More "LIMIT 1" removed - and some other SQL improvements.

This commit is contained in:
Michael Vogel 2014-03-11 23:52:32 +01:00
parent 9f4ef7c105
commit 6e7bd68ebb
34 changed files with 271 additions and 258 deletions

View file

@ -64,13 +64,13 @@ function contact_remove($id) {
$archive = get_pconfig($r[0]['uid'], 'system','archive_removed_contacts'); $archive = get_pconfig($r[0]['uid'], 'system','archive_removed_contacts');
if($archive) { if($archive) {
q("update contact set `archive` = 1, `network` = 'none', `writable` = 0 where id = %d limit 1", q("update contact set `archive` = 1, `network` = 'none', `writable` = 0 where id = %d",
intval($id) intval($id)
); );
return; return;
} }
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1", q("DELETE FROM `contact` WHERE `id` = %d",
intval($id) intval($id)
); );
q("DELETE FROM `item` WHERE `contact-id` = %d ", q("DELETE FROM `item` WHERE `contact-id` = %d ",
@ -148,7 +148,7 @@ function mark_for_death($contact) {
return; return;
if($contact['term-date'] == '0000-00-00 00:00:00') { if($contact['term-date'] == '0000-00-00 00:00:00') {
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d LIMIT 1", q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval($contact['id']) intval($contact['id'])
); );
@ -166,7 +166,7 @@ function mark_for_death($contact) {
// archive them rather than delete // archive them rather than delete
// though if the owner tries to unarchive them we'll start the whole process over again // though if the owner tries to unarchive them we'll start the whole process over again
q("update contact set `archive` = 1 where id = %d limit 1", q("update contact set `archive` = 1 where id = %d",
intval($contact['id']) intval($contact['id'])
); );
q("UPDATE `item` SET `private` = 2 WHERE `contact-id` = %d AND `uid` = %d", intval($contact['id']), intval($contact['uid'])); q("UPDATE `item` SET `private` = 2 WHERE `contact-id` = %d AND `uid` = %d", intval($contact['id']), intval($contact['uid']));
@ -181,7 +181,7 @@ function mark_for_death($contact) {
if(! function_exists('unmark_for_death')) { if(! function_exists('unmark_for_death')) {
function unmark_for_death($contact) { function unmark_for_death($contact) {
// It's a miracle. Our dead contact has inexplicably come back to life. // It's a miracle. Our dead contact has inexplicably come back to life.
q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d LIMIT 1", q("UPDATE `contact` SET `term-date` = '%s' WHERE `id` = %d",
dbesc('0000-00-00 00:00:00'), dbesc('0000-00-00 00:00:00'),
intval($contact['id']) intval($contact['id'])
); );

View file

@ -399,19 +399,19 @@ function acl_lookup(&$a, $out_type = 'json') {
} else { } else {
$sql_extra = $sql_extra2 = ""; $sql_extra = $sql_extra2 = "";
} }
// count groups and contacts // count groups and contacts
if ($type=='' || $type=='g'){ if ($type=='' || $type=='g'){
$r = q("SELECT COUNT(`id`) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra", $r = q("SELECT COUNT(*) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
intval(local_user()) intval(local_user())
); );
$group_count = (int)$r[0]['g']; $group_count = (int)$r[0]['g'];
} else { } else {
$group_count = 0; $group_count = 0;
} }
if ($type=='' || $type=='c'){ if ($type=='' || $type=='c'){
$r = q("SELECT COUNT(`id`) AS c FROM `contact` $r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0 WHERE `uid` = %d AND `self` = 0
AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
AND `notify` != '' $sql_extra2" , AND `notify` != '' $sql_extra2" ,
@ -423,7 +423,7 @@ function acl_lookup(&$a, $out_type = 'json') {
// autocomplete for Private Messages // autocomplete for Private Messages
$r = q("SELECT COUNT(`id`) AS c FROM `contact` $r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0 WHERE `uid` = %d AND `self` = 0
AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
AND `network` IN ('%s','%s','%s') $sql_extra2" , AND `network` IN ('%s','%s','%s') $sql_extra2" ,
@ -439,7 +439,7 @@ function acl_lookup(&$a, $out_type = 'json') {
// autocomplete for Contacts // autocomplete for Contacts
$r = q("SELECT COUNT(`id`) AS c FROM `contact` $r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0 WHERE `uid` = %d AND `self` = 0
AND `pending` = 0 $sql_extra2" , AND `pending` = 0 $sql_extra2" ,
intval(local_user()) intval(local_user())

View file

@ -384,26 +384,26 @@
intval(api_user()) intval(api_user())
); );
//AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
// count public wall messages // count public wall messages
$r = q("SELECT COUNT(`id`) as `count` FROM `item` $r = q("SELECT count(*) as `count` FROM `item` force index (uid_type)
WHERE `uid` = %d WHERE `uid` = %d
AND `type`='wall' AND `type`='wall'",
AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
intval($uinfo[0]['uid']) intval($uinfo[0]['uid'])
); );
$countitms = $r[0]['count']; $countitms = $r[0]['count'];
} }
else { else {
$r = q("SELECT COUNT(`id`) as `count` FROM `item` //AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
WHERE `contact-id` = %d $r = q("SELECT count(*) as `count` FROM `item`
AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''", WHERE `contact-id` = %d",
intval($uinfo[0]['id']) intval($uinfo[0]['id'])
); );
$countitms = $r[0]['count']; $countitms = $r[0]['count'];
} }
// count friends // count friends
$r = q("SELECT COUNT(`id`) as `count` FROM `contact` $r = q("SELECT count(*) as `count` FROM `contact`
WHERE `uid` = %d AND `rel` IN ( %d, %d ) WHERE `uid` = %d AND `rel` IN ( %d, %d )
AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0", AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0",
intval($uinfo[0]['uid']), intval($uinfo[0]['uid']),
@ -412,7 +412,7 @@
); );
$countfriends = $r[0]['count']; $countfriends = $r[0]['count'];
$r = q("SELECT COUNT(`id`) as `count` FROM `contact` $r = q("SELECT count(*) as `count` FROM `contact`
WHERE `uid` = %d AND `rel` IN ( %d, %d ) WHERE `uid` = %d AND `rel` IN ( %d, %d )
AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0", AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0",
intval($uinfo[0]['uid']), intval($uinfo[0]['uid']),
@ -421,7 +421,7 @@
); );
$countfollowers = $r[0]['count']; $countfollowers = $r[0]['count'];
$r = q("SELECT count(`id`) as `count` FROM item where starred = 1 and uid = %d and deleted = 0", $r = q("SELECT count(*) as `count` FROM item where starred = 1 and uid = %d and deleted = 0",
intval($uinfo[0]['uid']) intval($uinfo[0]['uid'])
); );
$starred = $r[0]['count']; $starred = $r[0]['count'];
@ -528,7 +528,8 @@
$status_user["protected"] = (($item["allow_cid"] != "") OR $status_user["protected"] = (($item["allow_cid"] != "") OR
($item["allow_gid"] != "") OR ($item["allow_gid"] != "") OR
($item["deny_cid"] != "") OR ($item["deny_cid"] != "") OR
($item["deny_gid"] != "")); ($item["deny_gid"] != "") OR
$item["private"]);
return ($status_user); return ($status_user);
} }
@ -745,12 +746,27 @@
logger('api_status_show: user_info: '.print_r($user_info, true), LOGGER_DEBUG); logger('api_status_show: user_info: '.print_r($user_info, true), LOGGER_DEBUG);
// get last public wall message // get last public wall message
$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `c`.`nick` as `reply_author`, `i`.`author-link` AS `item-author` //$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `c`.`nick` as `reply_author`, `i`.`author-link` AS `item-author`
FROM `item`, `contact`, `item` as `i`, `contact` as `c` // FROM `item`, `contact`, `item` as `i`, `contact` as `c`
// WHERE `item`.`contact-id` = %d
// AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s')))
// AND `i`.`id` = `item`.`parent`
// AND `contact`.`id`=`item`.`contact-id` AND `c`.`id`=`i`.`contact-id` AND `contact`.`self`=1
// AND `item`.`type`!='activity'
// AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
// ORDER BY `item`.`created` DESC
// LIMIT 1",
// intval($user_info['cid']),
// dbesc($user_info['url']),
// dbesc(normalise_link($user_info['url'])),
// dbesc($user_info['url']),
// dbesc(normalise_link($user_info['url']))
//);
$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `i`.`author-link` AS `item-author`
FROM `item`, `item` as `i`
WHERE `item`.`contact-id` = %d WHERE `item`.`contact-id` = %d
AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s'))) AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s')))
AND `i`.`id` = `item`.`parent` AND `i`.`id` = `item`.`parent`
AND `contact`.`id`=`item`.`contact-id` AND `c`.`id`=`i`.`contact-id` AND `contact`.`self`=1
AND `item`.`type`!='activity' AND `item`.`type`!='activity'
AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`='' AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
ORDER BY `item`.`created` DESC ORDER BY `item`.`created` DESC
@ -773,8 +789,6 @@
if ($lastwall['parent']!=$lastwall['id']) { if ($lastwall['parent']!=$lastwall['id']) {
$in_reply_to_status_id= intval($lastwall['parent']); $in_reply_to_status_id= intval($lastwall['parent']);
$in_reply_to_status_id_str = (string) intval($lastwall['parent']); $in_reply_to_status_id_str = (string) intval($lastwall['parent']);
//$in_reply_to_user_id = $lastwall['reply_uid'];
//$in_reply_to_screen_name = $lastwall['reply_author'];
$r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($lastwall['item-author']))); $r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($lastwall['item-author'])));
if ($r) { if ($r) {

View file

@ -47,7 +47,7 @@
* dbesc($key) * dbesc($key)
* ); * );
* if(count($r)) { * if(count($r)) {
* q("UPDATE `cache` SET `v` = '%s', `updated = '%s' WHERE `k` = '%s' limit 1", * q("UPDATE `cache` SET `v` = '%s', `updated = '%s' WHERE `k` = '%s'",
* dbesc($value), * dbesc($value),
* dbesc(datetime_convert()), * dbesc(datetime_convert()),
* dbesc($key)); * dbesc($key));

