friendica
/
friendica
mirror of https://github.com/friendica/friendica.git
4
7
Fork 3
Code Issues Releases 15 Wiki Activity
Browse Source

More "LIMIT 1" removed - and some other SQL improvements.

pull/927/head
Michael Vogel 8 years ago
parent
9f4ef7c105
commit
6e7bd68ebb
34 changed files with 271 additions and 258 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      include/Contact.php
  2. 12
      include/acl_selectors.php
  3. 44
      include/api.php
  4. 2
      include/cache.php
  5. 6
      include/datetime.php
  6. 16
      include/enotify.php
  7. 8
      include/event.php
  8. 20
      include/follow.php
  9. 18
      include/group.php
  10. 24
      include/notifier.php
  11. 12
      include/oauth.php
  12. 6
      include/security.php
  13. 10
      include/text.php
  14. 3
      mod/community.php
  15. 4
      mod/crepair.php
  16. 92
      mod/dfrn_confirm.php
  17. 28
      mod/dfrn_request.php
  18. 18
      mod/events.php
  19. 4
      mod/fsuggest.php
  20. 16
      mod/group.php
  21. 10
      mod/like.php
  22. 4
      mod/lostpass.php
  23. 10
      mod/mood.php
  24. 4
      mod/notifications.php
  25. 20
      mod/poke.php
  26. 26
      mod/profile_photo.php
  27. 18
      mod/profiles.php
  28. 8
      mod/profperm.php
  29. 18
      mod/settings.php
  30. 2
      mod/starred.php
  31. 8
      mod/subthread.php
  32. 22
      mod/tagger.php
  33. 2
      mod/tagrm.php
  34. 24
      update.php

10
include/Contact.php
Unescape View File

@ -64,13 +64,13 @@ function contact_remove($id) {
$archive = get_pconfig($r[0]['uid'], 'system','archive_removed_contacts');
if($archive) {
q("update contact set `archive` = 1, `network` = 'none', `writable` = 0 where id = %d limit 1",
q("update contact set `archive` = 1, `network` = 'none', `writable` = 0 where id = %d",
intval($id)
);
return;
}
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `contact` WHERE `id` = %d",
intval($id)
);
q("DELETE FROM `item` WHERE `contact-id` = %d ",
@ -148,7 +148,7 @@ function mark_for_death($contact) {
return;
if($contact['term-date'] == '0000-00-00 00:00:00') {
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d LIMIT 1",
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
intval($contact['id'])
);
@ -166,7 +166,7 @@ function mark_for_death($contact) {
// archive them rather than delete
// though if the owner tries to unarchive them we'll start the whole process over again
q("update contact set `archive` = 1 where id = %d limit 1",
q("update contact set `archive` = 1 where id = %d",
intval($contact['id'])
);
q("UPDATE `item` SET `private` = 2 WHERE `contact-id` = %d AND `uid` = %d", intval($contact['id']), intval($contact['uid']));
@ -181,7 +181,7 @@ function mark_for_death($contact) {
if(! function_exists('unmark_for_death')) {
function unmark_for_death($contact) {
// It's a miracle. Our dead contact has inexplicably come back to life.
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d LIMIT 1",
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d",
dbesc('0000-00-00 00:00:00'),
intval($contact['id'])
);

12
include/acl_selectors.php
Unescape View File

@ -399,19 +399,19 @@ function acl_lookup(&$a, $out_type = 'json') {
} else {
$sql_extra = $sql_extra2 = "";
}
// count groups and contacts
if ($type=='' || $type=='g'){
$r = q("SELECT COUNT(`id`) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
$r = q("SELECT COUNT(*) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
intval(local_user())
);
$group_count = (int)$r[0]['g'];
} else {
$group_count = 0;
}
if ($type=='' || $type=='c'){
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
AND `notify` != '' $sql_extra2" ,
@ -423,7 +423,7 @@ function acl_lookup(&$a, $out_type = 'json') {
// autocomplete for Private Messages
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
AND `network` IN ('%s','%s','%s') $sql_extra2" ,
@ -439,7 +439,7 @@ function acl_lookup(&$a, $out_type = 'json') {
// autocomplete for Contacts
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `pending` = 0 $sql_extra2" ,
intval(local_user())

44
include/api.php
Unescape View File

@ -384,26 +384,26 @@
intval(api_user())
);
//AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
// count public wall messages
$r = q("SELECT COUNT(`id`) as `count` FROM `item`
$r = q("SELECT count(*) as `count` FROM `item` force index (uid_type)
WHERE `uid` = %d
AND `type`='wall'
AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
AND `type`='wall'",
intval($uinfo[0]['uid'])
);
$countitms = $r[0]['count'];
}
else {
$r = q("SELECT COUNT(`id`) as `count` FROM `item`
WHERE `contact-id` = %d
AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
//AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
$r = q("SELECT count(*) as `count` FROM `item`
WHERE `contact-id` = %d",
intval($uinfo[0]['id'])
);
$countitms = $r[0]['count'];
}
// count friends
$r = q("SELECT COUNT(`id`) as `count` FROM `contact`
$r = q("SELECT count(*) as `count` FROM `contact`
WHERE `uid` = %d AND `rel` IN ( %d, %d )
AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0",
intval($uinfo[0]['uid']),
@ -412,7 +412,7 @@
);
$countfriends = $r[0]['count'];
$r = q("SELECT COUNT(`id`) as `count` FROM `contact`
$r = q("SELECT count(*) as `count` FROM `contact`
WHERE `uid` = %d AND `rel` IN ( %d, %d )
AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0",
intval($uinfo[0]['uid']),
@ -421,7 +421,7 @@
);
$countfollowers = $r[0]['count'];
$r = q("SELECT count(`id`) as `count` FROM item where starred = 1 and uid = %d and deleted = 0",
$r = q("SELECT count(*) as `count` FROM item where starred = 1 and uid = %d and deleted = 0",
intval($uinfo[0]['uid'])
);
$starred = $r[0]['count'];
@ -528,7 +528,8 @@
$status_user["protected"] = (($item["allow_cid"] != "") OR
($item["allow_gid"] != "") OR
($item["deny_cid"] != "") OR
($item["deny_gid"] != ""));
($item["deny_gid"] != "") OR
$item["private"]);
return ($status_user);
}
@ -745,12 +746,27 @@
logger('api_status_show: user_info: '.print_r($user_info, true), LOGGER_DEBUG);
// get last public wall message
$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `c`.`nick` as `reply_author`, `i`.`author-link` AS `item-author`
FROM `item`, `contact`, `item` as `i`, `contact` as `c`
//$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `c`.`nick` as `reply_author`, `i`.`author-link` AS `item-author`
// FROM `item`, `contact`, `item` as `i`, `contact` as `c`
// WHERE `item`.`contact-id` = %d
// AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s')))
// AND `i`.`id` = `item`.`parent`
// AND `contact`.`id`=`item`.`contact-id` AND `c`.`id`=`i`.`contact-id` AND `contact`.`self`=1
// AND `item`.`type`!='activity'
// AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
// ORDER BY `item`.`created` DESC
// LIMIT 1",
// intval($user_info['cid']),
// dbesc($user_info['url']),
// dbesc(normalise_link($user_info['url'])),
// dbesc($user_info['url']),
// dbesc(normalise_link($user_info['url']))
//);
$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `i`.`author-link` AS `item-author`
FROM `item`, `item` as `i`
WHERE `item`.`contact-id` = %d
AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s')))
AND `i`.`id` = `item`.`parent`
AND `contact`.`id`=`item`.`contact-id` AND `c`.`id`=`i`.`contact-id` AND `contact`.`self`=1
AND `item`.`type`!='activity'
AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
ORDER BY `item`.`created` DESC
@ -773,8 +789,6 @@
if ($lastwall['parent']!=$lastwall['id']) {
$in_reply_to_status_id= intval($lastwall['parent']);
$in_reply_to_status_id_str = (string) intval($lastwall['parent']);
//$in_reply_to_user_id = $lastwall['reply_uid'];
//$in_reply_to_screen_name = $lastwall['reply_author'];
$r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($lastwall['item-author'])));
if ($r) {

2
include/cache.php
Unescape View File

@ -47,7 +47,7 @@
* dbesc($key)
* );
* if(count($r)) {
* q("UPDATE `cache` SET `v` = '%s', `updated = '%s' WHERE `k` = '%s' limit 1",
* q("UPDATE `cache` SET `v` = '%s', `updated = '%s' WHERE `k` = '%s'",
* dbesc($value),
* dbesc(datetime_convert()),
* dbesc($key));

6
include/datetime.php
Unescape View File

@ -19,7 +19,7 @@ if(! function_exists('select_timezone')) {
function select_timezone($current = 'America/Los_Angeles') {
$timezone_identifiers = DateTimeZone::listIdentifiers();
$o ='<select id="timezone_select" name="timezone">';
usort($timezone_identifiers, 'timezone_cmp');
@ -487,11 +487,11 @@ function update_contact_birthdays() {
dbesc('birthday'),
intval(0)
);
// update bdyear
q("UPDATE `contact` SET `bdyear` = '%s', `bd` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `contact` SET `bdyear` = '%s', `bd` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc(substr($nextbd,0,4)),
dbesc($nextbd),
intval($rr['uid']),

16
include/enotify.php
Unescape View File

@ -255,10 +255,10 @@ function notification($params) {
$sitelink = $h['sitelink'];
$tsitelink = $h['tsitelink'];
$hsitelink = $h['hsitelink'];
$itemlink = $h['itemlink'];
$itemlink = $h['itemlink'];
require_once('include/html2bbcode.php');
require_once('include/html2bbcode.php');
do {
$dups = false;
@ -331,7 +331,7 @@ function notification($params) {
);
if($p && (count($p) > 1)) {
for ($d = 1; $d < count($p); $d ++) {
q("delete from notify where id = %d limit 1",
q("delete from notify where id = %d",
intval($p[$d]['id'])
);
}
@ -353,12 +353,12 @@ function notification($params) {
$itemlink = $a->get_baseurl() . '/notify/view/' . $notify_id;
$msg = replace_macros($epreamble,array('$itemlink' => $itemlink));
$r = q("update notify set msg = '%s' where id = %d and uid = %d limit 1",
$r = q("update notify set msg = '%s' where id = %d and uid = %d",
dbesc($msg),
intval($notify_id),
intval($params['uid'])
);
// send email notification if notification preferences permit
@ -370,15 +370,15 @@ function notification($params) {
$id_for_parent = "${params['parent']}@${hostname}";
// Is this the first email notification for this parent item and user?
$r = q("select `id` from `notify-threads` where `master-parent-item` = %d and `receiver-uid` = %d limit 1",
$r = q("select `id` from `notify-threads` where `master-parent-item` = %d and `receiver-uid` = %d limit 1",
intval($params['parent']),
intval($params['uid']) );
// If so, create the record of it and use a message-id smtp header.
if(!$r) {
logger("notify_id:" . intval($notify_id). ", parent: " . intval($params['parent']) . "uid: " .
logger("notify_id:" . intval($notify_id). ", parent: " . intval($params['parent']) . "uid: " .
intval($params['uid']), LOGGER_DEBUG);
$r = q("insert into `notify-threads` (`notify-id`, `master-parent-item`, `receiver-uid`, `parent-item`)
values(%d,%d,%d,%d)",

8
include/event.php
Unescape View File

@ -207,7 +207,7 @@ function event_store($arr) {
$arr['created'] = (($arr['created']) ? $arr['created'] : datetime_convert());
$arr['edited'] = (($arr['edited']) ? $arr['edited'] : datetime_convert());
$arr['type'] = (($arr['type']) ? $arr['type'] : 'event' );
$arr['type'] = (($arr['type']) ? $arr['type'] : 'event' );
$arr['cid'] = ((intval($arr['cid'])) ? intval($arr['cid']) : 0);
$arr['uri'] = (x($arr,'uri') ? $arr['uri'] : item_new_uri($a->get_hostname(),$arr['uid']));
$arr['private'] = ((x($arr,'private')) ? intval($arr['private']) : 0);
@ -263,7 +263,7 @@ function event_store($arr) {
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s'
WHERE `id` = %d AND `uid` = %d LIMIT 1",
WHERE `id` = %d AND `uid` = %d",
dbesc($arr['edited']),
dbesc($arr['start']),
@ -291,7 +291,7 @@ function event_store($arr) {
$object .= '</object>' . "\n";
q("UPDATE `item` SET `body` = '%s', `object` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `edited` = '%s', `private` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `item` SET `body` = '%s', `object` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `edited` = '%s', `private` = %d WHERE `id` = %d AND `uid` = %d",
dbesc(format_event_bbcode($arr)),
dbesc($object),
dbesc($arr['allow_cid']),
@ -390,7 +390,7 @@ function event_store($arr) {
if($item_id) {
q("UPDATE `item` SET `plink` = '%s', `event-id` = %d WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `item` SET `plink` = '%s', `event-id` = %d WHERE `uid` = %d AND `id` = %d",
dbesc($plink),
intval($event['id']),
intval($arr['uid']),

20
include/follow.php
Unescape View File

@ -111,7 +111,7 @@ function new_contact($uid,$url,$interactive = false) {
if($ret['network'] === NETWORK_MAIL) {
$writeable = 1;
}
if($ret['network'] === NETWORK_DIASPORA)
$writeable = 1;
@ -123,13 +123,13 @@ function new_contact($uid,$url,$interactive = false) {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `poll` = '%s' LIMIT 1",
intval($uid),
dbesc($ret['poll'])
);
);
if(count($r)) {
// update contact
if($r[0]['rel'] == CONTACT_IS_FOLLOWER || ($network === NETWORK_DIASPORA && $r[0]['rel'] == CONTACT_IS_SHARING)) {
q("UPDATE `contact` SET `rel` = %d , `subhub` = %d, `readonly` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `contact` SET `rel` = %d , `subhub` = %d, `readonly` = 0 WHERE `id` = %d AND `uid` = %d",
intval(CONTACT_IS_FRIEND),
intval($subhub),
intval($r[0]['id']),
@ -222,13 +222,13 @@ function new_contact($uid,$url,$interactive = false) {
$photos = import_profile_photo($ret['photo'],$uid,$contact_id);
$r = q("UPDATE `contact` SET `photo` = '%s',
$r = q("UPDATE `contact` SET `photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s'
WHERE `id` = %d LIMIT 1
WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -237,7 +237,7 @@ function new_contact($uid,$url,$interactive = false) {
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($contact_id)
);
);
// pull feed and consume it, which should subscribe to the hub.
@ -262,7 +262,7 @@ function new_contact($uid,$url,$interactive = false) {
'$ostat_follow' => ''
));
$r = q("SELECT `contact`.*, `user`.* FROM `contact` INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
$r = q("SELECT `contact`.*, `user`.* FROM `contact` INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE `user`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
intval($uid)
);

