summaryrefslogtreecommitdiff
path: root/actions/unsubscribe.php
blob: 570c1700aed6a6de2b555ce9369c202d063ce4cb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?php
/*
 * Laconica - a distributed open-source microblogging tool
 * Copyright (C) 2008, Controlez-Vous, Inc.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

class UnsubscribeAction extends Action {
	
	function handle($args) {
		parent::handle($args);
		if (!common_logged_in()) {
			common_user_error(_('Not logged in.'));
			return;
		}

		$user = common_current_user();

		if ($_SERVER['REQUEST_METHOD'] != 'POST') {
			common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)));
			return;
		}

		# CSRF protection

		$token = $this->trimmed('token');
		
		if (!$token || $token != common_session_token()) {
			$this->client_error(_('There was a problem with your session token. Try again, please.'));
			return;
		}

		$other_nickname = $this->arg('unsubscribeto');
		$other = User::staticGet('nickname', $other_nickname);
		if (!$other) {
			common_user_error(_('No such user.'));
			return;
		}

		if (!$user->isSubscribed($other)) {
			common_server_error(_('Not subscribed!.'));
		}

		$sub = DB_DataObject::factory('subscription');

		$sub->subscriber = $user->id;
		$sub->subscribed = $other->id;

		$sub->find(true);

		// note we checked for existence above

		if (!$sub->delete()) {
			common_server_error(_('Couldn\'t delete subscription.'));
			return;
		}

		common_redirect(common_local_url('subscriptions', array('nickname' =>
																$user->nickname)));
	}
}