nupplaPhil/friendica
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #3708 from annando/dba-bugfix

Browse source 
Bugfix for pictures that weren't stored / reworked database calls
This commit is contained in:
Tobias Diekershoff 2017-09-16 07:24:56 +02:00 committed by GitHub
parent 40fa941518 0eb92bf12a
commit 7e193cfb7a
20 changed files with 102 additions and 336 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
include/Contact.php
View file

@ -9,27 +9,27 @@ use Friendica\Network\Probe;
// authorisation to do this.
function user_remove($uid) {
if(! $uid)
if (!$uid) {
return;
}
logger('Removing user: ' . $uid);
$r = q("select * from user where uid = %d limit 1", intval($uid));
$r = dba::select('user', array(), array('uid' => $uid), array("limit" => 1));
call_hooks('remove_user',$r[0]);
call_hooks('remove_user',$r);
// save username (actually the nickname as it is guaranteed
// unique), so it cannot be re-registered in the future.
q("insert into userd ( username ) values ( '%s' )",
$r[0]['nickname']
);
dba::insert('userd', array('username' => $r['nickname']));
// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
q("UPDATE `user` SET `account_removed` = 1, `account_expires_on` = UTC_TIMESTAMP() WHERE `uid` = %d", intval($uid));
proc_run(PRIORITY_HIGH, "include/notifier.php", "removeme", $uid);
// Send an update to the directory
proc_run(PRIORITY_LOW, "include/directory.php", $r[0]['url']);
proc_run(PRIORITY_LOW, "include/directory.php", $r['url']);
if($uid == local_user()) {
unset($_SESSION['authenticated']);

90
include/Photo.php
View file

@ -628,92 +628,24 @@ class Photo {
public function store($uid, $cid, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '', $desc = '') {
$r = q("SELECT `guid` FROM `photo` WHERE `resource-id` = '%s' AND `guid` != '' LIMIT 1",
dbesc($rid)
);
$r = dba::select('photo', array('guid'), array("`resource-id` = ? AND `guid` != ?", $rid, ''), array('limit' => 1));
if (dbm::is_result($r)) {
$guid = $r[0]['guid'];
$guid = $r['guid'];
} else {
$guid = get_guid();
}
$x = q("SELECT `id` FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `contact-id` = %d AND `scale` = %d LIMIT 1",
dbesc($rid),
intval($uid),
intval($cid),
intval($scale)
);
if (dbm::is_result($x)) {
$r = q("UPDATE `photo`
SET `uid` = %d,
`contact-id` = %d,
`guid` = '%s',
`resource-id` = '%s',
`created` = '%s',
`edited` = '%s',
`filename` = '%s',
`type` = '%s',
`album` = '%s',
`height` = %d,
`width` = %d,
`datasize` = %d,
`data` = '%s',
`scale` = %d,
`profile` = %d,
`allow_cid` = '%s',
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s',
`desc` = '%s'
WHERE `id` = %d",
$x = dba::select('photo', array('id'), array('resource-id' => $rid, 'uid' => $uid, 'contact-id' => $cid, 'scale' => $scale), array('limit' => 1));
intval($uid),
intval($cid),
dbesc($guid),
dbesc($rid),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(basename($filename)),
dbesc($this->getType()),
dbesc($album),
intval($this->getHeight()),
intval($this->getWidth()),
dbesc(strlen($this->imageString())),
dbesc($this->imageString()),
intval($scale),
intval($profile),
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
dbesc($deny_gid),
dbesc($desc),
intval($x[0]['id'])
);
$fields = array('uid' => $uid, 'contact-id' => $cid, 'guid' => $guid, 'resource-id' => $rid, 'created' => datetime_convert(), 'edited' => datetime_convert(),
'filename' => basename($filename), 'type' => $this->getType(), 'album' => $album, 'height' => $this->getHeight(), 'width' => $this->getWidth(),
'datasize' => strlen($this->imageString()), 'data' => $this->imageString(), 'scale' => $scale, 'profile' => $profile,
'allow_cid' => $allow_cid, 'allow_gid' => $allow_gid, 'deny_cid' => $deny_cid, 'deny_gid' => $deny_gid, 'desc' => $desc);
if (dbm::is_result($x)) {
$r = dba::update('photo', $fields, array('id' => $x['id']));
} else {
$r = q("INSERT INTO `photo`
(`uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `datasize`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `desc`)
VALUES (%d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s')",
intval($uid),
intval($cid),
dbesc($guid),
dbesc($rid),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(basename($filename)),
dbesc($this->getType()),
dbesc($album),
intval($this->getHeight()),
intval($this->getWidth()),
dbesc(strlen($this->imageString())),
dbesc($this->imageString()),
intval($scale),
intval($profile),
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
dbesc($deny_gid),
dbesc($desc)
);
$r = dba::insert('photo', $fields);
}
return $r;

