From d616bb7564adc84047af4b7511cc586e95381254 Mon Sep 17 00:00:00 2001 From: Michael Date: Sat, 17 Mar 2018 06:17:32 +0000 Subject: [PATCH 1/4] Fix: In the contact search you had been able to delete your own contact --- mod/contacts.php | 15 +++++++++++++ mod/dirfind.php | 50 ++++++++++++++++++++----------------------- src/Model/Contact.php | 11 ++++++---- 3 files changed, 45 insertions(+), 31 deletions(-) diff --git a/mod/contacts.php b/mod/contacts.php index d77192e024..cd9021c17e 100644 --- a/mod/contacts.php +++ b/mod/contacts.php @@ -45,6 +45,14 @@ function contacts_init(App $a) } if (DBM::is_result($contact)) { + if ($contact['self']) { + if (($a->argc == 3) && intval($a->argv[1]) && ($a->argv[2] == "posts")) { + goaway('profile/' . $contact['nick']); + } else { + goaway('profile/' . $contact['nick'] . '?tab=profile'); + } + } + $a->data['contact'] = $contact; if (($a->data['contact']['network'] != "") && ($a->data['contact']['network'] != NETWORK_DFRN)) { @@ -940,6 +948,13 @@ function _contact_detail_for_template($rr) $sparkle = ''; } + if ($rr['self']) { + $dir_icon = 'images/larrow.gif'; + $alt_text = L10n::t('This is you'); + $url = $rr['url']; + $sparkle = ''; + } + return [ 'img_hover' => L10n::t('Visit %s\'s profile [%s]', $rr['name'], $rr['url']), 'edit_hover' => L10n::t('Edit contact'), diff --git a/mod/dirfind.php b/mod/dirfind.php index 9db4eeb7b6..52e7c2aa02 100644 --- a/mod/dirfind.php +++ b/mod/dirfind.php @@ -15,6 +15,7 @@ use Friendica\Model\Profile; use Friendica\Network\Probe; use Friendica\Protocol\PortableContact; use Friendica\Util\Network; +use Friendica\Database\DBM; require_once 'mod/contacts.php'; @@ -113,32 +114,28 @@ function dirfind_content(App $a, $prefix = "") { /// @TODO These 2 SELECTs are not checked on validity with DBM::is_result() $count = q("SELECT count(*) AS `total` FROM `gcontact` - LEFT JOIN `contact` ON `contact`.`nurl` = `gcontact`.`nurl` - AND `contact`.`network` = `gcontact`.`network` - AND `contact`.`uid` = %d AND NOT `contact`.`blocked` - AND NOT `contact`.`pending` AND `contact`.`rel` IN ('%s', '%s') - WHERE (`contact`.`id` > 0 OR (NOT `gcontact`.`hide` AND `gcontact`.`network` IN ('%s', '%s', '%s') AND - ((`gcontact`.`last_contact` >= `gcontact`.`last_failure`) OR (`gcontact`.`updated` >= `gcontact`.`last_failure`)))) AND - (`gcontact`.`url` LIKE '%s' OR `gcontact`.`name` LIKE '%s' OR `gcontact`.`location` LIKE '%s' OR - `gcontact`.`addr` LIKE '%s' OR `gcontact`.`about` LIKE '%s' OR `gcontact`.`keywords` LIKE '%s') $extra_sql", - intval(local_user()), dbesc(CONTACT_IS_SHARING), dbesc(CONTACT_IS_FRIEND), + LEFT JOIN `contact` ON `contact`.`nurl` = `gcontact`.`nurl` AND `contact`.`uid` = 0 + WHERE NOT `gcontact`.`hide` AND `gcontact`.`network` IN ('%s', '%s', '%s') AND + ((`gcontact`.`last_contact` >= `gcontact`.`last_failure`) OR + (`gcontact`.`updated` >= `gcontact`.`last_failure`)) AND + (`gcontact`.`url` LIKE '%s' OR `gcontact`.`name` LIKE '%s' OR + `gcontact`.`location` LIKE '%s' OR `gcontact`.`addr` LIKE '%s' OR + `gcontact`.`about` LIKE '%s' OR `gcontact`.`keywords` LIKE '%s') $extra_sql", dbesc(NETWORK_DFRN), dbesc($ostatus), dbesc($diaspora), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2))); - $results = q("SELECT `contact`.`id` AS `cid`, `gcontact`.`url`, `gcontact`.`name`, `gcontact`.`photo`, `gcontact`.`network`, `gcontact`.`keywords`, `gcontact`.`addr` + $results = q("SELECT `gcontact`.`nurl` FROM `gcontact` - LEFT JOIN `contact` ON `contact`.`nurl` = `gcontact`.`nurl` - AND `contact`.`network` = `gcontact`.`network` - AND `contact`.