18
include/group.php
Unescape View File

@ -8,17 +8,17 @@ function group_add($uid,$name) {
$r = group_byname($uid,$name); // check for dups
if($r !== false) {
// This could be a problem.
// This could be a problem.
// Let's assume we've just created a group which we once deleted
// all the old members are gone, but the group remains so we don't break any security
// access lists. What we're doing here is reviving the dead group, but old content which
// was restricted to this group may now be seen by the new group members.
// was restricted to this group may now be seen by the new group members.
$z = q("SELECT * FROM `group` WHERE `id` = %d LIMIT 1",
intval($r)
);
if(count($z) && $z[0]['deleted']) {
$r = q("UPDATE `group` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
$r = q("UPDATE `group` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s'",
intval($uid),
dbesc($name)
);
@ -32,7 +32,7 @@ function group_add($uid,$name) {
dbesc($name)
);
$ret = $r;
}
}
return $ret;
}
@ -87,7 +87,7 @@ function group_rmv($uid,$name) {
);
// remove group
$r = q("UPDATE `group` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
$r = q("UPDATE `group` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s'",
intval($uid),
dbesc($name)
);
@ -117,13 +117,13 @@ function group_rmv_member($uid,$name,$member) {
return false;
if(! ( $uid && $gid && $member))
return false;
$r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1 ",
$r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d",
intval($uid),
intval($gid),
intval($member)
);
return $r;
}
@ -134,13 +134,13 @@ function group_add_member($uid,$name,$member,$gid = 0) {
if((! $gid) || (! $uid) || (! $member))
return false;
$r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1",
$r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1",
intval($uid),
intval($gid),
intval($member)
);
if(count($r))
return true; // You might question this, but
return true; // You might question this, but
// we indicate success because the group member was in fact created
// -- It was just created at another time
if(! count($r))

24
include/notifier.php
Unescape View File

@ -443,7 +443,7 @@ function notifier_run(&$argv, &$argc){
set_config('system','site_prvkey', $res['prvkey']);
set_config('system','site_pubkey', $res['pubkey']);
}
$rp = q("SELECT `resource-id` , `scale`, type FROM `photo`
WHERE `profile` = 1 AND `uid` = %d ORDER BY scale;", $uid);
$photos = array();
@ -635,15 +635,15 @@ function notifier_run(&$argv, &$argc){
else
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($contact['dfrn-id']));
$x = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`,
`contact`.`pubkey` AS `cpubkey`,
`contact`.`prvkey` AS `cprvkey`,
`contact`.`thumb` AS `thumb`,
$x = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`,
`contact`.`pubkey` AS `cpubkey`,
`contact`.`prvkey` AS `cprvkey`,
`contact`.`thumb` AS `thumb`,
`contact`.`url` as `url`,
`contact`.`name` as `senderName`,
`user`.*
FROM `contact`
INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
`user`.*
FROM `contact`
INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE `contact`.`blocked` = 0 AND `contact`.`archive` = 0
AND `contact`.`pending` = 0
AND `contact`.`network` = '%s' AND `user`.`nickname` = '%s'
@ -656,7 +656,7 @@ function notifier_run(&$argv, &$argc){
if($x && count($x)) {
$write_flag = ((($x[0]['rel']) && ($x[0]['rel'] != CONTACT_IS_SHARING)) ? true : false);
if((($owner['page-flags'] == PAGE_COMMUNITY) || ($write_flag)) && (! $x[0]['writable'])) {
q("update contact set writable = 1 where id = %d limit 1",
q("update contact set writable = 1 where id = %d",
intval($x[0]['id'])
);
$x[0]['writable'] = 1;
@ -730,7 +730,7 @@ function notifier_run(&$argv, &$argc){
case NETWORK_MAIL:
case NETWORK_MAIL2:
if(get_config('system','dfrn_only'))
break;
@ -755,7 +755,7 @@ function notifier_run(&$argv, &$argc){
}
if(! $it)
break;
$local_user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
@ -763,7 +763,7 @@ function notifier_run(&$argv, &$argc){
);
if(! count($local_user))
break;
$reply_to = '';
$r1 = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
intval($uid)

12
include/oauth.php
Unescape View File

@ -1,8 +1,8 @@
<?php
/**
/**
* OAuth server
* Based on oauth2-php <http://code.google.com/p/oauth2-php/>
*
*
*/
define('REQUEST_TOKEN_DURATION', 300);
@ -15,11 +15,11 @@ class FKOAuthDataStore extends OAuthDataStore {
function gen_token(){
return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
}
function lookup_consumer($consumer_key) {
logger(__function__.":".$consumer_key);
//echo "<pre>"; var_dump($consumer_key); killme();
$r = q("SELECT client_id, pw, redirect_uri FROM clients WHERE client_id='%s'",
dbesc($consumer_key)
);
@ -129,7 +129,7 @@ class FKOAuth1 extends OAuthServer {
$this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
$this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
}
function loginUser($uid){
logger("FKOAuth1::loginUser $uid");
$a = get_app();
@ -167,7 +167,7 @@ class FKOAuth1 extends OAuthServer {
$a->cid = $r[0]['id'];
$_SESSION['cid'] = $a->cid;
}
q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d LIMIT 1",
q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d",
dbesc(datetime_convert()),
intval($_SESSION['uid'])
);

6
include/security.php
Unescape View File

@ -36,7 +36,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
$a->timezone = $a->user['timezone'];
}
$master_record = $a->user;
$master_record = $a->user;
if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
$r = q("select * from user where uid = %d limit 1",
@ -81,7 +81,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
if($login_initial || $login_refresh) {
$l = get_browser_language();
q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d LIMIT 1",
q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d",
dbesc(datetime_convert()),
dbesc($l),
intval($_SESSION['uid'])
@ -209,7 +209,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
}
}
if($remote_verified) {
$gs = '<<>>'; // should be impossible to match
if(is_array($groups) && count($groups)) {

10
include/text.php
Unescape View File

@ -482,9 +482,9 @@ if(! function_exists('photo_new_resource')) {
/**
* Generate a guaranteed unique photo ID.
* safe from birthday paradox
*
*
* @return string
*/
*/
function photo_new_resource() {
do {
@ -505,7 +505,7 @@ if(! function_exists('load_view_file')) {
* @deprecated
* wrapper to load a view template, checking for alternate
* languages before falling back to the default
*
*
* @global string $lang
* @global App $a
* @param string $s view name
@ -2076,7 +2076,7 @@ function file_tag_save_file($uid,$item,$file) {
);
if(count($r)) {
if(! stristr($r[0]['file'],'[' . file_tag_encode($file) . ']'))
q("update item set file = '%s' where id = %d and uid = %d limit 1",
q("update item set file = '%s' where id = %d and uid = %d",
dbesc($r[0]['file'] . '[' . file_tag_encode($file) . ']'),
intval($item),
intval($uid)
@ -2107,7 +2107,7 @@ function file_tag_unsave_file($uid,$item,$file,$cat = false) {
if(! count($r))
return false;
q("update item set file = '%s' where id = %d and uid = %d limit 1",
q("update item set file = '%s' where id = %d and uid = %d",
dbesc(str_replace($pattern,'',$r[0]['file'])),
intval($item),
intval($uid)

3
mod/community.php
Unescape View File

@ -65,13 +65,12 @@ function community_content(&$a, $update = 0) {
}
//$r = q("SELECT distinct(`item`.`uri`)
$r = q("SELECT `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
`user`.`nickname`, `user`.`hidewall`
FROM `thread` FORCE INDEX (`visible_deleted_moderated_private_wall_received`)
FROM `thread` FORCE INDEX (`wall_private_received`)
INNER JOIN `user` ON `user`.`uid` = `thread`.`uid` AND `user`.`hidewall` = 0
INNER JOIN `item` ON `item`.`id` = `thread`.`iid`
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''

4
mod/crepair.php
Unescape View File

@ -62,7 +62,7 @@ function crepair_post(&$a) {
$remote_self = ((x($_POST,'remote_self')) ? $_POST['remote_self'] : false);
$r = q("UPDATE `contact` SET `name` = '%s', `nick` = '%s', `url` = '%s', `request` = '%s', `confirm` = '%s', `notify` = '%s', `poll` = '%s', `attag` = '%s' , `remote_self` = %d
WHERE `id` = %d AND `uid` = %d LIMIT 1",
WHERE `id` = %d AND `uid` = %d",
dbesc($name),
dbesc($nick),
dbesc($url),
@ -88,7 +88,7 @@ function crepair_post(&$a) {
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s'
WHERE `id` = %d LIMIT 1
WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),