View file

@ -19,7 +19,7 @@ if(! function_exists('select_timezone')) {
function select_timezone($current = 'America/Los_Angeles') { function select_timezone($current = 'America/Los_Angeles') {
$timezone_identifiers = DateTimeZone::listIdentifiers(); $timezone_identifiers = DateTimeZone::listIdentifiers();
$o ='<select id="timezone_select" name="timezone">'; $o ='<select id="timezone_select" name="timezone">';
usort($timezone_identifiers, 'timezone_cmp'); usort($timezone_identifiers, 'timezone_cmp');
@ -487,11 +487,11 @@ function update_contact_birthdays() {
dbesc('birthday'), dbesc('birthday'),
intval(0) intval(0)
); );
// update bdyear // update bdyear
q("UPDATE `contact` SET `bdyear` = '%s', `bd` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1", q("UPDATE `contact` SET `bdyear` = '%s', `bd` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc(substr($nextbd,0,4)), dbesc(substr($nextbd,0,4)),
dbesc($nextbd), dbesc($nextbd),
intval($rr['uid']), intval($rr['uid']),

View file

@ -255,10 +255,10 @@ function notification($params) {
$sitelink = $h['sitelink']; $sitelink = $h['sitelink'];
$tsitelink = $h['tsitelink']; $tsitelink = $h['tsitelink'];
$hsitelink = $h['hsitelink']; $hsitelink = $h['hsitelink'];
$itemlink = $h['itemlink']; $itemlink = $h['itemlink'];
require_once('include/html2bbcode.php'); require_once('include/html2bbcode.php');
do { do {
$dups = false; $dups = false;
@ -331,7 +331,7 @@ function notification($params) {
); );
if($p && (count($p) > 1)) { if($p && (count($p) > 1)) {
for ($d = 1; $d < count($p); $d ++) { for ($d = 1; $d < count($p); $d ++) {
q("delete from notify where id = %d limit 1", q("delete from notify where id = %d",
intval($p[$d]['id']) intval($p[$d]['id'])
); );
} }
@ -353,12 +353,12 @@ function notification($params) {
$itemlink = $a->get_baseurl() . '/notify/view/' . $notify_id; $itemlink = $a->get_baseurl() . '/notify/view/' . $notify_id;
$msg = replace_macros($epreamble,array('$itemlink' => $itemlink)); $msg = replace_macros($epreamble,array('$itemlink' => $itemlink));
$r = q("update notify set msg = '%s' where id = %d and uid = %d limit 1", $r = q("update notify set msg = '%s' where id = %d and uid = %d",
dbesc($msg), dbesc($msg),
intval($notify_id), intval($notify_id),
intval($params['uid']) intval($params['uid'])
); );
// send email notification if notification preferences permit // send email notification if notification preferences permit
@ -370,15 +370,15 @@ function notification($params) {
$id_for_parent = "${params['parent']}@${hostname}"; $id_for_parent = "${params['parent']}@${hostname}";
// Is this the first email notification for this parent item and user? // Is this the first email notification for this parent item and user?
$r = q("select `id` from `notify-threads` where `master-parent-item` = %d and `receiver-uid` = %d limit 1", $r = q("select `id` from `notify-threads` where `master-parent-item` = %d and `receiver-uid` = %d limit 1",
intval($params['parent']), intval($params['parent']),
intval($params['uid']) ); intval($params['uid']) );
// If so, create the record of it and use a message-id smtp header. // If so, create the record of it and use a message-id smtp header.
if(!$r) { if(!$r) {
logger("notify_id:" . intval($notify_id). ", parent: " . intval($params['parent']) . "uid: " . logger("notify_id:" . intval($notify_id). ", parent: " . intval($params['parent']) . "uid: " .
intval($params['uid']), LOGGER_DEBUG); intval($params['uid']), LOGGER_DEBUG);
$r = q("insert into `notify-threads` (`notify-id`, `master-parent-item`, `receiver-uid`, `parent-item`) $r = q("insert into `notify-threads` (`notify-id`, `master-parent-item`, `receiver-uid`, `parent-item`)
values(%d,%d,%d,%d)", values(%d,%d,%d,%d)",

View file

@ -207,7 +207,7 @@ function event_store($arr) {
$arr['created'] = (($arr['created']) ? $arr['created'] : datetime_convert()); $arr['created'] = (($arr['created']) ? $arr['created'] : datetime_convert());
$arr['edited'] = (($arr['edited']) ? $arr['edited'] : datetime_convert()); $arr['edited'] = (($arr['edited']) ? $arr['edited'] : datetime_convert());
$arr['type'] = (($arr['type']) ? $arr['type'] : 'event' ); $arr['type'] = (($arr['type']) ? $arr['type'] : 'event' );
$arr['cid'] = ((intval($arr['cid'])) ? intval($arr['cid']) : 0); $arr['cid'] = ((intval($arr['cid'])) ? intval($arr['cid']) : 0);
$arr['uri'] = (x($arr,'uri') ? $arr['uri'] : item_new_uri($a->get_hostname(),$arr['uid'])); $arr['uri'] = (x($arr,'uri') ? $arr['uri'] : item_new_uri($a->get_hostname(),$arr['uid']));
$arr['private'] = ((x($arr,'private')) ? intval($arr['private']) : 0); $arr['private'] = ((x($arr,'private')) ? intval($arr['private']) : 0);
@ -263,7 +263,7 @@ function event_store($arr) {
`allow_gid` = '%s', `allow_gid` = '%s',
`deny_cid` = '%s', `deny_cid` = '%s',
`deny_gid` = '%s' `deny_gid` = '%s'
WHERE `id` = %d AND `uid` = %d LIMIT 1", WHERE `id` = %d AND `uid` = %d",
dbesc($arr['edited']), dbesc($arr['edited']),
dbesc($arr['start']), dbesc($arr['start']),
@ -291,7 +291,7 @@ function event_store($arr) {
$object .= '</object>' . "\n"; $object .= '</object>' . "\n";
q("UPDATE `item` SET `body` = '%s', `object` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `edited` = '%s', `private` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1", q("UPDATE `item` SET `body` = '%s', `object` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `edited` = '%s', `private` = %d WHERE `id` = %d AND `uid` = %d",
dbesc(format_event_bbcode($arr)), dbesc(format_event_bbcode($arr)),
dbesc($object), dbesc($object),
dbesc($arr['allow_cid']), dbesc($arr['allow_cid']),
@ -390,7 +390,7 @@ function event_store($arr) {
if($item_id) { if($item_id) {
q("UPDATE `item` SET `plink` = '%s', `event-id` = %d WHERE `uid` = %d AND `id` = %d LIMIT 1", q("UPDATE `item` SET `plink` = '%s', `event-id` = %d WHERE `uid` = %d AND `id` = %d",
dbesc($plink), dbesc($plink),
intval($event['id']), intval($event['id']),
intval($arr['uid']), intval($arr['uid']),

View file

@ -111,7 +111,7 @@ function new_contact($uid,$url,$interactive = false) {
if($ret['network'] === NETWORK_MAIL) { if($ret['network'] === NETWORK_MAIL) {
$writeable = 1; $writeable = 1;
} }
if($ret['network'] === NETWORK_DIASPORA) if($ret['network'] === NETWORK_DIASPORA)
$writeable = 1; $writeable = 1;
@ -123,13 +123,13 @@ function new_contact($uid,$url,$interactive = false) {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `poll` = '%s' LIMIT 1", $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `poll` = '%s' LIMIT 1",
intval($uid), intval($uid),
dbesc($ret['poll']) dbesc($ret['poll'])
); );
if(count($r)) { if(count($r)) {
// update contact // update contact
if($r[0]['rel'] == CONTACT_IS_FOLLOWER || ($network === NETWORK_DIASPORA && $r[0]['rel'] == CONTACT_IS_SHARING)) { if($r[0]['rel'] == CONTACT_IS_FOLLOWER || ($network === NETWORK_DIASPORA && $r[0]['rel'] == CONTACT_IS_SHARING)) {
q("UPDATE `contact` SET `rel` = %d , `subhub` = %d, `readonly` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1", q("UPDATE `contact` SET `rel` = %d , `subhub` = %d, `readonly` = 0 WHERE `id` = %d AND `uid` = %d",
intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_FRIEND),
intval($subhub), intval($subhub),
intval($r[0]['id']), intval($r[0]['id']),
@ -222,13 +222,13 @@ function new_contact($uid,$url,$interactive = false) {
$photos = import_profile_photo($ret['photo'],$uid,$contact_id); $photos = import_profile_photo($ret['photo'],$uid,$contact_id);
$r = q("UPDATE `contact` SET `photo` = '%s', $r = q("UPDATE `contact` SET `photo` = '%s',
`thumb` = '%s', `thumb` = '%s',
`micro` = '%s', `micro` = '%s',
`name-date` = '%s', `name-date` = '%s',
`uri-date` = '%s', `uri-date` = '%s',
`avatar-date` = '%s' `avatar-date` = '%s'
WHERE `id` = %d LIMIT 1 WHERE `id` = %d
", ",
dbesc($photos[0]), dbesc($photos[0]),
dbesc($photos[1]), dbesc($photos[1]),
@ -237,7 +237,7 @@ function new_contact($uid,$url,$interactive = false) {
dbesc(datetime_convert()), dbesc(datetime_convert()),
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval($contact_id) intval($contact_id)
); );
// pull feed and consume it, which should subscribe to the hub. // pull feed and consume it, which should subscribe to the hub.
@ -262,7 +262,7 @@ function new_contact($uid,$url,$interactive = false) {
'$ostat_follow' => '' '$ostat_follow' => ''
)); ));
$r = q("SELECT `contact`.*, `user`.* FROM `contact` INNER JOIN `user` ON `contact`.`uid` = `user`.`uid` $r = q("SELECT `contact`.*, `user`.* FROM `contact` INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE `user`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1", WHERE `user`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
intval($uid) intval($uid)
); );

