Commit 021d755b authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Use clean profile urls on sendmessage, denyrequest pages



Bug #1006634, part 3

In these cases the user's url field is already fetched on the page,
but the database query must be moved to make use of it.

Change-Id: I325866c89577e568d4d7d6c372d1546441116c3d
Signed-off-by: default avatarRichard Mansfield <richard.mansfield@catalyst.net.nz>
parent e262b5bb
......@@ -31,11 +31,22 @@ require(dirname(dirname(__FILE__)) . '/init.php');
require_once('pieforms/pieform.php');
$id = param_integer('id');
if (get_account_preference($id, 'friendscontrol') != 'auth'
|| $id == $USER->get('id')
|| !($user = get_record('usr', 'id', $id, 'deleted', 0))) {
throw new AccessDeniedException(get_string('cantrequestfriendship', 'group'));
}
$user->introduction = get_field('artefact', 'title', 'artefacttype', 'introduction', 'owner', $id);
define('TITLE', get_string('sendfriendshiprequest', 'group', display_name($id)));
$returnto = param_alpha('returnto', 'myfriends');
switch ($returnto) {
case 'find': $goto = 'user/find.php'; break;
case 'view': $goto = 'user/view.php?id=' . $id; break;
case 'view': $goto = profile_url($user, false); break;
default:
$goto = 'user/myfriends.php';
}
......@@ -50,16 +61,6 @@ else if (get_friend_request($id, $USER->get('id'))) {
redirect(get_config('wwwroot') . 'user/myfriends.php?filter=pending');
}
if (get_account_preference($id, 'friendscontrol') != 'auth'
|| $id == $USER->get('id')
|| !($user = get_record('usr', 'id', $id, 'deleted', 0))) {
throw new AccessDeniedException(get_string('cantrequestfriendship', 'group'));
}
$user->introduction = get_field('artefact', 'title', 'artefacttype', 'introduction', 'owner', $id);
define('TITLE', get_string('sendfriendshiprequest', 'group', display_name($id)));
$form = pieform(array(
'name' => 'requestfriendship',
'autofocus' => false,
......@@ -96,7 +97,7 @@ function requestfriendship_submit(Pieform $form, $values) {
// notification info
$n = new StdClass;
$n->url = 'user/view.php?id=' . $loggedinid;
$n->url = profile_url($USER, false);
$n->users = array($user->id);
$n->fromuser = $loggedinid;
$lang = get_user_language($user->id);
......
......@@ -47,13 +47,27 @@ if (!is_null($replytoid)) {
$messages = get_message_thread($replytoid);
}
$user = get_record('usr', 'id', $id);
if (!$user) {
throw new UserNotFoundException(get_string('cantmessageuser', 'group'));
}
else if ($user->deleted != 0) {
throw new AccessDeniedException(get_string('cantmessageuserdeleted', 'group'));
}
else if (!can_send_message($USER->to_stdclass(), $id)) {
throw new AccessDeniedException(get_string('cantmessageuser', 'group'));
}
define('TITLE', get_string('sendmessageto', 'group', display_name($user)));
$returnto = param_alpha('returnto', 'myfriends');
switch ($returnto) {
case 'find':
$goto = 'user/find.php';
break;
case 'view':
$goto = 'user/view.php?id=' . $id;
$goto = profile_url($user, false);
break;
case 'inbox':
$goto = 'account/activity';
......@@ -67,20 +81,6 @@ switch ($returnto) {
$goto = 'user/myfriends.php';
}
$user = get_record('usr', 'id', $id);
if (!$user) {
throw new UserNotFoundException(get_string('cantmessageuser', 'group'));
}
else if ($user->deleted != 0) {
throw new AccessDeniedException(get_string('cantmessageuserdeleted', 'group'));
}
else if (!can_send_message($USER->to_stdclass(), $id)) {
throw new AccessDeniedException(get_string('cantmessageuser', 'group'));
}
define('TITLE', get_string('sendmessageto', 'group', display_name($user)));
$form = pieform(array(
'name' => 'sendmessage',
'autofocus' => false,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment