diff --git a/include/api.php b/include/api.php index 892c036dcc..46903c53cf 100644 --- a/include/api.php +++ b/include/api.php @@ -4170,21 +4170,11 @@ function api_fr_photoalbum_update($type) throw new BadRequestException("no new albumname specified"); } // check if album is existing - $r = q( - "SELECT `id` FROM `photo` WHERE `uid` = %d AND `album` = '%s'", - intval(api_user()), - dbesc($album) - ); - if (!DBM::is_result($r)) { + if (!dba::exists('photo', ['uid' => api_user(), 'album' => $album])) { throw new BadRequestException("album not available"); } // now let's update all photos to the albumname - $result = q( - "UPDATE `photo` SET `album` = '%s' WHERE `uid` = %d AND `album` = '%s'", - dbesc($album_new), - intval(api_user()), - dbesc($album) - ); + $result = dba::update('photo', ['album' => $album_new], ['uid' => api_user(), 'album' => $album]); // return success of updating or error message if ($result) { @@ -4495,16 +4485,12 @@ function api_account_update_profile_image($type) // check if specified profile id is valid if ($profileid != 0) { - $r = q( - "SELECT `id` FROM `profile` WHERE `uid` = %d AND `id` = %d", - intval(api_user()), - intval($profileid) - ); + $profile = dba::selectFirst('profile', ['is-default'], ['uid' => api_user(), 'id' => $profileid]); // error message if specified profile id is not in database - if (!DBM::is_result($r)) { + if (!DBM::is_result($profile)) { throw new BadRequestException("profile_id not available"); } - $is_default_profile = $r['profile']; + $is_default_profile = $profile['is-default']; } else { $is_default_profile = 1; } @@ -4537,15 +4523,7 @@ function api_account_update_profile_image($type) q( "UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d", dbesc($data['photo']['id']), - intval(local_user()) - ); - - q( - "UPDATE `contact` SET `photo` = '%s', `thumb` = '%s', `micro` = '%s' WHERE `self` AND `uid` = %d", - dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-4.' . $fileext), - dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-5.' . $fileext), - dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-6.' . $fileext), - intval(local_user()) + intval(api_user()) ); } else { q( @@ -4553,18 +4531,11 @@ function api_account_update_profile_image($type) dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-4.' . $filetype), dbesc(System::baseUrl() . '/photo/' . $data['photo']['id'] . '-5.' . $filetype), intval($_REQUEST['profile']), - intval(local_user()) + intval(api_user()) ); } - // we'll set the updated profile-photo timestamp even if it isn't the default profile, - // so that browsers will do a cache update unconditionally - - q( - "UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d", - dbesc(DateTimeFormat::utcNow()), - intval(local_user()) - ); + Contact::updateSelfFromUserID(api_user(), true); // Update global directory in background //$user = api_get_user(get_app()); @@ -5044,15 +5015,9 @@ function api_friendica_remoteauth() $sec = random_string(); - q( - "INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`) - VALUES( %d, %s, '%s', '%s', %d )", - intval(api_user()), - intval($cid), - dbesc($dfrn_id), - dbesc($sec), - intval(time() + 45) - ); + $fields = ['uid' => api_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id, + 'sec' => $sec, 'expire' => time() + 45]; + dba::insert('profile_check', $fields); logger($contact['name'] . ' ' . $sec, LOGGER_DEBUG); $dest = ($url ? '&destination_url=' . $url : ''); @@ -6014,25 +5979,14 @@ function api_friendica_direct_messages_setseen($type) return api_format_data("direct_messages_setseen", $type, ['$result' => $answer]); } - // get data of the specified message id - $r = q( - "SELECT `id` FROM `mail` WHERE `id` = %d AND `uid` = %d", - intval($id), - intval($uid) - ); - // error message if specified id is not in database - if (!DBM::is_result($r)) { + if (!dba::exists('mail', ['id' => $id, 'uid' => $uid])) { $answer = ['result' => 'error', 'message' => 'message id not in database']; return api_format_data("direct_messages_setseen", $type, ['$result' => $answer]); } // update seen indicator - $result = q( - "UPDATE `mail` SET `seen` = 1 WHERE `id` = %d AND `uid` = %d", - intval($id), - intval($uid) - ); + $result = dba::update('mail', ['seen' => true], ['id' => $id]); if ($result) { // return success