summaryrefslogtreecommitdiff
path: root/actions/apiblockcreate.php
diff options
context:
space:
mode:
authorZach Copley <zach@status.net>2009-12-03 17:06:58 -0800
committerZach Copley <zach@status.net>2009-12-03 17:06:58 -0800
commitaef4cc0a59276938f0f0aec4d67374f578f2117a (patch)
tree46b429f939a680926fc01fe2defed6e037985ec9 /actions/apiblockcreate.php
parentc89b10ffe4adb1df724b6a7c5c31b42c7dd3376b (diff)
Make it impossible to block (and thus unsubscribe from your
self-subscription) via the API. Additionally, make it impossible to block yourself or unsubscribe from yourself, period. I also made User use the subs.php helper function for unsubscribing during a block. Hopefully, these changes will get rid of the problem of people accidentally deleting their self-subscriptions once and for all (knock on wood).
Diffstat (limited to 'actions/apiblockcreate.php')
-rw-r--r--actions/apiblockcreate.php11
1 files changed, 11 insertions, 0 deletions
diff --git a/actions/apiblockcreate.php b/actions/apiblockcreate.php
index 4f941f6c3..e79dec32d 100644
--- a/actions/apiblockcreate.php
+++ b/actions/apiblockcreate.php
@@ -98,6 +98,17 @@ class ApiBlockCreateAction extends ApiAuthAction
return;
}
+ // Don't allow blocking yourself!
+
+ if ($this->user->id == $this->other->id) {
+ $this->clientError(
+ _("You cannot block yourself!"),
+ 403,
+ $this->format
+ );
+ return;
+ }
+
if ($this->user->hasBlocked($this->other)
|| $this->user->block($this->other)
) {