tobias/friendica
1
0
Fork 0
Code Pull requests Activity

Merge pull request #927 from annando/master

Browse source 
Massive SQL stuff
This commit is contained in:
fabrixxm 2014-04-04 07:28:06 +00:00
commit 29092ace44
74 changed files with 1376 additions and 892 deletions
Download patch file Download diff file Expand all files Collapse all files

11
mod/admin.php
View file

@ -526,11 +526,12 @@ function admin_page_site(&$a) {
/* OStatus conversation poll choices */
$ostatus_poll_choices = array(
"-1" => t("Never"),
"0" => t("Frequently"),
"60" => t("Hourly"),
"720" => t("Twice daily"),
"1440" => t("Daily")
"-2" => t("Never"),
"-1" => t("At post arrival"),
"0" => t("Frequently"),
"60" => t("Hourly"),
"720" => t("Twice daily"),
"1440" => t("Daily")
);
/* get user names to make the install a personal install of X */

32
mod/community.php
View file

@ -46,12 +46,13 @@ function community_content(&$a, $update = 0) {
if( (! get_config('alt_pager', 'global')) && (! get_pconfig(local_user(),'system','alt_pager')) ) {
$r = q("SELECT COUNT(distinct(`item`.`uri`)) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
INNER JOIN `user` ON `user`.`uid` = `item`.`uid` AND `user`.`hidewall` = 0
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0"
AND `item`.`private` = 0 AND `item`.`wall` = 1"
);
if(count($r))
@ -64,28 +65,25 @@ function community_content(&$a, $update = 0) {
}
//$r = q("SELECT distinct(`item`.`uri`)
$r = q("SELECT `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,
$r = q("SELECT `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
`user`.`nickname`, `user`.`hidewall`
FROM `item` FORCE INDEX (`received`, `wall`) LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
FROM `thread` FORCE INDEX (`wall_private_received`)
INNER JOIN `user` ON `user`.`uid` = `thread`.`uid` AND `user`.`hidewall` = 0
INNER JOIN `item` ON `item`.`id` = `thread`.`iid`
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `item`.`id` = `item`.`parent`
AND `user`.`hidewall` = 0
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
INNER JOIN `contact` ON `contact`.`id` = `thread`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self`
ORDER BY `received` DESC LIMIT %d, %d ",
WHERE `thread`.`visible` = 1 AND `thread`.`deleted` = 0 and `thread`.`moderated` = 0
AND `thread`.`private` = 0 AND `thread`.`wall` = 1
ORDER BY `thread`.`received` DESC LIMIT %d, %d ",
intval($a->pager['start']),
intval($a->pager['itemspage'])
);
// group by `item`.`uri`
// AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `item`.`id` = `item`.`parent`
// AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self`
if(! count($r)) {
info( t('No results.') . EOL);

8
mod/contacts.php
View file

@ -164,7 +164,7 @@ function contacts_post(&$a) {
$info = fix_mce_lf(escape_tags(trim($_POST['info'])));
$r = q("UPDATE `contact` SET `profile-id` = %d, `priority` = %d , `info` = '%s',
`hidden` = %d, `notify_new_posts` = %d, `fetch_further_information` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
`hidden` = %d, `notify_new_posts` = %d, `fetch_further_information` = %d WHERE `id` = %d AND `uid` = %d",
intval($profile_id),
intval($priority),
dbesc($info),
@ -197,7 +197,7 @@ function _contact_update($contact_id) {
}
function _contact_block($contact_id, $orig_record) {
$blocked = (($orig_record['blocked']) ? 0 : 1);
$r = q("UPDATE `contact` SET `blocked` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `blocked` = %d WHERE `id` = %d AND `uid` = %d",
intval($blocked),
intval($contact_id),
intval(local_user())
@ -207,7 +207,7 @@ function _contact_block($contact_id, $orig_record) {
}
function _contact_ignore($contact_id, $orig_record) {
$readonly = (($orig_record['readonly']) ? 0 : 1);
$r = q("UPDATE `contact` SET `readonly` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `readonly` = %d WHERE `id` = %d AND `uid` = %d",
intval($readonly),
intval($contact_id),
intval(local_user())
@ -216,7 +216,7 @@ function _contact_ignore($contact_id, $orig_record) {
}
function _contact_archive($contact_id, $orig_record) {
$archived = (($orig_record['archive']) ? 0 : 1);
$r = q("UPDATE `contact` SET `archive` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `archive` = %d WHERE `id` = %d AND `uid` = %d",
intval($archived),
intval($contact_id),
intval(local_user())

8
mod/content.php
View file

@ -176,7 +176,7 @@ function content_content(&$a, $update = 0) {
if($tag) {
//$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d ",
// dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
//$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
//$sql_table = "`term` INNER JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
$sql_extra = "";
$sql_table = sprintf("`item` INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
@ -216,7 +216,7 @@ function content_content(&$a, $update = 0) {
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
FROM $sql_table INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1
AND `item`.`deleted` = 0 and `item`.`moderated` = 0
$simple_update
@ -240,7 +240,7 @@ function content_content(&$a, $update = 0) {
$start = dba_timer();
$r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
FROM $sql_table INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
AND `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`parent` = `item`.`id`
@ -267,7 +267,7 @@ function content_content(&$a, $update = 0) {
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`, `contact`.`writable`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
FROM $sql_table INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
AND `item`.`moderated` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0

4
mod/crepair.php
View file

@ -62,7 +62,7 @@ function crepair_post(&$a) {
$remote_self = ((x($_POST,'remote_self')) ? $_POST['remote_self'] : false);
$r = q("UPDATE `contact` SET `name` = '%s', `nick` = '%s', `url` = '%s', `request` = '%s', `confirm` = '%s', `notify` = '%s', `poll` = '%s', `attag` = '%s' , `remote_self` = %d
WHERE `id` = %d AND `uid` = %d LIMIT 1",
WHERE `id` = %d AND `uid` = %d",
dbesc($name),
dbesc($nick),
dbesc($url),
@ -88,7 +88,7 @@ function crepair_post(&$a) {
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s'
WHERE `id` = %d LIMIT 1
WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),

92
mod/dfrn_confirm.php
View file

@ -52,7 +52,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(! $uid) {
notice( t('Permission denied.') . EOL );
return;
}
}
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($uid)
@ -61,7 +61,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(! $user) {
notice( t('Profile not found.') . EOL );
return;
}
}
// These data elements may come from either the friend request notification form or $handsfree array.
@ -153,7 +153,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
// Save the private key. Send them the public key.
$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($private_key),
intval($contact_id),
intval($uid)
@ -258,7 +258,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
case 1:
// birthday paradox - generate new dfrn-id and fall through.
$new_dfrn_id = random_string();
$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($new_dfrn_id),
intval($contact_id),
intval($uid)
@ -279,17 +279,17 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
}
if(($status == 0) && ($intro_id)) {
// Success. Delete the notification.
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
intval($intro_id),
intval($uid)
);
}
if($status != 0)
if($status != 0)
return;
}
@ -319,19 +319,19 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(($relation == CONTACT_IS_SHARING) && ($duplex))
$duplex = 0;
$r = q("UPDATE `contact` SET
`photo` = '%s',
$r = q("UPDATE `contact` SET
`photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`micro` = '%s',
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`pending` = 0,
`duplex` = %d,
`hidden` = %d,
`network` = 'dfrn' WHERE `id` = %d LIMIT 1
`network` = 'dfrn' WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -345,7 +345,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
intval($contact_id)
);
}
else {
else {
// $network !== NETWORK_DFRN
@ -378,27 +378,27 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$writable = 1;
}
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
intval($intro_id),
intval($uid)
);
$r = q("UPDATE `contact` SET `photo` = '%s',
$r = q("UPDATE `contact` SET `photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`notify` = '%s',
`poll` = '%s',
`blocked` = 0,
`blocked` = 0,
`pending` = 0,
`network` = '%s',
`writable` = %d,
`hidden` = %d,
`rel` = %d
WHERE `id` = %d LIMIT 1
WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -413,7 +413,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
intval($hidden),
intval($new_relation),
intval($contact_id)
);
);
}
if($r === false)
@ -511,7 +511,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if($handsfree === null)
goaway($a->get_baseurl() . '/contacts/' . intval($contact_id));
else
return;
return;
//NOTREACHED
}
@ -538,7 +538,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$duplex = ((x($_POST,'duplex')) ? intval($_POST['duplex']) : 0 );
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 );
$version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
$forum = (($page == 1) ? 1 : 0);
$prv = (($page == 2) ? 1 : 0);
@ -640,7 +640,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
// NOTREACHED
}
$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d",
dbesc($decrypted_dfrn_id),
dbesc($dfrn_pubkey),
intval($dfrn_record)
@ -651,10 +651,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
}
// It's possible that the other person also requested friendship.
// If it is a duplex relationship, ditch the issued-id if one exists.
// If it is a duplex relationship, ditch the issued-id if one exists.
if($duplex) {
$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d",
intval($dfrn_record)
);
}
@ -670,7 +670,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$photo = $r[0]['photo'];
else
$photo = $a->get_baseurl() . '/images/person-175.jpg';
require_once("include/Photo.php");
$photos = import_profile_photo($photo,$local_uid,$dfrn_record);
@ -684,20 +684,20 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(($relation == CONTACT_IS_FOLLOWER) && ($duplex))
$duplex = 0;
$r = q("UPDATE `contact` SET
`photo` = '%s',
`thumb` = '%s',
$r = q("UPDATE `contact` SET
`photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`rel` = %d,
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s',
`blocked` = 0,
`pending` = 0,
`duplex` = %d,
`duplex` = %d,
`forum` = %d,
`prv` = %d,
`network` = '%s' WHERE `id` = %d LIMIT 1
`network` = '%s' WHERE `id` = %d
",
dbesc($photos[0]),
dbesc($photos[1]),
@ -733,10 +733,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if((count($r)) && ($r[0]['notify-flags'] & NOTIFY_CONFIRM)) {
push_lang($r[0]['language']);
$tpl = (($new_relation == CONTACT_IS_FRIEND)
$tpl = (($new_relation == CONTACT_IS_FRIEND)
? get_intltext_template('friend_complete_eml.tpl')
: get_intltext_template('intro_complete_eml.tpl'));
$email_tpl = replace_macros($tpl, array(
'$sitename' => $a->config['sitename'],
'$siteurl' => $a->get_baseurl(),

