summaryrefslogtreecommitdiff
path: root/actions/block.php
diff options
context:
space:
mode:
Diffstat (limited to 'actions/block.php')
-rw-r--r--actions/block.php46
1 files changed, 44 insertions, 2 deletions
diff --git a/actions/block.php b/actions/block.php
index 11565e20c..93f8ec937 100644
--- a/actions/block.php
+++ b/actions/block.php
@@ -87,13 +87,15 @@ class BlockAction extends ProfileFormAction
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
} else {
$this->showPage();
}
+ } else {
+ $this->showPage();
}
}
@@ -118,6 +120,12 @@ class BlockAction extends ProfileFormAction
*/
function areYouSureForm()
{
+ // @fixme if we ajaxify the confirmation form, skip the preview on ajax hits
+ $profile = new ArrayWrapper(array($this->profile));
+ $preview = new ProfileList($profile, $this);
+ $preview->show();
+
+
$id = $this->profile->id;
$this->elementStart('form', array('id' => 'block-' . $id,
'method' => 'post',
@@ -187,4 +195,38 @@ class BlockAction extends ProfileFormAction
$this->autofocus('form_action-yes');
}
+ /**
+ * Override for form session token checks; on our first hit we're just
+ * requesting confirmation, which doesn't need a token. We need to be
+ * able to take regular GET requests from email!
+ *
+ * @throws ClientException if token is bad on POST request or if we have
+ * confirmation parameters which could trigger something.
+ */
+ function checkSessionToken()
+ {
+ if ($_SERVER['REQUEST_METHOD'] == 'POST' ||
+ $this->arg('yes') ||
+ $this->arg('no')) {
+
+ return parent::checkSessionToken();
+ }
+ }
+
+ /**
+ * If we reached this form without returnto arguments, return to the
+ * current user's subscription list.
+ *
+ * @return string URL
+ */
+ function defaultReturnTo()
+ {
+ $user = common_current_user();
+ if ($user) {
+ return common_local_url('subscribers',
+ array('nickname' => $user->nickname));
+ } else {
+ return common_local_url('public');
+ }
+ }
}