redirect to a useful location after deleting or ignoring a friend request, begin...

diff --git a/include/items.php b/include/items.php
index 21ee994dc8a39a489d38fbf3425006f0bc64e3b6..62f1f2ce5bc7b6146bcf002a96e4be08addb1884 100755 (executable)
--- a/include/items.php
+++ b/include/items.php
@@ -2755,6 +2755,9 @@ function item_expire($uid,$days) {
 function drop_items($items) {
        $uid = 0;
 
+       if((! local_user()) && (! $remote_user()))
+               return;
+
        if(count($items)) {
                foreach($items as $item) {
                        $owner = drop_item($item,false);

diff --git a/mod/item.php b/mod/item.php
index f7eb0961c84ccd4eda86033bf84fe2d5d9ed95fd..ed3d7749c6c6b812b5b12a5272ae7c53fcaef9c4 100755 (executable)
--- a/mod/item.php
+++ b/mod/item.php
@@ -20,7 +20,7 @@ require_once('include/enotify.php');
 
 function item_post(&$a) {
 
-       if((! local_user()) && (! remote_user()))
+       if((! local_user()) && (! remote_user()) && (! x($_REQUEST,'commenter')))
                return;
 
        require_once('include/security.php');
@@ -110,11 +110,35 @@ function item_post(&$a) {
 
        if($parent) logger('mod_post: parent=' . $parent);
 
+
+
        $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0);
        $post_id     = ((x($_REQUEST,'post_id'))     ? intval($_REQUEST['post_id'])     : 0);
        $app         = ((x($_REQUEST,'source'))      ? strip_tags($_REQUEST['source'])  : '');
 
-       if(! can_write_wall($a,$profile_uid)) {
+       $allow_moderated = false;
+
+       // here is where we are going to check for permission to post a moderated comment.
+
+       // First check that the parent exists and it is a wall item.
+
+       if((x($_REQUEST,'commenter')) && ((! $parent) || (! $parent_item['wall']))) {
+               notice( t('Permission denied.') . EOL) ;
+               if(x($_REQUEST,'return')) 
+                       goaway($a->get_baseurl() . "/" . $return_path );
+               killme();
+       }
+
+       // Now check that it is a page_type of PAGE_BLOG, and that valid personal details
+       // have been provided, and run any anti-spam plugins
+
+
+       // TODO
+
+
+
+
+       if((! can_write_wall($a,$profile_uid)) && (! $allow_moderated)) {
                notice( t('Permission denied.') . EOL) ;
                if(x($_REQUEST,'return')) 
                        goaway($a->get_baseurl() . "/" . $return_path );

diff --git a/mod/notifications.php b/mod/notifications.php
index 910b84e322d587769359c4c323c0bc0d4f36872b..82d450a880dbc0db272a32dabce63385ea898249 100755 (executable)
--- a/mod/notifications.php
+++ b/mod/notifications.php
@@ -42,12 +42,12 @@ function notifications_post(&$a) {
                                        intval(local_user())
                                );
                        }
-                       return;
+                       goaway($a->get_baseurl() . '/notifications/intros');
                }
                if($_POST['submit'] == t('Ignore')) {
                        $r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d LIMIT 1",
                                intval($intro_id));
-                       return;
+                       goaway($a->get_baseurl() . '/notifications/intros');
                }
        }
 }