92
mod/dfrn_confirm.php
Unescape View File

@ -52,7 +52,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(! $uid) {
notice( t('Permission denied.') . EOL );
return;
}
}
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($uid)
@ -61,7 +61,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(! $user) {
notice( t('Profile not found.') . EOL );
return;
}
}
// These data elements may come from either the friend request notification form or $handsfree array.
@ -153,7 +153,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
// Save the private key. Send them the public key.
$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($private_key),
intval($contact_id),
intval($uid)
@ -258,7 +258,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
case 1:
// birthday paradox - generate new dfrn-id and fall through.
$new_dfrn_id = random_string();
$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($new_dfrn_id),
intval($contact_id),
intval($uid)
@ -279,17 +279,17 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
}
if(($status == 0) && ($intro_id)) {
// Success. Delete the notification.
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
intval($intro_id),
intval($uid)
);
}
if($status != 0)
if($status != 0)
return;
}
@ -319,19 +319,19 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(($relation == CONTACT_IS_SHARING) && ($duplex))
$duplex = 0;
$r = q("UPDATE `contact` SET
`photo` = '%s',
$r = q("UPDATE `contact` SET
`photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`micro` = '%s',
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`pending` = 0,
`duplex` = %d,
`hidden` = %d,
`network` = 'dfrn' WHERE `id` = %d LIMIT 1
`network` = 'dfrn' WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -345,7 +345,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
intval($contact_id)
);
}
else {
else {
// $network !== NETWORK_DFRN
@ -378,27 +378,27 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$writable = 1;
}
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
intval($intro_id),
intval($uid)
);
$r = q("UPDATE `contact` SET `photo` = '%s',
$r = q("UPDATE `contact` SET `photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`notify` = '%s',
`poll` = '%s',
`blocked` = 0,
`blocked` = 0,
`pending` = 0,
`network` = '%s',
`writable` = %d,
`hidden` = %d,
`rel` = %d
WHERE `id` = %d LIMIT 1
WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -413,7 +413,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
intval($hidden),
intval($new_relation),
intval($contact_id)
);
);
}
if($r === false)
@ -511,7 +511,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if($handsfree === null)
goaway($a->get_baseurl() . '/contacts/' . intval($contact_id));
else
return;
return;
//NOTREACHED
}
@ -538,7 +538,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$duplex = ((x($_POST,'duplex')) ? intval($_POST['duplex']) : 0 );
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 );
$version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
$forum = (($page == 1) ? 1 : 0);
$prv = (($page == 2) ? 1 : 0);
@ -640,7 +640,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
// NOTREACHED
}
$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d",
dbesc($decrypted_dfrn_id),
dbesc($dfrn_pubkey),
intval($dfrn_record)
@ -651,10 +651,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
}
// It's possible that the other person also requested friendship.
// If it is a duplex relationship, ditch the issued-id if one exists.
// If it is a duplex relationship, ditch the issued-id if one exists.
if($duplex) {
$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d",
intval($dfrn_record)
);
}
@ -670,7 +670,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$photo = $r[0]['photo'];
else
$photo = $a->get_baseurl() . '/images/person-175.jpg';
require_once("include/Photo.php");
$photos = import_profile_photo($photo,$local_uid,$dfrn_record);
@ -684,20 +684,20 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(($relation == CONTACT_IS_FOLLOWER) && ($duplex))
$duplex = 0;
$r = q("UPDATE `contact` SET
`photo` = '%s',
`thumb` = '%s',
$r = q("UPDATE `contact` SET
`photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`pending` = 0,
`duplex` = %d,
`duplex` = %d,
`forum` = %d,
`prv` = %d,
`network` = '%s' WHERE `id` = %d LIMIT 1
`network` = '%s' WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -733,10 +733,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if((count($r)) && ($r[0]['notify-flags'] & NOTIFY_CONFIRM)) {
push_lang($r[0]['language']);
$tpl = (($new_relation == CONTACT_IS_FRIEND)
$tpl = (($new_relation == CONTACT_IS_FRIEND)
? get_intltext_template('friend_complete_eml.tpl')
: get_intltext_template('intro_complete_eml.tpl'));
$email_tpl = replace_macros($tpl, array(
'$sitename' => $a->config['sitename'],
'$siteurl' => $a->get_baseurl(),