View file

@ -8,17 +8,17 @@ function group_add($uid,$name) {
$r = group_byname($uid,$name); // check for dups $r = group_byname($uid,$name); // check for dups
if($r !== false) { if($r !== false) {
// This could be a problem. // This could be a problem.
// Let's assume we've just created a group which we once deleted // Let's assume we've just created a group which we once deleted
// all the old members are gone, but the group remains so we don't break any security // all the old members are gone, but the group remains so we don't break any security
// access lists. What we're doing here is reviving the dead group, but old content which // access lists. What we're doing here is reviving the dead group, but old content which
// was restricted to this group may now be seen by the new group members. // was restricted to this group may now be seen by the new group members.
$z = q("SELECT * FROM `group` WHERE `id` = %d LIMIT 1", $z = q("SELECT * FROM `group` WHERE `id` = %d LIMIT 1",
intval($r) intval($r)
); );
if(count($z) && $z[0]['deleted']) { if(count($z) && $z[0]['deleted']) {
$r = q("UPDATE `group` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1", $r = q("UPDATE `group` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s'",
intval($uid), intval($uid),
dbesc($name) dbesc($name)
); );
@ -32,7 +32,7 @@ function group_add($uid,$name) {
dbesc($name) dbesc($name)
); );
$ret = $r; $ret = $r;
} }
return $ret; return $ret;
} }
@ -87,7 +87,7 @@ function group_rmv($uid,$name) {
); );
// remove group // remove group
$r = q("UPDATE `group` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s' LIMIT 1", $r = q("UPDATE `group` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s'",
intval($uid), intval($uid),
dbesc($name) dbesc($name)
); );
@ -117,13 +117,13 @@ function group_rmv_member($uid,$name,$member) {
return false; return false;
if(! ( $uid && $gid && $member)) if(! ( $uid && $gid && $member))
return false; return false;
$r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1 ", $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d",
intval($uid), intval($uid),
intval($gid), intval($gid),
intval($member) intval($member)
); );
return $r; return $r;
} }
@ -134,13 +134,13 @@ function group_add_member($uid,$name,$member,$gid = 0) {
if((! $gid) || (! $uid) || (! $member)) if((! $gid) || (! $uid) || (! $member))
return false; return false;
$r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1", $r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1",
intval($uid), intval($uid),
intval($gid), intval($gid),
intval($member) intval($member)
); );
if(count($r)) if(count($r))
return true; // You might question this, but return true; // You might question this, but
// we indicate success because the group member was in fact created // we indicate success because the group member was in fact created
// -- It was just created at another time // -- It was just created at another time
if(! count($r)) if(! count($r))

View file

@ -443,7 +443,7 @@ function notifier_run(&$argv, &$argc){
set_config('system','site_prvkey', $res['prvkey']); set_config('system','site_prvkey', $res['prvkey']);
set_config('system','site_pubkey', $res['pubkey']); set_config('system','site_pubkey', $res['pubkey']);
} }
$rp = q("SELECT `resource-id` , `scale`, type FROM `photo` $rp = q("SELECT `resource-id` , `scale`, type FROM `photo`
WHERE `profile` = 1 AND `uid` = %d ORDER BY scale;", $uid); WHERE `profile` = 1 AND `uid` = %d ORDER BY scale;", $uid);
$photos = array(); $photos = array();
@ -635,15 +635,15 @@ function notifier_run(&$argv, &$argc){
else else
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($contact['dfrn-id'])); $sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($contact['dfrn-id']));
$x = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, $x = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`,
`contact`.`pubkey` AS `cpubkey`, `contact`.`pubkey` AS `cpubkey`,
`contact`.`prvkey` AS `cprvkey`, `contact`.`prvkey` AS `cprvkey`,
`contact`.`thumb` AS `thumb`, `contact`.`thumb` AS `thumb`,
`contact`.`url` as `url`, `contact`.`url` as `url`,
`contact`.`name` as `senderName`, `contact`.`name` as `senderName`,
`user`.* `user`.*
FROM `contact` FROM `contact`
INNER JOIN `user` ON `contact`.`uid` = `user`.`uid` INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE `contact`.`blocked` = 0 AND `contact`.`archive` = 0 WHERE `contact`.`blocked` = 0 AND `contact`.`archive` = 0
AND `contact`.`pending` = 0 AND `contact`.`pending` = 0
AND `contact`.`network` = '%s' AND `user`.`nickname` = '%s' AND `contact`.`network` = '%s' AND `user`.`nickname` = '%s'
@ -656,7 +656,7 @@ function notifier_run(&$argv, &$argc){
if($x && count($x)) { if($x && count($x)) {
$write_flag = ((($x[0]['rel']) && ($x[0]['rel'] != CONTACT_IS_SHARING)) ? true : false); $write_flag = ((($x[0]['rel']) && ($x[0]['rel'] != CONTACT_IS_SHARING)) ? true : false);
if((($owner['page-flags'] == PAGE_COMMUNITY) || ($write_flag)) && (! $x[0]['writable'])) { if((($owner['page-flags'] == PAGE_COMMUNITY) || ($write_flag)) && (! $x[0]['writable'])) {
q("update contact set writable = 1 where id = %d limit 1", q("update contact set writable = 1 where id = %d",
intval($x[0]['id']) intval($x[0]['id'])
); );
$x[0]['writable'] = 1; $x[0]['writable'] = 1;
@ -730,7 +730,7 @@ function notifier_run(&$argv, &$argc){
case NETWORK_MAIL: case NETWORK_MAIL:
case NETWORK_MAIL2: case NETWORK_MAIL2:
if(get_config('system','dfrn_only')) if(get_config('system','dfrn_only'))
break; break;
@ -755,7 +755,7 @@ function notifier_run(&$argv, &$argc){
} }
if(! $it) if(! $it)
break; break;
$local_user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", $local_user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
@ -763,7 +763,7 @@ function notifier_run(&$argv, &$argc){
); );
if(! count($local_user)) if(! count($local_user))
break; break;
$reply_to = ''; $reply_to = '';
$r1 = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", $r1 = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
intval($uid) intval($uid)

View file

@ -1,8 +1,8 @@
<?php <?php
/** /**
* OAuth server * OAuth server
* Based on oauth2-php <http://code.google.com/p/oauth2-php/> * Based on oauth2-php <http://code.google.com/p/oauth2-php/>
* *
*/ */
define('REQUEST_TOKEN_DURATION', 300); define('REQUEST_TOKEN_DURATION', 300);
@ -15,11 +15,11 @@ class FKOAuthDataStore extends OAuthDataStore {
function gen_token(){ function gen_token(){
return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid()))); return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
} }
function lookup_consumer($consumer_key) { function lookup_consumer($consumer_key) {
logger(__function__.":".$consumer_key); logger(__function__.":".$consumer_key);
//echo "<pre>"; var_dump($consumer_key); killme(); //echo "<pre>"; var_dump($consumer_key); killme();
$r = q("SELECT client_id, pw, redirect_uri FROM clients WHERE client_id='%s'", $r = q("SELECT client_id, pw, redirect_uri FROM clients WHERE client_id='%s'",
dbesc($consumer_key) dbesc($consumer_key)
); );
@ -129,7 +129,7 @@ class FKOAuth1 extends OAuthServer {
$this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT()); $this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
$this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1()); $this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
} }
function loginUser($uid){ function loginUser($uid){
logger("FKOAuth1::loginUser $uid"); logger("FKOAuth1::loginUser $uid");
$a = get_app(); $a = get_app();
@ -167,7 +167,7 @@ class FKOAuth1 extends OAuthServer {
$a->cid = $r[0]['id']; $a->cid = $r[0]['id'];
$_SESSION['cid'] = $a->cid; $_SESSION['cid'] = $a->cid;
} }
q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d LIMIT 1", q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d",
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval($_SESSION['uid']) intval($_SESSION['uid'])
); );

View file

@ -36,7 +36,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
$a->timezone = $a->user['timezone']; $a->timezone = $a->user['timezone'];
} }
$master_record = $a->user; $master_record = $a->user;
if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) { if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
$r = q("select * from user where uid = %d limit 1", $r = q("select * from user where uid = %d limit 1",
@ -81,7 +81,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
if($login_initial || $login_refresh) { if($login_initial || $login_refresh) {
$l = get_browser_language(); $l = get_browser_language();
q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d LIMIT 1", q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d",
dbesc(datetime_convert()), dbesc(datetime_convert()),
dbesc($l), dbesc($l),
intval($_SESSION['uid']) intval($_SESSION['uid'])
@ -209,7 +209,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
} }
} }
if($remote_verified) { if($remote_verified) {
$gs = '<<>>'; // should be impossible to match $gs = '<<>>'; // should be impossible to match
if(is_array($groups) && count($groups)) { if(is_array($groups) && count($groups)) {

View file

@ -482,9 +482,9 @@ if(! function_exists('photo_new_resource')) {
/** /**
* Generate a guaranteed unique photo ID. * Generate a guaranteed unique photo ID.
* safe from birthday paradox * safe from birthday paradox
* *
* @return string * @return string
*/ */
function photo_new_resource() { function photo_new_resource() {
do { do {
@ -505,7 +505,7 @@ if(! function_exists('load_view_file')) {
* @deprecated * @deprecated
* wrapper to load a view template, checking for alternate * wrapper to load a view template, checking for alternate
* languages before falling back to the default * languages before falling back to the default
* *
* @global string $lang * @global string $lang
* @global App $a * @global App $a
* @param string $s view name * @param string $s view name
@ -2076,7 +2076,7 @@ function file_tag_save_file($uid,$item,$file) {
); );
if(count($r)) { if(count($r)) {
if(! stristr($r[0]['file'],'[' . file_tag_encode($file) . ']')) if(! stristr($r[0]['file'],'[' . file_tag_encode($file) . ']'))
q("update item set file = '%s' where id = %d and uid = %d limit 1", q("update item set file = '%s' where id = %d and uid = %d",
dbesc($r[0]['file'] . '[' . file_tag_encode($file) . ']'), dbesc($r[0]['file'] . '[' . file_tag_encode($file) . ']'),
intval($item), intval($item),
intval($uid) intval($uid)
@ -2107,7 +2107,7 @@ function file_tag_unsave_file($uid,$item,$file,$cat = false) {
if(! count($r)) if(! count($r))
return false; return false;
q("update item set file = '%s' where id = %d and uid = %d limit 1", q("update item set file = '%s' where id = %d and uid = %d",
dbesc(str_replace($pattern,'',$r[0]['file'])), dbesc(str_replace($pattern,'',$r[0]['file'])),
intval($item), intval($item),
intval($uid) intval($uid)

