diff options
| author | Evan Prodromou <evan@controlyourself.ca> | 2009-08-20 17:13:40 -0400 |
|---|---|---|
| committer | Evan Prodromou <evan@controlyourself.ca> | 2009-08-20 17:13:40 -0400 |
| commit | 4b2aa517501037e86e4a3c3bad3f363dcf8a26c6 (patch) | |
| tree | df144b5bd3aeb9bfc91c5c4be6bd75a71f1dbd4a /actions/unsubscribe.php | |
| parent | 8f122dd71efcc54b820629bc4c39efe91b8e8726 (diff) | |
| parent | b0bb1fff2e79a01b2fa2eece79d2c644860bbb97 (diff) | |
Merge branch '0.9.x' of git@gitorious.org:laconica/mainline into 0.9.x
Diffstat (limited to 'actions/unsubscribe.php')
| -rw-r--r-- | actions/unsubscribe.php | 41 |
1 files changed, 34 insertions, 7 deletions
diff --git a/actions/unsubscribe.php b/actions/unsubscribe.php index 19275041a..46fbcf657 100644 --- a/actions/unsubscribe.php +++ b/actions/unsubscribe.php @@ -1,5 +1,16 @@ <?php -/* +/** + * Unsubscribe handler + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, 2009, Control Yourself, Inc. * @@ -17,6 +28,20 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Unsubscribe handler + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ class UnsubscribeAction extends Action { @@ -31,16 +56,18 @@ class UnsubscribeAction extends Action $user = common_current_user(); if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); + common_redirect(common_local_url('subscriptions', + array('nickname' => $user->nickname))); return; } - # CSRF protection + /* Use a session token for CSRF protection. */ $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { - $this->clientError(_('There was a problem with your session token. Try again, please.')); + $this->clientError(_('There was a problem with your session token. ' . + 'Try again, please.')); return; } @@ -53,7 +80,7 @@ class UnsubscribeAction extends Action $other = Profile::staticGet('id', $other_id); - if (!$other_id) { + if (!$other) { $this->clientError(_('No profile with that id.')); return; } @@ -76,8 +103,8 @@ class UnsubscribeAction extends Action $this->elementEnd('body'); $this->elementEnd('html'); } else { - common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname)), + common_redirect(common_local_url('subscriptions', + array('nickname' => $user->nickname)), 303); } } |