28
mod/dfrn_request.php
View file

@ -70,19 +70,19 @@ function dfrn_request_post(&$a) {
$confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
$hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
$contact_record = null;
if(x($dfrn_url)) {
/**
* Lookup the contact based on their URL (which is the only unique thing we have at the moment)
*/
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1",
intval(local_user()),
dbesc($dfrn_url),
dbesc(normalise_link($dfrn_url))
);
if(count($r)) {
if(strlen($r[0]['dfrn-id'])) {
@ -283,11 +283,11 @@ function dfrn_request_post(&$a) {
if(count($r)) {
foreach($r as $rr) {
if(! $rr['rel']) {
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `contact` WHERE `id` = %d",
intval($rr['cid'])
);
}
q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `intro` WHERE `id` = %d",
intval($rr['iid'])
);
}
@ -298,9 +298,9 @@ function dfrn_request_post(&$a) {
* Cleanup any old email intros - which will have a greater lifetime
*/
$r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel`
$r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel`
FROM `intro` LEFT JOIN `contact` on `intro`.`contact-id` = `contact`.`id`
WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0
WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0
AND `contact`.`network` = '%s'
AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 3 DAY ",
dbesc(NETWORK_MAIL2)
@ -308,11 +308,11 @@ function dfrn_request_post(&$a) {
if(count($r)) {
foreach($r as $rr) {
if(! $rr['rel']) {
q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `contact` WHERE `id` = %d",
intval($rr['cid'])
);
}
q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
q("DELETE FROM `intro` WHERE `id` = %d",
intval($rr['iid'])
);
}
@ -455,7 +455,7 @@ function dfrn_request_post(&$a) {
logger('dfrn_request: url: ' . $url);
if(! strlen($url)) {
notice( t("Unable to resolve your name at the provided location.") . EOL);
notice( t("Unable to resolve your name at the provided location.") . EOL);
return;
}
@ -555,14 +555,14 @@ function dfrn_request_post(&$a) {
);
// find the contact record we just created
if($r) {
$r = q("SELECT `id` FROM `contact`
if($r) {
$r = q("SELECT `id` FROM `contact`
WHERE `uid` = %d AND `url` = '%s' AND `issued-id` = '%s' LIMIT 1",
intval($uid),
$parms['url'],
$parms['issued-id']
);
if(count($r))
if(count($r))
$contact_record = $r[0];
}
@ -701,7 +701,7 @@ function dfrn_request_content(&$a) {
if(count($r)) {
if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP))
$auto_confirm = true;
$auto_confirm = true;
if(! $auto_confirm) {
require_once('include/enotify.php');

33
mod/display.php
View file

@ -120,32 +120,36 @@ function display_content(&$a, $update = 0) {
$sql_extra = item_permissions_sql($a->profile['uid'],$remote_contact,$groups);
// AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE ( `id` = '%s' OR `uri` = '%s' ))
if($update) {
$r = q("SELECT id FROM item WHERE item.uid = %d
AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE ( `id` = '%s' OR `uri` = '%s' ))
AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE (`id` = '%s' OR `uri` = '%s'))
$sql_extra AND unseen = 1",
intval($a->profile['uid']),
dbesc($item_id),
dbesc($item_id)
dbesc($item_id)
);
if(!$r)
return '';
}
// AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE ( `id` = '%s' OR `uri` = '%s' )
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
and `item`.`moderated` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE ( `id` = '%s' OR `uri` = '%s' )
AND uid = %d )
AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE (`id` = '%s' OR `uri` = '%s')
AND uid = %d)
$sql_extra
ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ",
ORDER BY `parent` DESC, `gravity` ASC, `id` ASC",
intval($a->profile['uid']),
dbesc($item_id),
dbesc($item_id),
@ -162,16 +166,17 @@ function display_content(&$a, $update = 0) {
);
if($r) {
$item_uri = $r[0]['uri'];
// AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE `uri` = '%s' AND uid = %d )
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
and `item`.`moderated` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE `uri` = '%s' AND uid = %d )
AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `uri` = '%s' AND uid = %d)
ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ",
intval(local_user()),
dbesc($item_uri),
@ -184,7 +189,7 @@ function display_content(&$a, $update = 0) {
if($r) {
if((local_user()) && (local_user() == $a->profile['uid'])) {
q("UPDATE `item` SET `unseen` = 0
q("UPDATE `item` SET `unseen` = 0
WHERE `parent` = %d AND `unseen` = 1",
intval($r[0]['parent'])
);
@ -257,8 +262,8 @@ function display_content(&$a, $update = 0) {
if($r[0]['deleted']) {
notice( t('Item has been removed.') . EOL );
}
else {
notice( t('Permission denied.') . EOL );
else {
notice( t('Permission denied.') . EOL );
}
}
else {

18
mod/events.php
View file

@ -28,7 +28,7 @@ function events_post(&$a) {
$adjust = intval($_POST['adjust']);
$nofinish = intval($_POST['nofinish']);
// The default setting for the `private` field in event_store() is false, so mirror that
// The default setting for the `private` field in event_store() is false, so mirror that
$private_event = false;
@ -142,14 +142,14 @@ function events_content(&$a) {
}
if(($a->argc > 2) && ($a->argv[1] === 'ignore') && intval($a->argv[2])) {
$r = q("update event set ignore = 1 where id = %d and uid = %d limit 1",
$r = q("update event set ignore = 1 where id = %d and uid = %d",
intval($a->argv[2]),
intval(local_user())
);
}
if(($a->argc > 2) && ($a->argv[1] === 'unignore') && intval($a->argv[2])) {
$r = q("update event set ignore = 0 where id = %d and uid = %d limit 1",
$r = q("update event set ignore = 0 where id = %d and uid = %d",
intval($a->argv[2]),
intval(local_user())
);
@ -372,16 +372,16 @@ function events_content(&$a) {
'$previus' => array($a->get_baseurl()."/events/$prevyear/$prevmonth",t('Previous'),'',''),
'$next' => array($a->get_baseurl()."/events/$nextyear/$nextmonth",t('Next'),'',''),
'$calendar' => cal($y,$m,$links, ' eventcal'),
'$events' => $events,
));
if (x($_GET,'id')){ echo $o; killme(); }
return $o;
}
if($mode === 'edit' && $event_id) {

2
mod/filerm.php
View file

@ -22,6 +22,6 @@ function filerm_content(&$a) {
if(x($_SESSION,'return_url'))
goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
killme();
}

4
mod/fsuggest.php
View file

@ -52,7 +52,7 @@ function fsuggest_post(&$a) {
);
if(count($r)) {
$fsuggest_id = $r[0]['id'];
q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($note),
intval($fsuggest_id),
intval(local_user())
@ -108,4 +108,4 @@ function fsuggest_content(&$a) {
$o .= '</form>';
return $o;
}
}

16
mod/group.php
View file

@ -22,7 +22,7 @@ function group_post(&$a) {
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
check_form_security_token_redirectOnErr('/group/new', 'group_edit');
$name = notags(trim($_POST['groupname']));
$r = group_add(local_user(),$name);
if($r) {
@ -32,13 +32,13 @@ function group_post(&$a) {
goaway($a->get_baseurl() . '/group/' . $r);
}
else
notice( t('Could not create group.') . EOL );
notice( t('Could not create group.') . EOL );
goaway($a->get_baseurl() . '/group');
return; // NOTREACHED
}
if(($a->argc == 2) && (intval($a->argv[1]))) {
check_form_security_token_redirectOnErr('/group', 'group_edit');
$r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[1]),
intval(local_user())
@ -51,7 +51,7 @@ function group_post(&$a) {
$group = $r[0];
$groupname = notags(trim($_POST['groupname']));
if((strlen($groupname)) && ($groupname != $group['name'])) {
$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($groupname),
intval(local_user()),
intval($group['id'])
@ -88,7 +88,7 @@ function group_content(&$a) {
);
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
return replace_macros($tpl, $context + array(
'$title' => t('Create a group of contacts/friends.'),
'$gname' => array('groupname',t('Group Name: '), '', ''),
@ -101,13 +101,13 @@ function group_content(&$a) {
if(($a->argc == 3) && ($a->argv[1] === 'drop')) {
check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
if(intval($a->argv[2])) {
$r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]),
intval(local_user())
);
if(count($r))
if(count($r))
$result = group_rmv(local_user(),$r[0]['name']);
if($result)
info( t('Group removed.') . EOL);
@ -120,7 +120,7 @@ function group_content(&$a) {
if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
check_form_security_token_ForbiddenOnErr('group_member_change', 't');
$r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1",
intval($a->argv[2]),
intval(local_user())

