription and returns results. + * + * @param Array $args unused. + * + * @return void + */ + + function handle($args) + { + // Throws exception on error + + Subscription::start($this->user->getProfile(), + $this->other); + + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8'); + $this->elementStart('head'); + $this->element('title', null, _('Subscribed')); + $this->elementEnd('head'); + $this->elementStart('body'); + $unsubscribe = new UnsubscribeForm($this, $this->other); + $unsubscribe->show(); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + $url = common_local_url('subscriptions', + array('nickname' => $this->user->nickname)); + common_redirect($url, 303); } - } + } }