Browse Source

More "LIMIT 1" removed - and some other SQL improvements.

pull/927/head
Michael Vogel 8 years ago
parent
commit
6e7bd68ebb
  1. 10
      include/Contact.php
  2. 12
      include/acl_selectors.php
  3. 44
      include/api.php
  4. 2
      include/cache.php
  5. 6
      include/datetime.php
  6. 16
      include/enotify.php
  7. 8
      include/event.php
  8. 20
      include/follow.php
  9. 18
      include/group.php
  10. 24
      include/notifier.php
  11. 12
      include/oauth.php
  12. 6
      include/security.php
  13. 10
      include/text.php
  14. 3
      mod/community.php
  15. 4
      mod/crepair.php
  16. 92
      mod/dfrn_confirm.php
  17. 28
      mod/dfrn_request.php
  18. 18
      mod/events.php
  19. 4
      mod/fsuggest.php
  20. 16
      mod/group.php
  21. 10
      mod/like.php
  22. 4
      mod/lostpass.php
  23. 10
      mod/mood.php
  24. 4
      mod/notifications.php
  25. 20
      mod/poke.php
  26. 26
      mod/profile_photo.php
  27. 18
      mod/profiles.php
  28. 8
      mod/profperm.php
  29. 18
      mod/settings.php
  30. 2
      mod/starred.php
  31. 8
      mod/subthread.php
  32. 22
      mod/tagger.php
  33. 2
      mod/tagrm.php
  34. 24
      update.php

10
include/Contact.php

@ -64,13 +64,13 @@ function contact_remove($id) {
$archive = get_pconfig($r[0]['uid'], 'system','archive_removed_contacts');
if($archive) {
q("update contact set `archive` = 1, `network` = 'none', `writable` = 0 where id = %d limit 1",
q("update contact set `archive` = 1, `network` = 'none', `writable` = 0 where id = %d",
intval($id)
);
return;
}
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `contact` WHERE `id` = %d",
intval($id)
);
q("DELETE FROM `item` WHERE `contact-id` = %d ",
@ -148,7 +148,7 @@ function mark_for_death($contact) {
return;
if($contact['term-date'] == '0000-00-00 00:00:00') {
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d LIMIT 1",
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
intval($contact['id'])
);
@ -166,7 +166,7 @@ function mark_for_death($contact) {
// archive them rather than delete
// though if the owner tries to unarchive them we'll start the whole process over again
q("update contact set `archive` = 1 where id = %d limit 1",
q("update contact set `archive` = 1 where id = %d",
intval($contact['id'])
);
q("UPDATE `item` SET `private` = 2 WHERE `contact-id` = %d AND `uid` = %d", intval($contact['id']), intval($contact['uid']));
@ -181,7 +181,7 @@ function mark_for_death($contact) {
if(! function_exists('unmark_for_death')) {
function unmark_for_death($contact) {
// It's a miracle. Our dead contact has inexplicably come back to life.
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d LIMIT 1",
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d",
dbesc('0000-00-00 00:00:00'),
intval($contact['id'])
);

12
include/acl_selectors.php

@ -399,19 +399,19 @@ function acl_lookup(&$a, $out_type = 'json') {
} else {
$sql_extra = $sql_extra2 = "";
}
// count groups and contacts
if ($type=='' || $type=='g'){
$r = q("SELECT COUNT(`id`) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
$r = q("SELECT COUNT(*) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
intval(local_user())
);
$group_count = (int)$r[0]['g'];
} else {
$group_count = 0;
}
if ($type=='' || $type=='c'){
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
AND `notify` != '' $sql_extra2" ,
@ -423,7 +423,7 @@ function acl_lookup(&$a, $out_type = 'json') {
// autocomplete for Private Messages
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
AND `network` IN ('%s','%s','%s') $sql_extra2" ,
@ -439,7 +439,7 @@ function acl_lookup(&$a, $out_type = 'json') {
// autocomplete for Contacts
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `pending` = 0 $sql_extra2" ,
intval(local_user())

