diff options
author | Zach Copley <zach@status.net> | 2009-12-03 17:06:58 -0800 |
---|---|---|
committer | Zach Copley <zach@status.net> | 2009-12-03 17:06:58 -0800 |
commit | aef4cc0a59276938f0f0aec4d67374f578f2117a (patch) | |
tree | 46b429f939a680926fc01fe2defed6e037985ec9 /actions/apiblockcreate.php | |
parent | c89b10ffe4adb1df724b6a7c5c31b42c7dd3376b (diff) |
Make it impossible to block (and thus unsubscribe from your
self-subscription) via the API. Additionally, make it impossible
to block yourself or unsubscribe from yourself, period.
I also made User use the subs.php helper function for unsubscribing
during a block.
Hopefully, these changes will get rid of the problem of people
accidentally deleting their self-subscriptions once and for all
(knock on wood).
Diffstat (limited to 'actions/apiblockcreate.php')
-rw-r--r-- | actions/apiblockcreate.php | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/actions/apiblockcreate.php b/actions/apiblockcreate.php index 4f941f6c3..e79dec32d 100644 --- a/actions/apiblockcreate.php +++ b/actions/apiblockcreate.php @@ -98,6 +98,17 @@ class ApiBlockCreateAction extends ApiAuthAction return; } + // Don't allow blocking yourself! + + if ($this->user->id == $this->other->id) { + $this->clientError( + _("You cannot block yourself!"), + 403, + $this->format + ); + return; + } + if ($this->user->hasBlocked($this->other) || $this->user->block($this->other) ) { |