From 9b4df5056f2dba6b6fa7ac392c2114fd3c1400a0 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 8 Dec 2008 00:55:11 -0500 Subject: [PATCH] add block form to subscribers list and profile page I added a small form for blocking users to profiles in the profile list, and also to the profile page. I also added an action to handle the results of blocking someone. This required some changes to the profile list class (so I could add the block form), so I made them. And the gallery class lets its subclasses return a subclass of ProfileList for their profile list. darcs-hash:20081208055511-5ed1f-e2e09986bd3b9cbb6a00a0c6b94f49ea78b7bdab.gz --- actions/block.php | 146 ++++++++++++++++++++++++++++++++++++++ actions/showstream.php | 6 ++ actions/subscribers.php | 12 +++- actions/subscriptions.php | 11 +++ lib/gallery.php | 57 ++++++++------- lib/profilelist.php | 13 +++- lib/util.php | 17 +++++ 7 files changed, 233 insertions(+), 29 deletions(-) create mode 100644 actions/block.php diff --git a/actions/block.php b/actions/block.php new file mode 100644 index 0000000000..a9fcfb49c5 --- /dev/null +++ b/actions/block.php @@ -0,0 +1,146 @@ +. + */ + +if (!defined('LACONICA')) { exit(1); } + +class BlockAction extends Action { + + var $profile = NULL; + + function prepare($args) { + + parent::prepare($args); + + if (!common_logged_in()) { + $this->client_error(_('Not logged in.')); + return false; + } + + $token = $this->trimmed('token'); + + if (!$token || $token != common_session_token()) { + $this->client_error(_('There was a problem with your session token. Try again, please.')); + return; + } + + $id = $this->trimmed('blockto'); + + if (!$id) { + $this->client_error(_('No profile specified.')); + return false; + } + + $this->profile = Profile::staticGet('id', $id); + + if (!$this->profile) { + $this->client_error(_('No profile with that ID.')); + return false; + } + } + + function handle($args=NULL) { + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + if ($this->arg('block')) { + $this->are_you_sure_form(); + } else if ($this->arg('no')) { + $cur = common_current_user(); + common_redirect(common_local_url('subscribers', + array('nickname' => $cur->nickname))); + } else if ($this->arg('yes')) { + $this->block_profile(); + } + } + } + + function are_you_sure_form() { + + $id = $this->profile->id; + + common_element_start('p', NULL, + _('Are you sure you want to block this user? '. + 'Afterwards, they will be unsubscribed from you, '. + 'unable to subscribe to you in the future, and '. + 'you will not be notified of any @-replies from them.')); + + common_element_start('form', array('id' => 'block-' . $id, + 'method' => 'post', + 'class' => 'block', + 'action' => common_local_url('block'))); + + common_hidden('token', common_session_token()); + + common_element('input', array('id' => 'blockto-' . $id, + 'name' => 'blockto', + 'type' => 'hidden', + 'value' => $id)); + + common_submit('no', _('No')); + common_submit('yes', _('Yes')); + + common_element_end('form'); + } + + function block_profile() { + + $cur = common_current_user(); + + if ($cur->hasBlocked($this->profile)) { + $this->client_error(_('You have already blocked this user.')); + return; + } + + # Add a new block record + + $block = new Profile_block(); + + # Begin a transaction + + $block->query('BEGIN'); + + $block->blocker = $cur->id; + $block->blocked = $this->profile->id; + + $result = $block->insert(); + + if (!$result) { + common_log_db_error($block, 'INSERT', __FILE__); + $this->server_error(_('Could not save new block record.')); + return; + } + + # Cancel their subscription, if it exists + + $sub = Subscription::pkeyGet(array('subscriber' => $this->profile->id, + 'subscribed' => $cur->id)); + + if ($sub) { + $result = $sub->delete(); + if (!$result) { + common_log_db_error($sub, 'DELETE', __FILE__); + $this->server_error(_('Could not delete subscription.')); + return; + } + } + + $block->query('COMMIT'); + + common_redirect(common_local_url('subscribers', + array('nickname' => $cur->nickname))); + } +} diff --git a/actions/showstream.php b/actions/showstream.php index bd1b8a7de3..e12a227e3b 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -202,6 +202,12 @@ class ShowstreamAction extends StreamAction { $user = User::staticGet('id', $profile->id); common_profile_new_message_nudge($cur, $user, $profile); + if ($cur) { + common_element_start('li', array('id' => 'profile_block')); + common_block_form($profile); + common_element_end('li'); + } + common_element_end('ul'); common_element_end('div'); diff --git a/actions/subscribers.php b/actions/subscribers.php index 2e37e03156..253d8440d8 100644 --- a/actions/subscribers.php +++ b/actions/subscribers.php @@ -47,4 +47,14 @@ class SubscribersAction extends GalleryAction { function get_other(&$subs) { return $subs->subscriber; } -} \ No newline at end of file + + function profile_list_class() { + return 'SubscribersList'; + } +} + +class SubscribersList extends ProfileList { + function show_owner_controls($profile) { + common_block_form($profile); + } +} diff --git a/actions/subscriptions.php b/actions/subscriptions.php index aebfa22e83..3b16590d6b 100644 --- a/actions/subscriptions.php +++ b/actions/subscriptions.php @@ -47,4 +47,15 @@ class SubscriptionsAction extends GalleryAction { function get_other(&$subs) { return $subs->subscribed; } + + function profile_list_class() { + return 'SubscriptionsList'; + } +} + +class SubscriptionsList extends ProfileList { + + function show_owner_controls() { + return; + } } diff --git a/lib/gallery.php b/lib/gallery.php index 886b6b9e88..bd77b587c3 100644 --- a/lib/gallery.php +++ b/lib/gallery.php @@ -36,7 +36,7 @@ class GalleryAction extends Action { parent::handle($args); # Post from the tag dropdown; redirect to a GET - + if ($_SERVER['REQUEST_METHOD'] == 'POST') { common_redirect($this->self_url(), 307); } @@ -57,17 +57,17 @@ class GalleryAction extends Action { } $page = $this->arg('page'); - + if (!