97
include/dba.php
View file

@ -7,11 +7,6 @@ require_once('include/datetime.php');
/**
* @class MySQL database class
*
* For debugging, insert 'dbg(1);' anywhere in the program flow.
* dbg(0); will turn it off. Logging is performed at LOGGER_DATA level.
* When logging, all binary info is converted to text and html entities are escaped so that
* the debugging stream is safe to view within both terminals and web pages.
*
* This class is for the low level database stuff that does driver specific things.
*/
@ -242,10 +237,6 @@ class dba {
return $data;
}
public function dbg($dbg) {
$this->debug = $dbg;
}
public function escape($str) {
if ($this->db && $this->connected) {
switch ($this->driver) {
@ -1291,24 +1282,6 @@ class dba {
}
}
function printable($s) {
$s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s);
$s = str_replace("\x00",'.',$s);
if (x($_SERVER,'SERVER_NAME')) {
$s = escape_tags($s);
}
return $s;
}
// Procedural functions
function dbg($state) {
global $db;
if ($db) {
$db->dbg($state);
}
}
function dbesc($str) {
global $db;
@ -1361,76 +1334,6 @@ function q($sql) {
return $data;
}
/**
* @brief Performs a query with "dirty reads" - deprecated
*
* Please use the dba:: functions instead:
* dba::select, dba::exists, dba::insert
* dba::delete, dba::update, dba::p, dba::e
*
* @param $args Query parameters (1 to N parameters of different types)
* @return array Query array
*/
function qu($sql) {
global $db;
$args = func_get_args();
unset($args[0]);
if ($db && $db->connected) {
$sql = $db->clean_query($sql);
$sql = $db->any_value_fallback($sql);
$stmt = @vsprintf($sql,$args); // Disabled warnings
if ($stmt === false)
logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true), LOGGER_DEBUG);
$db->log_index($stmt);
$retval = $db->q($stmt);
return $retval;
}
/**
*
* This will happen occasionally trying to store the
* session data after abnormal program termination
*
*/
logger('dba: no database: ' . print_r($args,true));
return false;
}
/**
*
* Raw db query, no arguments
*
*/
function dbq($sql) {
global $db;
if ($db && $db->connected) {
$ret = $db->q($sql);
} else {
$ret = false;
}
return $ret;
}
// Caller is responsible for ensuring that any integer arguments to
// dbesc_array are actually integers and not malformed strings containing
// SQL injection vectors. All integer array elements should be specifically
// cast to int to avoid trouble.
function dbesc_array_cb(&$item, $key) {
if (is_string($item))
$item = dbesc($item);
}
function dbesc_array(&$arr) {
if (is_array($arr) && count($arr)) {
array_walk($arr,'dbesc_array_cb');
}
}
function dba_timer() {
return microtime(true);
}

4
include/dfrn.php
View file

@ -1669,9 +1669,7 @@ class dfrn {
$msg["seen"] = 0;
$msg["replied"] = 0;
dbm::esc_array($msg, true);
$r = dbq("INSERT INTO `mail` (`".implode("`, `", array_keys($msg))."`) VALUES (".implode(", ", array_values($msg)).")");
dba::insert('mail', $msg);
// send notifications.
/// @TODO Arange this mess

