Improve api_search()

Use dba::p() instead of q() Move exception to the beginning Remove useless GROUP BY Remove useless protect_sprintf()
2017-12-18 13:35:36 +01:00 · 2017-12-18 13:35:36 +01:00 · ee8468affe
parent 4a5d988d8c
commit ee8468affe
1 changed files with 39 additions and 40 deletions
--- a/include/api.php
+++ b/include/api.php
@ -1500,7 +1500,10 @@ function api_search($type)
 {
 	$data = array();
-	if (x($_REQUEST, 'q')) {
+	if (!x($_REQUEST, 'q')) {
 		throw new BadRequestException("q parameter is required.");
 	}
 	if (x($_REQUEST, 'rpp')) {
 		$count = $_REQUEST['rpp'];
 	} elseif (x($_REQUEST, 'count')) {
@ -1519,30 +1522,26 @@ function api_search($type)
 		$sql_extra .= ' AND `item`.`id` <= ' . intval($max_id);
 	}
-		$r = q(
+	$r = dba::p(
-			"SELECT %s
+		"SELECT ".item_fieldlists()."
-			FROM `item` %s
+		FROM `item` ".item_joins()."
-			WHERE %s AND (`item`.`uid` = 0 OR (`item`.`uid` = %s AND NOT `item`.`global`))
+		WHERE ".item_condition()." AND (`item`.`uid` = 0 OR (`item`.`uid` = ? AND NOT `item`.`global`))
-			AND `item`.`body` REGEXP '%s'
+		AND `item`.`body` REGEXP ?
 		$sql_extra
-			AND `item`.`id`>%d
+		AND `item`.`id`>?
-			GROUP BY `item`.`uri`, `item`.`id`
+		ORDER BY `item`.`id` DESC LIMIT ".intval($start)." ,".intval($count)." ",
-			ORDER BY `item`.`id` DESC LIMIT %d ,%d ",
+		intval(api_user()),
-			item_fieldlists(),
+		$_REQUEST['q'],
-			item_joins(),
+		intval($since_id)
 			item_condition(),
 			intval(local_user()),
 			dbesc(protect_sprintf(preg_quote($_REQUEST['q']))),
 			intval($since_id),
 			intval($start),
 			intval($count)
 	);
-		$data['status'] = api_format_items($r, api_get_user(get_app()));
+	$statuses = array();
-	} else {
+	while ($row = dba::fetch($r)) {
-		throw new BadRequestException("q parameter is required.");
+		$statuses[] = $row;
 	}
 	$data['status'] = api_format_items($statuses, api_get_user(get_app()));
 	return api_format_data("statuses", $type, $data);
 }