44
include/api.php

@ -384,26 +384,26 @@
intval(api_user())
);
//AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
// count public wall messages
$r = q("SELECT COUNT(`id`) as `count` FROM `item`
$r = q("SELECT count(*) as `count` FROM `item` force index (uid_type)
WHERE `uid` = %d
AND `type`='wall'
AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
AND `type`='wall'",
intval($uinfo[0]['uid'])
);
$countitms = $r[0]['count'];
}
else {
$r = q("SELECT COUNT(`id`) as `count` FROM `item`
WHERE `contact-id` = %d
AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
//AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
$r = q("SELECT count(*) as `count` FROM `item`
WHERE `contact-id` = %d",
intval($uinfo[0]['id'])
);
$countitms = $r[0]['count'];
}
// count friends
$r = q("SELECT COUNT(`id`) as `count` FROM `contact`
$r = q("SELECT count(*) as `count` FROM `contact`
WHERE `uid` = %d AND `rel` IN ( %d, %d )
AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0",
intval($uinfo[0]['uid']),
@ -412,7 +412,7 @@
);
$countfriends = $r[0]['count'];
$r = q("SELECT COUNT(`id`) as `count` FROM `contact`
$r = q("SELECT count(*) as `count` FROM `contact`
WHERE `uid` = %d AND `rel` IN ( %d, %d )
AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0",
intval($uinfo[0]['uid']),
@ -421,7 +421,7 @@
);
$countfollowers = $r[0]['count'];
$r = q("SELECT count(`id`) as `count` FROM item where starred = 1 and uid = %d and deleted = 0",
$r = q("SELECT count(*) as `count` FROM item where starred = 1 and uid = %d and deleted = 0",
intval($uinfo[0]['uid'])
);
$starred = $r[0]['count'];
@ -528,7 +528,8 @@
$status_user["protected"] = (($item["allow_cid"] != "") OR
($item["allow_gid"] != "") OR
($item["deny_cid"] != "") OR
($item["deny_gid"] != ""));
($item["deny_gid"] != "") OR
$item["private"]);
return ($status_user);
}
@ -745,12 +746,27 @@
logger('api_status_show: user_info: '.print_r($user_info, true), LOGGER_DEBUG);
// get last public wall message
$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `c`.`nick` as `reply_author`, `i`.`author-link` AS `item-author`
FROM `item`, `contact`, `item` as `i`, `contact` as `c`
//$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `c`.`nick` as `reply_author`, `i`.`author-link` AS `item-author`
// FROM `item`, `contact`, `item` as `i`, `contact` as `c`
// WHERE `item`.`contact-id` = %d
// AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s')))
// AND `i`.`id` = `item`.`parent`
// AND `contact`.`id`=`item`.`contact-id` AND `c`.`id`=`i`.`contact-id` AND `contact`.`self`=1
// AND `item`.`type`!='activity'
// AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
// ORDER BY `item`.`created` DESC
// LIMIT 1",
// intval($user_info['cid']),
// dbesc($user_info['url']),
// dbesc(normalise_link($user_info['url'])),
// dbesc($user_info['url']),
// dbesc(normalise_link($user_info['url']))
//);
$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `i`.`author-link` AS `item-author`
FROM `item`, `item` as `i`
WHERE `item`.`contact-id` = %d
AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s')))
AND `i`.`id` = `item`.`parent`
AND `contact`.`id`=`item`.`contact-id` AND `c`.`id`=`i`.`contact-id` AND `contact`.`self`=1
AND `item`.`type`!='activity'
AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
ORDER BY `item`.`created` DESC
@ -773,8 +789,6 @@
if ($lastwall['parent']!=$lastwall['id']) {
$in_reply_to_status_id= intval($lastwall['parent']);
$in_reply_to_status_id_str = (string) intval($lastwall['parent']);
//$in_reply_to_user_id = $lastwall['reply_uid'];
//$in_reply_to_screen_name = $lastwall['reply_author'];
$r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($lastwall['item-author'])));
if ($r) {

2
include/cache.php

@ -47,7 +47,7 @@
* dbesc($key)
* );
* if(count($r)) {
* q("UPDATE `cache` SET `v` = '%s', `updated = '%s' WHERE `k` = '%s' limit 1",
* q("UPDATE `cache` SET `v` = '%s', `updated = '%s' WHERE `k` = '%s'",
* dbesc($value),
* dbesc(datetime_convert()),
* dbesc($key));

6
include/datetime.php

@ -19,7 +19,7 @@ if(! function_exists('select_timezone')) {
function select_timezone($current = 'America/Los_Angeles') {
$timezone_identifiers = DateTimeZone::listIdentifiers();
$o ='<select id="timezone_select" name="timezone">';
usort($timezone_identifiers, 'timezone_cmp');
@ -487,11 +487,11 @@ function update_contact_birthdays() {
dbesc('birthday'),
intval(0)
);
// update bdyear
q("UPDATE `contact` SET `bdyear` = '%s', `bd` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `contact` SET `bdyear` = '%s', `bd` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc(substr($nextbd,0,4)),
dbesc($nextbd),
intval($rr['uid']),