30
mod/item.php
View file

@ -20,6 +20,8 @@ require_once('include/enotify.php');
require_once('include/email.php');
require_once('library/langdet/Text/LanguageDetect.php');
require_once('include/tags.php');
require_once('include/files.php');
require_once('include/threads.php');
function item_post(&$a) {
@ -141,7 +143,7 @@ function item_post(&$a) {
if((x($_REQUEST,'commenter')) && ((! $parent) || (! $parent_item['wall']))) {
notice( t('Permission denied.') . EOL) ;
if(x($_REQUEST,'return'))
if(x($_REQUEST,'return'))
goaway($a->get_baseurl() . "/" . $return_path );
killme();
}
@ -694,17 +696,21 @@ function item_post(&$a) {
if($orig_post) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `attach` = '%s', `file` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d",
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `attach` = '%s', `file` = '%s', `edited` = '%s', `changed` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($datarray['title']),
dbesc($datarray['body']),
dbesc($datarray['tag']),
dbesc($datarray['attach']),
dbesc($datarray['file']),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($post_id),
intval($profile_uid)
);
create_tags_from_itemuri($post_id, $profile_uid);
create_tags_from_item($post_id);
create_files_from_item($post_id);
update_thread($post_id);
// update filetags in pconfig
file_tag_update_pconfig($uid,$categories_old,$categories_new,'category');
@ -771,7 +777,7 @@ function item_post(&$a) {
if(count($r)) {
$post_id = $r[0]['id'];
logger('mod_item: saved item ' . $post_id);
create_tags_from_item($post_id);
add_thread($post_id);
// update filetags in pconfig
file_tag_update_pconfig($uid,$categories_old,$categories_new,'category');
@ -794,8 +800,9 @@ function item_post(&$a) {
dbesc(datetime_convert()),
intval($parent)
);
update_thread($parent, true);
// Inherit ACL's from the parent item.
// Inherit ACLs from the parent item.
$r = q("UPDATE `item` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `private` = %d
WHERE `id` = %d",
@ -825,15 +832,14 @@ function item_post(&$a) {
'parent' => $parent,
'parent_uri' => $parent_item['uri']
));
}
// Store the comment signature information in case we need to relay to Diaspora
store_diaspora_comment_sig($datarray, $author, ($self ? $a->user['prvkey'] : false), $parent_item, $post_id);
}
else {
} else {
$parent = $post_id;
if($contact_record != $author) {
@ -877,6 +883,7 @@ function item_post(&$a) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d",
intval($parent_item['id'])
);
update_thread($parent_item['id']);
}
}
else {
@ -893,6 +900,7 @@ function item_post(&$a) {
dbesc(datetime_convert()),
intval($parent)
);
update_thread($parent);
$datarray['id'] = $post_id;
$datarray['plink'] = $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id;
@ -933,6 +941,10 @@ function item_post(&$a) {
}
}
create_tags_from_item($post_id);
create_files_from_item($post_id);
update_thread($post_id);
// This is a real juggling act on shared hosting services which kill your processes
// e.g. dreamhost. We used to start delivery to our native delivery agents in the background
// and then run our plugin delivery from the foreground. We're now doing plugin delivery first,
@ -940,7 +952,7 @@ function item_post(&$a) {
// likely to get killed off. If you end up looking at an /item URL and a blank page,
// it's very likely the delivery got killed before all your friends could be notified.
// Currently the only realistic fixes are to use a reliable server - which precludes shared hosting,
// or cut back on plugins which do remote deliveries.
// or cut back on plugins which do remote deliveries.
proc_run('php', "include/notifier.php", $notify_type, "$post_id");

10
mod/like.php
View file

@ -109,7 +109,7 @@ function like_content(&$a) {
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
$r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
$r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
AND `contact-id` = %d AND ( `parent` = '%s' OR `parent-uri` = '%s' OR `thr-parent` = '%s') LIMIT 1",
dbesc($activity),
intval($contact['id']),
@ -121,7 +121,7 @@ function like_content(&$a) {
$like_item = $r[0];
// Already voted, undo it
$r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
intval($like_item['id'])
);
@ -207,14 +207,14 @@ EOT;
$arr['unseen'] = 1;
$arr['last-child'] = 0;
$post_id = item_store($arr);
$post_id = item_store($arr);
if(! $item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d",
intval($item['id']),
intval($owner_uid)
);
}
}
// Save the author information for the like in case we need to relay to Diaspora

4
mod/lostpass.php
View file

@ -25,7 +25,7 @@ function lostpass_post(&$a) {
$new_password = autoname(12) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password);
$r = q("UPDATE `user` SET `pwdreset` = '%s' WHERE `uid` = %d LIMIT 1",
$r = q("UPDATE `user` SET `pwdreset` = '%s' WHERE `uid` = %d",
dbesc($new_password_encoded),
intval($uid)
);
@ -74,7 +74,7 @@ function lostpass_content(&$a) {
$new_password = autoname(6) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password);
$r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d LIMIT 1",
$r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d",
dbesc($new_password_encoded),
intval($uid)
);

10
mod/mood.php
View file

@ -12,8 +12,8 @@ function mood_init(&$a) {
$uid = local_user();
$verb = notags(trim($_GET['verb']));
if(! $verb)
if(! $verb)
return;
$verbs = get_mood_verbs();
@ -30,7 +30,7 @@ function mood_init(&$a) {
if($parent) {
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
from item where id = %d and parent = %d and uid = %d limit 1",
intval($parent),
intval($parent),
@ -90,7 +90,7 @@ function mood_init(&$a) {
$item_id = item_store($arr);
if($item_id) {
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($a->get_baseurl() . '/display/' . $poster['nickname'] . '/' . $item_id),
intval($uid),
intval($item_id)
@ -139,4 +139,4 @@ function mood_content(&$a) {
return $o;
}
}

