Added block link to subscription notification emails; block action can now take a profile ID on the URL; added profile details to block page so there's an indication of who you're blocking before you pull the trigger.
Fixed typo in RedirectingAction when no return-to data provided in form submission. RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated. More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
This commit is contained in:
parent
708d22848e
commit
68305d4b68
|
@ -87,13 +87,15 @@ class BlockAction extends ProfileFormAction
|
||||||
{
|
{
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
if ($this->arg('no')) {
|
if ($this->arg('no')) {
|
||||||
$this->returnToArgs();
|
$this->returnToPrevious();
|
||||||
} elseif ($this->arg('yes')) {
|
} elseif ($this->arg('yes')) {
|
||||||
$this->handlePost();
|
$this->handlePost();
|
||||||
$this->returnToArgs();
|
$this->returnToPrevious();
|
||||||
} else {
|
} else {
|
||||||
$this->showPage();
|
$this->showPage();
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
$this->showPage();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -118,6 +120,12 @@ class BlockAction extends ProfileFormAction
|
||||||
*/
|
*/
|
||||||
function areYouSureForm()
|
function areYouSureForm()
|
||||||
{
|
{
|
||||||
|
// @fixme if we ajaxify the confirmation form, skip the preview on ajax hits
|
||||||
|
$profile = new ArrayWrapper(array($this->profile));
|
||||||
|
$preview = new ProfileList($profile, $this);
|
||||||
|
$preview->show();
|
||||||
|
|
||||||
|
|
||||||
$id = $this->profile->id;
|
$id = $this->profile->id;
|
||||||
$this->elementStart('form', array('id' => 'block-' . $id,
|
$this->elementStart('form', array('id' => 'block-' . $id,
|
||||||
'method' => 'post',
|
'method' => 'post',
|
||||||
|
@ -175,4 +183,38 @@ class BlockAction extends ProfileFormAction
|
||||||
$this->autofocus('form_action-yes');
|
$this->autofocus('form_action-yes');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Override for form session token checks; on our first hit we're just
|
||||||
|
* requesting confirmation, which doesn't need a token. We need to be
|
||||||
|
* able to take regular GET requests from email!
|
||||||
|
*
|
||||||
|
* @throws ClientException if token is bad on POST request or if we have
|
||||||
|
* confirmation parameters which could trigger something.
|
||||||
|
*/
|
||||||
|
function checkSessionToken()
|
||||||
|
{
|
||||||
|
if ($_SERVER['REQUEST_METHOD'] == 'POST' ||
|
||||||
|
$this->arg('yes') ||
|
||||||
|
$this->arg('no')) {
|
||||||
|
|
||||||
|
return parent::checkSessionToken();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* If we reached this form without returnto arguments, return to the
|
||||||
|
* current user's subscription list.
|
||||||
|
*
|
||||||
|
* @return string URL
|
||||||
|
*/
|
||||||
|
function defaultReturnTo()
|
||||||
|
{
|
||||||
|
$user = common_current_user();
|
||||||
|
if ($user) {
|
||||||
|
return common_local_url('subscribers',
|
||||||
|
array('nickname' => $user->nickname));
|
||||||
|
} else {
|
||||||
|
return common_local_url('public');
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -92,10 +92,10 @@ class DeleteuserAction extends ProfileFormAction
|
||||||
{
|
{
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
if ($this->arg('no')) {
|
if ($this->arg('no')) {
|
||||||
$this->returnToArgs();
|
$this->returnToPrevious();
|
||||||
} elseif ($this->arg('yes')) {
|
} elseif ($this->arg('yes')) {
|
||||||
$this->handlePost();
|
$this->handlePost();
|
||||||
$this->returnToArgs();
|
$this->returnToPrevious();
|
||||||
} else {
|
} else {
|
||||||
$this->showPage();
|
$this->showPage();
|
||||||
}
|
}
|
||||||
|
|
|
@ -117,7 +117,7 @@ class GroupblockAction extends RedirectingAction
|
||||||
parent::handle($args);
|
parent::handle($args);
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
if ($this->arg('no')) {
|
if ($this->arg('no')) {
|
||||||
$this->returnToArgs();
|
$this->returnToPrevious();
|
||||||
} elseif ($this->arg('yes')) {
|
} elseif ($this->arg('yes')) {
|
||||||
$this->blockProfile();
|
$this->blockProfile();
|
||||||
} elseif ($this->arg('blockto')) {
|
} elseif ($this->arg('blockto')) {
|
||||||
|
@ -195,7 +195,7 @@ class GroupblockAction extends RedirectingAction
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->returnToArgs();
|
$this->returnToPrevious();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
10
lib/mail.php
10
lib/mail.php
|
@ -245,6 +245,11 @@ function mail_subscribe_notify_profile($listenee, $other)
|
||||||
$other->getBestName(),
|
$other->getBestName(),
|
||||||
common_config('site', 'name'));
|
common_config('site', 'name'));
|
||||||
|
|
||||||
|
$blocklink = sprintf(_("If you believe this account is being used abusively, " .
|
||||||
|
"you can block them from your subscribers list and " .
|
||||||
|
"report as spam to site administrators at %s"),
|
||||||
|
common_local_url('block', array('profileid' => $other->id)));
|
||||||
|
|
||||||
// TRANS: Main body of new-subscriber notification e-mail
|
// TRANS: Main body of new-subscriber notification e-mail
|
||||||
$body = sprintf(_('%1$s is now listening to your notices on %2$s.'."\n\n".
