friendica_2021-01/src/Module/Item/Ignore.php

80 lines
2.2 KiB
PHP
Raw Normal View History

<?php
namespace Friendica\Module\Item;
use Friendica\App;
use Friendica\BaseModule;
use Friendica\Core\L10n\L10n;
use Friendica\Core\Session;
2019-10-23 16:24:19 +02:00
use Friendica\Core\System;
use Friendica\Database\Database;
use Friendica\DI;
use Friendica\Model\Item;
use Friendica\Network\HTTPException;
/**
* Module for ignoring threads or user items
*/
2019-10-24 09:09:47 +02:00
class Ignore extends BaseModule
{
public static function rawContent(array $parameters = [])
{
/** @var L10n $l10n */
$l10n = self::getClass(L10n::class);
if (!Session::isAuthenticated()) {
throw new HttpException\ForbiddenException($l10n->t('Access denied.'));
}
/** @var App\Arguments $args */
$args = self::getClass(App\Arguments::class);
/** @var Database $dba */
$dba = self::getClass(Database::class);
$message_id = intval($args->get(2));
if (empty($message_id) || !is_int($message_id)) {
throw new HTTPException\BadRequestException();
}
$thread = Item::selectFirstThreadForUser(local_user(), ['uid', 'ignored'], ['iid' => $message_id]);
if (!$dba->isResult($thread)) {
throw new HTTPException\BadRequestException();
}
// Numeric values are needed for the json output further below
$ignored = !empty($thread['ignored']) ? 0 : 1;
2019-10-23 16:24:19 +02:00
switch ($thread['uid'] ?? 0) {
// if the thread is from the current user
case local_user():
$dba->update('thread', ['ignored' => $ignored], ['iid' => $message_id]);
break;
2019-10-23 21:29:17 +02:00
// 0 (null will get transformed to 0) => it's a public post
2019-10-23 16:24:19 +02:00
case 0:
$dba->update('user-item', ['ignored' => $ignored], ['iid' => $message_id, 'uid' => local_user()], true);
break;
2019-10-23 21:29:17 +02:00
// Throws a BadRequestException and not a ForbiddenException on purpose
// Avoids harvesting existing, but forbidden IIDs (security issue)
2019-10-23 16:24:19 +02:00
default:
throw new HTTPException\BadRequestException();
}
// See if we've been passed a return path to redirect to
$return_path = $_REQUEST['return'] ?? '';
if (!empty($return_path)) {
$rand = '_=' . time();
if (strpos($return_path, '?')) {
$rand = "&$rand";
} else {
$rand = "?$rand";
}
DI::app()->internalRedirect($return_path . $rand);
}
// the json doesn't really matter, it will either be 0 or 1
System::jsonExit($ignored);
}
}