diff --git a/include/Contact.php b/include/Contact.php index 7d480ab020..69c3b121f8 100644 --- a/include/Contact.php +++ b/include/Contact.php @@ -9,27 +9,27 @@ use Friendica\Network\Probe; // authorisation to do this. function user_remove($uid) { - if(! $uid) + if (!$uid) { return; + } + logger('Removing user: ' . $uid); - $r = q("select * from user where uid = %d limit 1", intval($uid)); + $r = dba::select('user', array(), array('uid' => $uid), array("limit" => 1)); - call_hooks('remove_user',$r[0]); + call_hooks('remove_user',$r); // save username (actually the nickname as it is guaranteed // unique), so it cannot be re-registered in the future. - q("insert into userd ( username ) values ( '%s' )", - $r[0]['nickname'] - ); + dba::insert('userd', array('username' => $r['nickname'])); // The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php) q("UPDATE `user` SET `account_removed` = 1, `account_expires_on` = UTC_TIMESTAMP() WHERE `uid` = %d", intval($uid)); proc_run(PRIORITY_HIGH, "include/notifier.php", "removeme", $uid); // Send an update to the directory - proc_run(PRIORITY_LOW, "include/directory.php", $r[0]['url']); + proc_run(PRIORITY_LOW, "include/directory.php", $r['url']); if($uid == local_user()) { unset($_SESSION['authenticated']); diff --git a/include/Photo.php b/include/Photo.php index f02ee130a0..78d448fbc2 100644 --- a/include/Photo.php +++ b/include/Photo.php @@ -628,92 +628,24 @@ class Photo { public function store($uid, $cid, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '', $desc = '') { - $r = q("SELECT `guid` FROM `photo` WHERE `resource-id` = '%s' AND `guid` != '' LIMIT 1", - dbesc($rid) - ); + $r = dba::select('photo', array('guid'), array("`resource-id` = ? AND `guid` != ?", $rid, ''), array('limit' => 1)); if (dbm::is_result($r)) { - $guid = $r[0]['guid']; + $guid = $r['guid']; } else { $guid = get_guid(); } - $x = q("SELECT `id` FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `contact-id` = %d AND `scale` = %d LIMIT 1", - dbesc($rid), - intval($uid), - intval($cid), - intval($scale) - ); - if (dbm::is_result($x)) { - $r = q("UPDATE `photo` - SET `uid` = %d, - `contact-id` = %d, - `guid` = '%s', - `resource-id` = '%s', - `created` = '%s', - `edited` = '%s', - `filename` = '%s', - `type` = '%s', - `album` = '%s', - `height` = %d, - `width` = %d, - `datasize` = %d, - `data` = '%s', - `scale` = %d, - `profile` = %d, - `allow_cid` = '%s', - `allow_gid` = '%s', - `deny_cid` = '%s', - `deny_gid` = '%s', - `desc` = '%s' - WHERE `id` = %d", + $x = dba::select('photo', array('id'), array('resource-id' => $rid, 'uid' => $uid, 'contact-id' => $cid, 'scale' => $scale), array('limit' => 1)); - intval($uid), - intval($cid), - dbesc($guid), - dbesc($rid), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(basename($filename)), - dbesc($this->getType()), - dbesc($album), - intval($this->getHeight()), - intval($this->getWidth()), - dbesc(strlen($this->imageString())), - dbesc($this->imageString()), - intval($scale), - intval($profile), - dbesc($allow_cid), - dbesc($allow_gid), - dbesc($deny_cid), - dbesc($deny_gid), - dbesc($desc), - intval($x[0]['id']) - ); + $fields = array('uid' => $uid, 'contact-id' => $cid, 'guid' => $guid, 'resource-id' => $rid, 'created' => datetime_convert(), 'edited' => datetime_convert(), + 'filename' => basename($filename), 'type' => $this->getType(), 'album' => $album, 'height' => $this->getHeight(), 'width' => $this->getWidth(), + 'datasize' => strlen($this->imageString()), 'data' => $this->imageString(), 'scale' => $scale, 'profile' => $profile, + 'allow_cid' => $allow_cid, 'allow_gid' => $allow_gid, 'deny_cid' => $deny_cid, 'deny_gid' => $deny_gid, 'desc' => $desc); + + if (dbm::is_result($x)) { + $r = dba::update('photo', $fields, array('id' => $x['id'])); } else { - $r = q("INSERT INTO `photo` - (`uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `datasize`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `desc`) - VALUES (%d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s')", - intval($uid), - intval($cid), - dbesc($guid), - dbesc($rid), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(basename($filename)), - dbesc($this->getType()), - dbesc($album), - intval($this->getHeight()), - intval($this->getWidth()), - dbesc(strlen($this->imageString())), - dbesc($this->imageString()), - intval($scale), - intval($profile), - dbesc($allow_cid), - dbesc($allow_gid), - dbesc($deny_cid), - dbesc($deny_gid), - dbesc($desc) - ); + $r = dba::insert('photo', $fields); } return $r; diff --git a/include/dba.php b/include/dba.php index 9bf7a67d46..bc38029351 100644 --- a/include/dba.php +++ b/include/dba.php @@ -7,11 +7,6 @@ require_once('include/datetime.php'); /** * @class MySQL database class * - * For debugging, insert 'dbg(1);' anywhere in the program flow. - * dbg(0); will turn it off. Logging is performed at LOGGER_DATA level. - * When logging, all binary info is converted to text and html entities are escaped so that - * the debugging stream is safe to view within both terminals and web pages. - * * This class is for the low level database stuff that does driver specific things. */ @@ -242,10 +237,6 @@ class dba { return $data; } - public function dbg($dbg) { - $this->debug = $dbg; - } - public function escape($str) { if ($this->db && $this->connected) { switch ($this->driver) { @@ -1291,24 +1282,6 @@ class dba { } } -function printable($s) { - $s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s); - $s = str_replace("\x00",'.',$s); - if (x($_SERVER,'SERVER_NAME')) { - $s = escape_tags($s); - } - return $s; -} - -// Procedural functions -function dbg($state) { - global $db; - - if ($db) { - $db->dbg($state); - } -} - function dbesc($str) { global $db; @@ -1361,76 +1334,6 @@ function q($sql) { return $data; } -/** - * @brief Performs a query with "dirty reads" - deprecated - * - * Please use the dba:: functions instead: - * dba::select, dba::exists, dba::insert - * dba::delete, dba::update, dba::p, dba::e - * - * @param $args Query parameters (1 to N parameters of different types) - * @return array Query array - */ -function qu($sql) { - global $db; - - $args = func_get_args(); - unset($args[0]); - - if ($db && $db->connected) { - $sql = $db->clean_query($sql); - $sql = $db->any_value_fallback($sql); - $stmt = @vsprintf($sql,$args); // Disabled warnings - if ($stmt === false) - logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true), LOGGER_DEBUG); - - $db->log_index($stmt); - - $retval = $db->q($stmt); - return $retval; - } - - /** - * - * This will happen occasionally trying to store the - * session data after abnormal program termination - * - */ - logger('dba: no database: ' . print_r($args,true)); - return false; -} - -/** - * - * Raw db query, no arguments - * - */ -function dbq($sql) { - global $db; - - if ($db && $db->connected) { - $ret = $db->q($sql); - } else { - $ret = false; - } - return $ret; -} - -// Caller is responsible for ensuring that any integer arguments to -// dbesc_array are actually integers and not malformed strings containing -// SQL injection vectors. All integer array elements should be specifically -// cast to int to avoid trouble. -function dbesc_array_cb(&$item, $key) { - if (is_string($item)) - $item = dbesc($item); -} - -function dbesc_array(&$arr) { - if (is_array($arr) && count($arr)) { - array_walk($arr,'dbesc_array_cb'); - } -} - function dba_timer() { return microtime(true); } diff --git a/include/dfrn.php b/include/dfrn.php index c8e89fe40f..9a821a9d91 100644 --- a/include/dfrn.php +++ b/include/dfrn.php @@ -1669,9 +1669,7 @@ class dfrn { $msg["seen"] = 0; $msg["replied"] = 0; - dbm::esc_array($msg, true); - - $r = dbq("INSERT INTO `mail` (`".implode("`, `", array_keys($msg))."`) VALUES (".implode(", ", array_values($msg)).")"); + dba::insert('mail', $msg); // send notifications. /// @TODO Arange this mess diff --git a/include/items.php b/include/items.php index f2ee2311b7..4b61641627 100644 --- a/include/items.php +++ b/include/items.php @@ -955,7 +955,7 @@ function item_store($arr, $force_parent = false, $notify = false, $dontcache = f * An unique index would help - but the limitations of MySQL (maximum size of index values) prevent this. */ if ($arr["uid"] == 0) { - $r = qu("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = 0 LIMIT 1", dbesc(trim($arr['uri']))); + $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = 0 LIMIT 1", dbesc(trim($arr['uri']))); if (dbm::is_result($r)) { logger('Global item already stored. URI: '.$arr['uri'].' on network '.$arr['network'], LOGGER_DEBUG); return 0; diff --git a/include/message.php b/include/message.php index 6800663b5c..5914621416 100644 --- a/include/message.php +++ b/include/message.php @@ -60,22 +60,14 @@ function send_message($recipient=0, $body='', $subject='', $replyto=''){ $handles = $recip_handle . ';' . $sender_handle; - $r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ", - intval(local_user()), - dbesc($conv_guid), - dbesc($sender_handle), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc($subject), - dbesc($handles) - ); + $fields = array('uid' => local_user(), 'guid' => $conv_guid, 'creator' => $sender_handle, + 'created' => datetime_convert(), 'updated' => datetime_convert(), + 'subject' => $subject, 'recips' => $handles); + $r = dba::insert('conv', $fields); - $r = q("select * from conv where guid = '%s' and uid = %d limit 1", - dbesc($conv_guid), - intval(local_user()) - ); + $r = dba::select('conv', array('id', array('guid' => $conv_guid, 'uid' => local_user())), array('limit' => 1)); if (dbm::is_result($r)) - $convid = $r[0]['id']; + $convid = $r['id']; } if (! $convid) { @@ -194,28 +186,18 @@ function send_wallmessage($recipient='', $body='', $subject='', $replyto=''){ $handles = $recip_handle . ';' . $sender_handle; - $r = q("INSERT INTO `conv` (`uid`,`guid`,`creator`,`created`,`updated`,`subject`,`recips`) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ", - intval($recipient['uid']), - dbesc($conv_guid), - dbesc($sender_handle), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc($subject), - dbesc($handles) - ); + $fields = array('uid' => $recipient['uid'], 'guid' => $conv_guid, 'creator' => $sender_handle, + 'created' => datetime_convert(), 'updated' => datetime_convert(), + 'subject' => $subject, 'recips' => $handles); + $r = dba::insert('conv', $fields); - $r = q("SELECT * FROM `conv` WHERE `guid` = '%s' AND `uid` = %d LIMIT 1", - dbesc($conv_guid), - intval($recipient['uid']) - ); - - - if (! dbm::is_result($r)) { + $r = dba::select('conv', array('id', array('guid' => $conv_guid, 'uid' => $recipient['uid'])), array('limit' => 1)); + if (!dbm::is_result($r)) { logger('send message: conversation not found.'); return -4; } - $convid = $r[0]['id']; + $convid = $r['id']; $r = q("INSERT INTO `mail` ( `uid`, `guid`, `convid`, `from-name`, `from-photo`, `from-url`, `contact-id`, `title`, `body`, `seen`, `reply`, `replied`, `uri`, `parent-uri`, `created`, `unknown`) diff --git a/include/photos.php b/include/photos.php index 6e0002bd47..49ba83fa3c 100644 --- a/include/photos.php +++ b/include/photos.php @@ -48,7 +48,7 @@ function photo_albums($uid, $update = false) { if (!Config::get('system', 'no_count', false)) { /// @todo This query needs to be renewed. It is really slow // At this time we just store the data in the cache - $albums = qu("SELECT COUNT(DISTINCT `resource-id`) AS `total`, `album`, ANY_VALUE(`created`) AS `created` + $albums = q("SELECT COUNT(DISTINCT `resource-id`) AS `total`, `album`, ANY_VALUE(`created`) AS `created` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra GROUP BY `album` ORDER BY `created` DESC", @@ -58,7 +58,7 @@ function photo_albums($uid, $update = false) { ); } else { // This query doesn't do the count and is much faster - $albums = qu("SELECT DISTINCT(`album`), '' AS `total` + $albums = q("SELECT DISTINCT(`album`), '' AS `total` FROM `photo` USE INDEX (`uid_album_scale_created`) WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra", intval($uid), diff --git a/include/threads.php b/include/threads.php index 4cb8815693..906766da87 100644 --- a/include/threads.php +++ b/include/threads.php @@ -16,11 +16,7 @@ function add_thread($itemid, $onlyshadow = false) { $item['iid'] = $itemid; if (!$onlyshadow) { - $result = dbq("INSERT INTO `thread` (`" - .implode("`, `", array_keys($item)) - ."`) VALUES ('" - .implode("', '", array_values($item)) - ."')"); + $result = dba::insert('thread', $item); logger("Add thread for item ".$itemid." - ".print_r($result, true), LOGGER_DEBUG); } diff --git a/mod/admin.php b/mod/admin.php index 6d1adc7012..ee95a180a5 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -457,7 +457,7 @@ function admin_page_federation(App $a) { foreach ($platforms as $p) { // get a total count for the platform, the name and version of the // highest version and the protocol tpe - $c = qu('SELECT COUNT(*) AS `total`, ANY_VALUE(`platform`) AS `platform`, + $c = q('SELECT COUNT(*) AS `total`, ANY_VALUE(`platform`) AS `platform`, ANY_VALUE(`network`) AS `network`, MAX(`version`) AS `version` FROM `gserver` WHERE `platform` LIKE "%s" AND `last_contact` >= `last_failure` ORDER BY `version` ASC;', $p); @@ -465,7 +465,7 @@ function admin_page_federation(App $a) { // what versions for that platform do we know at all? // again only the active nodes - $v = qu('SELECT COUNT(*) AS `total`, `version` FROM `gserver` + $v = q('SELECT COUNT(*) AS `total`, `version` FROM `gserver` WHERE `last_contact` >= `last_failure` AND `platform` LIKE "%s" GROUP BY `version` ORDER BY `version`;', $p); @@ -644,13 +644,13 @@ function admin_page_summary(App $a) { logger('accounts: '.print_r($accounts,true),LOGGER_DATA); - $r = qu("SELECT COUNT(`id`) AS `count` FROM `register`"); + $r = q("SELECT COUNT(`id`) AS `count` FROM `register`"); $pending = $r[0]['count']; - $r = qu("SELECT COUNT(*) AS `total` FROM `queue` WHERE 1"); + $r = q("SELECT COUNT(*) AS `total` FROM `queue` WHERE 1"); $queue = (($r) ? $r[0]['total'] : 0); - $r = qu("SELECT COUNT(*) AS `total` FROM `workerqueue` WHERE NOT `done`"); + $r = q("SELECT COUNT(*) AS `total` FROM `workerqueue` WHERE NOT `done`"); $workerqueue = (($r) ? $r[0]['total'] : 0); // We can do better, but this is a quick queue status @@ -1487,7 +1487,7 @@ function admin_page_users(App $a) { /* get users */ - $total = qu("SELECT COUNT(*) AS `total` FROM `user` WHERE 1"); + $total = q("SELECT COUNT(*) AS `total` FROM `user` WHERE 1"); if (count($total)) { $a->set_pager_total($total[0]['total']); $a->set_pager_itemspage(100); @@ -1522,7 +1522,7 @@ function admin_page_users(App $a) { $sql_order = "`".str_replace('.','`.`',$order)."`"; $sql_order_direction = ($order_direction === "+")?"ASC":"DESC"; - $users = qu("SELECT `user`.*, `contact`.`name`, `contact`.`url`, `contact`.`micro`, `user`.`account_expired`, `contact`.`last-item` AS `lastitem_date` + $users = q("SELECT `user`.*, `contact`.`name`, `contact`.`url`, `contact`.`micro`, `user`.`account_expired`, `contact`.`last-item` AS `lastitem_date` FROM `user` INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self` WHERE `user`.`verified` diff --git a/mod/delegate.php b/mod/delegate.php index 4d35d46c70..4bccf1142a 100644 --- a/mod/delegate.php +++ b/mod/delegate.php @@ -35,10 +35,7 @@ function delegate_content(App $a) { dbesc(normalise_link(System::baseUrl() . '/profile/' . $r[0]['nickname'])) ); if (dbm::is_result($r)) { - q("insert into manage ( uid, mid ) values ( %d , %d ) ", - intval($a->argv[2]), - intval(local_user()) - ); + dba::insert('manage', array('uid' => $a->argv[2], 'mid' => local_user())); } } goaway(System::baseUrl() . '/delegate'); diff --git a/mod/nodeinfo.php b/mod/nodeinfo.php index 5cc2734c8e..e889d5a94e 100644 --- a/mod/nodeinfo.php +++ b/mod/nodeinfo.php @@ -188,7 +188,7 @@ function nodeinfo_cron() { } logger('cron_start'); - $users = qu("SELECT `user`.`uid`, `user`.`login_date`, `contact`.`last-item` + $users = q("SELECT `user`.`uid`, `user`.`login_date`, `contact`.`last-item` FROM `user` INNER JOIN `profile` ON `profile`.`uid` = `user`.`uid` AND `profile`.`is-default` INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self` @@ -220,7 +220,7 @@ function nodeinfo_cron() { Config::set('nodeinfo', 'active_users_monthly', $active_users_monthly); } - $posts = qu("SELECT COUNT(*) AS local_posts FROM `thread` WHERE `thread`.`wall` AND `thread`.`uid` != 0"); + $posts = q("SELECT COUNT(*) AS local_posts FROM `thread` WHERE `thread`.`wall` AND `thread`.`uid` != 0"); if (!is_array($posts)) { $local_posts = -1; @@ -231,7 +231,7 @@ function nodeinfo_cron() { logger('local_posts: '.$local_posts, LOGGER_DEBUG); - $posts = qu("SELECT COUNT(*) FROM `contact` + $posts = q("SELECT COUNT(*) FROM `contact` INNER JOIN `item` ON `item`.`contact-id` = `contact`.`id` AND `item`.`uid` = `contact`.`uid` AND `item`.`id` != `item`.`parent` AND `item`.`network` IN ('%s', '%s', '%s') WHERE `contact`.`self`", diff --git a/mod/photo.php b/mod/photo.php index 3c5fdd7be4..5896c90baa 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -74,7 +74,7 @@ function photo_init(App $a) { $uid = str_replace(array('.jpg','.png'),array('',''), $person); - $r = qu("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1", + $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1", intval($resolution), intval($uid) ); @@ -104,7 +104,7 @@ function photo_init(App $a) { } // check if the photo exists and get the owner of the photo - $r = qu("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", + $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", dbesc($photo), intval($resolution) ); @@ -114,7 +114,7 @@ function photo_init(App $a) { // Now we'll see if we can access the photo - $r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1", + $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1", dbesc($photo), intval($resolution) ); diff --git a/mod/photos.php b/mod/photos.php index ac54e0e096..6c9f4bd662 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -29,7 +29,7 @@ function photos_init(App $a) { if ($a->argc > 1) { $nick = $a->argv[1]; - $user = qu("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1", + $user = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1", dbesc($nick) ); @@ -153,7 +153,7 @@ function photos_post(App $a) { } if ($contact_id) { - $r = qu("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), intval($page_owner_uid) ); @@ -170,7 +170,7 @@ function photos_post(App $a) { killme(); } - $r = qu("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` + $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1", intval($page_owner_uid) ); @@ -192,7 +192,7 @@ function photos_post(App $a) { return; // NOTREACHED } - $r = qu("SELECT `album` FROM `photo` WHERE `album` = '%s' AND `uid` = %d", + $r = q("SELECT `album` FROM `photo` WHERE `album` = '%s' AND `uid` = %d", dbesc($album), intval($page_owner_uid) ); @@ -1378,7 +1378,7 @@ function photos_content(App $a) { else $order = 'DESC'; - $prvnxt = qu("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 + $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 $sql_extra ORDER BY `created` $order ", dbesc($ph[0]['album']), intval($owner_uid) @@ -1478,7 +1478,7 @@ function photos_content(App $a) { if (dbm::is_result($linked_items)) { $link_item = $linked_items[0]; - $r = qu("SELECT COUNT(*) AS `total` + $r = q("SELECT COUNT(*) AS `total` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` WHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0 and `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 @@ -1495,7 +1495,7 @@ function photos_content(App $a) { } - $r = qu("SELECT `item`.*, `item`.`id` AS `item_id`, + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`, `contact`.`rel`, `contact`.`thumb`, `contact`.`self`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` @@ -1835,7 +1835,7 @@ function photos_content(App $a) { // Default - show recent photos with upload link (if applicable) //$o = ''; - $r = qu("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' + $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra GROUP BY `resource-id`", intval($a->data['user']['uid']), dbesc('Contact Photos'), @@ -1846,7 +1846,7 @@ function photos_content(App $a) { $a->set_pager_itemspage(20); } - $r = qu("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, + $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`, ANY_VALUE(`album`) AS `album`, max(`scale`) AS `scale`, ANY_VALUE(`created`) AS `created` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' diff --git a/mod/ping.php b/mod/ping.php index 5a5bdcd589..59fa521214 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -118,7 +118,7 @@ function ping_init(App $a) $notifs = ping_get_notifications(local_user()); - $items_unseen = qu("SELECT `item`.`id`, `item`.`parent`, `item`.`verb`, `item`.`wall`, `item`.`author-name`, + $items_unseen = q("SELECT `item`.`id`, `item`.`parent`, `item`.`verb`, `item`.`wall`, `item`.`author-name`, `item`.`contact-id`, `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object`, `pitem`.`author-name` AS `pname`, `pitem`.`author-link` AS `plink` FROM `item` INNER JOIN `item` AS `pitem` ON `pitem`.`id` = `item`.`parent` @@ -167,13 +167,13 @@ function ping_init(App $a) } } - $intros1 = qu("SELECT `intro`.`id`, `intro`.`datetime`, + $intros1 = q("SELECT `intro`.`id`, `intro`.`datetime`, `fcontact`.`name`, `fcontact`.`url`, `fcontact`.`photo` FROM `intro` LEFT JOIN `fcontact` ON `intro`.`fid` = `fcontact`.`id` WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`fid` != 0", intval(local_user()) ); - $intros2 = qu("SELECT `intro`.`id`, `intro`.`datetime`, + $intros2 = q("SELECT `intro`.`id`, `intro`.`datetime`, `contact`.`name`, `contact`.`url`, `contact`.`photo` FROM `intro` LEFT JOIN `contact` ON `intro`.`contact-id` = `contact`.`id` WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`contact-id` != 0", @@ -184,7 +184,7 @@ function ping_init(App $a) $intros = $intros1 + $intros2; $myurl = System::baseUrl() . '/profile/' . $a->user['nickname'] ; - $mails = qu("SELECT `id`, `from-name`, `from-url`, `from-photo`, `created` FROM `mail` + $mails = q("SELECT `id`, `from-name`, `from-url`, `from-photo`, `created` FROM `mail` WHERE `uid` = %d AND `seen` = 0 AND `from-url` != '%s' ", intval(local_user()), dbesc($myurl) @@ -192,7 +192,7 @@ function ping_init(App $a) $mail_count = count($mails); if ($a->config['register_policy'] == REGISTER_APPROVE && is_site_admin()){ - $regs = qu("SELECT `contact`.`name`, `contact`.`url`, `contact`.`micro`, `register`.`created`, COUNT(*) AS `total` + $regs = q("SELECT `contact`.`name`, `contact`.`url`, `contact`.`micro`, `register`.`created`, COUNT(*) AS `total` FROM `contact` RIGHT JOIN `register` ON `register`.`uid` = `contact`.`uid` WHERE `contact`.`self` = 1"); @@ -204,7 +204,7 @@ function ping_init(App $a) $cachekey = "ping_init:".local_user(); $ev = Cache::get($cachekey); if (is_null($ev)) { - $ev = qu("SELECT type, start, adjust FROM `event` + $ev = q("SELECT type, start, adjust FROM `event` WHERE `event`.`uid` = %d AND `start` < '%s' AND `finish` > '%s' and `ignore` = 0 ORDER BY `start` ASC ", intval(local_user()), @@ -424,7 +424,7 @@ function ping_get_notifications($uid) $a = get_app(); do { - $r = qu("SELECT `notify`.*, `item`.`visible`, `item`.`spam`, `item`.`deleted` + $r = q("SELECT `notify`.*, `item`.`visible`, `item`.`spam`, `item`.`deleted` FROM `notify` LEFT JOIN `item` ON `item`.`id` = `notify`.