View file

@ -65,13 +65,12 @@ function community_content(&$a, $update = 0) {
} }
//$r = q("SELECT distinct(`item`.`uri`)
$r = q("SELECT `item`.`uri`, `item`.*, `item`.`id` AS `item_id`, $r = q("SELECT `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
`user`.`nickname`, `user`.`hidewall` `user`.`nickname`, `user`.`hidewall`
FROM `thread` FORCE INDEX (`visible_deleted_moderated_private_wall_received`) FROM `thread` FORCE INDEX (`wall_private_received`)
INNER JOIN `user` ON `user`.`uid` = `thread`.`uid` AND `user`.`hidewall` = 0 INNER JOIN `user` ON `user`.`uid` = `thread`.`uid` AND `user`.`hidewall` = 0
INNER JOIN `item` ON `item`.`id` = `thread`.`iid` INNER JOIN `item` ON `item`.`id` = `thread`.`iid`
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''

View file

@ -62,7 +62,7 @@ function crepair_post(&$a) {
$remote_self = ((x($_POST,'remote_self')) ? $_POST['remote_self'] : false); $remote_self = ((x($_POST,'remote_self')) ? $_POST['remote_self'] : false);
$r = q("UPDATE `contact` SET `name` = '%s', `nick` = '%s', `url` = '%s', `request` = '%s', `confirm` = '%s', `notify` = '%s', `poll` = '%s', `attag` = '%s' , `remote_self` = %d $r = q("UPDATE `contact` SET `name` = '%s', `nick` = '%s', `url` = '%s', `request` = '%s', `confirm` = '%s', `notify` = '%s', `poll` = '%s', `attag` = '%s' , `remote_self` = %d
WHERE `id` = %d AND `uid` = %d LIMIT 1", WHERE `id` = %d AND `uid` = %d",
dbesc($name), dbesc($name),
dbesc($nick), dbesc($nick),
dbesc($url), dbesc($url),
@ -88,7 +88,7 @@ function crepair_post(&$a) {
`name-date` = '%s', `name-date` = '%s',
`uri-date` = '%s', `uri-date` = '%s',
`avatar-date` = '%s' `avatar-date` = '%s'
WHERE `id` = %d LIMIT 1 WHERE `id` = %d
", ",
dbesc($photos[0]), dbesc($photos[0]),
dbesc($photos[1]), dbesc($photos[1]),

View file

@ -52,7 +52,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(! $uid) { if(! $uid) {
notice( t('Permission denied.') . EOL ); notice( t('Permission denied.') . EOL );
return; return;
} }
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($uid) intval($uid)
@ -61,7 +61,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(! $user) { if(! $user) {
notice( t('Profile not found.') . EOL ); notice( t('Profile not found.') . EOL );
return; return;
} }
// These data elements may come from either the friend request notification form or $handsfree array. // These data elements may come from either the friend request notification form or $handsfree array.
@ -153,7 +153,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
// Save the private key. Send them the public key. // Save the private key. Send them the public key.
$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($private_key), dbesc($private_key),
intval($contact_id), intval($contact_id),
intval($uid) intval($uid)
@ -258,7 +258,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
case 1: case 1:
// birthday paradox - generate new dfrn-id and fall through. // birthday paradox - generate new dfrn-id and fall through.
$new_dfrn_id = random_string(); $new_dfrn_id = random_string();
$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($new_dfrn_id), dbesc($new_dfrn_id),
intval($contact_id), intval($contact_id),
intval($uid) intval($uid)
@ -279,17 +279,17 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
} }
if(($status == 0) && ($intro_id)) { if(($status == 0) && ($intro_id)) {
// Success. Delete the notification. // Success. Delete the notification.
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
intval($intro_id), intval($intro_id),
intval($uid) intval($uid)
); );
} }
if($status != 0) if($status != 0)
return; return;
} }
@ -319,19 +319,19 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(($relation == CONTACT_IS_SHARING) && ($duplex)) if(($relation == CONTACT_IS_SHARING) && ($duplex))
$duplex = 0; $duplex = 0;
$r = q("UPDATE `contact` SET $r = q("UPDATE `contact` SET
`photo` = '%s', `photo` = '%s',
`thumb` = '%s', `thumb` = '%s',
`micro` = '%s', `micro` = '%s',
`rel` = %d, `rel` = %d,
`name-date` = '%s', `name-date` = '%s',
`uri-date` = '%s', `uri-date` = '%s',
`avatar-date` = '%s', `avatar-date` = '%s',
`blocked` = 0, `blocked` = 0,
`pending` = 0, `pending` = 0,
`duplex` = %d, `duplex` = %d,
`hidden` = %d, `hidden` = %d,
`network` = 'dfrn' WHERE `id` = %d LIMIT 1 `network` = 'dfrn' WHERE `id` = %d
", ",
dbesc($photos[0]), dbesc($photos[0]),
dbesc($photos[1]), dbesc($photos[1]),
@ -345,7 +345,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
intval($contact_id) intval($contact_id)
); );
} }
else { else {
// $network !== NETWORK_DFRN // $network !== NETWORK_DFRN
@ -378,27 +378,27 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$writable = 1; $writable = 1;
} }
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
intval($intro_id), intval($intro_id),
intval($uid) intval($uid)
); );
$r = q("UPDATE `contact` SET `photo` = '%s', $r = q("UPDATE `contact` SET `photo` = '%s',
`thumb` = '%s', `thumb` = '%s',
`micro` = '%s', `micro` = '%s',
`name-date` = '%s', `name-date` = '%s',
`uri-date` = '%s', `uri-date` = '%s',
`avatar-date` = '%s', `avatar-date` = '%s',
`notify` = '%s', `notify` = '%s',
`poll` = '%s', `poll` = '%s',
`blocked` = 0, `blocked` = 0,
`pending` = 0, `pending` = 0,
`network` = '%s', `network` = '%s',
`writable` = %d, `writable` = %d,
`hidden` = %d, `hidden` = %d,
`rel` = %d `rel` = %d
WHERE `id` = %d LIMIT 1 WHERE `id` = %d
", ",
dbesc($photos[0]), dbesc($photos[0]),
dbesc($photos[1]), dbesc($photos[1]),
@ -413,7 +413,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
intval($hidden), intval($hidden),
intval($new_relation), intval($new_relation),
intval($contact_id) intval($contact_id)
); );
} }
if($r === false) if($r === false)
@ -511,7 +511,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if($handsfree === null) if($handsfree === null)
goaway($a->get_baseurl() . '/contacts/' . intval($contact_id)); goaway($a->get_baseurl() . '/contacts/' . intval($contact_id));
else else
return; return;
//NOTREACHED //NOTREACHED
} }
@ -538,7 +538,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$duplex = ((x($_POST,'duplex')) ? intval($_POST['duplex']) : 0 ); $duplex = ((x($_POST,'duplex')) ? intval($_POST['duplex']) : 0 );
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 ); $page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 );
$version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0); $version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
$forum = (($page == 1) ? 1 : 0); $forum = (($page == 1) ? 1 : 0);
$prv = (($page == 2) ? 1 : 0); $prv = (($page == 2) ? 1 : 0);
@ -640,7 +640,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
// NOTREACHED // NOTREACHED
} }
$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d LIMIT 1", $r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d",
dbesc($decrypted_dfrn_id), dbesc($decrypted_dfrn_id),
dbesc($dfrn_pubkey), dbesc($dfrn_pubkey),
intval($dfrn_record) intval($dfrn_record)
@ -651,10 +651,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
} }
// It's possible that the other person also requested friendship. // It's possible that the other person also requested friendship.
// If it is a duplex relationship, ditch the issued-id if one exists. // If it is a duplex relationship, ditch the issued-id if one exists.
if($duplex) { if($duplex) {
$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d LIMIT 1", $r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d",
intval($dfrn_record) intval($dfrn_record)
); );
} }
@ -670,7 +670,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$photo = $r[0]['photo']; $photo = $r[0]['photo'];
else else
$photo = $a->get_baseurl() . '/images/person-175.jpg'; $photo = $a->get_baseurl() . '/images/person-175.jpg';
require_once("include/Photo.php"); require_once("include/Photo.php");
$photos = import_profile_photo($photo,$local_uid,$dfrn_record); $photos = import_profile_photo($photo,$local_uid,$dfrn_record);
@ -684,20 +684,20 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(($relation == CONTACT_IS_FOLLOWER) && ($duplex)) if(($relation == CONTACT_IS_FOLLOWER) && ($duplex))
$duplex = 0; $duplex = 0;
$r = q("UPDATE `contact` SET $r = q("UPDATE `contact` SET
`photo` = '%s', `photo` = '%s',
`thumb` = '%s', `thumb` = '%s',
`micro` = '%s', `micro` = '%s',
`rel` = %d, `rel` = %d,
`name-date` = '%s', `name-date` = '%s',
`uri-date` = '%s', `uri-date` = '%s',
`avatar-date` = '%s', `avatar-date` = '%s',
`blocked` = 0, `blocked` = 0,
`pending` = 0, `pending` = 0,
`duplex` = %d, `duplex` = %d,
`forum` = %d, `forum` = %d,
`prv` = %d, `prv` = %d,
`network` = '%s' WHERE `id` = %d LIMIT 1 `network` = '%s' WHERE `id` = %d
", ",
dbesc($photos[0]), dbesc($photos[0]),
dbesc($photos[1]), dbesc($photos[1]),
@ -733,10 +733,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if((count($r)) && ($r[0]['notify-flags'] & NOTIFY_CONFIRM)) { if((count($r)) && ($r[0]['notify-flags'] & NOTIFY_CONFIRM)) {
push_lang($r[0]['language']); push_lang($r[0]['language']);
$tpl = (($new_relation == CONTACT_IS_FRIEND) $tpl = (($new_relation == CONTACT_IS_FRIEND)
? get_intltext_template('friend_complete_eml.tpl') ? get_intltext_template('friend_complete_eml.tpl')
: get_intltext_template('intro_complete_eml.tpl')); : get_intltext_template('intro_complete_eml.tpl'));
$email_tpl = replace_macros($tpl, array( $email_tpl = replace_macros($tpl, array(
'$sitename' => $a->config['sitename'], '$sitename' => $a->config['sitename'],
'$siteurl' => $a->get_baseurl(), '$siteurl' => $a->get_baseurl(),