2
include/items.php
View file

@ -955,7 +955,7 @@ function item_store($arr, $force_parent = false, $notify = false, $dontcache = f
* An unique index would help - but the limitations of MySQL (maximum size of index values) prevent this.
*/
if ($arr["uid"] == 0) {
$r = qu("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = 0 LIMIT 1", dbesc(trim($arr['uri'])));
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = 0 LIMIT 1", dbesc(trim($arr['uri'])));
if (dbm::is_result($r)) {
logger('Global item already stored. URI: '.$arr['uri'].' on network '.$arr['network'], LOGGER_DEBUG);
return 0;

44
include/message.php
View file

@ -60,22 +60,14 @@ function send_message($recipient=0, $body='', $subject='', $replyto=''){
$handles = $recip_handle . ';' . $sender_handle;
$r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ",
intval(local_user()),
dbesc($conv_guid),
dbesc($sender_handle),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($subject),
dbesc($handles)
);
$fields = array('uid' => local_user(), 'guid' => $conv_guid, 'creator' => $sender_handle,
'created' => datetime_convert(), 'updated' => datetime_convert(),
'subject' => $subject, 'recips' => $handles);
$r = dba::insert('conv', $fields);
$r = q("select * from conv where guid = '%s' and uid = %d limit 1",
dbesc($conv_guid),
intval(local_user())
);
$r = dba::select('conv', array('id', array('guid' => $conv_guid, 'uid' => local_user())), array('limit' => 1));
if (dbm::is_result($r))
$convid = $r[0]['id'];
$convid = $r['id'];
}
if (! $convid) {
@ -194,28 +186,18 @@ function send_wallmessage($recipient='', $body='', $subject='', $replyto=''){
$handles = $recip_handle . ';' . $sender_handle;
$r = q("INSERT INTO `conv` (`uid`,`guid`,`creator`,`created`,`updated`,`subject`,`recips`) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ",
intval($recipient['uid']),
dbesc($conv_guid),
dbesc($sender_handle),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($subject),
dbesc($handles)
);
$fields = array('uid' => $recipient['uid'], 'guid' => $conv_guid, 'creator' => $sender_handle,
'created' => datetime_convert(), 'updated' => datetime_convert(),
'subject' => $subject, 'recips' => $handles);
$r = dba::insert('conv', $fields);
$r = q("SELECT * FROM `conv` WHERE `guid` = '%s' AND `uid` = %d LIMIT 1",
dbesc($conv_guid),
intval($recipient['uid'])
);
if (! dbm::is_result($r)) {
$r = dba::select('conv', array('id', array('guid' => $conv_guid, 'uid' => $recipient['uid'])), array('limit' => 1));
if (!dbm::is_result($r)) {
logger('send message: conversation not found.');
return -4;
}
$convid = $r[0]['id'];
$convid = $r['id'];
$r = q("INSERT INTO `mail` ( `uid`, `guid`, `convid`, `from-name`, `from-photo`, `from-url`,
`contact-id`, `title`, `body`, `seen`, `reply`, `replied`, `uri`, `parent-uri`, `created`, `unknown`)

4
include/photos.php
View file

@ -48,7 +48,7 @@ function photo_albums($uid, $update = false) {
if (!Config::get('system', 'no_count', false)) {
/// @todo This query needs to be renewed. It is really slow
// At this time we just store the data in the cache
$albums = qu("SELECT COUNT(DISTINCT `resource-id`) AS `total`, `album`, ANY_VALUE(`created`) AS `created`
$albums = q("SELECT COUNT(DISTINCT `resource-id`) AS `total`, `album`, ANY_VALUE(`created`) AS `created`
FROM `photo`
WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra
GROUP BY `album` ORDER BY `created` DESC",
@ -58,7 +58,7 @@ function photo_albums($uid, $update = false) {
);
} else {
// This query doesn't do the count and is much faster
$albums = qu("SELECT DISTINCT(`album`), '' AS `total`
$albums = q("SELECT DISTINCT(`album`), '' AS `total`
FROM `photo` USE INDEX (`uid_album_scale_created`)
WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra",
intval($uid),