280
mod/network.php
View file

@ -1,6 +1,4 @@
<?php
function network_init(&$a) {
if(! local_user()) {
notice( t('Permission denied.') . EOL);
@ -48,7 +46,7 @@ function network_init(&$a) {
if($remember_tab) {
// redirect if current selected tab is '/network' and
// last selected tab is _not_ '/network?f=&order=comment'.
// last selected tab is _not_ '/network?f=&order=comment'.
// and this isn't a date query
$tab_baseurls = array(
@ -90,55 +88,14 @@ function network_init(&$a) {
}
if($remember_tab || $remember_net || $remember_group) {
$net_args = array_merge($query_array, $net_args);
$net_queries = build_querystring($net_args);
// groups filter is in form of "network/nnn". Add it to $dest_url, if it's possible
//if ($a->argc==2 && is_numeric($a->argv[1]) && strpos($net_baseurl, "/",1)===false){
// $net_baseurl .= "/".$a->argv[1];
//}
$net_args = array_merge($query_array, $net_args);
$net_queries = build_querystring($net_args);
$redir_url = ($net_queries ? $net_baseurl."?".$net_queries : $net_baseurl);
goaway($a->get_baseurl() . $redir_url);
}
}
/* $sel_tabs = network_query_get_sel_tab($a);
$last_sel_tabs = get_pconfig(local_user(), 'network.view','tab.selected');
if (is_array($last_sel_tabs)){
$tab_urls = array(
'/network?f=&order=comment',//all
'/network?f=&order=post', //postord
'/network?f=&conv=1', //conv
'/network/new', //new
'/network?f=&star=1', //starred
'/network?f=&bmark=1', //bookmarked
'/network?f=&spam=1', //spam
);
// redirect if current selected tab is 'no_active' and
// last selected tab is _not_ 'all_active'.
// and this isn't a date query
if ($sel_tabs[0] == 'active' && $last_sel_tabs[0]!='active' && (! $is_a_date_query)) {
$k = array_search('active', $last_sel_tabs);
// merge tab querystring with request querystring
$dest_qa = array();
list($dest_url,$dest_qs) = explode("?", $tab_urls[$k]);
parse_str( $dest_qs, $dest_qa);
$dest_qa = array_merge($query_array, $dest_qa);
$dest_qs = build_querystring($dest_qa);
// groups filter is in form of "network/nnn". Add it to $dest_url, if it's possible
if ($a->argc==2 && is_numeric($a->argv[1]) && strpos($dest_url, "/",1)===false){
$dest_url .= "/".$a->argv[1];
}
goaway($a->get_baseurl() . $dest_url."?".$dest_qs);
}
}*/
if(x($_GET['nets']) && $_GET['nets'] === 'all')
unset($_GET['nets']);
@ -180,7 +137,7 @@ function network_init(&$a) {
}
$a->page['aside'] .= (feature_enabled(local_user(),'groups') ? group_side('network/0','network',true,$group_id) : '');
$a->page['aside'] .= posted_date_widget($a->get_baseurl() . '/network',local_user(),false);
$a->page['aside'] .= posted_date_widget($a->get_baseurl() . '/network',local_user(),false);
$a->page['aside'] .= networks_widget($a->get_baseurl(true) . '/network',(x($_GET, 'nets') ? $_GET['nets'] : ''));
$a->page['aside'] .= saved_searches($search);
$a->page['aside'] .= fileas_widget($a->get_baseurl(true) . '/network',(x($_GET, 'file') ? $_GET['file'] : ''));
@ -240,7 +197,7 @@ function saved_searches($search) {
/**
* Return selected tab from query
*
*
* urls -> returns
* '/network' => $no_active = 'active'
* '/network?f=&order=comment' => $comment_active = 'active'
@ -250,7 +207,7 @@ function saved_searches($search) {
* '/network?f=&star=1', => $starred_active = 'active'
* '/network?f=&bmark=1', => $bookmarked_active = 'active'
* '/network?f=&spam=1', => $spam_active = 'active'
*
*
* @return Array ( $no_active, $comment_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active, $spam_active );
*/
function network_query_get_sel_tab($a) {
@ -383,7 +340,6 @@ function network_content(&$a, $update = 0) {
list($no_active, $all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active, $spam_active) = network_query_get_sel_tab($a);
// if no tabs are selected, defaults to comments
if ($no_active=='active') $all_active='active';
//echo "<pre>"; var_dump($no_active, $all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active, $spam_active); killme();
$cmd = (($datequery) ? '' : $a->cmd);
$len_naked_cmd = strlen(str_replace('/new','',$cmd));
@ -392,48 +348,16 @@ function network_content(&$a, $update = 0) {
$tabs = array(
array(
'label' => t('Commented Order'),
'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . '?f=&order=comment' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . '?f=&order=comment' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
'sel'=>$all_active,
'title'=> t('Sort by Comment Date'),
),
array(
'label' => t('Posted Order'),
'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
'sel'=>$postord_active,
'title' => t('Sort by Post Date'),
),
/* array(
'label' => t('Personal'),
'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1',
'sel' => $conv_active,
'title' => t('Posts that mention or involve you'),
),*/
/* array(
'label' => t('New'),
'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . ($len_naked_cmd ? '/' : '') . 'new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''),
'sel' => $new_active,
'title' => t('Activity Stream - by date'),
),*/
/* array(
'label' => t('Starred'),
'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1',
'sel'=>$starred_active,
'title' => t('Favourite Posts'),
),*/
/* array(
'label' => t('Shared Links'),
'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1',
'sel'=>$bookmarked_active,
'title'=> t('Interesting Links'),
), */
// array(
// 'label' => t('Spam'),
// 'url'=>$a->get_baseurl(true) . '/network?f=&spam=1'
// 'sel'=> $spam_active,
// 'title' => t('Posts flagged as SPAM'),
// ),
);
if(feature_enabled(local_user(),'personal_tab')) {
@ -472,17 +396,6 @@ function network_content(&$a, $update = 0) {
);
}
// Not yet implemented
/* if(feature_enabled(local_user(),'spam_filter')) {
$tabs[] = array(
'label' => t('Spam'),
'url'=>$a->get_baseurl(true) . '/network?f=&spam=1',
'sel'=> $spam_active,
'title' => t('Posts flagged as SPAM'),
);
}*/
// save selected tab, but only if not in search or file mode
if(!x($_GET,'search') && !x($_GET,'file')) {
set_pconfig( local_user(), 'network.view','tab.selected',array($all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active, $spam_active) );
@ -533,6 +446,11 @@ function network_content(&$a, $update = 0) {
}
set_pconfig(local_user(), 'network.view', 'net.selected', ($nets ? $nets : 'all'));
/*if ($update) {
print_r($_GET);
die("ss");
}*/
if(! $update) {
if($group) {
if(($t = group_public_members($group)) && (! get_pconfig(local_user(),'system','nowarn_insecure'))) {
@ -567,19 +485,23 @@ function network_content(&$a, $update = 0) {
// We don't have to deal with ACLs on this page. You're looking at everything
// that belongs to you, hence you can see all of it. We will filter by group if
// desired.
// desired.
$sql_post_table = "";
$sql_options = (($star) ? " and starred = 1 " : '');
$sql_options .= (($bmark) ? " and bookmark = 1 " : '');
$sql_extra = $sql_options;
$sql_extra2 = "";
$sql_extra3 = "";
$sql_table = "`thread`";
$sql_parent = "`iid`";
//$sql_nets = (($nets) ? sprintf(" and `contact`.`network` = '%s' ", dbesc($nets)) : '');
$sql_nets = (($nets) ? sprintf(" and `item`.`network` = '%s' ", dbesc($nets)) : '');
if ($nouveau OR strlen($file) OR $update) {
$sql_table = "`item`";
$sql_parent = "`parent`";
}
if ($star OR $bmark) {
$sql_table = "`item` INNER JOIN (SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options and deleted = 0 ORDER BY `commented` DESC) AS `temp1` ON item.parent = `temp1`.parent ";
$sql_extra = "";
} else
$sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` $sql_options ) ";
$sql_nets = (($nets) ? sprintf(" and $sql_table.`network` = '%s' ", dbesc($nets)) : '');
if($group) {
$r = q("SELECT `name`, `id` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
@ -595,29 +517,34 @@ function network_content(&$a, $update = 0) {
}
$contacts = expand_groups(array($group));
$contact_str_self = "";
if((is_array($contacts)) && count($contacts)) {
$contact_str = implode(',',$contacts);
$self = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self`", intval($_SESSION['uid']));
if (count($self))
$contact_str_self = ",".$self[0]["id"];
}
else {
$contact_str = ' 0 ';
info( t('Group is empty'));
}
$sql_table = "`item` INNER JOIN (SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options AND (`contact-id` IN ($contact_str) OR `allow_gid` like '".protect_sprintf('%<'.intval($group).'>%')."') and deleted = 0 ORDER BY `created` DESC) AS `temp1` ON item.parent = `temp1`.parent ";
$sql_extra = "";
//$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options AND ( `contact-id` IN ( $contact_str ) OR `allow_gid` like '" . protect_sprintf('%<' . intval($group) . '>%') . "' ) and deleted = 0 ) ";
$o = '<h2>' . t('Group: ') . $r[0]['name'] . '</h2>' . $o;
}
elseif($cid) {
//$sql_post_table = " INNER JOIN (SELECT DISTINCT(`parent`) FROM `item` WHERE (`contact-id` IN ($contact_str) OR `allow_gid` like '".protect_sprintf('%<'.intval($group).'>%')."') and deleted = 0 ORDER BY `created` DESC) AS `temp1` ON $sql_table.$sql_parent = `temp1`.`parent` ";
$r = q("SELECT `id`,`name`,`network`,`writable`,`nurl` FROM `contact` WHERE `id` = %d
$sql_extra3 .= " AND `contact-id` IN ($contact_str$contact_str_self) ";
$sql_extra3 .= " AND EXISTS (SELECT id FROM `item` WHERE (`contact-id` IN ($contact_str) OR `allow_gid` like '".protect_sprintf('%<'.intval($group).'>%')."') and deleted = 0 AND parent = $sql_table.$sql_parent) ";
$o = '<h2>' . t('Group: ') . $r[0]['name'] . '</h2>' . $o;
} elseif($cid) {
$r = q("SELECT `id`,`name`,`network`,`writable`,`nurl` FROM `contact` WHERE `id` = %d
AND `blocked` = 0 AND `pending` = 0 LIMIT 1",
intval($cid)
);
if(count($r)) {
$sql_table = "`item` INNER JOIN (SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options AND `contact-id` = ".intval($cid)." and deleted = 0 ORDER BY `item`.`received` DESC) AS `temp1` ON item.parent = `temp1`.parent ";
$sql_post_table = " INNER JOIN (SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options AND `contact-id` = ".intval($cid)." and deleted = 0 ORDER BY `item`.`received` DESC) AS `temp1` ON $sql_table.$sql_parent = `temp1`.`parent` ";
$sql_extra = "";
//$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options AND `contact-id` = " . intval($cid) . " and deleted = 0 ) ";
$o = '<h2>' . t('Contact: ') . $r[0]['name'] . '</h2>' . $o;
if($r[0]['network'] === NETWORK_OSTATUS && $r[0]['writable'] && (! get_pconfig(local_user(),'system','nowarn_insecure'))) {
notice( t('Private messages to this person are at risk of public disclosure.') . EOL);
@ -636,23 +563,19 @@ function network_content(&$a, $update = 0) {
$o .= get_events();
}
$sql_extra3 = '';
if($datequery) {
$sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
$sql_extra3 .= protect_sprintf(sprintf(" AND $sql_table.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
}
if($datequery2) {
$sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
$sql_extra3 .= protect_sprintf(sprintf(" AND $sql_table.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
}
$sql_extra2 = (($nouveau) ? '' : " AND `item`.`parent` = `item`.`id` ");
//$sql_extra2 = (($nouveau) ? '' : " AND `item`.`parent` = `item`.`id` ");
$sql_extra2 = (($nouveau) ? '' : $sql_extra2);
$sql_extra3 = (($nouveau) ? '' : $sql_extra3);
//$sql_order = "`item`.`received`";
$sql_order = "";
$order_mode = "received";
if ($sql_table == "")
$sql_table = "`item`";
$tag = false;
if(x($_GET,'search')) {
$search = escape_tags($_GET['search']);
@ -666,44 +589,30 @@ function network_content(&$a, $update = 0) {
$tag = true;
if($tag) {
//$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d ",
// dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
//$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
//$sql_order = "`term`.`tid`";
$sql_extra = "";
$sql_table = sprintf("`item` INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
$sql_post_table = sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG), intval(local_user()));
$sql_order = "`item`.`received`";
$order_mode = "received";
$sql_order = "`item`.`id`";
$order_mode = "id";
} else {
if (get_config('system','use_fulltext_engine'))
$sql_extra = sprintf(" AND MATCH (`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode) ", dbesc(protect_sprintf($search)));
else
$sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
$sql_order = "`item`.`received`";
$order_mode = "received";
}
}
if(strlen($file)) {
$sql_extra .= file_tag_file_query('item',unxmlify($file));
$sql_post_table = sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($file)), intval(TERM_OBJ_POST), intval(TERM_FILE), intval(local_user()));
$sql_order = "`item`.`id`";
$order_mode = "id";
}
if($conv) {
$myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname'];
$myurl = substr($myurl,strpos($myurl,'://')+3);
$myurl = str_replace('www.','',$myurl);
$diasp_url = str_replace('/profile/','/u/',$myurl);
$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where `author-link` IN ('https://%s', 'http://%s') OR `mention`)",
dbesc(protect_sprintf($myurl)),
dbesc(protect_sprintf($myurl))
);
}
if($conv)
$sql_extra3 .= " AND `mention`";
if($update) {
@ -714,9 +623,9 @@ function network_content(&$a, $update = 0) {
else {
if( (! get_config('alt_pager', 'global')) && (! get_pconfig(local_user(),'system','alt_pager')) ) {
$r = q("SELECT COUNT(*) AS `total`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
FROM $sql_table $sql_post_table INNER JOIN `contact` ON `contact`.`id` = $sql_table.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE $sql_table.`uid` = %d AND $sql_table.`visible` = 1 AND $sql_table.`deleted` = 0
$sql_extra2 $sql_extra3
$sql_extra $sql_nets ",
intval($_SESSION['uid'])
@ -727,16 +636,16 @@ function network_content(&$a, $update = 0) {
}
}
// check if we serve a mobile device and get the user settings
// check if we serve a mobile device and get the user settings
// accordingly
if ($a->is_mobile) {
if ($a->is_mobile) {
$itemspage_network = get_pconfig(local_user(),'system','itemspage_mobile_network');
$itemspage_network = ((intval($itemspage_network)) ? $itemspage_network : 20);
} else {
} else {
$itemspage_network = get_pconfig(local_user(),'system','itemspage_network');
$itemspage_network = ((intval($itemspage_network)) ? $itemspage_network : 40);
}
// now that we have the user settings, see if the theme forces
// now that we have the user settings, see if the theme forces
// a maximum item number which is lower then the user choice
if(($a->force_max_items > 0) && ($a->force_max_items < $itemspage_network))
$itemspage_network = $a->force_max_items;
@ -745,28 +654,29 @@ function network_content(&$a, $update = 0) {
$pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage']));
}
$simple_update = (($update) ? " and `item`.`unseen` = 1 " : '');
if($nouveau) {
// "New Item View" - show all items unthreaded in reverse created date order
$simple_update = (($update) ? " and `item`.`unseen` = 1 " : '');
if ($sql_order == "")
$sql_order = "`item`.`received`";
// "New Item View" - show all items unthreaded in reverse created date order
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1
FROM $sql_table $sql_post_table INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE `item`.`uid` = %d AND `item`.`visible` = 1
AND `item`.`deleted` = 0 and `item`.`moderated` = 0
$simple_update
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra $sql_nets
ORDER BY `item`.`received` DESC $pager_sql ",
ORDER BY $sql_order DESC $pager_sql ",
intval($_SESSION['uid'])
);
$update_unseen = ' WHERE uid = ' . intval($_SESSION['uid']) . " AND unseen = 1 $sql_extra $sql_nets";
}
else {
} else {
// Normal conversation view
@ -782,31 +692,29 @@ function network_content(&$a, $update = 0) {
}
if ($sql_order == "")
$sql_order = "`item`.$ordering";
$sql_order = "$sql_table.$ordering";
if (($_GET["offset"] != ""))
$sql_extra3 .= sprintf(" AND $sql_order <= '%s'", dbesc($_GET["offset"]));
// Fetch a page full of parent items for this page
if($update) {
$r = q("SELECT `item`.`parent` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`uid` AS `contact_uid`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND
(`item`.`deleted` = 0 OR item.verb = '" . ACTIVITY_LIKE ."' OR item.verb = '" . ACTIVITY_DISLIKE . "')
and `item`.`moderated` = 0 and `item`.`unseen` = 1
FROM $sql_table $sql_post_table INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra3 $sql_extra $sql_nets ",
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND
(`item`.`deleted` = 0 OR `item`.`verb` = '" . ACTIVITY_LIKE ."' OR `item`.`verb` = '" . ACTIVITY_DISLIKE . "')
and `item`.`moderated` = 0 and `item`.`unseen` = 1
$sql_extra3 $sql_extra $sql_nets ORDER BY `item_id` DESC LIMIT 100",
intval(local_user())
);
}
else {
$r = q("SELECT `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`uid` AS `contact_uid`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
AND `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`parent` = `item`.`id`
$sql_extra3 $sql_extra $sql_nets
} else {
$r = q("SELECT `thread`.`iid` AS `item_id`, `thread`.`network` AS `item_network`, `contact`.`uid` AS `contact_uid`
FROM $sql_table $sql_post_table INNER JOIN `contact` ON `contact`.`id` = `thread`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE `thread`.`uid` = %d AND `thread`.`visible` = 1 AND `thread`.`deleted` = 0
AND `thread`.`moderated` = 0
$sql_extra2 $sql_extra3 $sql_extra $sql_nets
ORDER BY $sql_order DESC $pager_sql ",
intval(local_user())
);
@ -823,7 +731,7 @@ function network_content(&$a, $update = 0) {
if(! in_array($rr['item_id'],$parents_arr))
$parents_arr[] = $rr['item_id'];
//$parents_str = implode(', ', $parents_arr);
$parents_str = implode(", ", $parents_arr);
// splitted into separate queries to avoid the problem with very long threads
// so always the last X comments are loaded
@ -834,26 +742,25 @@ function network_content(&$a, $update = 0) {
$items = array();
foreach ($parents_arr AS $parents_str) {
foreach ($parents_arr AS $parents) {
// $sql_extra ORDER BY `item`.`commented` DESC LIMIT %d",
$thread_items = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`, `contact`.`writable`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
AND `item`.`moderated` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`parent` IN ( %s )
$sql_extra ORDER BY `item`.`commented` DESC LIMIT %d",
AND `item`.`parent` = %d
ORDER BY `item`.`commented` DESC LIMIT %d",
intval(local_user()),
dbesc($parents_str),
intval($parents),
intval($max_comments + 1)
);
$items = array_merge($items, $thread_items);
}
$items = conv_sort($items,$ordering);
} else {
$items = array();
}
@ -871,17 +778,18 @@ function network_content(&$a, $update = 0) {
// We aren't going to try and figure out at the item, group, and page
// level which items you've seen and which you haven't. If you're looking
// at the top level network page just mark everything seen.
// at the top level network page just mark everything seen.
// The $update_unseen is a bit unreliable if you have stuff coming into your stream from a new contact -
// and other feeds that bring in stuff from the past. One can't find it all.
// The $update_unseen is a bit unreliable if you have stuff coming into your stream from a new contact -
// and other feeds that bring in stuff from the past. One can't find it all.
// I'm reviving this block to mark everything seen on page 1 of the network as a temporary measure.
// The correct solution is to implement a network notifications box just like the system notifications popup
// with the ability in the popup to "mark all seen".
// Several people are complaining because there are unseen messages they can't find and as time goes
// on they just get buried deeper. It has happened to me a couple of times also.
if((! $group) && (! $cid) && (! $star)) {
$r = q("UPDATE `item` SET `unseen` = 0
WHERE `unseen` = 1 AND `uid` = %d",

4
mod/notifications.php
View file

@ -33,7 +33,7 @@ function notifications_post(&$a) {
$fid = $r[0]['fid'];
if($_POST['submit'] == t('Discard')) {
$r = q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
$r = q("DELETE FROM `intro` WHERE `id` = %d",
intval($intro_id)
);
if(! $fid) {
@ -41,7 +41,7 @@ function notifications_post(&$a) {
// The check for blocked and pending is in case the friendship was already approved
// and we just want to get rid of the now pointless notification
$r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1 LIMIT 1",
$r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1",
intval($contact_id),
intval(local_user())
);

14
mod/parse_url.php
View file

@ -82,6 +82,9 @@ function parseurl_getsiteinfo($url, $no_guessing = false) {
$oembed_data = oembed_fetch_url($url);
if ($oembed_data->type != "error")
$siteinfo["type"] = $oembed_data->type;
if ($oembed_data->type == "link") {
if (isset($oembed_data->title))
$siteinfo["title"] = $oembed_data->title;
@ -172,7 +175,8 @@ function parseurl_getsiteinfo($url, $no_guessing = false) {
$siteinfo["image"] = $attr["content"];
break;
case "twitter:card":
$siteinfo["type"] = $attr["content"];
if ($siteinfo["type"] == "")
$siteinfo["type"] = $attr["content"];
break;
case "twitter:description":
$siteinfo["text"] = $attr["content"];
@ -187,6 +191,8 @@ function parseurl_getsiteinfo($url, $no_guessing = false) {
$siteinfo["text"] = $attr["content"];
break;
}
if ($siteinfo["type"] == "summary")
$siteinfo["type"] = "link";
}
//$list = $xpath->query("head/meta[@property]");
@ -391,7 +397,7 @@ function parse_url_content(&$a) {
$total_images ++;
if($max_images && $max_images >= $total_images)
break;
}
}
}
if(strlen($text)) {
@ -414,7 +420,9 @@ function parse_url_content(&$a) {
$sitedata .= trim($result);
if (($siteinfo["type"] != "photo"))
if (($siteinfo["type"] == "video") AND ($url != ""))
echo "[video]".$url."[/video]";
elseif (($siteinfo["type"] != "photo"))
echo "[class=type-link]".$sitedata."[/class]";
else
echo "[class=type-photo]".$title.$br.$image."[/class]";

