.html does not escape any html input in these, leading to XSS
attack vectors.

Thanks to A Kai (@sixhundredns) for reporting the related issues.

I couldn't reproduce what the comment states anymore, so I just removed
it. This fixes a minor issue where html wouldn't be escaped in the
export.

Thanks to A Kai (@sixhundredns) for reporting.

Remove duplicate checkbox in Settings

Fix issue #4964

Do not try to render post/comment report which does not exist

refs diaspora/diaspora#4959

Use absolute_root more consistently in Reshare

It is now possible to report posts and comments

* added temp. default values for user_id and item_type
* changed model validation for item_type

* changed button description
* replaced links with buttons

fixed:
* comment-report-icon will not be displayed when post author is current user
* if you hover a comment all report icons will be displayed

* changed user_id type to integer
* renamed post_id to item_id
* renamed post_type to item_type

That fixed the correct validation whether a post/comment is gone
after the report was marked as deleted

Instead of checking the status code I am using success and
error callbacks from model-save. In that case we have to return
json in the controller for signaling that the request was sucessfully.

* Removed ActiveRecord tests (that is handled in the controller spec)
* Added Mailer tests
* Added validation tests

Podmin can see a extra checkbox in Settings > Account
for disabling report-email-notification

* join the conditions of the inner ifs
* add a uniqueness constraint to the model
* differentiate between author is a local or a remote user
* simplify controller/mailer functions