`iid` WHERE `notify`.`uid` = %d AND `notify`.`msg` != '' AND NOT (`notify`.`type` IN (%d, %d)) diff --git a/mod/profiles.php b/mod/profiles.php index 42f4587563..4a1d1ad934 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -108,13 +108,7 @@ function profiles_init(App $a) { $r1[0]['net-publish'] = 0; $r1[0]['profile-name'] = dbesc($name); - dbm::esc_array($r1[0], true); - - $r2 = dbq("INSERT INTO `profile` (`" - . implode("`, `", array_keys($r1[0])) - . "`) VALUES (" - . implode(", ", array_values($r1[0])) - . ")" ); + dba::insert('profile', $r1[0]); $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1", intval(local_user()), diff --git a/mod/proxy.php b/mod/proxy.php index 20d02af85a..d6f76da70b 100644 --- a/mod/proxy.php +++ b/mod/proxy.php @@ -142,10 +142,10 @@ function proxy_init(App $a) { $r = array(); if (!$direct_cache && ($cachefile == '')) { - $r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", $urlhash); + $r = dba::select('photo', array('data', 'desc'), array('resource-id' => $urlhash), array('limit' => 1)); if (dbm::is_result($r)) { - $img_str = $r[0]['data']; - $mime = $r[0]['desc']; + $img_str = $r['data']; + $mime = $r['desc']; if ($mime == '') { $mime = 'image/jpeg'; } @@ -181,23 +181,11 @@ function proxy_init(App $a) { die(); } - q("INSERT INTO `photo` - ( `uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, `album`, `height`, `width`, `desc`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` ) - VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s' )", - 0, 0, get_guid(), dbesc($urlhash), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(basename(dbesc($_REQUEST['url']))), - dbesc(''), - intval(imagesy($image)), - intval(imagesx($image)), - $mime, - dbesc($img_str), - 100, - intval(0), - dbesc(''), dbesc(''), dbesc(''), dbesc('') - ); - + $fields = array('uid' => 0, 'contact-id' => 0, 'guid' => get_guid(), 'resource-id' => $urlhash, 'created' => datetime_convert(), 'edited' => datetime_convert(), + 'filename' => basename($_REQUEST['url']), 'type' => '', 'album' => '', 'height' => imagesy($image), 'width' => imagesx($image), + 'datasize' => 0, 'data' => $img_str, 'scale' => 100, 'profile' => 0, + 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '', 'desc' => $mime); + dba::insert('photo', $fields); } else { $img = new Photo($img_str, $mime); if ($img->is_valid() && !$direct_cache && ($cachefile == '')) { diff --git a/mod/search.php b/mod/search.php index 1975a05bf6..ee652ee8aa 100644 --- a/mod/search.php +++ b/mod/search.php @@ -11,7 +11,7 @@ function search_saved_searches() { $o = ''; - if(! feature_enabled(local_user(),'savedsearch')) + if (! feature_enabled(local_user(),'savedsearch')) return $o; $r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d", @@ -50,30 +50,23 @@ function search_init(App $a) { $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); - if(local_user()) { - if(x($_GET,'save') && $search) { + if (local_user()) { + if (x($_GET,'save') && $search) { $r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1", intval(local_user()), dbesc($search) ); - if (! dbm::is_result($r)) { - q("INSERT INTO `search` (`uid`,`term`) VALUES ( %d, '%s')", - intval(local_user()), - dbesc($search) - ); + if (!dbm::is_result($r)) { + dbm::insert('search', array('uid' => local_user(), 'term' => $search)); } } - if(x($_GET,'remove') && $search) { - q("DELETE FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1", - intval(local_user()), - dbesc($search) - ); + if (x($_GET,'remove') && $search) { + dbm::delete('search', array('uid' => local_user(), 'term' => $search)); } $a->page['aside'] .