summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrion Vibber <brion@pobox.com>2010-05-20 12:46:36 -0700
committerBrion Vibber <brion@pobox.com>2010-05-20 14:24:44 -0700
commit68305d4b6848cec6afe887ee2a5735515060770e (patch)
tree78f0afc0f55aa0900ef7b7454e6bf2f692553475
parent708d22848ecffdb80ca2cd9e5f4a7f84d5ae3189 (diff)
Added block link to subscription notification emails; block action can now take a profile ID on the URL; added profile details to block page so there's an indication of who you're blocking before you pull the trigger.
Fixed typo in RedirectingAction when no return-to data provided in form submission. RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated. More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
-rw-r--r--actions/block.php46
-rw-r--r--actions/deleteuser.php4
-rw-r--r--actions/groupblock.php4
-rw-r--r--lib/mail.php10
-rw-r--r--lib/profileformaction.php13
-rw-r--r--lib/redirectingaction.php9
-rw-r--r--lib/router.php5
-rw-r--r--plugins/UserFlag/clearflag.php2
-rw-r--r--plugins/UserFlag/flagprofile.php2
9 files changed, 79 insertions, 16 deletions
diff --git a/actions/block.php b/actions/block.php
index 7f609c253..239a50868 100644
--- a/actions/block.php
+++ b/actions/block.php
@@ -87,13 +87,15 @@ class BlockAction extends ProfileFormAction
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
} else {
$this->showPage();
}
+ } else {
+ $this->showPage();
}
}
@@ -118,6 +120,12 @@ class BlockAction extends ProfileFormAction
*/
function areYouSureForm()
{
+ // @fixme if we ajaxify the confirmation form, skip the preview on ajax hits
+ $profile = new ArrayWrapper(array($this->profile));
+ $preview = new ProfileList($profile, $this);
+ $preview->show();
+
+
$id = $this->profile->id;
$this->elementStart('form', array('id' => 'block-' . $id,
'method' => 'post',
@@ -175,4 +183,38 @@ class BlockAction extends ProfileFormAction
$this->autofocus('form_action-yes');
}
+ /**
+ * Override for form session token checks; on our first hit we're just
+ * requesting confirmation, which doesn't need a token. We need to be
+ * able to take regular GET requests from email!
+ *
+ * @throws ClientException if token is bad on POST request or if we have
+ * confirmation parameters which could trigger something.
+ */
+ function checkSessionToken()
+ {
+ if ($_SERVER['REQUEST_METHOD'] == 'POST' ||
+ $this->arg('yes') ||
+ $this->arg('no')) {
+
+ return parent::checkSessionToken();
+ }
+ }
+
+ /**
+ * If we reached this form without returnto arguments, return to the
+ * current user's subscription list.
+ *
+ * @return string URL
+ */
+ function defaultReturnTo()
+ {
+ $user = common_current_user();
+ if ($user) {
+ return common_local_url('subscribers',
+ array('nickname' => $user->nickname));
+ } else {
+ return common_local_url('public');
+ }
+ }
}
diff --git a/actions/deleteuser.php b/actions/deleteuser.php
index 42ef4b9f5..c0a8b20e2 100644
--- a/actions/deleteuser.php
+++ b/actions/deleteuser.php
@@ -92,10 +92,10 @@ class DeleteuserAction extends ProfileFormAction
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
} else {
$this->showPage();
}
diff --git a/actions/groupblock.php b/actions/groupblock.php
index fc95c0e66..2e06dc324 100644
--- a/actions/groupblock.php
+++ b/actions/groupblock.php
@@ -117,7 +117,7 @@ class GroupblockAction extends RedirectingAction
parent::handle($args);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->blockProfile();
} elseif ($this->arg('blockto')) {
@@ -195,7 +195,7 @@ class GroupblockAction extends RedirectingAction
return false;
}
- $this->returnToArgs();
+ $this->returnToPrevious();
}
/**
diff --git a/lib/mail.php b/lib/mail.php
index a4065e8d5..ab5742e33 100644
--- a/lib/mail.php
+++ b/lib/mail.php
@@ -245,6 +245,11 @@ function mail_subscribe_notify_profile($listenee, $other)
$other->getBestName(),
common_config('site', 'name'));
+ $blocklink = sprintf(_("If you believe this account is being used abusively, " .