16
include/enotify.php

@ -255,10 +255,10 @@ function notification($params) {
$sitelink = $h['sitelink'];
$tsitelink = $h['tsitelink'];
$hsitelink = $h['hsitelink'];
$itemlink = $h['itemlink'];
$itemlink = $h['itemlink'];
require_once('include/html2bbcode.php');
require_once('include/html2bbcode.php');
do {
$dups = false;
@ -331,7 +331,7 @@ function notification($params) {
);
if($p && (count($p) > 1)) {
for ($d = 1; $d < count($p); $d ++) {
q("delete from notify where id = %d limit 1",
q("delete from notify where id = %d",
intval($p[$d]['id'])
);
}
@ -353,12 +353,12 @@ function notification($params) {
$itemlink = $a->get_baseurl() . '/notify/view/' . $notify_id;
$msg = replace_macros($epreamble,array('$itemlink' => $itemlink));
$r = q("update notify set msg = '%s' where id = %d and uid = %d limit 1",
$r = q("update notify set msg = '%s' where id = %d and uid = %d",
dbesc($msg),
intval($notify_id),
intval($params['uid'])
);
// send email notification if notification preferences permit
@ -370,15 +370,15 @@ function notification($params) {
$id_for_parent = "${params['parent']}@${hostname}";
// Is this the first email notification for this parent item and user?
$r = q("select `id` from `notify-threads` where `master-parent-item` = %d and `receiver-uid` = %d limit 1",
$r = q("select `id` from `notify-threads` where `master-parent-item` = %d and `receiver-uid` = %d limit 1",
intval($params['parent']),
intval($params['uid']) );
// If so, create the record of it and use a message-id smtp header.
if(!$r) {
logger("notify_id:" . intval($notify_id). ", parent: " . intval($params['parent']) . "uid: " .
logger("notify_id:" . intval($notify_id). ", parent: " . intval($params['parent']) . "uid: " .
intval($params['uid']), LOGGER_DEBUG);
$r = q("insert into `notify-threads` (`notify-id`, `master-parent-item`, `receiver-uid`, `parent-item`)
values(%d,%d,%d,%d)",

8
include/event.php

@ -207,7 +207,7 @@ function event_store($arr) {
$arr['created'] = (($arr['created']) ? $arr['created'] : datetime_convert());
$arr['edited'] = (($arr['edited']) ? $arr['edited'] : datetime_convert());
$arr['type'] = (($arr['type']) ? $arr['type'] : 'event' );
$arr['type'] = (($arr['type']) ? $arr['type'] : 'event' );
$arr['cid'] = ((intval($arr['cid'])) ? intval($arr['cid']) : 0);
$arr['uri'] = (x($arr,'uri') ? $arr['uri'] : item_new_uri($a->get_hostname(),$arr['uid']));
$arr['private'] = ((x($arr,'private')) ? intval($arr['private']) : 0);
@ -263,7 +263,7 @@ function event_store($arr) {
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s'
WHERE `id` = %d AND `uid` = %d LIMIT 1",
WHERE `id` = %d AND `uid` = %d",
dbesc($arr['edited']),
dbesc($arr['start']),
@ -291,7 +291,7 @@ function event_store($arr) {
$object .= '</object>' . "\n";
q("UPDATE `item` SET `body` = '%s', `object` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `edited` = '%s', `private` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `item` SET `body` = '%s', `object` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `edited` = '%s', `private` = %d WHERE `id` = %d AND `uid` = %d",
dbesc(format_event_bbcode($arr)),
dbesc($object),
dbesc($arr['allow_cid']),
@ -390,7 +390,7 @@ function event_store($arr) {
if($item_id) {
q("UPDATE `item` SET `plink` = '%s', `event-id` = %d WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `item` SET `plink` = '%s', `event-id` = %d WHERE `uid` = %d AND `id` = %d",
dbesc($plink),
intval($event['id']),
intval($arr['uid']),

20
include/follow.php

@ -111,7 +111,7 @@ function new_contact($uid,$url,$interactive = false) {
if($ret['network'] === NETWORK_MAIL) {
$writeable = 1;
}
if($ret['network'] === NETWORK_DIASPORA)
$writeable = 1;
@ -123,13 +123,13 @@ function new_contact($uid,$url,$interactive = false) {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `poll` = '%s' LIMIT 1",
intval($uid),
dbesc($ret['poll'])
);
);
if(count($r)) {
// update contact
if($r[0]['rel'] == CONTACT_IS_FOLLOWER || ($network === NETWORK_DIASPORA && $r[0]['rel'] == CONTACT_IS_SHARING)) {
q("UPDATE `contact` SET `rel` = %d , `subhub` = %d, `readonly` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `contact` SET `rel` = %d , `subhub` = %d, `readonly` = 0 WHERE `id` = %d AND `uid` = %d",
intval(CONTACT_IS_FRIEND),
intval($subhub),
intval($r[0]['id']),
@ -222,13 +222,13 @@ function new_contact($uid,$url,$interactive = false) {
$photos = import_profile_photo($ret['photo'],$uid,$contact_id);
$r = q("UPDATE `contact` SET `photo` = '%s',
$r = q("UPDATE `contact` SET `photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s'
WHERE `id` = %d LIMIT 1
WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -237,7 +237,7 @@ function new_contact($uid,$url,$interactive = false) {
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($contact_id)
);
);
// pull feed and consume it, which should subscribe to the hub.
@ -262,7 +262,7 @@ function new_contact($uid,$url,$interactive = false) {
'$ostat_follow' => ''
));
$r = q("SELECT `contact`.*, `user`.* FROM `contact` INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
$r = q("SELECT `contact`.*, `user`.* FROM `contact` INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE `user`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
intval($uid)
);