28
mod/dfrn_request.php
Unescape View File

@ -70,19 +70,19 @@ function dfrn_request_post(&$a) {
$confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
$hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
$contact_record = null;
if(x($dfrn_url)) {
/**
* Lookup the contact based on their URL (which is the only unique thing we have at the moment)
*/
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1",
intval(local_user()),
dbesc($dfrn_url),
dbesc(normalise_link($dfrn_url))
);
if(count($r)) {
if(strlen($r[0]['dfrn-id'])) {
@ -283,11 +283,11 @@ function dfrn_request_post(&$a) {
if(count($r)) {
foreach($r as $rr) {
if(! $rr['rel']) {
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `contact` WHERE `id` = %d",
intval($rr['cid'])
);
}
q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `intro` WHERE `id` = %d",
intval($rr['iid'])
);
}
@ -298,9 +298,9 @@ function dfrn_request_post(&$a) {
* Cleanup any old email intros - which will have a greater lifetime
*/
$r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel`
$r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel`
FROM `intro` LEFT JOIN `contact` on `intro`.`contact-id` = `contact`.`id`
WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0
WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0
AND `contact`.`network` = '%s'
AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 3 DAY ",
dbesc(NETWORK_MAIL2)
@ -308,11 +308,11 @@ function dfrn_request_post(&$a) {
if(count($r)) {
foreach($r as $rr) {
if(! $rr['rel']) {
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `contact` WHERE `id` = %d",
intval($rr['cid'])
);
}
q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `intro` WHERE `id` = %d",
intval($rr['iid'])
);
}
@ -455,7 +455,7 @@ function dfrn_request_post(&$a) {
logger('dfrn_request: url: ' . $url);
if(! strlen($url)) {
notice( t("Unable to resolve your name at the provided location.") . EOL);
notice( t("Unable to resolve your name at the provided location.") . EOL);
return;
}
@ -555,14 +555,14 @@ function dfrn_request_post(&$a) {
);
// find the contact record we just created
if($r) {
$r = q("SELECT `id` FROM `contact`
if($r) {
$r = q("SELECT `id` FROM `contact`
WHERE `uid` = %d AND `url` = '%s' AND `issued-id` = '%s' LIMIT 1",
intval($uid),
$parms['url'],
$parms['issued-id']
);
if(count($r))
if(count($r))
$contact_record = $r[0];
}
@ -701,7 +701,7 @@ function dfrn_request_content(&$a) {
if(count($r)) {
if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP))
$auto_confirm = true;
$auto_confirm = true;
if(! $auto_confirm) {
require_once('include/enotify.php');

18
mod/events.php
Unescape View File

@ -28,7 +28,7 @@ function events_post(&$a) {
$adjust = intval($_POST['adjust']);
$nofinish = intval($_POST['nofinish']);
// The default setting for the `private` field in event_store() is false, so mirror that
// The default setting for the `private` field in event_store() is false, so mirror that
$private_event = false;
@ -142,14 +142,14 @@ function events_content(&$a) {
}
if(($a->argc > 2) && ($a->argv[1] === 'ignore') && intval($a->argv[2])) {
$r = q("update event set ignore = 1 where id = %d and uid = %d limit 1",
$r = q("update event set ignore = 1 where id = %d and uid = %d",
intval($a->argv[2]),
intval(local_user())
);
}
if(($a->argc > 2) && ($a->argv[1] === 'unignore') && intval($a->argv[2])) {
$r = q("update event set ignore = 0 where id = %d and uid = %d limit 1",
$r = q("update event set ignore = 0 where id = %d and uid = %d",
intval($a->argv[2]),
intval(local_user())
);
@ -372,16 +372,16 @@ function events_content(&$a) {
'$previus' => array($a->get_baseurl()."/events/$prevyear/$prevmonth",t('Previous'),'',''),
'$next' => array($a->get_baseurl()."/events/$nextyear/$nextmonth",t('Next'),'',''),
'$calendar' => cal($y,$m,$links, ' eventcal'),
'$events' => $events,
));
if (x($_GET,'id')){ echo $o; killme(); }
return $o;
}
if($mode === 'edit' && $event_id) {

4
mod/fsuggest.php
Unescape View File

@ -52,7 +52,7 @@ function fsuggest_post(&$a) {
);
if(count($r)) {
$fsuggest_id = $r[0]['id'];
q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($note),
intval($fsuggest_id),
intval(local_user())
@ -108,4 +108,4 @@ function fsuggest_content(&$a) {
$o .= '</form>';
return $o;
}
}

16
mod/group.php
Unescape View File

@ -22,7 +22,7 @@ function group_post(&$a) {
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
check_form_security_token_redirectOnErr('/group/new', 'group_edit');
$name = notags(trim($_POST['groupname']));
$r = group_add(local_user(),$name);
if($r) {
@ -32,13 +32,13 @@ function group_post(&$a) {
goaway($a->get_baseurl() . '/group/' . $r);
}
else
notice( t('Could not create group.') . EOL );
notice( t('Could not create group.') . EOL );
goaway($a->get_baseurl() . '/group');
return; // NOTREACHED
}
if(($a->argc == 2) && (intval($a->argv[1]))) {
check_form_security_token_redirectOnErr('/group', 'group_edit');
$r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[1]),
intval(local_user())
@ -51,7 +51,7 @@ function group_post(&$a) {
$group = $r[0];
$groupname = notags(trim($_POST['groupname']));
if((strlen($groupname)) && ($groupname != $group['name'])) {
$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($groupname),
intval(local_user()),
intval($group['id'])
@ -88,7 +88,7 @@ function group_content(&$a) {
);
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
return replace_macros($tpl, $context + array(
'$title' => t('Create a group of contacts/friends.'),
'$gname' => array('groupname',t('Group Name: '), '', ''),
@ -101,13 +101,13 @@ function group_content(&$a) {
if(($a->argc == 3) && ($a->argv[1] === 'drop')) {
check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
if(intval($a->argv[2])) {
$r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]),
intval(local_user())
);
if(count($r))
if(count($r))
$result = group_rmv(local_user(),$r[0]['name']);
if($result)
info( t('Group removed.') . EOL);
@ -120,7 +120,7 @@ function group_content(&$a) {
if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
check_form_security_token_ForbiddenOnErr('group_member_change', 't');
$r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1",
intval($a->argv[2]),
intval(local_user())