View file

@ -70,19 +70,19 @@ function dfrn_request_post(&$a) {
$confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : ""); $confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
$hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0); $hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
$contact_record = null; $contact_record = null;
if(x($dfrn_url)) { if(x($dfrn_url)) {
/** /**
* Lookup the contact based on their URL (which is the only unique thing we have at the moment) * Lookup the contact based on their URL (which is the only unique thing we have at the moment)
*/ */
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1", $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1",
intval(local_user()), intval(local_user()),
dbesc($dfrn_url), dbesc($dfrn_url),
dbesc(normalise_link($dfrn_url)) dbesc(normalise_link($dfrn_url))
); );
if(count($r)) { if(count($r)) {
if(strlen($r[0]['dfrn-id'])) { if(strlen($r[0]['dfrn-id'])) {
@ -283,11 +283,11 @@ function dfrn_request_post(&$a) {
if(count($r)) { if(count($r)) {
foreach($r as $rr) { foreach($r as $rr) {
if(! $rr['rel']) { if(! $rr['rel']) {
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1", q("DELETE FROM `contact` WHERE `id` = %d",
intval($rr['cid']) intval($rr['cid'])
); );
} }
q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", q("DELETE FROM `intro` WHERE `id` = %d",
intval($rr['iid']) intval($rr['iid'])
); );
} }
@ -298,9 +298,9 @@ function dfrn_request_post(&$a) {
* Cleanup any old email intros - which will have a greater lifetime * Cleanup any old email intros - which will have a greater lifetime
*/ */
$r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel` $r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel`
FROM `intro` LEFT JOIN `contact` on `intro`.`contact-id` = `contact`.`id` FROM `intro` LEFT JOIN `contact` on `intro`.`contact-id` = `contact`.`id`
WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0 WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0
AND `contact`.`network` = '%s' AND `contact`.`network` = '%s'
AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 3 DAY ", AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 3 DAY ",
dbesc(NETWORK_MAIL2) dbesc(NETWORK_MAIL2)
@ -308,11 +308,11 @@ function dfrn_request_post(&$a) {
if(count($r)) { if(count($r)) {
foreach($r as $rr) { foreach($r as $rr) {
if(! $rr['rel']) { if(! $rr['rel']) {
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1", q("DELETE FROM `contact` WHERE `id` = %d",
intval($rr['cid']) intval($rr['cid'])
); );
} }
q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", q("DELETE FROM `intro` WHERE `id` = %d",
intval($rr['iid']) intval($rr['iid'])
); );
} }
@ -455,7 +455,7 @@ function dfrn_request_post(&$a) {
logger('dfrn_request: url: ' . $url); logger('dfrn_request: url: ' . $url);
if(! strlen($url)) { if(! strlen($url)) {
notice( t("Unable to resolve your name at the provided location.") . EOL); notice( t("Unable to resolve your name at the provided location.") . EOL);
return; return;
} }
@ -555,14 +555,14 @@ function dfrn_request_post(&$a) {
); );
// find the contact record we just created // find the contact record we just created
if($r) { if($r) {
$r = q("SELECT `id` FROM `contact` $r = q("SELECT `id` FROM `contact`
WHERE `uid` = %d AND `url` = '%s' AND `issued-id` = '%s' LIMIT 1", WHERE `uid` = %d AND `url` = '%s' AND `issued-id` = '%s' LIMIT 1",
intval($uid), intval($uid),
$parms['url'], $parms['url'],
$parms['issued-id'] $parms['issued-id']
); );
if(count($r)) if(count($r))
$contact_record = $r[0]; $contact_record = $r[0];
} }
@ -701,7 +701,7 @@ function dfrn_request_content(&$a) {
if(count($r)) { if(count($r)) {
if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP)) if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP))
$auto_confirm = true; $auto_confirm = true;
if(! $auto_confirm) { if(! $auto_confirm) {
require_once('include/enotify.php'); require_once('include/enotify.php');

View file

@ -28,7 +28,7 @@ function events_post(&$a) {
$adjust = intval($_POST['adjust']); $adjust = intval($_POST['adjust']);
$nofinish = intval($_POST['nofinish']); $nofinish = intval($_POST['nofinish']);
// The default setting for the `private` field in event_store() is false, so mirror that // The default setting for the `private` field in event_store() is false, so mirror that
$private_event = false; $private_event = false;
@ -142,14 +142,14 @@ function events_content(&$a) {
} }
if(($a->argc > 2) && ($a->argv[1] === 'ignore') && intval($a->argv[2])) { if(($a->argc > 2) && ($a->argv[1] === 'ignore') && intval($a->argv[2])) {
$r = q("update event set ignore = 1 where id = %d and uid = %d limit 1", $r = q("update event set ignore = 1 where id = %d and uid = %d",
intval($a->argv[2]), intval($a->argv[2]),
intval(local_user()) intval(local_user())
); );
} }
if(($a->argc > 2) && ($a->argv[1] === 'unignore') && intval($a->argv[2])) { if(($a->argc > 2) && ($a->argv[1] === 'unignore') && intval($a->argv[2])) {
$r = q("update event set ignore = 0 where id = %d and uid = %d limit 1", $r = q("update event set ignore = 0 where id = %d and uid = %d",
intval($a->argv[2]), intval($a->argv[2]),
intval(local_user()) intval(local_user())
); );
@ -372,16 +372,16 @@ function events_content(&$a) {
'$previus' => array($a->get_baseurl()."/events/$prevyear/$prevmonth",t('Previous'),'',''), '$previus' => array($a->get_baseurl()."/events/$prevyear/$prevmonth",t('Previous'),'',''),
'$next' => array($a->get_baseurl()."/events/$nextyear/$nextmonth",t('Next'),'',''), '$next' => array($a->get_baseurl()."/events/$nextyear/$nextmonth",t('Next'),'',''),
'$calendar' => cal($y,$m,$links, ' eventcal'), '$calendar' => cal($y,$m,$links, ' eventcal'),
'$events' => $events, '$events' => $events,
)); ));
if (x($_GET,'id')){ echo $o; killme(); } if (x($_GET,'id')){ echo $o; killme(); }
return $o; return $o;
} }
if($mode === 'edit' && $event_id) { if($mode === 'edit' && $event_id) {

View file

@ -52,7 +52,7 @@ function fsuggest_post(&$a) {
); );
if(count($r)) { if(count($r)) {
$fsuggest_id = $r[0]['id']; $fsuggest_id = $r[0]['id'];
q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($note), dbesc($note),
intval($fsuggest_id), intval($fsuggest_id),
intval(local_user()) intval(local_user())
@ -108,4 +108,4 @@ function fsuggest_content(&$a) {
$o .= '</form>'; $o .= '</form>';
return $o; return $o;
} }

View file

@ -22,7 +22,7 @@ function group_post(&$a) {
if(($a->argc == 2) && ($a->argv[1] === 'new')) { if(($a->argc == 2) && ($a->argv[1] === 'new')) {
check_form_security_token_redirectOnErr('/group/new', 'group_edit'); check_form_security_token_redirectOnErr('/group/new', 'group_edit');
$name = notags(trim($_POST['groupname'])); $name = notags(trim($_POST['groupname']));
$r = group_add(local_user(),$name); $r = group_add(local_user(),$name);
if($r) { if($r) {
@ -32,13 +32,13 @@ function group_post(&$a) {
goaway($a->get_baseurl() . '/group/' . $r); goaway($a->get_baseurl() . '/group/' . $r);
} }
else else
notice( t('Could not create group.') . EOL ); notice( t('Could not create group.') . EOL );
goaway($a->get_baseurl() . '/group'); goaway($a->get_baseurl() . '/group');
return; // NOTREACHED return; // NOTREACHED
} }
if(($a->argc == 2) && (intval($a->argv[1]))) { if(($a->argc == 2) && (intval($a->argv[1]))) {
check_form_security_token_redirectOnErr('/group', 'group_edit'); check_form_security_token_redirectOnErr('/group', 'group_edit');
$r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[1]), intval($a->argv[1]),
intval(local_user()) intval(local_user())
@ -51,7 +51,7 @@ function group_post(&$a) {
$group = $r[0]; $group = $r[0];
$groupname = notags(trim($_POST['groupname'])); $groupname = notags(trim($_POST['groupname']));
if((strlen($groupname)) && ($groupname != $group['name'])) { if((strlen($groupname)) && ($groupname != $group['name'])) {
$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1", $r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($groupname), dbesc($groupname),
intval(local_user()), intval(local_user()),
intval($group['id']) intval($group['id'])
@ -88,7 +88,7 @@ function group_content(&$a) {
); );
if(($a->argc == 2) && ($a->argv[1] === 'new')) { if(($a->argc == 2) && ($a->argv[1] === 'new')) {
return replace_macros($tpl, $context + array( return replace_macros($tpl, $context + array(
'$title' => t('Create a group of contacts/friends.'), '$title' => t('Create a group of contacts/friends.'),
'$gname' => array('groupname',t('Group Name: '), '', ''), '$gname' => array('groupname',t('Group Name: '), '', ''),
@ -101,13 +101,13 @@ function group_content(&$a) {
if(($a->argc == 3) && ($a->argv[1] === 'drop')) { if(($a->argc == 3) && ($a->argv[1] === 'drop')) {
check_form_security_token_redirectOnErr('/group', 'group_drop', 't'); check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
if(intval($a->argv[2])) { if(intval($a->argv[2])) {
$r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]), intval($a->argv[2]),
intval(local_user()) intval(local_user())
); );
if(count($r)) if(count($r))
$result = group_rmv(local_user(),$r[0]['name']); $result = group_rmv(local_user(),$r[0]['name']);
if($result) if($result)
info( t('Group removed.') . EOL); info( t('Group removed.') . EOL);
@ -120,7 +120,7 @@ function group_content(&$a) {
if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) { if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
check_form_security_token_ForbiddenOnErr('group_member_change', 't'); check_form_security_token_ForbiddenOnErr('group_member_change', 't');
$r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1", $r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1",
intval($a->argv[2]), intval($a->argv[2]),
intval(local_user()) intval(local_user())

