block.php 7.05 KB
Newer Older
1
<?php
Robin Millette's avatar
Robin Millette committed
2 3 4 5 6 7
/**
 * Block a user action class.
 *
 * PHP version 5
 *
 * @category Action
8
 * @package  StatusNet
9 10
 * @author   Evan Prodromou <evan@status.net>
 * @author   Robin Millette <millette@status.net>
Robin Millette's avatar
Robin Millette committed
11
 * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
12
 * @link     http://status.net/
Robin Millette's avatar
Robin Millette committed
13
 *
14
 * StatusNet - the distributed open-source microblogging tool
15
 * Copyright (C) 2008, 2009, StatusNet, Inc.
16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

31
if (!defined('STATUSNET') && !defined('LACONICA')) {
Robin Millette's avatar
Robin Millette committed
32 33
    exit(1);
}
34

Robin Millette's avatar
Robin Millette committed
35 36 37 38
/**
 * Block a user action class.
 *
 * @category Action
39
 * @package  StatusNet
40 41
 * @author   Evan Prodromou <evan@status.net>
 * @author   Robin Millette <millette@status.net>
Robin Millette's avatar
Robin Millette committed
42
 * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
43
 * @link     http://status.net/
Robin Millette's avatar
Robin Millette committed
44
 */
45
class BlockAction extends ProfileFormAction
46
{
Evan Prodromou's avatar
Evan Prodromou committed
47
    var $profile = null;
48

Robin Millette's avatar
Robin Millette committed
49 50 51 52 53 54 55
    /**
     * Take arguments for running
     *
     * @param array $args $_REQUEST args
     *
     * @return boolean success flag
     */
56 57
    function prepare($args)
    {
58
        if (!parent::prepare($args)) {
59 60
            return false;
        }
61 62 63 64 65 66

        $cur = common_current_user();

        assert(!empty($cur)); // checked by parent

        if ($cur->hasBlocked($this->profile)) {
Siebrand Mazeland's avatar
Siebrand Mazeland committed
67
            // TRANS: Client error displayed when blocking a user that has already been blocked.
68
            $this->clientError(_('You already blocked that user.'));
69
        }
70

71
        return true;
72 73
    }

Robin Millette's avatar
Robin Millette committed
74 75 76 77 78 79 80
    /**
     * Handle request
     *
     * @param array $args $_REQUEST args; handled in prepare()
     *
     * @return void
     */
81 82
    function handle($args)
    {
83
        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
Robin Millette's avatar
Robin Millette committed
84
            if ($this->arg('no')) {
85
                $this->returnToPrevious();
Robin Millette's avatar
Robin Millette committed
86
            } elseif ($this->arg('yes')) {
87
                $this->handlePost();
88
                $this->returnToPrevious();
89
            } else {
Robin Millette's avatar
Robin Millette committed
90
                $this->showPage();
91
            }
92 93
        } else {
            $this->showPage();
94 95 96
        }
    }

Robin Millette's avatar
Robin Millette committed
97 98 99 100 101
    function showContent() {
        $this->areYouSureForm();
    }

    function title() {
Siebrand Mazeland's avatar
Siebrand Mazeland committed
102
        // TRANS: Title for block user page.
Robin Millette's avatar
Robin Millette committed
103 104
        return _('Block user');
    }
105

Robin Millette's avatar
Robin Millette committed
106 107 108 109
    function showNoticeForm() {
        // nop
    }

Robin Millette's avatar
Robin Millette committed
110 111 112 113 114 115 116 117
    /**
     * Confirm with user.
     *
     * Shows a confirmation form.
     *
     * @return void
     */
    function areYouSureForm()
118
    {
119 120 121 122 123 124
        // @fixme if we ajaxify the confirmation form, skip the preview on ajax hits
        $profile = new ArrayWrapper(array($this->profile));
        $preview = new ProfileList($profile, $this);
        $preview->show();