`uid` = %d AND NOT `contact`.`blocked` - AND NOT `contact`.`pending` AND `contact`.`rel` IN ('%s', '%s') - WHERE (`contact`.`id` > 0 OR (NOT `gcontact`.`hide` AND `gcontact`.`network` IN ('%s', '%s', '%s') AND - ((`gcontact`.`last_contact` >= `gcontact`.`last_failure`) OR (`gcontact`.`updated` >= `gcontact`.`last_failure`)))) AND - (`gcontact`.`url` LIKE '%s' OR `gcontact`.`name` LIKE '%s' OR `gcontact`.`location` LIKE '%s' OR - `gcontact`.`addr` LIKE '%s' OR `gcontact`.`about` LIKE '%s' OR `gcontact`.`keywords` LIKE '%s') $extra_sql + LEFT JOIN `contact` ON `contact`.`nurl` = `gcontact`.`nurl` AND `contact`.`uid` = 0 + WHERE NOT `gcontact`.`hide` AND `gcontact`.`network` IN ('%s', '%s', '%s') AND + ((`gcontact`.`last_contact` >= `gcontact`.`last_failure`) OR + (`gcontact`.`updated` >= `gcontact`.`last_failure`)) AND + (`gcontact`.`url` LIKE '%s' OR `gcontact`.`name` LIKE '%s' OR + `gcontact`.`location` LIKE '%s' OR `gcontact`.`addr` LIKE '%s' OR + `gcontact`.`about` LIKE '%s' OR `gcontact`.`keywords` LIKE '%s') $extra_sql GROUP BY `gcontact`.`nurl` ORDER BY `gcontact`.`updated` DESC LIMIT %d, %d", - intval(local_user()), dbesc(CONTACT_IS_SHARING), dbesc(CONTACT_IS_FRIEND), dbesc(NETWORK_DFRN), dbesc($ostatus), dbesc($diaspora), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), @@ -148,14 +145,14 @@ function dirfind_content(App $a, $prefix = "") { $j->items_page = $perpage; $j->page = $a->pager['page']; foreach ($results AS $result) { - if (PortableContact::alternateOStatusUrl($result["url"])) { + if (PortableContact::alternateOStatusUrl($result["nurl"])) { continue; } - $result = Contact::getDetailsByURL($result["url"], local_user(), $result); + $result = Contact::getDetailsByURL($result["nurl"], local_user()); if ($result["name"] == "") { - $urlparts = parse_url($result["url"]); + $urlparts = parse_url($result["nurl"]); $result["name"] = end(explode("/", $urlparts["path"])); } @@ -204,11 +201,10 @@ function dirfind_content(App $a, $prefix = "") { if ($jj->cid > 0) { $connlnk = ""; $conntxt = ""; - $contact = q("SELECT * FROM `contact` WHERE `id` = %d", - intval($jj->cid)); - if ($contact) { - $photo_menu = Contact::photoMenu($contact[0]); - $details = _contact_detail_for_template($contact[0]); + $contact = dba::selectFirst('contact', [], ['id' => $jj->cid]); + if (DBM::is_result($contact)) { + $photo_menu = Contact::photoMenu($contact); + $details = _contact_detail_for_template($contact); $alt_text = $details['alt_text']; } else { $photo_menu = []; diff --git a/src/Model/Contact.php b/src/Model/Contact.php index ae9c40e6ec..f0a1e52929 100644 --- a/src/Model/Contact.php +++ b/src/Model/Contact.php @@ -514,7 +514,7 @@ class Contact extends BaseObject } $sparkle = false; - if ($contact['network'] === NETWORK_DFRN) { + if (($contact['network'] === NETWORK_DFRN) && !$contact['self']) { $sparkle = true; $profile_link = System::baseUrl() . '/redir/' . $contact['id']; } else { @@ -531,18 +531,21 @@ class Contact extends BaseObject $profile_link = $profile_link . '?url=profile'; } - if (in_array($contact['network'], [NETWORK_DFRN, NETWORK_DIASPORA])) { + if (in_array($contact['network'], [NETWORK_DFRN, NETWORK_DIASPORA]) && !$contact['self']) { $pm_url = System::baseUrl() . '/message/new/' . $contact['id']; } - if ($contact['network'] == NETWORK_DFRN) { + if (($contact['network'] == NETWORK_DFRN) && !$contact['self']) { $poke_link = System::baseUrl() . '/poke/?f=&c=' . $contact['id']; } $contact_url = System::baseUrl() . '/contacts/' . $contact['id']; $posts_link = System::baseUrl() . '/contacts/' . $contact['id'] . '/posts'; - $contact_drop_link = System::baseUrl() . '/contacts/' . $contact['id'] . '/drop?confirm=1'; + + if (!