Fixed typo in RedirectingAction when no return-to data provided in form submission.
RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated.
More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
} else {
$this->showPage();
}
+ } else {
+ $this->showPage();
}
}
*/
function areYouSureForm()
{
+ // @fixme if we ajaxify the confirmation form, skip the preview on ajax hits
+ $profile = new ArrayWrapper(array($this->profile));
+ $preview = new ProfileList($profile, $this);
+ $preview->show();
+
+
$id = $this->profile->id;
$this->elementStart('form', array('id' => 'block-' . $id,
'method' => 'post',
$this->autofocus('form_action-yes');
}
+ /**
+ * Override for form session token checks; on our first hit we're just
+ * requesting confirmation, which doesn't need a token. We need to be
+ * able to take regular GET requests from email!
+ *
+ * @throws ClientException if token is bad on POST request or if we have
+ * confirmation parameters which could trigger something.
+ */
+ function checkSessionToken()
+ {
+ if ($_SERVER['REQUEST_METHOD'] == 'POST' ||
+ $this->arg('yes') ||
+ $this->arg('no')) {
+
+ return parent::checkSessionToken();
+ }
+ }
+
+ /**
+ * If we reached this form without returnto arguments, return to the
+ * current user's subscription list.
+ *
+ * @return string URL
+ */
+ function defaultReturnTo()
+ {
+ $user = common_current_user();
+ if ($user) {
+ return common_local_url('subscribers',
+ array('nickname' => $user->nickname));
+ } else {
+ return common_local_url('public');
+ }
+ }
}
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
} else {
$this->showPage();
}
parent::handle($args);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->blockProfile();
} elseif ($this->arg('blockto')) {
return false;
}
- $this->returnToArgs();
+ $this->returnToPrevious();
}
/**
$other->getBestName(),
common_config('site', 'name'));
+ $blocklink = sprintf(_("If you believe this account is being used abusively, " .
+ "you can block them from your subscribers list and " .
+ "report as spam to site administrators at %s"),
+ common_local_url('block', array('profileid' => $other->id)));
+
// TRANS: Main body of new-subscriber notification e-mail
$body = sprintf(_('%1$s is now listening to your notices on %2$s.'."\n\n".
"\t".'%3$s'."\n\n".
($other->homepage) ?
// TRANS: Profile info line in new-subscriber notification e-mail
sprintf(_("Homepage: %s"), $other->homepage) . "\n" : '',
- ($other->bio) ?
+ (($other->bio) ?
// TRANS: Profile info line in new-subscriber notification e-mail
- sprintf(_("Bio: %s"), $other->bio) . "\n\n" : '',
+ sprintf(_("Bio: %s"), $other->bio) . "\n" : '') .
+ "\n\n" . $blocklink . "\n",
common_config('site', 'name'),
common_local_url('emailsettings'));
$this->checkSessionToken();
if (!common_logged_in()) {
- $this->clientError(_('Not logged in.'));
+ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $this->clientError(_('Not logged in.'));
+ } else {
+ // Redirect to login.
+ common_set_returnto($this->selfUrl());
+ $user = common_current_user();
+ if (Event::handle('RedirectToLogin', array($this, $user))) {
+ common_redirect(common_local_url('login'), 303);
+ }
+ }
return false;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
}
}
*
* To be called only after successful processing.
*
- * @fixme rename this -- it obscures Action::returnToArgs() which
- * returns a list of arguments, and is a bit confusing.
+ * Note: this was named returnToArgs() up through 0.9.2, which
+ * caused problems because there's an Action::returnToArgs()
+ * already which does something different.
*
* @return void
*/
- function returnToArgs()
+ function returnToPrevious()
{
// Now, gotta figure where we go back to
$action = false;
if ($action) {
common_redirect(common_local_url($action, $args, $params), 303);
} else {
- $url = $this->defaultReturnToUrl();
+ $url = $this->defaultReturnTo();
}
common_redirect($url, 303);
}
$m->connect('main/'.$a, array('action' => $a));
}
+ // Also need a block variant accepting ID on URL for mail links
+ $m->connect('main/block/:profileid',
+ array('action' => 'block'),
+ array('profileid' => '[0-9]+'));
+
$m->connect('main/sup/:seconds', array('action' => 'sup'),
array('seconds' => '[0-9]+'));
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
if (!$this->boolean('ajax')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
}
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
if (!$this->boolean('ajax')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
}
}
}
projects / quix0rs-gnu-social.git / commitdiff