View file

@ -109,7 +109,7 @@ function like_content(&$a) {
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : ''); $return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
$r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0 $r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
AND `contact-id` = %d AND ( `parent` = '%s' OR `parent-uri` = '%s' OR `thr-parent` = '%s') LIMIT 1", AND `contact-id` = %d AND ( `parent` = '%s' OR `parent-uri` = '%s' OR `thr-parent` = '%s') LIMIT 1",
dbesc($activity), dbesc($activity),
intval($contact['id']), intval($contact['id']),
@ -121,7 +121,7 @@ function like_content(&$a) {
$like_item = $r[0]; $like_item = $r[0];
// Already voted, undo it // Already voted, undo it
$r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d LIMIT 1", $r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval($like_item['id']) intval($like_item['id'])
); );
@ -207,14 +207,14 @@ EOT;
$arr['unseen'] = 1; $arr['unseen'] = 1;
$arr['last-child'] = 0; $arr['last-child'] = 0;
$post_id = item_store($arr); $post_id = item_store($arr);
if(! $item['visible']) { if(! $item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d",
intval($item['id']), intval($item['id']),
intval($owner_uid) intval($owner_uid)
); );
} }
// Save the author information for the like in case we need to relay to Diaspora // Save the author information for the like in case we need to relay to Diaspora

View file

@ -25,7 +25,7 @@ function lostpass_post(&$a) {
$new_password = autoname(12) . mt_rand(100,9999); $new_password = autoname(12) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password); $new_password_encoded = hash('whirlpool',$new_password);
$r = q("UPDATE `user` SET `pwdreset` = '%s' WHERE `uid` = %d LIMIT 1", $r = q("UPDATE `user` SET `pwdreset` = '%s' WHERE `uid` = %d",
dbesc($new_password_encoded), dbesc($new_password_encoded),
intval($uid) intval($uid)
); );
@ -74,7 +74,7 @@ function lostpass_content(&$a) {
$new_password = autoname(6) . mt_rand(100,9999); $new_password = autoname(6) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password); $new_password_encoded = hash('whirlpool',$new_password);
$r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d LIMIT 1", $r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d",
dbesc($new_password_encoded), dbesc($new_password_encoded),
intval($uid) intval($uid)
); );

View file

@ -12,8 +12,8 @@ function mood_init(&$a) {
$uid = local_user(); $uid = local_user();
$verb = notags(trim($_GET['verb'])); $verb = notags(trim($_GET['verb']));
if(! $verb) if(! $verb)
return; return;
$verbs = get_mood_verbs(); $verbs = get_mood_verbs();
@ -30,7 +30,7 @@ function mood_init(&$a) {
if($parent) { if($parent) {
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid $r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
from item where id = %d and parent = %d and uid = %d limit 1", from item where id = %d and parent = %d and uid = %d limit 1",
intval($parent), intval($parent),
intval($parent), intval($parent),
@ -90,7 +90,7 @@ function mood_init(&$a) {
$item_id = item_store($arr); $item_id = item_store($arr);
if($item_id) { if($item_id) {
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1", q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($a->get_baseurl() . '/display/' . $poster['nickname'] . '/' . $item_id), dbesc($a->get_baseurl() . '/display/' . $poster['nickname'] . '/' . $item_id),
intval($uid), intval($uid),
intval($item_id) intval($item_id)
@ -139,4 +139,4 @@ function mood_content(&$a) {
return $o; return $o;
} }

View file

@ -33,7 +33,7 @@ function notifications_post(&$a) {
$fid = $r[0]['fid']; $fid = $r[0]['fid'];
if($_POST['submit'] == t('Discard')) { if($_POST['submit'] == t('Discard')) {
$r = q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", $r = q("DELETE FROM `intro` WHERE `id` = %d",
intval($intro_id) intval($intro_id)
); );
if(! $fid) { if(! $fid) {
@ -41,7 +41,7 @@ function notifications_post(&$a) {
// The check for blocked and pending is in case the friendship was already approved // The check for blocked and pending is in case the friendship was already approved
// and we just want to get rid of the now pointless notification // and we just want to get rid of the now pointless notification
$r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1 LIMIT 1", $r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1",
intval($contact_id), intval($contact_id),
intval(local_user()) intval(local_user())
); );

View file

@ -12,8 +12,8 @@ function poke_init(&$a) {
$uid = local_user(); $uid = local_user();
$verb = notags(trim($_GET['verb'])); $verb = notags(trim($_GET['verb']));
if(! $verb) if(! $verb)
return; return;
$verbs = get_poke_verbs(); $verbs = get_poke_verbs();
@ -46,7 +46,7 @@ function poke_init(&$a) {
$target = $r[0]; $target = $r[0];
if($parent) { if($parent) {
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid $r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
from item where id = %d and parent = %d and uid = %d limit 1", from item where id = %d and parent = %d and uid = %d limit 1",
intval($parent), intval($parent),
intval($parent), intval($parent),
@ -111,7 +111,7 @@ function poke_init(&$a) {
$item_id = item_store($arr); $item_id = item_store($arr);
if($item_id) { if($item_id) {
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1", q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($a->get_baseurl() . '/display/' . $poster['nickname'] . '/' . $item_id), dbesc($a->get_baseurl() . '/display/' . $poster['nickname'] . '/' . $item_id),
intval($uid), intval($uid),
intval($item_id) intval($item_id)
@ -156,20 +156,20 @@ function poke_content(&$a) {
$a->page['htmlhead'] .= '<script src="' . $a->get_baseurl(true) . '/library/jquery_ac/friendica.complete.js" ></script>'; $a->page['htmlhead'] .= '<script src="' . $a->get_baseurl(true) . '/library/jquery_ac/friendica.complete.js" ></script>';
$a->page['htmlhead'] .= <<< EOT $a->page['htmlhead'] .= <<< EOT
<script>$(document).ready(function() { <script>$(document).ready(function() {
var a; var a;
a = $("#poke-recip").autocomplete({ a = $("#poke-recip").autocomplete({
serviceUrl: '$base/acl', serviceUrl: '$base/acl',
minChars: 2, minChars: 2,
width: 350, width: 350,
onSelect: function(value,data) { onSelect: function(value,data) {
$("#poke-recip-complete").val(data); $("#poke-recip-complete").val(data);
} }
}); });
a.setOptions({ params: { type: 'a' }}); a.setOptions({ params: { type: 'a' }});
}); });
</script> </script>
EOT; EOT;
@ -203,4 +203,4 @@ EOT;
return $o; return $o;
} }

View file

@ -19,9 +19,9 @@ function profile_photo_post(&$a) {
notice ( t('Permission denied.') . EOL ); notice ( t('Permission denied.') . EOL );
return; return;
} }
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) { if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) {
// unless proven otherwise // unless proven otherwise
@ -34,9 +34,9 @@ function profile_photo_post(&$a) {
); );
if(count($r) && (! intval($r[0]['is-default']))) if(count($r) && (! intval($r[0]['is-default'])))
$is_default_profile = 0; $is_default_profile = 0;
} }
// phase 2 - we have finished cropping // phase 2 - we have finished cropping
@ -51,7 +51,7 @@ function profile_photo_post(&$a) {
$scale = substr($image_id,-1,1); $scale = substr($image_id,-1,1);
$image_id = substr($image_id,0,-2); $image_id = substr($image_id,0,-2);
} }
$srcX = $_POST['xstart']; $srcX = $_POST['xstart'];
$srcY = $_POST['ystart']; $srcY = $_POST['ystart'];
@ -86,7 +86,7 @@ function profile_photo_post(&$a) {
$im->scaleImage(48); $im->scaleImage(48);
$r = $im->store(local_user(), 0, $base_image['resource-id'],$base_image['filename'], t('Profile Photos'), 6, $is_default_profile); $r = $im->store(local_user(), 0, $base_image['resource-id'],$base_image['filename'], t('Profile Photos'), 6, $is_default_profile);
if($r === false) if($r === false)
notice( sprintf(t('Image size reduction [%s] failed.'),"48") . EOL ); notice( sprintf(t('Image size reduction [%s] failed.'),"48") . EOL );
@ -99,7 +99,7 @@ function profile_photo_post(&$a) {
); );
} }
else { else {
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d limit 1", $r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d",
dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-4'), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-4'),
dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-5'), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-5'),
intval($_REQUEST['profile']), intval($_REQUEST['profile']),
@ -110,7 +110,7 @@ function profile_photo_post(&$a) {
// we'll set the updated profile-photo timestamp even if it isn't the default profile, // we'll set the updated profile-photo timestamp even if it isn't the default profile,
// so that browsers will do a cache update unconditionally // so that browsers will do a cache update unconditionally
$r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1", $r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d",
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval(local_user()) intval(local_user())
); );
@ -204,22 +204,22 @@ function profile_photo_content(&$a) {
if (($r[0]['album']== t('Profile Photos')) && ($havescale)){ if (($r[0]['album']== t('Profile Photos')) && ($havescale)){
$r=q("UPDATE `photo` SET `profile`=0 WHERE `profile`=1 AND `uid`=%d", $r=q("UPDATE `photo` SET `profile`=0 WHERE `profile`=1 AND `uid`=%d",
intval(local_user())); intval(local_user()));
$r=q("UPDATE `photo` SET `profile`=1 WHERE `uid` = %d AND `resource-id` = '%s'", $r=q("UPDATE `photo` SET `profile`=1 WHERE `uid` = %d AND `resource-id` = '%s'",
intval(local_user()), intval(local_user()),
dbesc($resource_id) dbesc($resource_id)
); );
$r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1", $r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d",
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval(local_user()) intval(local_user())
); );
// Update global directory in background // Update global directory in background
$url = $_SESSION['my_url']; $url = $_SESSION['my_url'];
if($url && strlen(get_config('system','directory_submit_url'))) if($url && strlen(get_config('system','directory_submit_url')))
proc_run('php',"include/directory.php","$url"); proc_run('php',"include/directory.php","$url");
goaway($a->get_baseurl() . '/profiles'); goaway($a->get_baseurl() . '/profiles');
return; // NOTREACHED return; // NOTREACHED
} }