$contact['self']) { + $contact_drop_link = System::baseUrl() . '/contacts/' . $contact['id'] . '/drop?confirm=1'; + } /** * Menu array: From 69918f4ae9415f2a5499a347d124a634040c93e2 Mon Sep 17 00:00:00 2001 From: Michael Date: Sat, 17 Mar 2018 06:54:47 +0000 Subject: [PATCH 2/4] Ignore obvious garbage results --- mod/dirfind.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/mod/dirfind.php b/mod/dirfind.php index 52e7c2aa02..da3fafce29 100644 --- a/mod/dirfind.php +++ b/mod/dirfind.php @@ -149,10 +149,17 @@ function dirfind_content(App $a, $prefix = "") { continue; } + $urlparts = parse_url($result["nurl"]); + + // Ignore results that look strange. + // For historic reasons the gcontact table does contain some garbage. + if (!empty($urlparts['query']) || !empty($urlparts['fragment'])) { + continue; + } + $result = Contact::getDetailsByURL($result["nurl"], local_user()); if ($result["name"] == "") { - $urlparts = parse_url($result["nurl"]); $result["name"] = end(explode("/", $urlparts["path"])); } From c7dc3f94c948ec5014a3361d5a757e291a3072ff Mon Sep 17 00:00:00 2001 From: Michael Date: Sat, 17 Mar 2018 07:12:28 +0000 Subject: [PATCH 3/4] Simplified query --- mod/dirfind.php | 28 +++++++++++----------------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/mod/dirfind.php b/mod/dirfind.php index da3fafce29..a5b26a9193 100644 --- a/mod/dirfind.php +++ b/mod/dirfind.php @@ -114,28 +114,22 @@ function dirfind_content(App $a, $prefix = "") { /// @TODO These 2 SELECTs are not checked on validity with DBM::is_result() $count = q("SELECT count(*) AS `total` FROM `gcontact` - LEFT JOIN `contact` ON `contact`.`nurl` = `gcontact`.`nurl` AND `contact`.`uid` = 0 - WHERE NOT `gcontact`.`hide` AND `gcontact`.`network` IN ('%s', '%s', '%s') AND - ((`gcontact`.`last_contact` >= `gcontact`.`last_failure`) OR - (`gcontact`.`updated` >= `gcontact`.`last_failure`)) AND - (`gcontact`.`url` LIKE '%s' OR `gcontact`.`name` LIKE '%s' OR - `gcontact`.`location` LIKE '%s' OR `gcontact`.`addr` LIKE '%s' OR - `gcontact`.`about` LIKE '%s' OR `gcontact`.`keywords` LIKE '%s') $extra_sql", + WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s') AND + ((`last_contact` >= `last_failure`) OR (`updated` >= `last_failure`)) AND + (`url` LIKE '%s' OR `name` LIKE '%s' OR `location` LIKE '%s' OR + `addr` LIKE '%s' OR `about` LIKE '%s' OR `keywords` LIKE '%s') $extra_sql", dbesc(NETWORK_DFRN), dbesc($ostatus), dbesc($diaspora), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2))); - $results = q("SELECT `gcontact`.`nurl` + $results = q("SELECT `nurl` FROM `gcontact` - LEFT JOIN `contact` ON `contact`.`nurl` = `gcontact`.`nurl` AND `contact`.`uid` = 0 - WHERE NOT `gcontact`.`hide` AND `gcontact`.`network` IN ('%s', '%s', '%s') AND - ((`gcontact`.`last_contact` >= `gcontact`.`last_failure`) OR - (`gcontact`.`updated` >= `gcontact`.`last_failure`)) AND - (`gcontact`.`url` LIKE '%s' OR `gcontact`.`name` LIKE '%s' OR - `gcontact`.`location` LIKE '%s' OR `gcontact`.`addr` LIKE '%s' OR - `gcontact`.`about` LIKE '%s' OR `gcontact`.`keywords` LIKE '%s') $extra_sql - GROUP BY `gcontact`.`nurl` - ORDER BY `gcontact`.