18
include/group.php

@ -8,17 +8,17 @@ function group_add($uid,$name) {
$r = group_byname($uid,$name); // check for dups
if($r !== false) {
// This could be a problem.
// This could be a problem.
// Let's assume we've just created a group which we once deleted
// all the old members are gone, but the group remains so we don't break any security
// access lists. What we're doing here is reviving the dead group, but old content which
// was restricted to this group may now be seen by the new group members.
// was restricted to this group may now be seen by the new group members.
$z = q("SELECT * FROM `group` WHERE `id` = %d LIMIT 1",
intval($r)
);
if(count($z) && $z[0]['deleted']) {
$r = q("UPDATE `group` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
$r = q("UPDATE `group` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s'",
intval($uid),
dbesc($name)
);
@ -32,7 +32,7 @@ function group_add($uid,$name) {
dbesc($name)
);
$ret = $r;
}
}
return $ret;
}
@ -87,7 +87,7 @@ function group_rmv($uid,$name) {
);
// remove group
$r = q("UPDATE `group` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
$r = q("UPDATE `group` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s'",
intval($uid),
dbesc($name)
);
@ -117,13 +117,13 @@ function group_rmv_member($uid,$name,$member) {
return false;
if(! ( $uid && $gid && $member))
return false;
$r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1 ",
$r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d",
intval($uid),
intval($gid),
intval($member)
);
return $r;
}
@ -134,13 +134,13 @@ function group_add_member($uid,$name,$member,$gid = 0) {
if((! $gid) || (! $uid) || (! $member))
return false;
$r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1",
$r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1",
intval($uid),
intval($gid),
intval($member)
);
if(count($r))
return true; // You might question this, but
return true; // You might question this, but
// we indicate success because the group member was in fact created
// -- It was just created at another time
if(! count($r))

24
include/notifier.php

@ -443,7 +443,7 @@ function notifier_run(&$argv, &$argc){
set_config('system','site_prvkey', $res['prvkey']);
set_config('system','site_pubkey', $res['pubkey']);
}
$rp = q("SELECT `resource-id` , `scale`, type FROM `photo`
WHERE `profile` = 1 AND `uid` = %d ORDER BY scale;", $uid);
$photos = array();
@ -635,15 +635,15 @@ function notifier_run(&$argv, &$argc){
else
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($contact['dfrn-id']));
$x = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`,
`contact`.`pubkey` AS `cpubkey`,
`contact`.`prvkey` AS `cprvkey`,
`contact`.`thumb` AS `thumb`,
$x = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`,
`contact`.`pubkey` AS `cpubkey`,
`contact`.`prvkey` AS `cprvkey`,
`contact`.`thumb` AS `thumb`,
`contact`.`url` as `url`,
`contact`.`name` as `senderName`,
`user`.*
FROM `contact`
INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
`user`.*
FROM `contact`
INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE `contact`.`blocked` = 0 AND `contact`.`archive` = 0
AND `contact`.`pending` = 0
AND `contact`.`network` = '%s' AND `user`.`nickname` = '%s'
@ -656,7 +656,7 @@ function notifier_run(&$argv, &$argc){
if($x && count($x)) {
$write_flag = ((($x[0]['rel']) && ($x[0]['rel'] != CONTACT_IS_SHARING)) ? true : false);
if((($owner['page-flags'] == PAGE_COMMUNITY) || ($write_flag)) && (! $x[0]['writable'])) {
q("update contact set writable = 1 where id = %d limit 1",
q("update contact set writable = 1 where id = %d",
intval($x[0]['id'])
);
$x[0]['writable'] = 1;
@ -730,7 +730,7 @@ function notifier_run(&$argv, &$argc){
case NETWORK_MAIL:
case NETWORK_MAIL2:
if(get_config('system','dfrn_only'))
break;
@ -755,7 +755,7 @@ function notifier_run(&$argv, &$argc){
}
if(! $it)
break;
$local_user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
@ -763,7 +763,7 @@ function notifier_run(&$argv, &$argc){
);
if(! count($local_user))
break;
$reply_to = '';
$r1 = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
intval($uid)

