diff --git a/mod/item.php b/mod/item.php index 68fa6fbf6d..8d329f475b 100644 --- a/mod/item.php +++ b/mod/item.php @@ -819,24 +819,50 @@ function item_post_return($baseurl, $api_source, $return_path) function item_content(App $a) { if (!Session::isAuthenticated()) { - return; + throw new HTTPException\UnauthorizedException(); + } + + $args = DI::args(); + + if (!$args->has(3)) { + throw new HTTPException\BadRequestException(); } $o = ''; + switch ($args->get(1)) { + case 'drop': + if (DI::mode()->isAjax()) { + Item::deleteForUser(['id' => $args->get(2)], local_user()); + // ajax return: [, 0 (no perm) | ] + System::jsonExit([intval($args->get(2)), local_user()]); + } else { + if (!empty($args->get(3))) { + $o = drop_item($args->get(2), $args->get(3)); + } else { + $o = drop_item($args->get(2)); + } + } + break; + case 'block': + $item = Post::selectFirstForUser(local_user(), ['guid', 'author-id', 'parent', 'gravity'], ['id' => $args->get(2)]); + if (empty($item['author-id'])) { + throw new HTTPException\NotFoundException('Item not found'); + } - if (($a->argc >= 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) { - if (DI::mode()->isAjax()) { - Item::deleteForUser(['id' => $a->argv[2]], local_user()); - // ajax return: [, 0 (no perm) | ] - System::jsonExit([intval($a->argv[2]), local_user()]); - } else { - if (!empty($a->argv[3])) { - $o = drop_item($a->argv[2], $a->argv[3]); + $cdata = Contact::getPublicAndUserContacID($item['author-id'], local_user()); + if (empty($cdata['user'])) { + throw new HTTPException\NotFoundException('Contact not found'); } - else { - $o = drop_item($a->argv[2]); + + Contact::block($cdata['user'], DI::l10n()->t('Blocked on item with guid %s', $item['guid'])); + + if (DI::mode()->isAjax()) { + // ajax return: [, 0 (no perm) | ] + System::jsonExit([intval($args->get(2)), local_user()]); + } else { + item_redirect_after_action($item, $args->get(3)); } - } + break; } return $o; @@ -871,39 +897,10 @@ function drop_item(int $id, string $return = '') } if ((local_user() == $item['uid']) || $contact_id) { - if (!empty($item['parent'])) { - $parentitem = Post::selectFirstForUser(local_user(), ['guid'], ['id' => $item['parent']]); - } - // delete the item Item::deleteForUser(['id' => $item['id']], local_user()); - $return_url = hex2bin($return); - - // removes update_* from return_url to ignore Ajax refresh - $return_url = str_replace("update_", "", $return_url); - - // Check if delete a comment - if ($item['gravity'] == GRAVITY_COMMENT) { - // Return to parent guid - if (!empty($parentitem)) { - DI::baseUrl()->redirect('display/' . $parentitem['guid']); - //NOTREACHED - } // In case something goes wrong - else { - DI::baseUrl()->redirect('network'); - //NOTREACHED - } - } else { - // if unknown location or deleting top level post called from display - if (empty($return_url) || strpos($return_url, 'display') !== false) { - DI::baseUrl()->redirect('network'); - //NOTREACHED - } else { - DI::baseUrl()->redirect($return_url); - //NOTREACHED - } - } + item_redirect_after_action($item, $return); } else { notice(DI::l10n()->t('Permission denied.')); DI::baseUrl()->redirect('display/' . $item['guid']); @@ -912,3 +909,37 @@ function drop_item(int $id, string $return = '') return ''; } + +function item_redirect_after_action($item, $returnUrlHex) +{ + $return_url = hex2bin($returnUrlHex); + + // removes update_* from return_url to ignore Ajax refresh + $return_url = str_replace("update_", "", $return_url); + + // Check if delete a comment + if ($item['gravity'] == GRAVITY_COMMENT) { + if (!empty($item['parent'])) { + $parentitem = Post::selectFirstForUser(local_user(), ['guid'], ['id' => $item['parent']]); + } + + // Return to parent guid + if (!empty($parentitem)) { + DI::baseUrl()->redirect('display/' . $parentitem['guid']); + //NOTREACHED + } // In case something goes wrong + else { + DI::baseUrl()->redirect('network'); + //NOTREACHED + } + } else { + // if unknown location or deleting top level post called from display + if (empty($return_url) || strpos($return_url, 'display') !== false) { + DI::baseUrl()->redirect('network'); + //NOTREACHED + } else { + DI::baseUrl()->redirect($return_url); + //NOTREACHED + } + } +} diff --git a/src/App/Page.php b/src/App/Page.php index af1f1810b7..8a1ec47d55 100644 --- a/src/App/Page.php +++ b/src/App/Page.php @@ -248,6 +248,7 @@ class Page implements ArrayAccess '$local_user' => local_user(), '$generator' => 'Friendica' . ' ' . FRIENDICA_VERSION, '$delitem' => $l10n->t('Delete this item?'), + '$blockAuthor' => $l10n->t('Block this author? They won\'t be able to follow you nor see your public posts, and you won\'t be able to see their posts and their notifications.'), '$update_interval' => $interval, '$shortcut_icon' => $shortcut_icon, '$touch_icon' => $touch_icon, diff --git a/src/Object/Post.php b/src/Object/Post.php index 00293d8ecb..925f752c9a 100644 --- a/src/Object/Post.php +++ b/src/Object/Post.php @@ -230,6 +230,7 @@ class Post } $drop = false; + $block = false; if (local_user()) { $drop = [ 'dropping' => $dropping, @@ -237,6 +238,11 @@ class Post 'select' => DI::l10n()->t('Select'), 'delete' => $delete, ]; + $block = [ + 'blocking' => true, + 'block' => DI::l10n()->t('Block %s', $item['author-name']), + 'author_id' => $item['author-id'], + ]; } $filer = (($conv->getProfileOwner() == local_user() && ($item['uid'] != 0)) ? DI::l10n()->t("save to folder") : false); @@ -485,6 +491,7 @@ class Post 'filer' => $filer, 'language' => $languages, 'drop' => $drop, + 'block' => $block, 'vote' => $buttons, 'like_html' => $responses['like']['output'], 'dislike_html' => $responses['dislike']['output'],