`updated` DESC LIMIT %d, %d", + WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s') AND + ((`last_contact` >= `last_failure`) OR (`updated` >= `last_failure`)) AND + (`url` LIKE '%s' OR `name` LIKE '%s' OR `location` LIKE '%s' OR + `addr` LIKE '%s' OR `about` LIKE '%s' OR `keywords` LIKE '%s') $extra_sql + GROUP BY `nurl` + ORDER BY `updated` DESC LIMIT %d, %d", dbesc(NETWORK_DFRN), dbesc($ostatus), dbesc($diaspora), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), dbesc(escape_tags($search2)), From 805317239811e888cd7d4ef95d9374dc4ec78747 Mon Sep 17 00:00:00 2001 From: Michael Date: Sat, 17 Mar 2018 07:50:49 +0000 Subject: [PATCH 4/4] Issue 4610: The query is simplified and shouldn't fail again --- src/Model/GContact.php | 95 ++++++++++++++++++++---------------------- 1 file changed, 46 insertions(+), 49 deletions(-) diff --git a/src/Model/GContact.php b/src/Model/GContact.php index 7b14b2cdc4..66996c4479 100644 --- a/src/Model/GContact.php +++ b/src/Model/GContact.php @@ -37,56 +37,53 @@ class GContact */ public static function searchByName($search, $mode = '') { - if ($search) { - // check supported networks - if (Config::get('system', 'diaspora_enabled')) { - $diaspora = NETWORK_DIASPORA; - } else { - $diaspora = NETWORK_DFRN; - } - - if (!Config::get('system', 'ostatus_disabled')) { - $ostatus = NETWORK_OSTATUS; - } else { - $ostatus = NETWORK_DFRN; - } - - // check if we search only communities or every contact - if ($mode === "community") { - $extra_sql = " AND `community`"; - } else { - $extra_sql = ""; - } - - $search .= "%"; - - $results = q( - "SELECT `contact`.`id` AS `cid`, `gcontact`.`url`, `gcontact`.`name`, `gcontact`.`nick`, `gcontact`.`photo`, - `gcontact`.`network`, `gcontact`.`keywords`, `gcontact`.`addr`, `gcontact`.`community` - FROM `gcontact` - LEFT JOIN `contact` ON `contact`.`nurl` = `gcontact`.`nurl` - AND `contact`.`uid` = %d AND NOT `contact`.`blocked` - AND NOT `contact`.`pending` AND `contact`.`rel` IN ('%s', '%s') - WHERE (`contact`.`id` > 0 OR (NOT `gcontact`.`hide` AND `gcontact`.`network` IN ('%s', '%s', '%s') AND - ((`gcontact`.`last_contact` >= `gcontact`.`last_failure`) OR - (`gcontact`.`updated` >= `gcontact`.`last_failure`)))) AND - (`gcontact`.`addr` LIKE '%s' OR `gcontact`.`name` LIKE '%s' OR `gcontact`.`nick` LIKE '%s') $extra_sql - GROUP BY `gcontact`.`nurl` - ORDER BY `gcontact`.`nurl` DESC - LIMIT 1000", - intval(local_user()), - dbesc(CONTACT_IS_SHARING), - dbesc(CONTACT_IS_FRIEND), - dbesc(NETWORK_DFRN), - dbesc($ostatus), - dbesc($diaspora), - dbesc(escape_tags($search)), - dbesc(escape_tags($search)), - dbesc(escape_tags($search)) - ); - - return $results; + if (empty($search)) { + return []; } + + // check supported networks + if (Config::get('system', 'diaspora_enabled')) { + $diaspora = NETWORK_DIASPORA; + } else { + $diaspora = NETWORK_DFRN; + } + + if (!Config::get('system', 'ostatus_disabled')) { + $ostatus = NETWORK_OSTATUS; + } else { + $ostatus = NETWORK_DFRN; + } + + // check if we search only communities or every contact + if ($mode === "community") { + $extra_sql = " AND `community`"; + } else { + $extra_sql = ""; + } + + $search .= "%"; + + $results = dba::p("SELECT `nurl` FROM `gcontact` + WHERE NOT `hide` AND `network` IN (?, ?, ?) AND + ((`last_contact` >= `last_failure`) OR (`updated` >= `last_failure`)) AND + (`addr` LIKE ? OR `name` LIKE ? OR `nick` LIKE ?) $extra_sql + GROUP BY `nurl` ORDER BY `nurl` DESC LIMIT 1000", + NETWORK_DFRN, $ostatus, $diaspora, $search, $search, $search + ); + + $gcontacts = []; + while ($result = dba::fetch($results)) { + $urlparts = parse_url($result["nurl"]); + + // Ignore results that look strange. + // For historic reasons the gcontact table does contain some garbage. + if (!empty($urlparts['query']) || !empty($urlparts['fragment'])) { + continue; + } + + $gcontacts[] = Contact::getDetailsByURL($result["nurl"], local_user()); + } + return $gcontacts; } /**