View file

@ -76,7 +76,7 @@ function profiles_init(&$a) {
goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']); goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']);
goaway($a->get_baseurl(true) . '/profiles'); goaway($a->get_baseurl(true) . '/profiles');
} }
if(($a->argc > 2) && ($a->argv[1] === 'clone')) { if(($a->argc > 2) && ($a->argv[1] === 'clone')) {
@ -98,16 +98,16 @@ function profiles_init(&$a) {
} }
unset($r1[0]['id']); unset($r1[0]['id']);
$r1[0]['is-default'] = 0; $r1[0]['is-default'] = 0;
$r1[0]['publish'] = 0; $r1[0]['publish'] = 0;
$r1[0]['net-publish'] = 0; $r1[0]['net-publish'] = 0;
$r1[0]['profile-name'] = dbesc($name); $r1[0]['profile-name'] = dbesc($name);
dbesc_array($r1[0]); dbesc_array($r1[0]);
$r2 = dbq("INSERT INTO `profile` (`" $r2 = dbq("INSERT INTO `profile` (`"
. implode("`, `", array_keys($r1[0])) . implode("`, `", array_keys($r1[0]))
. "`) VALUES ('" . "`) VALUES ('"
. implode("', '", array_values($r1[0])) . implode("', '", array_values($r1[0]))
. "')" ); . "')" );
$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1", $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
@ -162,7 +162,7 @@ function profiles_post(&$a) {
} }
check_form_security_token_redirectOnErr('/profiles', 'profile_edit'); check_form_security_token_redirectOnErr('/profiles', 'profile_edit');
$is_default = (($orig[0]['is-default']) ? 1 : 0); $is_default = (($orig[0]['is-default']) ? 1 : 0);
$profile_name = notags(trim($_POST['profile_name'])); $profile_name = notags(trim($_POST['profile_name']));
@ -170,7 +170,7 @@ function profiles_post(&$a) {
notify( t('Profile Name is required.') . EOL); notify( t('Profile Name is required.') . EOL);
return; return;
} }
$year = intval($_POST['year']); $year = intval($_POST['year']);
if($year < 1900 || $year > 2100 || $year < 0) if($year < 1900 || $year > 2100 || $year < 0)
$year = 0; $year = 0;

View file

@ -6,7 +6,7 @@ function profperm_init(&$a) {
return; return;
$which = $a->user['nickname']; $which = $a->user['nickname'];
$profile = $a->argv[1]; $profile = $a->argv[1];
profile_load($a,$which,$profile); profile_load($a,$which,$profile);
@ -36,7 +36,7 @@ function profperm_content(&$a) {
if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) { if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
$r = q("SELECT `id` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `self` = 0 $r = q("SELECT `id` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `self` = 0
AND `network` = 'dfrn' AND `id` = %d AND `uid` = %d LIMIT 1", AND `network` = 'dfrn' AND `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]), intval($a->argv[2]),
intval(local_user()) intval(local_user())
@ -71,13 +71,13 @@ function profperm_content(&$a) {
if($change) { if($change) {
if(in_array($change,$ingroup)) { if(in_array($change,$ingroup)) {
q("UPDATE `contact` SET `profile-id` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1", q("UPDATE `contact` SET `profile-id` = 0 WHERE `id` = %d AND `uid` = %d",
intval($change), intval($change),
intval(local_user()) intval(local_user())
); );
} }
else { else {
q("UPDATE `contact` SET `profile-id` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1", q("UPDATE `contact` SET `profile-id` = %d WHERE `id` = %d AND `uid` = %d",
intval($a->argv[1]), intval($a->argv[1]),
intval($change), intval($change),
intval(local_user()) intval(local_user())

View file

@ -196,14 +196,14 @@ function settings_post(&$a) {
if(strlen($mail_pass)) { if(strlen($mail_pass)) {
$pass = ''; $pass = '';
openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']); openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']);
q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d LIMIT 1", q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d",
dbesc(bin2hex($pass)), dbesc(bin2hex($pass)),
intval(local_user()) intval(local_user())
); );
} }
$r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s', $r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s',
`action` = %d, `movetofolder` = '%s', `action` = %d, `movetofolder` = '%s',
`mailbox` = 'INBOX', `reply_to` = '%s', `pubmail` = %d WHERE `uid` = %d LIMIT 1", `mailbox` = 'INBOX', `reply_to` = '%s', `pubmail` = %d WHERE `uid` = %d",
dbesc($mail_server), dbesc($mail_server),
intval($mail_port), intval($mail_port),
dbesc($mail_ssl), dbesc($mail_ssl),
@ -294,7 +294,7 @@ function settings_post(&$a) {
} }
$r = q("UPDATE `user` SET `theme` = '%s' WHERE `uid` = %d LIMIT 1", $r = q("UPDATE `user` SET `theme` = '%s' WHERE `uid` = %d",
dbesc($theme), dbesc($theme),
intval(local_user()) intval(local_user())
); );
@ -341,7 +341,7 @@ function settings_post(&$a) {
if(! $err) { if(! $err) {
$password = hash('whirlpool',$newpass); $password = hash('whirlpool',$newpass);
$r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d LIMIT 1", $r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d",
dbesc($password), dbesc($password),
intval(local_user()) intval(local_user())
); );
@ -499,7 +499,7 @@ function settings_post(&$a) {
} }
} }
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1", $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d",
dbesc($username), dbesc($username),
dbesc($email), dbesc($email),
dbesc($openid), dbesc($openid),
@ -526,12 +526,12 @@ function settings_post(&$a) {
if($r) if($r)
info( t('Settings updated.') . EOL); info( t('Settings updated.') . EOL);
$r = q("UPDATE `profile` $r = q("UPDATE `profile`
SET `publish` = %d, SET `publish` = %d,
`name` = '%s', `name` = '%s',
`net-publish` = %d, `net-publish` = %d,
`hide-friends` = %d `hide-friends` = %d
WHERE `is-default` = 1 AND `uid` = %d LIMIT 1", WHERE `is-default` = 1 AND `uid` = %d",
intval($publish), intval($publish),
dbesc($username), dbesc($username),
intval($net_publish), intval($net_publish),
@ -541,7 +541,7 @@ function settings_post(&$a) {
if($name_change) { if($name_change) {
q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `self` = 1 LIMIT 1", q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `self` = 1",
dbesc($username), dbesc($username),
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval(local_user()) intval(local_user())

View file

@ -22,7 +22,7 @@ function starred_init(&$a) {
if(! intval($r[0]['starred'])) if(! intval($r[0]['starred']))
$starred = 1; $starred = 1;
$r = q("UPDATE item SET starred = %d WHERE uid = %d and id = %d LIMIT 1", $r = q("UPDATE item SET starred = %d WHERE uid = %d and id = %d",
intval($starred), intval($starred),
intval(local_user()), intval(local_user()),
intval($message_id) intval($message_id)

View file

@ -85,7 +85,7 @@ function subthread_content(&$a) {
$uri = item_new_uri($a->get_hostname(),$owner_uid); $uri = item_new_uri($a->get_hostname(),$owner_uid);
$post_type = (($item['resource-id']) ? t('photo') : t('status')); $post_type = (($item['resource-id']) ? t('photo') : t('status'));
$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); $objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
$link = xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ; $link = xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
$body = $item['body']; $body = $item['body'];
@ -140,14 +140,14 @@ EOT;
$arr['unseen'] = 1; $arr['unseen'] = 1;
$arr['last-child'] = 0; $arr['last-child'] = 0;
$post_id = item_store($arr); $post_id = item_store($arr);
if(! $item['visible']) { if(! $item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d",
intval($item['id']), intval($item['id']),
intval($owner_uid) intval($owner_uid)
); );
} }
$arr['id'] = $post_id; $arr['id'] = $post_id;