$page) { $page = 1; } $display = $this->arg('display'); - + if (!$display) { $display = 'list'; } - + $tag = $this->arg('tag'); common_show_header($profile->nickname . ": " . $this->gallery_type(), @@ -76,7 +76,7 @@ class GalleryAction extends Action { $this->display_links($profile, $page, $display); $this->show_tags_dropdown($profile); - + $this->show_gallery($profile, $page, $display, $tag); common_show_footer(); } @@ -115,7 +115,7 @@ class GalleryAction extends Action { common_element_end('dl'); } } - + function show_top($profile) { common_element('div', 'instructions', $this->get_instructions($profile)); @@ -124,14 +124,14 @@ class GalleryAction extends Action { function show_gallery($profile, $page, $display='list', $tag=NULL) { $other = new Profile(); - + list($lst, $usr) = $this->fields(); $per_page = ($display == 'list') ? PROFILES_PER_PAGE : AVATARS_PER_PAGE; $offset = ($page-1)*$per_page; $limit = $per_page + 1; - + if (common_config('db','type') == 'pgsql') { $lim = ' LIMIT ' . $limit . ' OFFSET ' . $offset; } else { @@ -140,7 +140,7 @@ class GalleryAction extends Action { # XXX: memcached results # FIXME: SQL injection on $tag - + $other->query('SELECT profile.* ' . 'FROM profile JOIN subscription ' . 'ON profile.id = subscription.' . $lst . ' ' . @@ -150,22 +150,23 @@ class GalleryAction extends Action { (($tag) ? 'AND profile_tag.tag= "' . $tag . '" ': '') . 'ORDER BY subscription.created DESC, profile.id DESC ' . $lim); - + if ($display == 'list') { - $profile_list = new ProfileList($other, $profile, $this->trimmed('action')); + $cls = $this->profile_list_class(); + $profile_list = new $cls($other, $profile, $this->trimmed('action')); $cnt = $profile_list->show_list(); } else { $cnt = $this->icon_list($other); } # For building the pagination URLs - + $args = array('nickname' => $profile->nickname); - + if ($display != 'list') { $args['display'] = $display; } - + common_pagination($page > 1, $cnt > $per_page, $page, @@ -173,20 +174,24 @@ class GalleryAction extends Action { $args); } + function profile_list_class() { + return 'ProfileList'; + } + function icon_list($other) { - + common_element_start('ul', $this->div_class()); $cnt = 0; - + while ($other->fetch()) { $cnt++; - + if ($cnt > AVATARS_PER_PAGE) { break; } - + common_element_start('li'); common_element_start('a', array('title' => ($other->fullname) ? @@ -211,12 +216,12 @@ class GalleryAction extends Action { common_element_end('li'); } - + common_element_end('ul'); - + return $cnt; } - + function gallery_type() { return NULL; } @@ -232,15 +237,15 @@ class GalleryAction extends Action { function div_class() { return ''; } - + function display_links($profile, $page, $display) { $tag = $this->trimmed('tag'); - + common_element_start('dl', array('id'=>'subscriptions_nav')); common_element('dt', null, _('Subscriptions navigation')); common_element_start('dd'); common_element_start('ul', array('class'=>'nav')); - + switch ($display) { case 'list': common_element('li', array('class'=>'child_1'), _('List')); @@ -270,12 +275,12 @@ class GalleryAction extends Action { common_element('li', NULL, _('Icons')); break; } - + common_element_end('ul'); common_element_end('dd'); common_element_end('dl'); } - + # Get list of tags we tagged other users with function get_all_tags($profile, $lst, $usr) { diff --git a/lib/profilelist.php b/lib/profilelist.php index 67be04e10a..7461f94154 100644 --- a/lib/profilelist.php +++ b/lib/profilelist.php @@ -55,12 +55,11 @@ class ProfileList { function show() { - $this->profile = $this->profile; - common_element_start('li', array('class' => 'profile_single', 'id' => 'profile-' . $this->profile->id)); $user = common_current_user(); + if ($user && $user->id != $this->profile->id) { # XXX: special-case for user looking at own # subscriptions page @@ -151,9 +150,19 @@ class ProfileList { common_element_end('div'); } + if ($user && $user->id == $this->owner->id) { + $this->show_owner_controls($profile); + } + common_element_end('li'); } + /* Override this in subclasses. */ + + function show_owner_controls($profile) { + return; + } + function highlight($text) { return htmlspecialchars($text); } diff --git a/lib/util.php b/lib/util.php index 4fb58e7dcc..df736cf01c 100644 --- a/lib/util.php +++ b/lib/util.php @@ -2183,3 +2183,20 @@ function common_compatible_license($from, $to) { # XXX: better compatibility check needed here! return ($from == $to); } + +function common_block_form($profile) { + common_element_start('form', array('id' => 'block-' . $profile->id, + 'method' => 'post', + 'class' => 'block', + 'action' => common_local_url('block'))); + common_hidden('token', common_session_token()); + common_element('input', array('id' => 'blockto-' . $profile->id, + 'name' => 'blockto', + 'type' => 'hidden', + 'value' => $profile->id)); + common_element('input', array('type' => 'submit', + 'class' => 'submit', + 'value' => _('Block'))); + common_element_end('form'); + return; +}