|
$body = sprintf(_('%1$s is now listening to your notices on %2$s.'."\n\n".
|
||||||
"\t".'%3$s'."\n\n".
|
"\t".'%3$s'."\n\n".
|
||||||
|
@ -264,9 +269,10 @@ function mail_subscribe_notify_profile($listenee, $other)
|
||||||
($other->homepage) ?
|
($other->homepage) ?
|
||||||
// TRANS: Profile info line in new-subscriber notification e-mail
|
// TRANS: Profile info line in new-subscriber notification e-mail
|
||||||
sprintf(_("Homepage: %s"), $other->homepage) . "\n" : '',
|
sprintf(_("Homepage: %s"), $other->homepage) . "\n" : '',
|
||||||
($other->bio) ?
|
(($other->bio) ?
|
||||||
// TRANS: Profile info line in new-subscriber notification e-mail
|
// TRANS: Profile info line in new-subscriber notification e-mail
|
||||||
sprintf(_("Bio: %s"), $other->bio) . "\n\n" : '',
|
sprintf(_("Bio: %s"), $other->bio) . "\n" : '') .
|
||||||
|
"\n\n" . $blocklink . "\n",
|
||||||
common_config('site', 'name'),
|
common_config('site', 'name'),
|
||||||
common_local_url('emailsettings'));
|
common_local_url('emailsettings'));
|
||||||
|
|
||||||
|
|
|
@ -60,7 +60,16 @@ class ProfileFormAction extends RedirectingAction
|
||||||
$this->checkSessionToken();
|
$this->checkSessionToken();
|
||||||
|
|
||||||
if (!common_logged_in()) {
|
if (!common_logged_in()) {
|
||||||
$this->clientError(_('Not logged in.'));
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
|
$this->clientError(_('Not logged in.'));
|
||||||
|
} else {
|
||||||
|
// Redirect to login.
|
||||||
|
common_set_returnto($this->selfUrl());
|
||||||
|
$user = common_current_user();
|
||||||
|
if (Event::handle('RedirectToLogin', array($this, $user))) {
|
||||||
|
common_redirect(common_local_url('login'), 303);
|
||||||
|
}
|
||||||
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -97,7 +106,7 @@ class ProfileFormAction extends RedirectingAction
|
||||||
|
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
$this->handlePost();
|
$this->handlePost();
|
||||||
$this->returnToArgs();
|
$this->returnToPrevious();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -53,12 +53,13 @@ class RedirectingAction extends Action
|
||||||
*
|
*
|
||||||
* To be called only after successful processing.
|
* To be called only after successful processing.
|
||||||
*
|
*
|
||||||
* @fixme rename this -- it obscures Action::returnToArgs() which
|
* Note: this was named returnToArgs() up through 0.9.2, which
|
||||||
* returns a list of arguments, and is a bit confusing.
|
* caused problems because there's an Action::returnToArgs()
|
||||||
|
* already which does something different.
|
||||||
*
|
*
|
||||||
* @return void
|
* @return void
|
||||||
*/
|
*/
|
||||||
function returnToArgs()
|
function returnToPrevious()
|
||||||
{
|
{
|
||||||
// Now, gotta figure where we go back to
|
// Now, gotta figure where we go back to
|
||||||
$action = false;
|
$action = false;
|
||||||
|
@ -77,7 +78,7 @@ class RedirectingAction extends Action
|
||||||
if ($action) {
|
if ($action) {
|
||||||
common_redirect(common_local_url($action, $args, $params), 303);
|
common_redirect(common_local_url($action, $args, $params), 303);
|
||||||
} else {
|
} else {
|
||||||
$url = $this->defaultReturnToUrl();
|
$url = $this->defaultReturnTo();
|
||||||
}
|
}
|
||||||
common_redirect($url, 303);
|
common_redirect($url, 303);
|
||||||
}
|
}
|
||||||
|
|
|
@ -136,6 +136,11 @@ class Router
|
||||||
$m->connect('main/'.$a, array('action' => $a));
|
$m->connect('main/'.$a, array('action' => $a));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Also need a block variant accepting ID on URL for mail links
|
||||||
|
$m->connect('main/block/:profileid',
|
||||||
|
array('action' => 'block'),
|
||||||
|
array('profileid' => '[0-9]+'));
|
||||||
|
|
||||||
$m->connect('main/sup/:seconds', array('action' => 'sup'),
|
$m->connect('main/sup/:seconds', array('action' => 'sup'),
|
||||||
array('seconds' => '[0-9]+'));
|
array('seconds' => '[0-9]+'));
|
||||||
|
|
||||||
|
|
|
@ -81,7 +81,7 @@ class ClearflagAction extends ProfileFormAction
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
$this->handlePost();
|
$this->handlePost();
|
||||||
if (!$this->boolean('ajax')) {
|
if (!$this->boolean('ajax')) {
|
||||||
$this->returnToArgs();
|
$this->returnToPrevious();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -87,7 +87,7 @@ class FlagprofileAction extends ProfileFormAction
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
$this->handlePost();
|
$this->handlePost();
|
||||||
if (!$this->boolean('ajax')) {
|
if (!$this->boolean('ajax')) {
|
||||||
$this->returnToArgs();
|
$this->returnToPrevious();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user