8
mod/photo.php
View file

@ -206,9 +206,15 @@ function photo_init(&$a) {
echo $data;
// If the photo is public and there is an existing photo directory store the photo there
if ($public and ($file != ""))
if ($public and ($file != "")) {
// If the photo path isn't there, try to create it
if (!is_dir($_SERVER["DOCUMENT_ROOT"]."/photo"))
if (is_writable($_SERVER["DOCUMENT_ROOT"]))
mkdir($_SERVER["DOCUMENT_ROOT"]."/photo");
if (is_dir($_SERVER["DOCUMENT_ROOT"]."/photo"))
file_put_contents($_SERVER["DOCUMENT_ROOT"]."/photo/".$file, $data);
}
killme();
// NOTREACHED

17
mod/photos.php
View file

@ -6,6 +6,7 @@ require_once('include/bbcode.php');
require_once('include/security.php');
require_once('include/redir.php');
require_once('include/tags.php');
require_once('include/threads.php');
function photos_init(&$a) {
@ -253,6 +254,7 @@ function photos_post(&$a) {
intval($page_owner_uid)
);
create_tags_from_itemuri($rr['parent-uri'], $page_owner_uid);
delete_thread_uri($rr['parent-uri'], $page_owner_uid);
$drop_id = intval($rr['id']);
@ -323,6 +325,7 @@ function photos_post(&$a) {
intval($page_owner_uid)
);
create_tags_from_itemuri($i[0]['uri'], $page_owner_uid);
delete_thread_uri($i[0]['uri'], $page_owner_uid);
$url = $a->get_baseurl();
$drop_id = intval($i[0]['id']);
@ -371,7 +374,7 @@ function photos_post(&$a) {
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 0 limit 1",
$x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 0",
dbesc($ph->imageString()),
intval($height),
intval($width),
@ -384,7 +387,7 @@ function photos_post(&$a) {
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 1 limit 1",
$x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 1",
dbesc($ph->imageString()),
intval($height),
intval($width),
@ -398,7 +401,7 @@ function photos_post(&$a) {
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 2 limit 1",
$x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 2",
dbesc($ph->imageString()),
intval($height),
intval($width),
@ -599,7 +602,7 @@ function photos_post(&$a) {
$newinform .= ',';
$newinform .= $inform;
$r = q("UPDATE `item` SET `tag` = '%s', `inform` = '%s', `edited` = '%s', `changed` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `tag` = '%s', `inform` = '%s', `edited` = '%s', `changed` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($newtag),
dbesc($newinform),
dbesc(datetime_convert()),
@ -608,6 +611,7 @@ function photos_post(&$a) {
intval($page_owner_uid)
);
create_tags_from_item($item_id);
update_thread($item_id);
$best = 0;
foreach($p as $scales) {
@ -668,7 +672,7 @@ function photos_post(&$a) {
$item_id = item_store($arr);
if($item_id) {
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($a->get_baseurl() . '/display/' . $owner_record['nickname'] . '/' . $item_id),
intval($page_owner_uid),
intval($item_id)
@ -877,7 +881,7 @@ function photos_post(&$a) {
$item_id = item_store($arr);
if($item_id) {
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($a->get_baseurl() . '/display/' . $owner_record['nickname'] . '/' . $item_id),
intval($page_owner_uid),
intval($item_id)
@ -1431,6 +1435,7 @@ function photos_content(&$a) {
intval($link_item['parent']),
intval(local_user())
);
update_thread($link_item['parent']);
}
}

20
mod/poke.php
View file

@ -12,8 +12,8 @@ function poke_init(&$a) {
$uid = local_user();
$verb = notags(trim($_GET['verb']));
if(! $verb)
if(! $verb)
return;
$verbs = get_poke_verbs();
@ -46,7 +46,7 @@ function poke_init(&$a) {
$target = $r[0];
if($parent) {
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
$r = q("select uri, private, allow_cid, allow_gid, deny_cid, deny_gid
from item where id = %d and parent = %d and uid = %d limit 1",
intval($parent),
intval($parent),
@ -111,7 +111,7 @@ function poke_init(&$a) {
$item_id = item_store($arr);
if($item_id) {
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($a->get_baseurl() . '/display/' . $poster['nickname'] . '/' . $item_id),
intval($uid),
intval($item_id)
@ -156,20 +156,20 @@ function poke_content(&$a) {
$a->page['htmlhead'] .= '<script src="' . $a->get_baseurl(true) . '/library/jquery_ac/friendica.complete.js" ></script>';
$a->page['htmlhead'] .= <<< EOT
<script>$(document).ready(function() {
var a;
a = $("#poke-recip").autocomplete({
<script>$(document).ready(function() {
var a;
a = $("#poke-recip").autocomplete({
serviceUrl: '$base/acl',
minChars: 2,
width: 350,
onSelect: function(value,data) {
$("#poke-recip-complete").val(data);
}
}
});
a.setOptions({ params: { type: 'a' }});
});
});
</script>
EOT;
@ -203,4 +203,4 @@ EOT;
return $o;
}
}

63
mod/profile.php
View file

@ -27,7 +27,7 @@ function profile_init(&$a) {
$profile = 0;
if((local_user()) && ($a->argc > 2) && ($a->argv[2] === 'view')) {
$which = $a->user['nickname'];
$profile = $a->argv[1];
$profile = $a->argv[1];
}
else {
auto_redir($a, $which);
@ -41,7 +41,7 @@ function profile_init(&$a) {
if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] == PAGE_COMMUNITY)) {
$a->page['htmlhead'] .= '<meta name="friendica.community" content="true" />';
}
if(x($a->profile,'openidserver'))
if(x($a->profile,'openidserver'))
$a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n";
if(x($a->profile,'openid')) {
$delegate = ((strstr($a->profile['openid'],'://')) ? $a->profile['openid'] : 'http://' . $a->profile['openid']);
@ -60,7 +60,7 @@ function profile_init(&$a) {
$uri = urlencode('acct:' . $a->profile['nickname'] . '@' . $a->get_hostname() . (($a->path) ? '/' . $a->path : ''));
$a->page['htmlhead'] .= '<link rel="lrdd" type="application/xrd+xml" href="' . $a->get_baseurl() . '/xrd/?uri=' . $uri . '" />' . "\r\n";
header('Link: <' . $a->get_baseurl() . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false);
$dfrn_pages = array('request', 'confirm', 'notify', 'poll');
foreach($dfrn_pages as $dfrn)
$a->page['htmlhead'] .= "<link rel=\"dfrn-{$dfrn}\" href=\"".$a->get_baseurl()."/dfrn_{$dfrn}/{$which}\" />\r\n";
@ -219,37 +219,41 @@ function profile_content(&$a, $update = 0) {
$r = q("SELECT distinct(parent) AS `item_id`, `item`.`network` AS `item_network`,
`contact`.`uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND
(`item`.`deleted` = 0 OR item.verb = '" . ACTIVITY_LIKE ."' OR item.verb = '" . ACTIVITY_DISLIKE . "')
and `item`.`moderated` = 0 and `item`.`unseen` = 1
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`wall` = 1
$sql_extra
ORDER BY `item`.`created` DESC",
intval($a->profile['profile_uid'])
);
}
else {
} else {
$sql_post_table = "";
if(x($category)) {
$sql_extra .= protect_sprintf(file_tag_file_query('item',$category,'category'));
$sql_post_table = sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($category)), intval(TERM_OBJ_POST), intval(TERM_CATEGORY), intval($a->profile['profile_uid']));
//$sql_extra .= protect_sprintf(file_tag_file_query('item',$category,'category'));
}
if($datequery) {
$sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
$sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
}
if($datequery2) {
$sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
$sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
}
if( (! get_config('alt_pager', 'global')) && (! get_pconfig($a->profile['profile_uid'],'system','alt_pager')) ) {
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
and `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 1
FROM `thread` INNER JOIN `item` ON `item`.`id` = `thread`.`iid`
$sql_post_table INNER JOIN `contact` ON `contact`.`id` = `thread`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE `thread`.`uid` = %d AND `thread`.`visible` = 1 AND `thread`.`deleted` = 0
and `thread`.`moderated` = 0
AND `thread`.`wall` = 1
$sql_extra $sql_extra2 ",
intval($a->profile['profile_uid'])
);
@ -259,16 +263,16 @@ function profile_content(&$a, $update = 0) {
}
}
// check if we serve a mobile device and get the user settings
// check if we serve a mobile device and get the user settings
// accordingly
if ($a->is_mobile) {
if ($a->is_mobile) {
$itemspage_network = get_pconfig(local_user(),'system','itemspage_mobile_network');
$itemspage_network = ((intval($itemspage_network)) ? $itemspage_network : 20);
} else {
} else {
$itemspage_network = get_pconfig(local_user(),'system','itemspage_network');
$itemspage_network = ((intval($itemspage_network)) ? $itemspage_network : 40);
}
// now that we have the user settings, see if the theme forces
// now that we have the user settings, see if the theme forces
// a maximum item number which is lower then the user choice
if(($a->force_max_items > 0) && ($a->force_max_items < $itemspage_network))
$itemspage_network = $a->force_max_items;
@ -277,20 +281,19 @@ function profile_content(&$a, $update = 0) {
$pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage']));
// FROM `item` FORCE INDEX (created, uid) LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
$r = q("SELECT `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact`.`uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
and `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 1
$r = q("SELECT `thread`.`iid` AS `item_id`, `thread`.`network` AS `item_network`,
`thread`.`uid` AS `contact-uid`
FROM `thread` INNER JOIN `item` ON `item`.`id` = `thread`.`iid`
$sql_post_table INNER JOIN `contact` ON `contact`.`id` = `thread`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE `thread`.`uid` = %d AND `thread`.`visible` = 1 AND `thread`.`deleted` = 0
and `thread`.`moderated` = 0
AND `thread`.`wall` = 1
$sql_extra $sql_extra2
ORDER BY `item`.`created` DESC $pager_sql ",
ORDER BY `thread`.`created` DESC $pager_sql ",
intval($a->profile['profile_uid'])
);
}
$parents_arr = array();
@ -303,7 +306,7 @@ function profile_content(&$a, $update = 0) {
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`network`, `contact`.`rel`,
`contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item`, `contact`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
@ -315,7 +318,7 @@ function profile_content(&$a, $update = 0) {
intval($a->profile['profile_uid']),
dbesc($parents_str)
);
$items = conv_sort($items,'created');
} else {
$items = array();