+ "you can block them from your subscribers list and " .
+ "report as spam to site administrators at %s"),
+ common_local_url('block', array('profileid' => $other->id)));
+
// TRANS: Main body of new-subscriber notification e-mail
$body = sprintf(_('%1$s is now listening to your notices on %2$s.'."\n\n".
"\t".'%3$s'."\n\n".
@@ -264,9 +269,10 @@ function mail_subscribe_notify_profile($listenee, $other)
($other->homepage) ?
// TRANS: Profile info line in new-subscriber notification e-mail
sprintf(_("Homepage: %s"), $other->homepage) . "\n" : '',
- ($other->bio) ?
+ (($other->bio) ?
// TRANS: Profile info line in new-subscriber notification e-mail
- sprintf(_("Bio: %s"), $other->bio) . "\n\n" : '',
+ sprintf(_("Bio: %s"), $other->bio) . "\n" : '') .
+ "\n\n" . $blocklink . "\n",
common_config('site', 'name'),
common_local_url('emailsettings'));
diff --git a/lib/profileformaction.php b/lib/profileformaction.php
index 0ffafe5fb..51c89a922 100644
--- a/lib/profileformaction.php
+++ b/lib/profileformaction.php
@@ -60,7 +60,16 @@ class ProfileFormAction extends RedirectingAction
$this->checkSessionToken();
if (!common_logged_in()) {
- $this->clientError(_('Not logged in.'));
+ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $this->clientError(_('Not logged in.'));
+ } else {
+ // Redirect to login.
+ common_set_returnto($this->selfUrl());
+ $user = common_current_user();
+ if (Event::handle('RedirectToLogin', array($this, $user))) {
+ common_redirect(common_local_url('login'), 303);
+ }
+ }
return false;
}
@@ -97,7 +106,7 @@ class ProfileFormAction extends RedirectingAction
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
}
}
diff --git a/lib/redirectingaction.php b/lib/redirectingaction.php
index f11585274..3a358f891 100644
--- a/lib/redirectingaction.php
+++ b/lib/redirectingaction.php
@@ -53,12 +53,13 @@ class RedirectingAction extends Action
*
* To be called only after successful processing.
*
- * @fixme rename this -- it obscures Action::returnToArgs() which
- * returns a list of arguments, and is a bit confusing.
+ * Note: this was named returnToArgs() up through 0.9.2, which
+ * caused problems because there's an Action::returnToArgs()
+ * already which does something different.
*
* @return void
*/
- function returnToArgs()
+ function returnToPrevious()
{
// Now, gotta figure where we go back to
$action = false;
@@ -77,7 +78,7 @@ class RedirectingAction extends Action
if ($action) {
common_redirect(common_local_url($action, $args, $params), 303);
} else {
- $url = $this->defaultReturnToUrl();
+ $url = $this->defaultReturnTo();
}
common_redirect($url, 303);
}
diff --git a/lib/router.php b/lib/router.php
index a9d07276f..afe44f92a 100644
--- a/lib/router.php
+++ b/lib/router.php
@@ -136,6 +136,11 @@ class Router
$m->connect('main/'.$a, array('action' => $a));
}
+ // Also need a block variant accepting ID on URL for mail links
+ $m->connect('main/block/:profileid',
+ array('action' => 'block'),
+ array('profileid' => '[0-9]+'));
+
$m->connect('main/sup/:seconds', array('action' => 'sup'),
array('seconds' => '[0-9]+'));
diff --git a/plugins/UserFlag/clearflag.php b/plugins/UserFlag/clearflag.php
index bd6732e2d..f032527ed 100644
--- a/plugins/UserFlag/clearflag.php
+++ b/plugins/UserFlag/clearflag.php
@@ -81,7 +81,7 @@ class ClearflagAction extends ProfileFormAction
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
if (!$this->boolean('ajax')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
}
}
}
diff --git a/plugins/UserFlag/flagprofile.php b/plugins/UserFlag/flagprofile.php
index 2d0f0abb9..018c1e8ac 100644
--- a/plugins/UserFlag/flagprofile.php
+++ b/plugins/UserFlag/flagprofile.php
@@ -87,7 +87,7 @@ class FlagprofileAction extends ProfileFormAction
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
if (!$this->boolean('ajax')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
}
}
}