6
include/threads.php
View file

@ -16,11 +16,7 @@ function add_thread($itemid, $onlyshadow = false) {
$item['iid'] = $itemid;
if (!$onlyshadow) {
$result = dbq("INSERT INTO `thread` (`"
.implode("`, `", array_keys($item))
."`) VALUES ('"
.implode("', '", array_values($item))
."')");
$result = dba::insert('thread', $item);
logger("Add thread for item ".$itemid." - ".print_r($result, true), LOGGER_DEBUG);
}

14
mod/admin.php
View file

@ -457,7 +457,7 @@ function admin_page_federation(App $a) {
foreach ($platforms as $p) {
// get a total count for the platform, the name and version of the
// highest version and the protocol tpe
$c = qu('SELECT COUNT(*) AS `total`, ANY_VALUE(`platform`) AS `platform`,
$c = q('SELECT COUNT(*) AS `total`, ANY_VALUE(`platform`) AS `platform`,
ANY_VALUE(`network`) AS `network`, MAX(`version`) AS `version` FROM `gserver`
WHERE `platform` LIKE "%s" AND `last_contact` >= `last_failure`
ORDER BY `version` ASC;', $p);
@ -465,7 +465,7 @@ function admin_page_federation(App $a) {
// what versions for that platform do we know at all?
// again only the active nodes
$v = qu('SELECT COUNT(*) AS `total`, `version` FROM `gserver`
$v = q('SELECT COUNT(*) AS `total`, `version` FROM `gserver`
WHERE `last_contact` >= `last_failure` AND `platform` LIKE "%s"
GROUP BY `version`
ORDER BY `version`;', $p);
@ -644,13 +644,13 @@ function admin_page_summary(App $a) {
logger('accounts: '.print_r($accounts,true),LOGGER_DATA);
$r = qu("SELECT COUNT(`id`) AS `count` FROM `register`");
$r = q("SELECT COUNT(`id`) AS `count` FROM `register`");
$pending = $r[0]['count'];
$r = qu("SELECT COUNT(*) AS `total` FROM `queue` WHERE 1");
$r = q("SELECT COUNT(*) AS `total` FROM `queue` WHERE 1");
$queue = (($r) ? $r[0]['total'] : 0);
$r = qu("SELECT COUNT(*) AS `total` FROM `workerqueue` WHERE NOT `done`");
$r = q("SELECT COUNT(*) AS `total` FROM `workerqueue` WHERE NOT `done`");
$workerqueue = (($r) ? $r[0]['total'] : 0);
// We can do better, but this is a quick queue status
@ -1487,7 +1487,7 @@ function admin_page_users(App $a) {
/* get users */
$total = qu("SELECT COUNT(*) AS `total` FROM `user` WHERE 1");
$total = q("SELECT COUNT(*) AS `total` FROM `user` WHERE 1");
if (count($total)) {
$a->set_pager_total($total[0]['total']);
$a->set_pager_itemspage(100);
@ -1522,7 +1522,7 @@ function admin_page_users(App $a) {
$sql_order = "`".str_replace('.','`.`',$order)."`";
$sql_order_direction = ($order_direction === "+")?"ASC":"DESC";
$users = qu("SELECT `user`.*, `contact`.`name`, `contact`.`url`, `contact`.`micro`, `user`.`account_expired`, `contact`.`last-item` AS `lastitem_date`
$users = q("SELECT `user`.*, `contact`.`name`, `contact`.`url`, `contact`.`micro`, `user`.`account_expired`, `contact`.`last-item` AS `lastitem_date`
FROM `user`
INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
WHERE `user`.`verified`

5
mod/delegate.php
View file

@ -35,10 +35,7 @@ function delegate_content(App $a) {
dbesc(normalise_link(System::baseUrl() . '/profile/' . $r[0]['nickname']))
);
if (dbm::is_result($r)) {
q("insert into manage ( uid, mid ) values ( %d , %d ) ",
intval($a->argv[2]),
intval(local_user())
);
dba::insert('manage', array('uid' => $a->argv[2], 'mid' => local_user()));
}
}
goaway(System::baseUrl() . '/delegate');

