block.php 7.15 KB
Newer Older
1
<?php
Robin Millette's avatar
Robin Millette committed
2 3 4 5 6 7
/**
 * Block a user action class.
 *
 * PHP version 5
 *
 * @category Action
8
 * @package  StatusNet
9 10
 * @author   Evan Prodromou <evan@status.net>
 * @author   Robin Millette <millette@status.net>
Robin Millette's avatar
Robin Millette committed
11
 * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
12
 * @link     http://status.net/
Robin Millette's avatar
Robin Millette committed
13
 *
14
 * StatusNet - the distributed open-source microblogging tool
15
 * Copyright (C) 2008, 2009, StatusNet, Inc.
16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

31
if (!defined('STATUSNET') && !defined('LACONICA')) {
Robin Millette's avatar
Robin Millette committed
32 33
    exit(1);
}
34

Robin Millette's avatar
Robin Millette committed
35 36 37 38
/**
 * Block a user action class.
 *
 * @category Action
39
 * @package  StatusNet
40 41
 * @author   Evan Prodromou <evan@status.net>
 * @author   Robin Millette <millette@status.net>
Robin Millette's avatar
Robin Millette committed
42
 * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
43
 * @link     http://status.net/
Robin Millette's avatar
Robin Millette committed
44
 */
45
class BlockAction extends ProfileFormAction
46
{
Evan Prodromou's avatar
Evan Prodromou committed
47
    var $profile = null;
48

Robin Millette's avatar
Robin Millette committed
49 50 51 52 53 54 55
    /**
     * Take arguments for running
     *
     * @param array $args $_REQUEST args
     *
     * @return boolean success flag
     */
56 57
    function prepare($args)
    {
58
        if (!parent::prepare($args)) {
59 60
            return false;
        }
61 62 63 64 65 66

        $cur = common_current_user();

        assert(!empty($cur)); // checked by parent

        if ($cur->hasBlocked($this->profile)) {
Siebrand Mazeland's avatar
Siebrand Mazeland committed
67
            // TRANS: Client error displayed when blocking a user that has already been blocked.
68
            $this->clientError(_('You already blocked that user.'));
69 70
            return false;
        }
71

72
        return true;
73 74
    }

Robin Millette's avatar
Robin Millette committed
75 76 77 78 79 80 81 82 83
    /**
     * Handle request
     *
     * Shows a page with list of favorite notices
     *
     * @param array $args $_REQUEST args; handled in prepare()
     *
     * @return void
     */
84 85
    function handle($args)
    {
86
        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
Robin Millette's avatar
Robin Millette committed
87
            if ($this->arg('no')) {
88
                $this->returnToPrevious();
Robin Millette's avatar
Robin Millette committed
89
            } elseif ($this->arg('yes')) {
90
                $this->handlePost();
91
                $this->returnToPrevious();
92
            } else {
Robin Millette's avatar
Robin Millette committed
93
                $this->showPage();
94
            }
95 96
        } else {
            $this->showPage();
97 98 99
        }
    }

Robin Millette's avatar
Robin Millette committed
100 101 102 103 104
    function showContent() {
        $this->areYouSureForm();
    }

    function title() {
Siebrand Mazeland's avatar
Siebrand Mazeland committed
105
        // TRANS: Title for block user page.
Robin Millette's avatar
Robin Millette committed
106 107
        return _('Block user');
    }
108

Robin Millette's avatar
Robin Millette committed
109 110 111 112
    function showNoticeForm() {
        // nop
    }

Robin Millette's avatar
Robin Millette committed
113 114 115 116 117 118 119 120
    /**
     * Confirm with user.
     *
     * Shows a confirmation form.
     *
     * @return void
     */
    function areYouSureForm()
121
    {
122 123 124 125 126 127
        // @fixme if we ajaxify the confirmation form, skip the preview on ajax hits
        $profile = new ArrayWrapper(array($this->profile));
        $preview = new ProfileList($profile, $this);
        $preview->show();