12
include/oauth.php

@ -1,8 +1,8 @@
<?php
/**
/**
* OAuth server
* Based on oauth2-php <http://code.google.com/p/oauth2-php/>
*
*
*/
define('REQUEST_TOKEN_DURATION', 300);
@ -15,11 +15,11 @@ class FKOAuthDataStore extends OAuthDataStore {
function gen_token(){
return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
}
function lookup_consumer($consumer_key) {
logger(__function__.":".$consumer_key);
//echo "<pre>"; var_dump($consumer_key); killme();
$r = q("SELECT client_id, pw, redirect_uri FROM clients WHERE client_id='%s'",
dbesc($consumer_key)
);
@ -129,7 +129,7 @@ class FKOAuth1 extends OAuthServer {
$this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
$this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
}
function loginUser($uid){
logger("FKOAuth1::loginUser $uid");
$a = get_app();
@ -167,7 +167,7 @@ class FKOAuth1 extends OAuthServer {
$a->cid = $r[0]['id'];
$_SESSION['cid'] = $a->cid;
}
q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d LIMIT 1",
q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d",
dbesc(datetime_convert()),
intval($_SESSION['uid'])
);

6
include/security.php

@ -36,7 +36,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
$a->timezone = $a->user['timezone'];
}
$master_record = $a->user;
$master_record = $a->user;
if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
$r = q("select * from user where uid = %d limit 1",
@ -81,7 +81,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
if($login_initial || $login_refresh) {
$l = get_browser_language();
q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d LIMIT 1",
q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d",
dbesc(datetime_convert()),
dbesc($l),
intval($_SESSION['uid'])
@ -209,7 +209,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
}
}
if($remote_verified) {
$gs = '<<>>'; // should be impossible to match
if(is_array($groups) && count($groups)) {

10
include/text.php

@ -482,9 +482,9 @@ if(! function_exists('photo_new_resource')) {
/**
* Generate a guaranteed unique photo ID.
* safe from birthday paradox
*
*
* @return string
*/
*/
function photo_new_resource() {
do {
@ -505,7 +505,7 @@ if(! function_exists('load_view_file')) {
* @deprecated
* wrapper to load a view template, checking for alternate
* languages before falling back to the default
*
*
* @global string $lang
* @global App $a
* @param string $s view name
@ -2076,7 +2076,7 @@ function file_tag_save_file($uid,$item,$file) {
);
if(count($r)) {
if(! stristr($r[0]['file'],'[' . file_tag_encode($file) . ']'))
q("update item set file = '%s' where id = %d and uid = %d limit 1",
q("update item set file = '%s' where id = %d and uid = %d",
dbesc($r[0]['file'] . '[' . file_tag_encode($file) . ']'),
intval($item),
intval($uid)
@ -2107,7 +2107,7 @@ function file_tag_unsave_file($uid,$item,$file,$cat = false) {
if(! count($r))
return false;
q("update item set file = '%s' where id = %d and uid = %d limit 1",
q("update item set file = '%s' where id = %d and uid = %d",
dbesc(str_replace($pattern,'',$r[0]['file'])),
intval($item),
intval($uid)

3
mod/community.php

@ -65,13 +65,12 @@ function community_content(&$a, $update = 0) {
}
//$r = q("SELECT distinct(`item`.`uri`)
$r = q("SELECT `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
`user`.`nickname`, `user`.`hidewall`
FROM `thread` FORCE INDEX (`visible_deleted_moderated_private_wall_received`)
FROM `thread` FORCE INDEX (`wall_private_received`)
INNER JOIN `user` ON `user`.`uid` = `thread`.`uid` AND `user`.`hidewall` = 0
INNER JOIN `item` ON `item`.`id` = `thread`.`iid`
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''

4
mod/crepair.php

@ -62,7 +62,7 @@ function crepair_post(&$a) {
$remote_self = ((x($_POST,'remote_self')) ? $_POST['remote_self'] : false);
$r = q("UPDATE `contact` SET `name` = '%s', `nick` = '%s', `url` = '%s', `request` = '%s', `confirm` = '%s', `notify` = '%s', `poll` = '%s', `attag` = '%s' , `remote_self` = %d
WHERE `id` = %d AND `uid` = %d LIMIT 1",
WHERE `id` = %d AND `uid` = %d",
dbesc($name),
dbesc($nick),
dbesc($url),
@ -88,7 +88,7 @@ function crepair_post(&$a) {
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s'
WHERE `id` = %d LIMIT 1
WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),