= search_saved_searches(); - } - else { + } else { unset($_SESSION['theme']); unset($_SESSION['mobile-theme']); } @@ -85,7 +78,7 @@ function search_init(App $a) { function search_post(App $a) { - if(x($_POST,'search')) + if (x($_POST,'search')) $a->data['search'] = $_POST['search']; } @@ -135,13 +128,13 @@ function search_content(App $a) { nav_set_selected('search'); - if(x($a->data,'search')) + if (x($a->data,'search')) $search = notags(trim($a->data['search'])); else $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); $tag = false; - if(x($_GET,'tag')) { + if (x($_GET,'tag')) { $tag = true; $search = ((x($_GET,'tag')) ? notags(trim(rawurldecode($_GET['tag']))) : ''); } @@ -154,18 +147,18 @@ function search_content(App $a) { '$content' => search($search,'search-box','search',((local_user()) ? true : false), false) )); - if(strpos($search,'#') === 0) { + if (strpos($search,'#') === 0) { $tag = true; $search = substr($search,1); } - if(strpos($search,'@') === 0) { + if (strpos($search,'@') === 0) { return dirfind_content($a); } - if(strpos($search,'!') === 0) { + if (strpos($search,'!') === 0) { return dirfind_content($a); } - if(x($_GET,'search-option')) + if (x($_GET,'search-option')) switch($_GET['search-option']) { case 'fulltext': break; @@ -180,7 +173,7 @@ function search_content(App $a) { break; } - if(! $search) + if (! $search) return $o; if (get_config('system','only_tag_search')) @@ -191,7 +184,7 @@ function search_content(App $a) { // OR your own posts if you are a logged in member // No items will be shown if the member has a blocked profile wall. - if($tag) { + if ($tag) { logger("Start tag search for '".$search."'", LOGGER_DEBUG); $r = q("SELECT %s @@ -224,7 +217,7 @@ function search_content(App $a) { } - if($tag) + if ($tag) $title = sprintf( t('Items tagged with: %s'), $search); else $title = sprintf( t('Results for: %s'), $search); diff --git a/mod/settings.php b/mod/settings.php index c98e1b99be..9970d32595 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -231,17 +231,12 @@ function settings_post(App $a) { intval(local_user()) ); if (! dbm::is_result($r)) { - q("INSERT INTO `mailacct` (`uid`) VALUES (%d)", - intval(local_user()) - ); + dba::insert('mailacct', array('uid' => local_user())); } if(strlen($mail_pass)) { $pass = ''; openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']); - q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d", - dbesc(bin2hex($pass)), - intval(local_user()) - ); + dba::update('mailacct', array('pass' => bin2hex($pass)), array('uid' => local_user())); } $r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s', `action` = %d, `movetofolder` = '%s', diff --git a/mod/suggest.php b/mod/suggest.php index 19e89f05ba..e71c726952 100644 --- a/mod/suggest.php +++ b/mod/suggest.php @@ -39,10 +39,7 @@ function suggest_init(App $a) { } // Now check how the user responded to the confirmation query if (!$_REQUEST['canceled']) { - q("INSERT INTO `gcign` ( `uid`, `gcid` ) VALUES ( %d, %d ) ", - intval(local_user()), - intval($_GET['ignore']) - ); + dba::insert('gcign', array('uid' => local_user(), 'gcid' => $_GET['ignore'])); } } diff --git a/mod/wall_attach.php b/mod/wall_attach.php index 8bf1fdbf19..9f455a19f3 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -138,21 +138,12 @@ function wall_attach_post(App $a) { $mimetype = z_mime_content_type($filename); $hash = get_guid(64); $created = datetime_convert(); - $r = q("INSERT INTO `attach` ( `uid`, `hash`, `filename`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` ) - VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", - intval($page_owner_uid), - dbesc($hash), - dbesc($filename), - dbesc($mimetype), - intval($filesize), - dbesc($filedata), - dbesc($created), - dbesc($created), - dbesc('<' . $page_owner_cid . '>'), - dbesc(''), - dbesc(''), - dbesc('') - ); + + $fields = array('uid' => $page_owner_uid, 'hash' => $hash, 'filename' => $filename, 'filetype' => $mimetype, + 'filesize' => $filesize, 'data' => $filedata, 'created' => $created, 'edited' => $created, + 'allow_cid' => '<' . $page_owner_cid . '>', 'allow_gid' => '','deny_cid' => '', 'deny_gid' => ''); + + $r = dba::insert('attach', $fields); @unlink($src);