26
mod/profile_photo.php
View file

@ -19,9 +19,9 @@ function profile_photo_post(&$a) {
notice ( t('Permission denied.') . EOL );
return;
}
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) {
// unless proven otherwise
@ -34,9 +34,9 @@ function profile_photo_post(&$a) {
);
if(count($r) && (! intval($r[0]['is-default'])))
$is_default_profile = 0;
}
}
// phase 2 - we have finished cropping
@ -51,7 +51,7 @@ function profile_photo_post(&$a) {
$scale = substr($image_id,-1,1);
$image_id = substr($image_id,0,-2);
}
$srcX = $_POST['xstart'];
$srcY = $_POST['ystart'];
@ -86,7 +86,7 @@ function profile_photo_post(&$a) {
$im->scaleImage(48);
$r = $im->store(local_user(), 0, $base_image['resource-id'],$base_image['filename'], t('Profile Photos'), 6, $is_default_profile);
if($r === false)
notice( sprintf(t('Image size reduction [%s] failed.'),"48") . EOL );
@ -99,7 +99,7 @@ function profile_photo_post(&$a) {
);
}
else {
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d limit 1",
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d",
dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-4'),
dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-5'),
intval($_REQUEST['profile']),
@ -110,7 +110,7 @@ function profile_photo_post(&$a) {
// we'll set the updated profile-photo timestamp even if it isn't the default profile,
// so that browsers will do a cache update unconditionally
$r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d",
dbesc(datetime_convert()),
intval(local_user())
);
@ -204,22 +204,22 @@ function profile_photo_content(&$a) {
if (($r[0]['album']== t('Profile Photos')) && ($havescale)){
$r=q("UPDATE `photo` SET `profile`=0 WHERE `profile`=1 AND `uid`=%d",
intval(local_user()));
$r=q("UPDATE `photo` SET `profile`=1 WHERE `uid` = %d AND `resource-id` = '%s'",
intval(local_user()),
dbesc($resource_id)
);
$r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d",
dbesc(datetime_convert()),
intval(local_user())
);
// Update global directory in background
$url = $_SESSION['my_url'];
if($url && strlen(get_config('system','directory_submit_url')))
proc_run('php',"include/directory.php","$url");
goaway($a->get_baseurl() . '/profiles');
return; // NOTREACHED
}

52
mod/profiles.php
View file

@ -19,7 +19,7 @@ function profiles_init(&$a) {
goaway($a->get_baseurl(true) . '/profiles');
return; // NOTREACHED
}
check_form_security_token_redirectOnErr('/profiles', 'profile_drop', 't');
// move every contact using this profile as their default to the user default
@ -29,7 +29,7 @@ function profiles_init(&$a) {
intval($a->argv[2]),
intval(local_user())
);
$r = q("DELETE FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("DELETE FROM `profile` WHERE `id` = %d AND `uid` = %d",
intval($a->argv[2]),
intval(local_user())
);
@ -45,7 +45,7 @@ function profiles_init(&$a) {
if(($a->argc > 1) && ($a->argv[1] === 'new')) {
check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't');
$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
@ -56,7 +56,7 @@ function profiles_init(&$a) {
$r1 = q("SELECT `name`, `photo`, `thumb` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
intval(local_user()));
$r2 = q("INSERT INTO `profile` (`uid` , `profile-name` , `name`, `photo`, `thumb`)
VALUES ( %d, '%s', '%s', '%s', '%s' )",
intval(local_user()),
@ -74,12 +74,12 @@ function profiles_init(&$a) {
info( t('New profile created.') . EOL);
if(count($r3) == 1)
goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']);
goaway($a->get_baseurl(true) . '/profiles');
}
}
if(($a->argc > 2) && ($a->argv[1] === 'clone')) {
check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't');
$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
@ -98,16 +98,16 @@ function profiles_init(&$a) {
}
unset($r1[0]['id']);
$r1[0]['is-default'] = 0;
$r1[0]['publish'] = 0;
$r1[0]['net-publish'] = 0;
$r1[0]['publish'] = 0;
$r1[0]['net-publish'] = 0;
$r1[0]['profile-name'] = dbesc($name);
dbesc_array($r1[0]);
$r2 = dbq("INSERT INTO `profile` (`"
. implode("`, `", array_keys($r1[0]))
. "`) VALUES ('"
. implode("', '", array_values($r1[0]))
$r2 = dbq("INSERT INTO `profile` (`"
. implode("`, `", array_keys($r1[0]))
. "`) VALUES ('"
. implode("', '", array_values($r1[0]))
. "')" );
$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
@ -117,9 +117,9 @@ function profiles_init(&$a) {
info( t('New profile created.') . EOL);
if(count($r3) == 1)
goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']);
goaway($a->get_baseurl(true) . '/profiles');
return; // NOTREACHED
}
@ -160,9 +160,9 @@ function profiles_post(&$a) {
notice( t('Profile not found.') . EOL);
return;
}
check_form_security_token_redirectOnErr('/profiles', 'profile_edit');
$is_default = (($orig[0]['is-default']) ? 1 : 0);
$profile_name = notags(trim($_POST['profile_name']));
@ -170,7 +170,7 @@ function profiles_post(&$a) {
notify( t('Profile Name is required.') . EOL);
return;
}
$year = intval($_POST['year']);
if($year < 1900 || $year > 2100 || $year < 0)
$year = 0;
@ -259,7 +259,7 @@ function profiles_post(&$a) {
intval(local_user())
);
}*/
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
dbesc($newname),
intval(local_user())
@ -376,9 +376,9 @@ function profiles_post(&$a) {
profile_activity($changes,$value);
}
$r = q("UPDATE `profile`
}
$r = q("UPDATE `profile`
SET `profile-name` = '%s',
`name` = '%s',
`pdesc` = '%s',
@ -412,7 +412,7 @@ function profiles_post(&$a) {
`work` = '%s',
`education` = '%s',
`hide-friends` = %d
WHERE `id` = %d AND `uid` = %d LIMIT 1",
WHERE `id` = %d AND `uid` = %d",
dbesc($profile_name),
dbesc($name),
dbesc($pdesc),
@ -455,11 +455,11 @@ function profiles_post(&$a) {
if($namechanged && $is_default) {
$r = q("UPDATE `contact` SET `name-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `name-date` = '%s' WHERE `self` = 1 AND `uid` = %d",
dbesc(datetime_convert()),
intval(local_user())
);
$r = q("UPDATE `user` set `username` = '%s' where `uid` = %d limit 1",
$r = q("UPDATE `user` set `username` = '%s' where `uid` = %d",
dbesc($name),
intval(local_user())
);
@ -558,7 +558,7 @@ function profile_activity($changed, $value) {
if($i) {
// give it a permanent link
q("update item set plink = '%s' where id = %d limit 1",
q("update item set plink = '%s' where id = %d",
dbesc($a->get_baseurl() . '/display/' . $a->user['nickname'] . '/' . $i),
intval($i)
);

8
mod/profperm.php
View file

@ -6,7 +6,7 @@ function profperm_init(&$a) {
return;
$which = $a->user['nickname'];
$profile = $a->argv[1];
$profile = $a->argv[1];
profile_load($a,$which,$profile);
@ -36,7 +36,7 @@ function profperm_content(&$a) {
if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
$r = q("SELECT `id` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `self` = 0
$r = q("SELECT `id` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `self` = 0
AND `network` = 'dfrn' AND `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]),
intval(local_user())
@ -71,13 +71,13 @@ function profperm_content(&$a) {
if($change) {
if(in_array($change,$ingroup)) {
q("UPDATE `contact` SET `profile-id` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `contact` SET `profile-id` = 0 WHERE `id` = %d AND `uid` = %d",
intval($change),
intval(local_user())
);
}
else {
q("UPDATE `contact` SET `profile-id` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `contact` SET `profile-id` = %d WHERE `id` = %d AND `uid` = %d",
intval($a->argv[1]),
intval($change),
intval(local_user())