View file

@ -60,9 +60,9 @@ function tagger_content(&$a) {
$uri = item_new_uri($a->get_hostname(),$owner_uid); $uri = item_new_uri($a->get_hostname(),$owner_uid);
$xterm = xmlify($term); $xterm = xmlify($term);
$post_type = (($item['resource-id']) ? t('photo') : t('status')); $post_type = (($item['resource-id']) ? t('photo') : t('status'));
$targettype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); $targettype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
$link = xmlify('<link rel="alternate" type="text/html" href="' $link = xmlify('<link rel="alternate" type="text/html" href="'
. $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ; . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
$body = xmlify($item['body']); $body = xmlify($item['body']);
@ -136,20 +136,20 @@ EOT;
$arr['last-child'] = 1; $arr['last-child'] = 1;
$arr['origin'] = 1; $arr['origin'] = 1;
$post_id = item_store($arr); $post_id = item_store($arr);
q("UPDATE `item` set plink = '%s' where id = %d limit 1", q("UPDATE `item` set plink = '%s' where id = %d",
dbesc($a->get_baseurl() . '/display/' . $owner_nick . '/' . $post_id), dbesc($a->get_baseurl() . '/display/' . $owner_nick . '/' . $post_id),
intval($post_id) intval($post_id)
); );
if(! $item['visible']) { if(! $item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d",
intval($item['id']), intval($item['id']),
intval($owner_uid) intval($owner_uid)
); );
} }
$term_objtype = (($item['resource-id']) ? TERM_OBJ_PHOTO : TERM_OBJ_POST ); $term_objtype = (($item['resource-id']) ? TERM_OBJ_PHOTO : TERM_OBJ_POST );
$t = q("SELECT count(tid) as tcount FROM term WHERE oid=%d AND term='%s'", $t = q("SELECT count(tid) as tcount FROM term WHERE oid=%d AND term='%s'",
@ -157,7 +157,7 @@ EOT;
dbesc($term) dbesc($term)
); );
if((! $blocktags) && $t[0]['tcount']==0 ) { if((! $blocktags) && $t[0]['tcount']==0 ) {
/*q("update item set tag = '%s' where id = %d limit 1", /*q("update item set tag = '%s' where id = %d",
dbesc($item['tag'] . (strlen($item['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'), dbesc($item['tag'] . (strlen($item['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'),
intval($item['id']) intval($item['id'])
);*/ );*/
@ -171,7 +171,7 @@ EOT;
intval($owner_uid) intval($owner_uid)
); );
} }
// if the original post is on this site, update it. // if the original post is on this site, update it.
$r = q("select `tag`,`id`,`uid` from item where `origin` = 1 AND `uri` = '%s' LIMIT 1", $r = q("select `tag`,`id`,`uid` from item where `origin` = 1 AND `uri` = '%s' LIMIT 1",
@ -197,14 +197,14 @@ EOT;
} }
/*if(count($x) && !$x[0]['blocktags'] && (! stristr($r[0]['tag'], ']' . $term . '['))) { /*if(count($x) && !$x[0]['blocktags'] && (! stristr($r[0]['tag'], ']' . $term . '['))) {
q("update item set tag = '%s' where id = %d limit 1", q("update item set tag = '%s' where id = %d",
dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'), dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'),
intval($r[0]['id']) intval($r[0]['id'])
); );
}*/ }*/
} }
$arr['id'] = $post_id; $arr['id'] = $post_id;

View file

@ -32,7 +32,7 @@ function tagrm_post(&$a) {
$tag_str = implode(',',$arr); $tag_str = implode(',',$arr);
q("UPDATE `item` SET `tag` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", q("UPDATE `item` SET `tag` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($tag_str), dbesc($tag_str),
intval($item), intval($item),
intval(local_user()) intval(local_user())

View file

@ -92,7 +92,7 @@ function update_1006() {
$spkey = openssl_pkey_get_details($sres); $spkey = openssl_pkey_get_details($sres);
$spubkey = $spkey["key"]; $spubkey = $spkey["key"];
$r = q("UPDATE `user` SET `spubkey` = '%s', `sprvkey` = '%s' $r = q("UPDATE `user` SET `spubkey` = '%s', `sprvkey` = '%s'
WHERE `uid` = %d LIMIT 1", WHERE `uid` = %d",
dbesc($spubkey), dbesc($spubkey),
dbesc($sprvkey), dbesc($sprvkey),
intval($rr['uid']) intval($rr['uid'])
@ -123,7 +123,7 @@ function update_1011() {
$r = q("SELECT * FROM `contact` WHERE 1"); $r = q("SELECT * FROM `contact` WHERE 1");
if(count($r)) { if(count($r)) {
foreach($r as $rr) { foreach($r as $rr) {
q("UPDATE `contact` SET `nick` = '%s' WHERE `id` = %d LIMIT 1", q("UPDATE `contact` SET `nick` = '%s' WHERE `id` = %d",
dbesc(basename($rr['url'])), dbesc(basename($rr['url'])),
intval($rr['id']) intval($rr['id'])
); );
@ -157,11 +157,11 @@ function update_1014() {
if(count($r)) { if(count($r)) {
foreach($r as $rr) { foreach($r as $rr) {
if(stristr($rr['thumb'],'avatar')) if(stristr($rr['thumb'],'avatar'))
q("UPDATE `contact` SET `micro` = '%s' WHERE `id` = %d LIMIT 1", q("UPDATE `contact` SET `micro` = '%s' WHERE `id` = %d",
dbesc(str_replace('avatar','micro',$rr['thumb'])), dbesc(str_replace('avatar','micro',$rr['thumb'])),
intval($rr['id'])); intval($rr['id']));
else else
q("UPDATE `contact` SET `micro` = '%s' WHERE `id` = %d LIMIT 1", q("UPDATE `contact` SET `micro` = '%s' WHERE `id` = %d",
dbesc(str_replace('5.jpg','6.jpg',$rr['thumb'])), dbesc(str_replace('5.jpg','6.jpg',$rr['thumb'])),
intval($rr['id'])); intval($rr['id']));
} }
@ -310,7 +310,7 @@ function update_1031() {
if($r && count($r)) { if($r && count($r)) {
foreach($r as $rr) { foreach($r as $rr) {
if(strstr($rr['object'],'type=&quot;http')) { if(strstr($rr['object'],'type=&quot;http')) {
q("UPDATE `item` SET `object` = '%s' WHERE `id` = %d LIMIT 1", q("UPDATE `item` SET `object` = '%s' WHERE `id` = %d",
dbesc(str_replace('type=&quot;http','href=&quot;http',$rr['object'])), dbesc(str_replace('type=&quot;http','href=&quot;http',$rr['object'])),
intval($rr['id']) intval($rr['id'])
); );
@ -357,7 +357,7 @@ function update_1036() {
$r = dbq("SELECT * FROM `contact` WHERE `network` = 'dfrn' && `photo` LIKE '%include/photo%' "); $r = dbq("SELECT * FROM `contact` WHERE `network` = 'dfrn' && `photo` LIKE '%include/photo%' ");
if(count($r)) { if(count($r)) {
foreach($r as $rr) { foreach($r as $rr) {
q("UPDATE `contact` SET `photo` = '%s', `thumb` = '%s', `micro` = '%s' WHERE `id` = %d LIMIT 1", q("UPDATE `contact` SET `photo` = '%s', `thumb` = '%s', `micro` = '%s' WHERE `id` = %d",
dbesc(str_replace('include/photo','photo',$rr['photo'])), dbesc(str_replace('include/photo','photo',$rr['photo'])),
dbesc(str_replace('include/photo','photo',$rr['thumb'])), dbesc(str_replace('include/photo','photo',$rr['thumb'])),
dbesc(str_replace('include/photo','photo',$rr['micro'])), dbesc(str_replace('include/photo','photo',$rr['micro'])),
@ -595,7 +595,7 @@ function update_1074() {
$r = q("SELECT `uid` FROM `profile` WHERE `is-default` = 1 AND `hidewall` = 1"); $r = q("SELECT `uid` FROM `profile` WHERE `is-default` = 1 AND `hidewall` = 1");
if(count($r)) { if(count($r)) {
foreach($r as $rr) foreach($r as $rr)
q("UPDATE `user` SET `hidewall` = 1 WHERE `uid` = %d LIMIT 1", q("UPDATE `user` SET `hidewall` = 1 WHERE `uid` = %d",
intval($rr['uid']) intval($rr['uid'])
); );
} }
@ -617,7 +617,7 @@ function update_1075() {
$found = false; $found = false;
} while ($found == true ); } while ($found == true );
q("UPDATE `user` SET `guid` = '%s' WHERE `uid` = %d LIMIT 1", q("UPDATE `user` SET `guid` = '%s' WHERE `uid` = %d",
dbesc($guid), dbesc($guid),
intval($rr['uid']) intval($rr['uid'])
); );
@ -736,7 +736,7 @@ function update_1087() {
intval($rr['id']) intval($rr['id'])
); );
if(count($x)) if(count($x))
q("UPDATE `item` SET `commented` = '%s' WHERE `id` = %d LIMIT 1", q("UPDATE `item` SET `commented` = '%s' WHERE `id` = %d",
dbesc($x[0]['cdate']), dbesc($x[0]['cdate']),
intval($rr['id']) intval($rr['id'])
); );
@ -855,7 +855,7 @@ function update_1100() {
$r = q("select id, url from contact where url != '' and nurl = '' "); $r = q("select id, url from contact where url != '' and nurl = '' ");
if(count($r)) { if(count($r)) {
foreach($r as $rr) { foreach($r as $rr) {
q("update contact set nurl = '%s' where id = %d limit 1", q("update contact set nurl = '%s' where id = %d",
dbesc(normalise_link($rr['url'])), dbesc(normalise_link($rr['url'])),
intval($rr['id']) intval($rr['id'])
); );
@ -1173,7 +1173,7 @@ function update_1136() {
foreach($arr as $x) { foreach($arr as $x) {
if($x['cat'] == $rr['cat'] && $x['k'] == $rr['k']) { if($x['cat'] == $rr['cat'] && $x['k'] == $rr['k']) {
$found = true; $found = true;
q("delete from config where id = %d limit 1", q("delete from config where id = %d",
intval($rr['id']) intval($rr['id'])
); );
} }
@ -1192,7 +1192,7 @@ function update_1136() {
foreach($arr as $x) { foreach($arr as $x) {
if($x['uid'] == $rr['uid'] && $x['cat'] == $rr['cat'] && $x['k'] == $rr['k']) { if($x['uid'] == $rr['uid'] && $x['cat'] == $rr['cat'] && $x['k'] == $rr['k']) {
$found = true; $found = true;
q("delete from pconfig where id = %d limit 1", q("delete from pconfig where id = %d",
intval($rr['id']) intval($rr['id'])
); );
} }