6
mod/nodeinfo.php
View file

@ -188,7 +188,7 @@ function nodeinfo_cron() {
}
logger('cron_start');
$users = qu("SELECT `user`.`uid`, `user`.`login_date`, `contact`.`last-item`
$users = q("SELECT `user`.`uid`, `user`.`login_date`, `contact`.`last-item`
FROM `user`
INNER JOIN `profile` ON `profile`.`uid` = `user`.`uid` AND `profile`.`is-default`
INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
@ -220,7 +220,7 @@ function nodeinfo_cron() {
Config::set('nodeinfo', 'active_users_monthly', $active_users_monthly);
}
$posts = qu("SELECT COUNT(*) AS local_posts FROM `thread` WHERE `thread`.`wall` AND `thread`.`uid` != 0");
$posts = q("SELECT COUNT(*) AS local_posts FROM `thread` WHERE `thread`.`wall` AND `thread`.`uid` != 0");
if (!is_array($posts)) {
$local_posts = -1;
@ -231,7 +231,7 @@ function nodeinfo_cron() {
logger('local_posts: '.$local_posts, LOGGER_DEBUG);
$posts = qu("SELECT COUNT(*) FROM `contact`
$posts = q("SELECT COUNT(*) FROM `contact`
INNER JOIN `item` ON `item`.`contact-id` = `contact`.`id` AND `item`.`uid` = `contact`.`uid` AND
`item`.`id` != `item`.`parent` AND `item`.`network` IN ('%s', '%s', '%s')
WHERE `contact`.`self`",

6
mod/photo.php
View file

@ -74,7 +74,7 @@ function photo_init(App $a) {
$uid = str_replace(array('.jpg','.png'),array('',''), $person);
$r = qu("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
$r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
intval($resolution),
intval($uid)
);
@ -104,7 +104,7 @@ function photo_init(App $a) {
}
// check if the photo exists and get the owner of the photo
$r = qu("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1",
$r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1",
dbesc($photo),
intval($resolution)
);
@ -114,7 +114,7 @@ function photo_init(App $a) {
// Now we'll see if we can access the photo
$r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1",
$r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1",
dbesc($photo),
intval($resolution)
);

18
mod/photos.php
View file

@ -29,7 +29,7 @@ function photos_init(App $a) {
if ($a->argc > 1) {
$nick = $a->argv[1];
$user = qu("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1",
$user = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1",
dbesc($nick)
);
@ -153,7 +153,7 @@ function photos_post(App $a) {
}
if ($contact_id) {
$r = qu("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
intval($contact_id),
intval($page_owner_uid)
);
@ -170,7 +170,7 @@ function photos_post(App $a) {
killme();
}
$r = qu("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
$r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1",
intval($page_owner_uid)
);
@ -192,7 +192,7 @@ function photos_post(App $a) {
return; // NOTREACHED
}
$r = qu("SELECT `album` FROM `photo` WHERE `album` = '%s' AND `uid` = %d",
$r = q("SELECT `album` FROM `photo` WHERE `album` = '%s' AND `uid` = %d",
dbesc($album),
intval($page_owner_uid)
);
@ -1378,7 +1378,7 @@ function photos_content(App $a) {
else
$order = 'DESC';
$prvnxt = qu("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0
$prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0
$sql_extra ORDER BY `created` $order ",
dbesc($ph[0]['album']),
intval($owner_uid)
@ -1478,7 +1478,7 @@ function photos_content(App $a) {
if (dbm::is_result($linked_items)) {
$link_item = $linked_items[0];
$r = qu("SELECT COUNT(*) AS `total`
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
@ -1495,7 +1495,7 @@ function photos_content(App $a) {
}
$r = qu("SELECT `item`.*, `item`.`id` AS `item_id`,
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`,
`contact`.`rel`, `contact`.`thumb`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
@ -1835,7 +1835,7 @@ function photos_content(App $a) {
// Default - show recent photos with upload link (if applicable)
//$o = '';
$r = qu("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'
$r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'
$sql_extra GROUP BY `resource-id`",
intval($a->data['user']['uid']),
dbesc('Contact Photos'),
@ -1846,7 +1846,7 @@ function photos_content(App $a) {
$a->set_pager_itemspage(20);
}
$r = qu("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`,
$r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`,
ANY_VALUE(`type`) AS `type`, ANY_VALUE(`album`) AS `album`, max(`scale`) AS `scale`,
ANY_VALUE(`created`) AS `created` FROM `photo`
WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'

