Merge pull request #4978 from annando/dba-2

Diaspora: Fix person/contact retraction
This commit is contained in:
Hypolite Petovan 2018-05-04 18:04:38 -04:00 committed by GitHub
commit 3a3a4807a8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 80 deletions

View file

@ -4170,21 +4170,11 @@ function api_fr_photoalbum_update($type)
throw new BadRequestException("no new albumname specified"); throw new BadRequestException("no new albumname specified");
} }
// check if album is existing // check if album is existing
$r = q( if (!dba::exists('photo', ['uid' => api_user(), 'album' => $album])) {
"SELECT `id` FROM `photo` WHERE `uid` = %d AND `album` = '%s'",
intval(api_user()),
dbesc($album)
);
if (!DBM::is_result($r)) {
throw new BadRequestException("album not available"); throw new BadRequestException("album not available");
} }
// now let's update all photos to the albumname // now let's update all photos to the albumname
$result = q( $result = dba::update('photo', ['album' => $album_new], ['uid' => api_user(), 'album' => $album]);
"UPDATE `photo` SET `album` = '%s' WHERE `uid` = %d AND `album` = '%s'",
dbesc($album_new),
intval(api_user()),
dbesc($album)
);
// return success of updating or error message // return success of updating or error message
if ($result) { if ($result) {
@ -4486,7 +4476,7 @@ function api_account_update_profile_image($type)
throw new ForbiddenException(); throw new ForbiddenException();
} }
// input params // input params
$profileid = defaults($_REQUEST, 'profile_id', 0); $profile_id = defaults($_REQUEST, 'profile_id', 0);
// error if image data is missing // error if image data is missing
if (!x($_FILES, 'image')) { if (!x($_FILES, 'image')) {
@ -4494,17 +4484,13 @@ function api_account_update_profile_image($type)
} }
// check if specified profile id is valid // check if specified profile id is valid
if ($profileid != 0) { if ($profile_id != 0) {
$r = q( $profile = dba::selectFirst('profile', ['is-default'], ['uid' => api_user(), 'id' => $profile_id]);
"SELECT `id` FROM `profile` WHERE `uid` = %d AND `id` = %d",
intval(api_user()),
intval($profileid)
);
// error message if specified profile id is not in database // error message if specified profile id is not in database
if (!DBM::is_result($r)) { if (!DBM::is_result($profile)) {
throw new BadRequestException("profile_id not available"); throw new BadRequestException("profile_id not available");
} }
$is_default_profile = $r['profile']; $is_default_profile = $profile['is-default'];
} else { } else {
$is_default_profile = 1; $is_default_profile = 1;
} }
@ -4534,37 +4520,15 @@ function api_account_update_profile_image($type)
} }
// change specified profile or all profiles to the new resource-id // change specified profile or all profiles to the new resource-id
if ($is_default_profile) { if ($is_default_profile) {
q( $condition = ["`profile` AND `resource-id` != ? AND `uid` = ?", $data['photo']['id'], api_user()];
"UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d", dba::update('photo', ['profile' => false], $condition);
dbesc($data['photo']['id']),
intval(local_user())
);
q(
"UPDATE `contact` SET `photo` = '%s', `thumb` = '%s', `micro` = '%s' WHERE `self` AND `uid` = %d",
dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-4.' . $fileext),
dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-5.' . $fileext),
dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-6.' . $fileext),
intval(local_user())
);
} else { } else {
q( $fields = ['photo' => System::baseUrl() . '/photo/' . $data['photo']['id'] . '-4.' . $filetype,
"UPDATE `profile` SET `photo` = '%s', `thumb` = '%s' WHERE `id` = %d AND `uid` = %d", 'thumb' => System::baseUrl() . '/photo/' . $data['photo']['id'] . '-5.' . $filetype];
dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-4.' . $filetype), dba::update('profile', $fields, ['id' => $_REQUEST['profile'], 'uid' => api_user()]);
dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-5.' . $filetype),
intval($_REQUEST['profile']),
intval(local_user())
);