92
mod/dfrn_confirm.php

@ -52,7 +52,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(! $uid) {
notice( t('Permission denied.') . EOL );
return;
}
}
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($uid)
@ -61,7 +61,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(! $user) {
notice( t('Profile not found.') . EOL );
return;
}
}
// These data elements may come from either the friend request notification form or $handsfree array.
@ -153,7 +153,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
// Save the private key. Send them the public key.
$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($private_key),
intval($contact_id),
intval($uid)
@ -258,7 +258,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
case 1:
// birthday paradox - generate new dfrn-id and fall through.
$new_dfrn_id = random_string();
$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($new_dfrn_id),
intval($contact_id),
intval($uid)
@ -279,17 +279,17 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
}
if(($status == 0) && ($intro_id)) {
// Success. Delete the notification.
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
intval($intro_id),
intval($uid)
);
}
if($status != 0)
if($status != 0)
return;
}
@ -319,19 +319,19 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(($relation == CONTACT_IS_SHARING) && ($duplex))
$duplex = 0;
$r = q("UPDATE `contact` SET
`photo` = '%s',
$r = q("UPDATE `contact` SET
`photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`micro` = '%s',
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`pending` = 0,
`duplex` = %d,
`hidden` = %d,
`network` = 'dfrn' WHERE `id` = %d LIMIT 1
`network` = 'dfrn' WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -345,7 +345,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
intval($contact_id)
);
}
else {
else {
// $network !== NETWORK_DFRN
@ -378,27 +378,27 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$writable = 1;
}
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
intval($intro_id),
intval($uid)
);
$r = q("UPDATE `contact` SET `photo` = '%s',
$r = q("UPDATE `contact` SET `photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`notify` = '%s',
`poll` = '%s',
`blocked` = 0,
`blocked` = 0,
`pending` = 0,
`network` = '%s',
`writable` = %d,
`hidden` = %d,
`rel` = %d
WHERE `id` = %d LIMIT 1
WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -413,7 +413,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
intval($hidden),
intval($new_relation),
intval($contact_id)
);
);
}
if($r === false)
@ -511,7 +511,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if($handsfree === null)
goaway($a->get_baseurl() . '/contacts/' . intval($contact_id));
else
return;
return;
//NOTREACHED
}
@ -538,7 +538,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$duplex = ((x($_POST,'duplex')) ? intval($_POST['duplex']) : 0 );
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 );
$version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
$forum = (($page == 1) ? 1 : 0);
$prv = (($page == 2) ? 1 : 0);
@ -640,7 +640,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
// NOTREACHED
}
$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d",
dbesc($decrypted_dfrn_id),
dbesc($dfrn_pubkey),
intval($dfrn_record)
@ -651,10 +651,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
}
// It's possible that the other person also requested friendship.
// If it is a duplex relationship, ditch the issued-id if one exists.
// If it is a duplex relationship, ditch the issued-id if one exists.
if($duplex) {
$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d",
intval($dfrn_record)
);
}
@ -670,7 +670,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$photo = $r[0]['photo'];
else
$photo = $a->get_baseurl() . '/images/person-175.jpg';
require_once("include/Photo.php");
$photos = import_profile_photo($photo,$local_uid,$dfrn_record);
@ -684,20 +684,20 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(($relation == CONTACT_IS_FOLLOWER) && ($duplex))
$duplex = 0;
$r = q("UPDATE `contact` SET
`photo` = '%s',
`thumb` = '%s',
$r = q("UPDATE `contact` SET
`photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`pending` = 0,
`duplex` = %d,
`duplex` = %d,
`forum` = %d,
`prv` = %d,
`network` = '%s' WHERE `id` = %d LIMIT 1
`network` = '%s' WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -733,10 +733,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if((count($r)) && ($r[0]['notify-flags'] & NOTIFY_CONFIRM)) {
push_lang($r[0]['language']);
$tpl = (($new_relation == CONTACT_IS_FRIEND)
$tpl = (($new_relation == CONTACT_IS_FRIEND)
? get_intltext_template('friend_complete_eml.tpl')
: get_intltext_template('intro_complete_eml.tpl'));
$email_tpl = replace_macros($tpl, array(
'$sitename' => $a->config['sitename'],
'$siteurl' => $a->get_baseurl(),

