comment_status,target_account_id=DATABASE.query_one("select comments_enabled, accounts.id from accounts join users on users.account_id = accounts.id where users.id = ?",params["userID"].to_i,as:{Int32,Int32})
# turns out the client never authenticates on this endpoint.
# not sure why? this is kind of a Big Deal :( but oh well
# keeping this code commented out incase this changes
#user_id, account_id = Accounts.auth(params)
#if account_id != target_account_id
# case comment_status
# when 0
# return "-1"
# when 1
# if !(user_id && account_id)
# return "-1"
# end
# if !Accounts.are_friends(account_id, target_account_id)
# return "-1"
# end
# when 2
# if account_id && Accounts.is_blocked_by(account_id, target_account_id)