From dde2cf6ac0cef2a51c149774e810d8a1151846d4 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sun, 26 Jan 2020 16:43:14 -0500 Subject: [PATCH 1/3] Throw not found exception when photo item doesn't exist in prepare_photo_data() - Addresses part of https://github.com/friendica/friendica/issues/8000#issuecomment-573883153 --- include/api.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/include/api.php b/include/api.php index 92b4e4b21..43659db07 100644 --- a/include/api.php +++ b/include/api.php @@ -311,9 +311,7 @@ function api_call(App $a, App\Arguments $args = null) } $called_api = explode("/", $p); - //unset($_SERVER['PHP_AUTH_USER']); - /// @TODO should be "true ==[=] $info['auth']", if you miss only one = character, you assign a variable (only with ==). Let's make all this even. if (!empty($info['auth']) && api_user() === false) { api_login($a); } @@ -5027,6 +5025,9 @@ function prepare_photo_data($type, $scale, $photo_id) // retrieve item element for getting activities (like, dislike etc.) related to photo $condition = ['uid' => local_user(), 'resource-id' => $photo_id, 'type' => 'photo']; $item = Item::selectFirstForUser(local_user(), ['id'], $condition); + if (!DBA::isResult($item)) { + throw new NotFoundException('Photo-related item not found.'); + } $data['photo']['friendica_activities'] = api_format_items_activities($item, $type); From 0736e4e42c42e39d82dee183cedfe9dc2fb88496 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sun, 26 Jan 2020 16:44:02 -0500 Subject: [PATCH 2/3] Check for $a->user["nickname"] existence before retrieving its value in mod/display - Addresses part of https://github.com/friendica/friendica/issues/8000#issuecomment-573883153 --- mod/display.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/display.php b/mod/display.php index b5edafc5f..f9c7f9dcf 100644 --- a/mod/display.php +++ b/mod/display.php @@ -97,9 +97,9 @@ function display_init(App $a) $profiledata = display_fetchauthor($a, $item); if (strstr(Strings::normaliseLink($profiledata["url"]), Strings::normaliseLink(DI::baseUrl()))) { - $nickname = str_replace(Strings::normaliseLink(DI::baseUrl())."/profile/", "", Strings::normaliseLink($profiledata["url"])); + $nickname = str_replace(Strings::normaliseLink(DI::baseUrl()) . "/profile/", "", Strings::normaliseLink($profiledata["url"])); - if ($nickname != $a->user["nickname"]) { + if (!empty($a->user["nickname"]) && $nickname != $a->user["nickname"]) { $profile = DBA::fetchFirst("SELECT `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile` INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid` WHERE `user`.`nickname` = ? AND `profile`.`is-default` AND `contact`.`self` LIMIT 1", From fb2f8dcb9cc24e5e138c1842d2bfdc2aa35a4117 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sun, 26 Jan 2020 16:59:02 -0500 Subject: [PATCH 3/3] Improve formatting in mod/display Co-Authored-By: Philipp --- mod/display.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mod/display.php b/mod/display.php index f9c7f9dcf..9ec7e05ca 100644 --- a/mod/display.php +++ b/mod/display.php @@ -96,10 +96,10 @@ function display_init(App $a) $profiledata = display_fetchauthor($a, $item); - if (strstr(Strings::normaliseLink($profiledata["url"]), Strings::normaliseLink(DI::baseUrl()))) { - $nickname = str_replace(Strings::normaliseLink(DI::baseUrl()) . "/profile/", "", Strings::normaliseLink($profiledata["url"])); + if (strstr(Strings::normaliseLink($profiledata['url']), Strings::normaliseLink(DI::baseUrl()))) { + $nickname = str_replace(Strings::normaliseLink(DI::baseUrl()) . '/profile/', '', Strings::normaliseLink($profiledata['url'])); - if (!empty($a->user["nickname"]) && $nickname != $a->user["nickname"]) { + if (!empty($a->user['nickname']) && $nickname != $a->user['nickname']) { $profile = DBA::fetchFirst("SELECT `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile` INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid` WHERE `user`.`nickname` = ? AND `profile`.`is-default` AND `contact`.`self` LIMIT 1",