125
        $id = $this->profile->id;
126 127 128 129 130 131
        $this->elementStart('form', array('id' => 'block-' . $id,
                                           'method' => 'post',
                                           'class' => 'form_settings form_entity_block',
                                           'action' => common_local_url('block')));
        $this->elementStart('fieldset');
        $this->hidden('token', common_session_token());
Siebrand Mazeland's avatar
Siebrand Mazeland committed
132
        // TRANS: Legend for block user form.
133
        $this->element('legend', _('Block user'));
134
        $this->element('p', null,
Siebrand Mazeland's avatar
Siebrand Mazeland committed
135
                       // TRANS: Explanation of consequences when blocking a user on the block user page.
136 137 138 139
                       _('Are you sure you want to block this user? '.
                         'Afterwards, they will be unsubscribed from you, '.
                         'unable to subscribe to you in the future, and '.
                         'you will not be notified of any @-replies from them.'));
140
        $this->element('input', array('id' => 'blockto-' . $id,
141
                                      'name' => 'profileid',
142 143
                                      'type' => 'hidden',
                                      'value' => $id));
144 145
        foreach ($this->args as $k => $v) {
            if (substr($k, 0, 9) == 'returnto-') {
146
                $this->hidden($k, $v);
147 148
            }
        }
149 150 151 152 153 154
        $this->submit('form_action-no',
                      // TRANS: Button label on the user block form.
                      _m('BUTTON','No'),
                      'submit form_action-primary',
                      'no',
                      // TRANS: Submit button title for 'No' when blocking a user.
155
                      _('Do not block this user.'));
156 157 158 159 160 161
        $this->submit('form_action-yes',
                      // TRANS: Button label on the user block form.
                      _m('BUTTON','Yes'),
                      'submit form_action-secondary',
                      'yes',
                      // TRANS: Submit button title for 'Yes' when blocking a user.
162
                      _('Block this user.'));
163
        $this->elementEnd('fieldset');
164
        $this->elementEnd('form');
165 166
    }

Robin Millette's avatar
Robin Millette committed
167 168 169 170 171
    /**
     * Actually block a user.
     *
     * @return void
     */
172 173

    function handlePost()
174
    {
175 176
        $cur = common_current_user();

177 178 179 180 181 182
        if (Event::handle('StartBlockProfile', array($cur, $this->profile))) {
            $result = $cur->block($this->profile);
            if ($result) {
                Event::handle('EndBlockProfile', array($cur, $this->profile));
            }
        }
183

184
        if (!$result) {
Siebrand Mazeland's avatar
Siebrand Mazeland committed
185
            // TRANS: Server error displayed when blocking a user fails.
186
            $this->serverError(_('Failed to save block information.'));
187 188
        }
    }
189 190 191 192 193 194 195

    function showScripts()
    {
        parent::showScripts();
        $this->autofocus('form_action-yes');
    }

196 197 198 199
    /**
     * Override for form session token checks; on our first hit we're just
     * requesting confirmation, which doesn't need a token. We need to be
     * able to take regular GET requests from email!
Siebrand Mazeland's avatar
Siebrand Mazeland committed
200
     *
201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216
     * @throws ClientException if token is bad on POST request or if we have
     *         confirmation parameters which could trigger something.
     */
    function checkSessionToken()
    {
        if ($_SERVER['REQUEST_METHOD'] == 'POST' ||
            $this->arg('yes') ||
            $this->arg('no')) {

            return parent::checkSessionToken();
        }
    }

    /**
     * If we reached this form without returnto arguments, return to the
     * current user's subscription list.
Siebrand Mazeland's avatar
Siebrand Mazeland committed
217
     *
218 219 220 221 222 223 224 225 226 227 228 229
     * @return string URL
     */
    function defaultReturnTo()
    {
        $user = common_current_user();
        if ($user) {
            return common_local_url('subscribers',
                                    array('nickname' => $user->nickname));
        } else {
            return common_local_url('public');
        }
    }
230
}