14
mod/ping.php
View file

@ -118,7 +118,7 @@ function ping_init(App $a)
$notifs = ping_get_notifications(local_user());
$items_unseen = qu("SELECT `item`.`id`, `item`.`parent`, `item`.`verb`, `item`.`wall`, `item`.`author-name`,
$items_unseen = q("SELECT `item`.`id`, `item`.`parent`, `item`.`verb`, `item`.`wall`, `item`.`author-name`,
`item`.`contact-id`, `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object`,
`pitem`.`author-name` AS `pname`, `pitem`.`author-link` AS `plink`
FROM `item` INNER JOIN `item` AS `pitem` ON `pitem`.`id` = `item`.`parent`
@ -167,13 +167,13 @@ function ping_init(App $a)
}
}
$intros1 = qu("SELECT `intro`.`id`, `intro`.`datetime`,
$intros1 = q("SELECT `intro`.`id`, `intro`.`datetime`,
`fcontact`.`name`, `fcontact`.`url`, `fcontact`.`photo`
FROM `intro` LEFT JOIN `fcontact` ON `intro`.`fid` = `fcontact`.`id`
WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`fid` != 0",
intval(local_user())
);
$intros2 = qu("SELECT `intro`.`id`, `intro`.`datetime`,
$intros2 = q("SELECT `intro`.`id`, `intro`.`datetime`,
`contact`.`name`, `contact`.`url`, `contact`.`photo`
FROM `intro` LEFT JOIN `contact` ON `intro`.`contact-id` = `contact`.`id`
WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`contact-id` != 0",
@ -184,7 +184,7 @@ function ping_init(App $a)
$intros = $intros1 + $intros2;
$myurl = System::baseUrl() . '/profile/' . $a->user['nickname'] ;
$mails = qu("SELECT `id`, `from-name`, `from-url`, `from-photo`, `created` FROM `mail`
$mails = q("SELECT `id`, `from-name`, `from-url`, `from-photo`, `created` FROM `mail`
WHERE `uid` = %d AND `seen` = 0 AND `from-url` != '%s' ",
intval(local_user()),
dbesc($myurl)
@ -192,7 +192,7 @@ function ping_init(App $a)
$mail_count = count($mails);
if ($a->config['register_policy'] == REGISTER_APPROVE && is_site_admin()){
$regs = qu("SELECT `contact`.`name`, `contact`.`url`, `contact`.`micro`, `register`.`created`, COUNT(*) AS `total`
$regs = q("SELECT `contact`.`name`, `contact`.`url`, `contact`.`micro`, `register`.`created`, COUNT(*) AS `total`
FROM `contact` RIGHT JOIN `register` ON `register`.`uid` = `contact`.`uid`
WHERE `contact`.`self` = 1");
@ -204,7 +204,7 @@ function ping_init(App $a)
$cachekey = "ping_init:".local_user();
$ev = Cache::get($cachekey);
if (is_null($ev)) {
$ev = qu("SELECT type, start, adjust FROM `event`
$ev = q("SELECT type, start, adjust FROM `event`
WHERE `event`.`uid` = %d AND `start` < '%s' AND `finish` > '%s' and `ignore` = 0
ORDER BY `start` ASC ",
intval(local_user()),
@ -424,7 +424,7 @@ function ping_get_notifications($uid)
$a = get_app();
do {
$r = qu("SELECT `notify`.*, `item`.`visible`, `item`.`spam`, `item`.`deleted`
$r = q("SELECT `notify`.*, `item`.`visible`, `item`.`spam`, `item`.`deleted`
FROM `notify` LEFT JOIN `item` ON `item`.`id` = `notify`.`iid`
WHERE `notify`.`uid` = %d AND `notify`.`msg` != ''
AND NOT (`notify`.`type` IN (%d, %d))

8
mod/profiles.php
View file

@ -108,13 +108,7 @@ function profiles_init(App $a) {
$r1[0]['net-publish'] = 0;
$r1[0]['profile-name'] = dbesc($name);
dbm::esc_array($r1[0], true);
$r2 = dbq("INSERT INTO `profile` (`"
. implode("`, `", array_keys($r1[0]))
. "`) VALUES ("
. implode(", ", array_values($r1[0]))
. ")" );
dba::insert('profile', $r1[0]);
$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
intval(local_user()),

28
mod/proxy.php
View file

@ -142,10 +142,10 @@ function proxy_init(App $a) {
$r = array();
if (!$direct_cache && ($cachefile == '')) {
$r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", $urlhash);
$r = dba::select('photo', array('data', 'desc'), array('resource-id' => $urlhash), array('limit' => 1));
if (dbm::is_result($r)) {
$img_str = $r[0]['data'];
$mime = $r[0]['desc'];
$img_str = $r['data'];
$mime = $r['desc'];
if ($mime == '') {
$mime = 'image/jpeg';
}
@ -181,23 +181,11 @@ function proxy_init(App $a) {
die();
}
q("INSERT INTO `photo`
( `uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, `album`, `height`, `width`, `desc`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s' )",
0, 0, get_guid(), dbesc($urlhash),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(basename(dbesc($_REQUEST['url']))),
dbesc(''),
intval(imagesy($image)),
intval(imagesx($image)),
$mime,
dbesc($img_str),
100,
intval(0),
dbesc(''), dbesc(''), dbesc(''), dbesc('')
);
$fields = array('uid' => 0, 'contact-id' => 0, 'guid' => get_guid(), 'resource-id' => $urlhash, 'created' => datetime_convert(), 'edited' => datetime_convert(),
'filename' => basename($_REQUEST['url']), 'type' => '', 'album' => '', 'height' => imagesy($image), 'width' => imagesx($image),
'datasize' => 0, 'data' => $img_str, 'scale' => 100, 'profile' => 0,
'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '', 'desc' => $mime);
dba::insert('photo', $fields);
} else {
$img = new Photo($img_str, $mime);
if ($img->is_valid() && !$direct_cache && ($cachefile == '')) {