} }
// we'll set the updated profile-photo timestamp even if it isn't the default profile, Contact::updateSelfFromUserID(api_user(), true);
// so that browsers will do a cache update unconditionally
q(
"UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d",
dbesc(DateTimeFormat::utcNow()),
intval(local_user())
);
// Update global directory in background // Update global directory in background
//$user = api_get_user(get_app()); //$user = api_get_user(get_app());
@ -5044,15 +5008,9 @@ function api_friendica_remoteauth()
$sec = random_string(); $sec = random_string();
q( $fields = ['uid' => api_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id,
"INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`) 'sec' => $sec, 'expire' => time() + 45];
VALUES( %d, %s, '%s', '%s', %d )", dba::insert('profile_check', $fields);
intval(api_user()),
intval($cid),
dbesc($dfrn_id),
dbesc($sec),
intval(time() + 45)
);
logger($contact['name'] . ' ' . $sec, LOGGER_DEBUG); logger($contact['name'] . ' ' . $sec, LOGGER_DEBUG);
$dest = ($url ? '&destination_url=' . $url : ''); $dest = ($url ? '&destination_url=' . $url : '');
@ -6014,25 +5972,14 @@ function api_friendica_direct_messages_setseen($type)
return api_format_data("direct_messages_setseen", $type, ['$result' => $answer]); return api_format_data("direct_messages_setseen", $type, ['$result' => $answer]);
} }
// get data of the specified message id
$r = q(
"SELECT `id` FROM `mail` WHERE `id` = %d AND `uid` = %d",
intval($id),
intval($uid)
);
// error message if specified id is not in database // error message if specified id is not in database
if (!DBM::is_result($r)) { if (!dba::exists('mail', ['id' => $id, 'uid' => $uid])) {
$answer = ['result' => 'error', 'message' => 'message id not in database']; $answer = ['result' => 'error', 'message' => 'message id not in database'];
return api_format_data("direct_messages_setseen", $type, ['$result' => $answer]); return api_format_data("direct_messages_setseen", $type, ['$result' => $answer]);
} }
// update seen indicator // update seen indicator
$result = q( $result = dba::update('mail', ['seen' => true], ['id' => $id]);
"UPDATE `mail` SET `seen` = 1 WHERE `id` = %d AND `uid` = %d",
intval($id),
intval($uid)
);
if ($result) { if ($result) {
// return success // return success
@ -6128,18 +6075,18 @@ function api_friendica_profile_show($type)
} }
// input params // input params
$profileid = (x($_REQUEST, 'profile_id') ? $_REQUEST['profile_id'] : 0); $profile_id = (x($_REQUEST, 'profile_id') ? $_REQUEST['profile_id'] : 0);
// retrieve general information about profiles for user // retrieve general information about profiles for user
$multi_profiles = Feature::isEnabled(api_user(), 'multi_profiles'); $multi_profiles = Feature::isEnabled(api_user(), 'multi_profiles');
$directory = Config::get('system', 'directory'); $directory = Config::get('system', 'directory');
// get data of the specified profile id or all profiles of the user if not specified // get data of the specified profile id or all profiles of the user if not specified
if ($profileid != 0) { if ($profile_id != 0) {
$r = q( $r = q(
"SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d", "SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d",
intval(api_user()), intval(api_user()),
intval($profileid) intval($profile_id)
); );
// error message if specified gid is not in database // error message if specified gid is not in database

View file

@ -2969,12 +2969,10 @@ class Diaspora
case "StatusMessage": case "StatusMessage":
return self::itemRetraction($importer, $contact, $data); return self::itemRetraction($importer, $contact, $data);
case "Contact": case "PollParticipation":
case "Person": case "Photo":
/// @todo What should we do with an "unshare"? // Currently unsupported
// Removing the contact isn't correct since we still can read the public items break;
Contact::remove($contact["id"]);
return true;
default: default:
logger("Unknown target type ".$target_type); logger("Unknown target type ".$target_type);