28
mod/dfrn_request.php

@ -70,19 +70,19 @@ function dfrn_request_post(&$a) {
$confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
$hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
$contact_record = null;
if(x($dfrn_url)) {
/**
* Lookup the contact based on their URL (which is the only unique thing we have at the moment)
*/
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1",
intval(local_user()),
dbesc($dfrn_url),
dbesc(normalise_link($dfrn_url))
);
if(count($r)) {
if(strlen($r[0]['dfrn-id'])) {
@ -283,11 +283,11 @@ function dfrn_request_post(&$a) {
if(count($r)) {
foreach($r as $rr) {
if(! $rr['rel']) {
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `contact` WHERE `id` = %d",
intval($rr['cid'])
);
}
q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `intro` WHERE `id` = %d",
intval($rr['iid'])
);
}
@ -298,9 +298,9 @@ function dfrn_request_post(&$a) {
* Cleanup any old email intros - which will have a greater lifetime
*/
$r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel`
$r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel`
FROM `intro` LEFT JOIN `contact` on `intro`.`contact-id` = `contact`.`id`
WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0
WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0
AND `contact`.`network` = '%s'
AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 3 DAY ",
dbesc(NETWORK_MAIL2)
@ -308,11 +308,11 @@ function dfrn_request_post(&$a) {
if(count($r)) {
foreach($r as $rr) {
if(! $rr['rel']) {
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `contact` WHERE `id` = %d",
intval($rr['cid'])
);
}
q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `intro` WHERE `id` = %d",
intval($rr['iid'])
);
}
@ -455,7 +455,7 @@ function dfrn_request_post(&$a) {
logger('dfrn_request: url: ' . $url);
if(! strlen($url)) {
notice( t("Unable to resolve your name at the provided location.") . EOL);
notice( t("Unable to resolve your name at the provided location.") . EOL);
return;
}
@ -555,14 +555,14 @@ function dfrn_request_post(&$a) {
);
// find the contact record we just created
if($r) {
$r = q("SELECT `id` FROM `contact`
if($r) {
$r = q("SELECT `id` FROM `contact`
WHERE `uid` = %d AND `url` = '%s' AND `issued-id` = '%s' LIMIT 1",
intval($uid),
$parms['url'],
$parms['issued-id']
);
if(count($r))
if(count($r))
$contact_record = $r[0];
}
@ -701,7 +701,7 @@ function dfrn_request_content(&$a) {
if(count($r)) {
if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP))
$auto_confirm = true;
$auto_confirm = true;
if(! $auto_confirm) {
require_once('include/enotify.php');

18
mod/events.php

@ -28,7 +28,7 @@ function events_post(&$a) {
$adjust = intval($_POST['adjust']);
$nofinish = intval($_POST['nofinish']);
// The default setting for the `private` field in event_store() is false, so mirror that
// The default setting for the `private` field in event_store() is false, so mirror that
$private_event = false;
@ -142,14 +142,14 @@ function events_content(&$a) {
}
if(($a->argc > 2) && ($a->argv[1] === 'ignore') && intval($a->argv[2])) {
$r = q("update event set ignore = 1 where id = %d and uid = %d limit 1",
$r = q("update event set ignore = 1 where id = %d and uid = %d",
intval($a->argv[2]),
intval(local_user())
);
}
if(($a->argc > 2) && ($a->argv[1] === 'unignore') && intval($a->argv[2])) {
$r = q("update event set ignore = 0 where id = %d and uid = %d limit 1",
$r = q("update event set ignore = 0 where id = %d and uid = %d",
intval($a->argv[2]),
intval(local_user())
);
@ -372,16 +372,16 @@ function events_content(&$a) {
'$previus' => array($a->get_baseurl()."/events/$prevyear/$prevmonth",t('Previous'),'',''),
'$next' => array($a->get_baseurl()."/events/$nextyear/$nextmonth",t('Next'),'',''),
'$calendar' => cal($y,$m,$links, ' eventcal'),
'$events' => $events,
));
if (x($_GET,'id')){ echo $o; killme(); }
return $o;
}
if($mode === 'edit' && $event_id) {

4
mod/fsuggest.php

@ -52,7 +52,7 @@ function fsuggest_post(&$a) {
);
if(count($r)) {
$fsuggest_id = $r[0]['id'];
q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($note),
intval($fsuggest_id),
intval(local_user())
@ -108,4 +108,4 @@ function fsuggest_content(&$a) {
$o .= '</form>';
return $o;
}
}