43
mod/search.php
View file

@ -11,7 +11,7 @@ function search_saved_searches() {
$o = '';
if(! feature_enabled(local_user(),'savedsearch'))
if (! feature_enabled(local_user(),'savedsearch'))
return $o;
$r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d",
@ -50,30 +50,23 @@ function search_init(App $a) {
$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
if(local_user()) {
if(x($_GET,'save') && $search) {
if (local_user()) {
if (x($_GET,'save') && $search) {
$r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1",
intval(local_user()),
dbesc($search)
);
if (! dbm::is_result($r)) {
q("INSERT INTO `search` (`uid`,`term`) VALUES ( %d, '%s')",
intval(local_user()),
dbesc($search)
);
if (!dbm::is_result($r)) {
dbm::insert('search', array('uid' => local_user(), 'term' => $search));
}
}
if(x($_GET,'remove') && $search) {
q("DELETE FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1",
intval(local_user()),
dbesc($search)
);
if (x($_GET,'remove') && $search) {
dbm::delete('search', array('uid' => local_user(), 'term' => $search));
}
$a->page['aside'] .= search_saved_searches();
}
else {
} else {
unset($_SESSION['theme']);
unset($_SESSION['mobile-theme']);
}
@ -85,7 +78,7 @@ function search_init(App $a) {
function search_post(App $a) {
if(x($_POST,'search'))
if (x($_POST,'search'))
$a->data['search'] = $_POST['search'];
}
@ -135,13 +128,13 @@ function search_content(App $a) {
nav_set_selected('search');
if(x($a->data,'search'))
if (x($a->data,'search'))
$search = notags(trim($a->data['search']));
else
$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
$tag = false;
if(x($_GET,'tag')) {
if (x($_GET,'tag')) {
$tag = true;
$search = ((x($_GET,'tag')) ? notags(trim(rawurldecode($_GET['tag']))) : '');
}
@ -154,18 +147,18 @@ function search_content(App $a) {
'$content' => search($search,'search-box','search',((local_user()) ? true : false), false)
));
if(strpos($search,'#') === 0) {
if (strpos($search,'#') === 0) {
$tag = true;
$search = substr($search,1);
}
if(strpos($search,'@') === 0) {
if (strpos($search,'@') === 0) {
return dirfind_content($a);
}
if(strpos($search,'!') === 0) {
if (strpos($search,'!') === 0) {
return dirfind_content($a);
}
if(x($_GET,'search-option'))
if (x($_GET,'search-option'))
switch($_GET['search-option']) {
case 'fulltext':
break;
@ -180,7 +173,7 @@ function search_content(App $a) {
break;
}
if(! $search)
if (! $search)
return $o;
if (get_config('system','only_tag_search'))
@ -191,7 +184,7 @@ function search_content(App $a) {
// OR your own posts if you are a logged in member
// No items will be shown if the member has a blocked profile wall.
if($tag) {
if ($tag) {
logger("Start tag search for '".$search."'", LOGGER_DEBUG);
$r = q("SELECT %s
@ -224,7 +217,7 @@ function search_content(App $a) {
}
if($tag)
if ($tag)
$title = sprintf( t('Items tagged with: %s'), $search);
else
$title = sprintf( t('Results for: %s'), $search);

9
mod/settings.php
View file

@ -231,17 +231,12 @@ function settings_post(App $a) {
intval(local_user())
);
if (! dbm::is_result($r)) {
q("INSERT INTO `mailacct` (`uid`) VALUES (%d)",
intval(local_user())
);
dba::insert('mailacct', array('uid' => local_user()));
}
if(strlen($mail_pass)) {
$pass = '';
openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']);
q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d",
dbesc(bin2hex($pass)),
intval(local_user())
);
dba::update('mailacct', array('pass' => bin2hex($pass)), array('uid' => local_user()));
}
$r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s',
`action` = %d, `movetofolder` = '%s',

5
mod/suggest.php
View file

@ -39,10 +39,7 @@ function suggest_init(App $a) {
}
// Now check how the user responded to the confirmation query
if (!$_REQUEST['canceled']) {
q("INSERT INTO `gcign` ( `uid`, `gcid` ) VALUES ( %d, %d ) ",
intval(local_user()),
intval($_GET['ignore'])
);
dba::insert('gcign', array('uid' => local_user(), 'gcid' => $_GET['ignore']));
}
}

21
mod/wall_attach.php
View file

@ -138,21 +138,12 @@ function wall_attach_post(App $a) {
$mimetype = z_mime_content_type($filename);
$hash = get_guid(64);
$created = datetime_convert();
$r = q("INSERT INTO `attach` ( `uid`, `hash`, `filename`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` )
VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
intval($page_owner_uid),
dbesc($hash),
dbesc($filename),
dbesc($mimetype),
intval($filesize),
dbesc($filedata),
dbesc($created),
dbesc($created),
dbesc('<' . $page_owner_cid . '>'),
dbesc(''),
dbesc(''),
dbesc('')
);
$fields = array('uid' => $page_owner_uid, 'hash' => $hash, 'filename' => $filename, 'filetype' => $mimetype,
'filesize' => $filesize, 'data' => $filedata, 'created' => $created, 'edited' => $created,
'allow_cid' => '<' . $page_owner_cid . '>', 'allow_gid' => '','deny_cid' => '', 'deny_gid' => '');
$r = dba::insert('attach', $fields);
@unlink($src);