date based profile wall filter - backend

2012-06-11 19:36:04 -07:00 · 2012-06-11 19:36:04 -07:00 · 24e85c95b6
parent 75104416e0
commit 24e85c95b6
3 changed files with 42 additions and 11 deletions
--- a/boot.php
+++ b/boot.php
@ -407,9 +407,6 @@ if(! class_exists('App')) {
 			$this->argc = count($this->argv);
 			if((array_key_exists('0',$this->argv)) && strlen($this->argv[0])) {
 				$this->module = str_replace(".", "_", $this->argv[0]);
 				if(array_key_exists('2',$this->argv)) {
 					$this->category = $this->argv[2];
 				}
 			}
 			else {
 				$this->argc = 1;
--- a/include/text.php
+++ b/include/text.php
@ -1541,3 +1541,16 @@ function protect_sprintf($s) {
 	return(str_replace('%','%%',$s));
 }
 function is_a_date_arg($s) {
 	$i = intval($s);
 	if($i > 1900) {
 		$y = date('Y');
 		if($i <= $y+1 && strpos($s,'-') == 4) {
 			$m = intval(substr($s,5));
 			if($m > 0 && $m <= 12)
 				return true;
 		}
 	}
 	return false;
 }
--- a/mod/profile.php
+++ b/mod/profile.php
@ -67,11 +67,23 @@ function profile_init(&$a) {
 function profile_content(&$a, $update = 0) {
-        if (x($a->category)) {
+	$category = datequery = $datequery2 = '';
-	        $category = $a->category;
+
 	if($a->argc > 2) {
 		for($x = 2; $x < $a->argc; $x ++) {
 			if(is_a_date_arg($a->argv[$x])) {
 				if($datequery)
 					$datequery2 = escape_tags($a->argv[$x]);
 				else
 					$datequery = escape_tags($a->argv[$x]);
 			}
 			else
 				$category = $a->argv[$x];
 		}
 	}
-        else {
+
-	        $category = ((x($_GET,'category')) ? $_GET['category'] : '');
+	if(! x($category)) {
 		$category = ((x($_GET,'category')) ? $_GET['category'] : '');
 	}
 	if(get_config('system','block_public') && (! local_user()) && (! remote_user())) {
@ -97,6 +109,7 @@ function profile_content(&$a, $update = 0) {
 		}
 	}
 	$contact = null;
 	$remote_contact = false;
@ -200,16 +213,24 @@ function profile_content(&$a, $update = 0) {
 	}
 	else {
-                if(x($category)) {
+		if(x($category)) {
-		        $sql_extra .= file_tag_file_query('item',$category,'category');
+			$sql_extra .= protect_sprintf(file_tag_file_query('item',$category,'category'));
 		}
 		if($datequery) {
 			$sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert('','',$datequery))));
 		}
 		if($datequery2) {
 			$sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert('','',$datequery2))));
 		}
 		$r = q("SELECT COUNT(*) AS `total`
 			FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
 			WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
 			and `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 
 			AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 1
-			$sql_extra ",
+			$sql_extra $sql_extra2 ",
 			intval($a->profile['profile_uid'])
 		);
@ -225,7 +246,7 @@ function profile_content(&$a, $update = 0) {
 			WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
 			and `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
 			AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 1
-			$sql_extra
+			$sql_extra $sql_extra2
 			ORDER BY `item`.`created` DESC $pager_sql ",
 			intval($a->profile['profile_uid'])