10
mod/like.php
Unescape View File

@ -109,7 +109,7 @@ function like_content(&$a) {
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
$r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
$r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
AND `contact-id` = %d AND ( `parent` = '%s' OR `parent-uri` = '%s' OR `thr-parent` = '%s') LIMIT 1",
dbesc($activity),
intval($contact['id']),
@ -121,7 +121,7 @@ function like_content(&$a) {
$like_item = $r[0];
// Already voted, undo it
$r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
intval($like_item['id'])
);
@ -207,14 +207,14 @@ EOT;
$arr['unseen'] = 1;
$arr['last-child'] = 0;
$post_id = item_store($arr);
$post_id = item_store($arr);
if(! $item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d",
intval($item['id']),
intval($owner_uid)
);
}
}
// Save the author information for the like in case we need to relay to Diaspora

4
mod/lostpass.php
Unescape View File

@ -25,7 +25,7 @@ function lostpass_post(&$a) {
$new_password = autoname(12) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password);
$r = q("UPDATE `user` SET `pwdreset` = '%s' WHERE `uid` = %d LIMIT 1",
$r = q("UPDATE `user` SET `pwdreset` = '%s' WHERE `uid` = %d",
dbesc($new_password_encoded),
intval($uid)
);
@ -74,7 +74,7 @@ function lostpass_content(&$a) {
$new_password = autoname(6) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password);
$r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d LIMIT 1",
$r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d",
dbesc($new_password_encoded),
intval($uid)
);

10
mod/mood.php
Unescape View File

@ -12,8 +12,8 @@ function mood_init(&$a) {
$uid = local_user();
$verb = notags(trim($_GET['verb']));
if(! $verb)
if(! $verb)
return;
$verbs = get_mood_verbs();
@ -30,7 +30,7 @@ function mood_init(&$a) {
if($parent) {
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
from item where id = %d and parent = %d and uid = %d limit 1",
intval($parent),
intval($parent),
@ -90,7 +90,7 @@ function mood_init(&$a) {
$item_id = item_store($arr);
if($item_id) {
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($a->get_baseurl() . '/display/' . $poster['nickname'] . '/' . $item_id),
intval($uid),
intval($item_id)
@ -139,4 +139,4 @@ function mood_content(&$a) {
return $o;
}
}

4
mod/notifications.php
Unescape View File

@ -33,7 +33,7 @@ function notifications_post(&$a) {
$fid = $r[0]['fid'];
if($_POST['submit'] == t('Discard')) {
$r = q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
$r = q("DELETE FROM `intro` WHERE `id` = %d",
intval($intro_id)
);
if(! $fid) {
@ -41,7 +41,7 @@ function notifications_post(&$a) {
// The check for blocked and pending is in case the friendship was already approved
// and we just want to get rid of the now pointless notification
$r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1 LIMIT 1",
$r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1",
intval($contact_id),
intval(local_user())
);

20
mod/poke.php
Unescape View File

@ -12,8 +12,8 @@ function poke_init(&$a) {
$uid = local_user();
$verb = notags(trim($_GET['verb']));
if(! $verb)
if(! $verb)
return;
$verbs = get_poke_verbs();
@ -46,7 +46,7 @@ function poke_init(&$a) {
$target = $r[0];
if($parent) {
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
from item where id = %d and parent = %d and uid = %d limit 1",
intval($parent),
intval($parent),
@ -111,7 +111,7 @@ function poke_init(&$a) {
$item_id = item_store($arr);
if($item_id) {
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($a->get_baseurl() . '/display/' . $poster['nickname'] . '/' . $item_id),
intval($uid),
intval($item_id)
@ -156,20 +156,20 @@ function poke_content(&$a) {
$a->page['htmlhead'] .= '<script src="' . $a->get_baseurl(true) . '/library/jquery_ac/friendica.complete.js" ></script>';
$a->page['htmlhead'] .= <<< EOT
<script>$(document).ready(function() {
var a;
a = $("#poke-recip").autocomplete({
<script>$(document).ready(function() {
var a;
a = $("#poke-recip").autocomplete({
serviceUrl: '$base/acl',
minChars: 2,
width: 350,
onSelect: function(value,data) {
$("#poke-recip-complete").val(data);
}