16
mod/group.php

@ -22,7 +22,7 @@ function group_post(&$a) {
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
check_form_security_token_redirectOnErr('/group/new', 'group_edit');
$name = notags(trim($_POST['groupname']));
$r = group_add(local_user(),$name);
if($r) {
@ -32,13 +32,13 @@ function group_post(&$a) {
goaway($a->get_baseurl() . '/group/' . $r);
}
else
notice( t('Could not create group.') . EOL );
notice( t('Could not create group.') . EOL );
goaway($a->get_baseurl() . '/group');
return; // NOTREACHED
}
if(($a->argc == 2) && (intval($a->argv[1]))) {
check_form_security_token_redirectOnErr('/group', 'group_edit');
$r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[1]),
intval(local_user())
@ -51,7 +51,7 @@ function group_post(&$a) {
$group = $r[0];
$groupname = notags(trim($_POST['groupname']));
if((strlen($groupname)) && ($groupname != $group['name'])) {
$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($groupname),
intval(local_user()),
intval($group['id'])
@ -88,7 +88,7 @@ function group_content(&$a) {
);
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
return replace_macros($tpl, $context + array(
'$title' => t('Create a group of contacts/friends.'),
'$gname' => array('groupname',t('Group Name: '), '', ''),
@ -101,13 +101,13 @@ function group_content(&$a) {
if(($a->argc == 3) && ($a->argv[1] === 'drop')) {
check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
if(intval($a->argv[2])) {
$r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]),
intval(local_user())
);
if(count($r))
if(count($r))
$result = group_rmv(local_user(),$r[0]['name']);
if($result)
info( t('Group removed.') . EOL);
@ -120,7 +120,7 @@ function group_content(&$a) {
if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
check_form_security_token_ForbiddenOnErr('group_member_change', 't');
$r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1",
intval($a->argv[2]),
intval(local_user())

10
mod/like.php

@ -109,7 +109,7 @@ function like_content(&$a) {
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
$r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
$r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
AND `contact-id` = %d AND ( `parent` = '%s' OR `parent-uri` = '%s' OR `thr-parent` = '%s') LIMIT 1",
dbesc($activity),
intval($contact['id']),
@ -121,7 +121,7 @@ function like_content(&$a) {
$like_item = $r[0];
// Already voted, undo it
$r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
intval($like_item['id'])
);
@ -207,14 +207,14 @@ EOT;
$arr['unseen'] = 1;
$arr['last-child'] = 0;
$post_id = item_store($arr);
$post_id = item_store($arr);
if(! $item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d",
intval($item['id']),
intval($owner_uid)
);
}
}
// Save the author information for the like in case we need to relay to Diaspora

4
mod/lostpass.php

@ -25,7 +25,7 @@ function lostpass_post(&$a) {
$new_password = autoname(12) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password);
$r = q("UPDATE `user` SET `pwdreset` = '%s' WHERE `uid` = %d LIMIT 1",
$r = q("UPDATE `user` SET `pwdreset` = '%s' WHERE `uid` = %d",
dbesc($new_password_encoded),
intval($uid)
);
@ -74,7 +74,7 @@ function lostpass_content(&$a) {
$new_password = autoname(6) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password);
$r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d LIMIT 1",
$r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d",
dbesc($new_password_encoded),
intval($uid)
);

10
mod/mood.php

@ -12,8 +12,8 @@ function mood_init(&$a) {
$uid = local_user();
$verb = notags(trim($_GET['verb']));
if(! $verb)
if(! $verb)
return;
$verbs = get_mood_verbs();
@ -30,7 +30,7 @@ function mood_init(&$a) {
if($parent) {
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
from item where id = %d and parent = %d and uid = %d limit 1",
intval($parent),
intval($parent),
@ -90,7 +90,7 @@ function mood_init(&$a) {
$item_id = item_store($arr);
if($item_id) {
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($a->get_baseurl() . '/display/' . $poster['nickname'] . '/' . $item_id),
intval($uid),
intval($item_id)
@ -139,4 +139,4 @@ function mood_content(&$a) {
return $o;
}
}

4
mod/notifications.php

@ -33,7 +33,7 @@ function notifications_post(&$a) {
$fid = $r[0]['fid'];
if($_POST['submit'] == t('Discard')) {
$r = q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
$r = q("DELETE FROM `intro` WHERE `id` = %d",
intval($intro_id)
);
if(! $fid) {
@ -41,7 +41,7 @@ function notifications_post(&$a) {
// The check for blocked and pending is in case the friendship was already approved
// and we just want to get rid of the now pointless notification
$r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1 LIMIT 1",
$r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1",
intval($contact_id),
intval(local_user())
);

20
mod/poke.php

@ -12,8 +12,8 @@ function poke_init(&$a) {
$uid = local_user();
$verb = notags(trim($_GET['verb']));
if(! $verb)
if(! $verb)
return;
$verbs = get_poke_verbs();
@ -46,7 +46,7 @@ function poke_init(&$a) {
$target = $r[0];
if($parent) {
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid