<?php

##
#
# Jisko: An open-source microblogging application
# Copyright (C) 2008  Rubén Díaz <outime@gmail.com> & Matías Parodi <mparodilabs@gmail.com>
# 
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
# 
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
##

if (!defined("SECURITY")) { exit; }
if ($_SESSION['LOGIN'] !== true) header("Location: {$base}home");

if ($_POST) {

	$username = safe_str($_POST['username'], true);

	if ($username != $_SESSION['USERNAME']) {

		$sql = "
			SELECT `users`.*
			FROM `users`
			WHERE (`users`.`username` = '" . $username . "')
			LIMIT 1;";
		$result = mysql_query($sql);
		$row = mysql_fetch_assoc($result);
		mysql_free_result($result);

		$id_user = $row['id_user'];
		$email = $row['email'];

		$sql = "
			SELECT `followers`.`id_follow`, `followers`.`id_follower`
			FROM `followers`
			WHERE ((`followers`.`id_user` = '" . $_SESSION['ID_USER'] . "') AND (`followers`.`id_follower` = '" . $id_user . "'))
			LIMIT 1;";
		$result = mysql_query($sql);
		$row = mysql_fetch_assoc($result);
		mysql_free_result($result);

		if (mysql_affected_rows() == 0) {
			$sql = "INSERT INTO `followers` (`id_follower`, `id_user`) values ('" . $id_user . "', '" . $_SESSION['ID_USER'] . "');";
			mysql_query($sql);

			$old_msg_body = sprintf(_("¡Buenas noticias, %s!\n\n<a href=\"http://jisko.net/%s\">%s</a> ha empezado a seguir las actualizaciones de tus notas.\n\nSi deseas devolverle la acción, simplemente accede a su perfil y haz clic en \"Seguir\".\n--\nAdministración de Jisko (<a href=\"mailto:%s\">%s</a>)"), $username, $_SESSION['USERNAME'], $_SESSION['USERNAME'], $_SESSION['USERNAME'], $CONFIG['EMAIL_CONTACT'], $CONFIG['EMAIL_CONTACT']);
			$msg_body = ereg_replace("\n", "<br>", $old_msg_body);

			$subject = sprintf(_("%s te sigue en Jisko"), $_SESSION['USERNAME']);

			$headers = "MIME-Version: 1.0\r\n"; 
			$headers .= "Content-type: text/html; UTF-8\r\n"; 
			$headers .= "From: Jisko <" . $CONFIG['EMAIL_CONTACT'] . ">";

			@ mail($email, $subject, $msg_body, $headers);
		} else {
			$sql = "DELETE FROM `followers`  WHERE (`followers`.`id_follow` = '" . $row['id_follow'] . "') LIMIT 1;";
			mysql_query($sql);
		}
	}
}

header('Location: ' . $_SERVER['HTTP_REFERER']);

?>