128
        $id = $this->profile->id;
129 130 131 132 133 134
        $this->elementStart('form', array('id' => 'block-' . $id,
                                           'method' => 'post',
                                           'class' => 'form_settings form_entity_block',
                                           'action' => common_local_url('block')));
        $this->elementStart('fieldset');
        $this->hidden('token', common_session_token());
Siebrand Mazeland's avatar
Siebrand Mazeland committed
135
        // TRANS: Legend for block user form.
136
        $this->element('legend', _('Block user'));
137
        $this->element('p', null,
Siebrand Mazeland's avatar
Siebrand Mazeland committed
138
                       // TRANS: Explanation of consequences when blocking a user on the block user page.
139 140 141 142
                       _('Are you sure you want to block this user? '.
                         'Afterwards, they will be unsubscribed from you, '.
                         'unable to subscribe to you in the future, and '.
                         'you will not be notified of any @-replies from them.'));
143
        $this->element('input', array('id' => 'blockto-' . $id,
144
                                      'name' => 'profileid',
145 146
                                      'type' => 'hidden',
                                      'value' => $id));
147 148
        foreach ($this->args as $k => $v) {
            if (substr($k, 0, 9) == 'returnto-') {
149
                $this->hidden($k, $v);
150 151
            }
        }
152 153 154 155 156 157
        $this->submit('form_action-no',
                      // TRANS: Button label on the user block form.
                      _m('BUTTON','No'),
                      'submit form_action-primary',
                      'no',
                      // TRANS: Submit button title for 'No' when blocking a user.
158
                      _('Do not block this user.'));
159 160 161 162 163 164
        $this->submit('form_action-yes',
                      // TRANS: Button label on the user block form.
                      _m('BUTTON','Yes'),
                      'submit form_action-secondary',
                      'yes',
                      // TRANS: Submit button title for 'Yes' when blocking a user.
165
                      _('Block this user.'));
166
        $this->elementEnd('fieldset');
167
        $this->elementEnd('form');
168 169
    }

Robin Millette's avatar
Robin Millette committed
170 171 172 173 174
    /**
     * Actually block a user.
     *
     * @return void
     */
175 176

    function handlePost()
177
    {
178 179
        $cur = common_current_user();

Evan Prodromou's avatar
Evan Prodromou committed
180 181 182 183 184 185
        if (Event::handle('StartBlockProfile', array($cur, $this->profile))) {
            $result = $cur->block($this->profile);
            if ($result) {
                Event::handle('EndBlockProfile', array($cur, $this->profile));
            }
        }
186

187
        if (!$result) {
Siebrand Mazeland's avatar
Siebrand Mazeland committed
188
            // TRANS: Server error displayed when blocking a user fails.
189
            $this->serverError(_('Failed to save block information.'));
190 191 192
            return;
        }
    }
193 194 195 196 197 198 199

    function showScripts()
    {
        parent::showScripts();
        $this->autofocus('form_action-yes');
    }

200 201 202 203
    /**
     * Override for form session token checks; on our first hit we're just
     * requesting confirmation, which doesn't need a token. We need to be
     * able to take regular GET requests from email!
Siebrand Mazeland's avatar
Siebrand Mazeland committed
204
     *
205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220
     * @throws ClientException if token is bad on POST request or if we have
     *         confirmation parameters which could trigger something.
     */
    function checkSessionToken()
    {
        if ($_SERVER['REQUEST_METHOD'] == 'POST' ||
            $this->arg('yes') ||
            $this->arg('no')) {

            return parent::checkSessionToken();
        }
    }

    /**
     * If we reached this form without returnto arguments, return to the
     * current user's subscription list.
Siebrand Mazeland's avatar
Siebrand Mazeland committed
221
     *
222 223 224 225 226 227 228 229 230 231 232 233
     * @return string URL
     */
    function defaultReturnTo()
    {
        $user = common_current_user();
        if ($user) {
            return common_local_url('subscribers',
                                    array('nickname' => $user->nickname));
        } else {
            return common_local_url('public');
        }
    }
234
}