6
mod/pubsub.php
View file

@ -79,18 +79,18 @@ function pubsub_init(&$a) {
if($hub_mode === 'unsubscribe') {
if(! strlen($hub_verify)) {
logger('pubsub: bogus unsubscribe');
logger('pubsub: bogus unsubscribe');
hub_return(false, '');
}
logger('pubsub: unsubscribe success');
}
$r = q("UPDATE `contact` SET `subhub` = %d WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `contact` SET `subhub` = %d WHERE `id` = %d",
intval($subscribe),
intval($contact['id'])
);
hub_return(true, $hub_challenge);
hub_return(true, $hub_challenge);
}
}

41
mod/search.php
View file

@ -128,23 +128,12 @@ function search_content(&$a) {
$tag = true;
if($tag) {
//$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d",
//$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d group by `item`.`uri` ",
// dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
//$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
//$sql_order = "`term`.`tid`";
//$sql_order = "`item`.`received`";
//$sql_extra = sprintf(" AND EXISTS (SELECT * FROM `term` WHERE `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d) GROUP BY `item`.`uri` ",
// dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
//$sql_table = "`item` FORCE INDEX (`uri`) ";
$sql_extra = "";
$sql_table = sprintf("`item` INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG), intval(local_user()));
$sql_table = sprintf("`item` INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
$sql_order = "`item`.`received`";
$sql_order = "`item`.`id`";
} else {
if (get_config('system','use_fulltext_engine')) {
$sql_extra = sprintf(" AND MATCH (`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode) ", dbesc(protect_sprintf($search)));
@ -152,21 +141,23 @@ function search_content(&$a) {
$sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
}
$sql_table = "`item`";
$sql_order = "`item`.`received`";
$sql_order = "`item`.`id`";
//$sql_order = "`item`.`received`";
}
// Here is the way permissions work in the search module...
// Only public posts can be shown
// OR your own posts if you are a logged in member
// No items will be shown if the member has a blocked profile wall.
// No items will be shown if the member has a blocked profile wall.
if( (! get_config('alt_pager', 'global')) && (! get_pconfig(local_user(),'system','alt_pager')) ) {
$r = q("SELECT distinct(`item`.`uri`) as `total`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0)
OR ( `item`.`uid` = %d ))
FROM $sql_table INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0)
OR ( `item`.`uid` = %d ))
$sql_extra ",
intval(local_user())
);
@ -181,18 +172,18 @@ function search_content(&$a) {
}
}
$r = q("SELECT `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,
$r = q("SELECT `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
`user`.`nickname`, `user`.`uid`, `user`.`hidewall`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
FROM $sql_table INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0 )
OR ( `item`.`uid` = %d ))
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra
$sql_extra GROUP BY `item`.`uri`
ORDER BY $sql_order DESC LIMIT %d , %d ",
intval(local_user()),
intval($a->pager['start']),

18
mod/settings.php
View file

@ -196,14 +196,14 @@ function settings_post(&$a) {
if(strlen($mail_pass)) {
$pass = '';
openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']);
q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d LIMIT 1",
q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d",
dbesc(bin2hex($pass)),
intval(local_user())
);
}
$r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s',
`action` = %d, `movetofolder` = '%s',
`mailbox` = 'INBOX', `reply_to` = '%s', `pubmail` = %d WHERE `uid` = %d LIMIT 1",
`mailbox` = 'INBOX', `reply_to` = '%s', `pubmail` = %d WHERE `uid` = %d",
dbesc($mail_server),
intval($mail_port),
dbesc($mail_ssl),
@ -294,7 +294,7 @@ function settings_post(&$a) {
}
$r = q("UPDATE `user` SET `theme` = '%s' WHERE `uid` = %d LIMIT 1",
$r = q("UPDATE `user` SET `theme` = '%s' WHERE `uid` = %d",
dbesc($theme),
intval(local_user())
);
@ -341,7 +341,7 @@ function settings_post(&$a) {
if(! $err) {
$password = hash('whirlpool',$newpass);
$r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d LIMIT 1",
$r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d",
dbesc($password),
intval(local_user())
);
@ -499,7 +499,7 @@ function settings_post(&$a) {
}
}
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1",
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d",
dbesc($username),
dbesc($email),
dbesc($openid),
@ -526,12 +526,12 @@ function settings_post(&$a) {
if($r)
info( t('Settings updated.') . EOL);
$r = q("UPDATE `profile`
SET `publish` = %d,
$r = q("UPDATE `profile`
SET `publish` = %d,
`name` = '%s',
`net-publish` = %d,
`hide-friends` = %d
WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
WHERE `is-default` = 1 AND `uid` = %d",
intval($publish),
dbesc($username),
intval($net_publish),
@ -541,7 +541,7 @@ function settings_post(&$a) {
if($name_change) {
q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `self` = 1 LIMIT 1",
q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `self` = 1",
dbesc($username),
dbesc(datetime_convert()),
intval(local_user())

2
mod/share.php
View file

@ -9,7 +9,7 @@ function share_init(&$a) {
killme();
$r = q("SELECT item.*, contact.network FROM `item`
left join contact on `item`.`contact-id` = `contact`.`id`
inner join contact on `item`.`contact-id` = `contact`.`id`
WHERE `item`.`id` = %d AND `item`.`uid` = %d LIMIT 1",
intval($post_id),

2
mod/starred.php
View file

@ -22,7 +22,7 @@ function starred_init(&$a) {
if(! intval($r[0]['starred']))
$starred = 1;
$r = q("UPDATE item SET starred = %d WHERE uid = %d and id = %d LIMIT 1",
$r = q("UPDATE item SET starred = %d WHERE uid = %d and id = %d",
intval($starred),
intval(local_user()),
intval($message_id)

8
mod/subthread.php
View file

@ -85,7 +85,7 @@ function subthread_content(&$a) {
$uri = item_new_uri($a->get_hostname(),$owner_uid);
$post_type = (($item['resource-id']) ? t('photo') : t('status'));
$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
$link = xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
$body = $item['body'];
@ -140,14 +140,14 @@ EOT;
$arr['unseen'] = 1;
$arr['last-child'] = 0;
$post_id = item_store($arr);
$post_id = item_store($arr);
if(! $item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d",
intval($item['id']),
intval($owner_uid)
);
}
}
$arr['id'] = $post_id;

22
mod/tagger.php
View file

@ -60,9 +60,9 @@ function tagger_content(&$a) {
$uri = item_new_uri($a->get_hostname(),$owner_uid);
$xterm = xmlify($term);
$post_type = (($item['resource-id']) ? t('photo') : t('status'));
$targettype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
$targettype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
$link = xmlify('<link rel="alternate" type="text/html" href="'
$link = xmlify('<link rel="alternate" type="text/html" href="'
. $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
$body = xmlify($item['body']);
@ -136,20 +136,20 @@ EOT;
$arr['last-child'] = 1;
$arr['origin'] = 1;
$post_id = item_store($arr);
$post_id = item_store($arr);
q("UPDATE `item` set plink = '%s' where id = %d limit 1",
q("UPDATE `item` set plink = '%s' where id = %d",
dbesc($a->get_baseurl() . '/display/' . $owner_nick . '/' . $post_id),
intval($post_id)
);
if(! $item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d",
intval($item['id']),
intval($owner_uid)
);
}
}
$term_objtype = (($item['resource-id']) ? TERM_OBJ_PHOTO : TERM_OBJ_POST );
$t = q("SELECT count(tid) as tcount FROM term WHERE oid=%d AND term='%s'",
@ -157,7 +157,7 @@ EOT;
dbesc($term)
);
if((! $blocktags) && $t[0]['tcount']==0 ) {
/*q("update item set tag = '%s' where id = %d limit 1",
/*q("update item set tag = '%s' where id = %d",
dbesc($item['tag'] . (strlen($item['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'),
intval($item['id'])
);*/
@ -171,7 +171,7 @@ EOT;
intval($owner_uid)
);
}
// if the original post is on this site, update it.
$r = q("select `tag`,`id`,`uid` from item where `origin` = 1 AND `uri` = '%s' LIMIT 1",
@ -197,14 +197,14 @@ EOT;
}
/*if(count($x) && !$x[0]['blocktags'] && (! stristr($r[0]['tag'], ']' . $term . '['))) {
q("update item set tag = '%s' where id = %d limit 1",
q("update item set tag = '%s' where id = %d",
dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'),
intval($r[0]['id'])
);
}*/
}
$arr['id'] = $post_id;

2
mod/tagrm.php
View file

@ -32,7 +32,7 @@ function tagrm_post(&$a) {
$tag_str = implode(',',$arr);
q("UPDATE `item` SET `tag` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
q("UPDATE `item` SET `tag` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($tag_str),
intval($item),
intval(local_user())

4
mod/wall_upload.php
View file

@ -9,7 +9,7 @@ function wall_upload_post(&$a) {
if($a->argc > 1) {
if(! x($_FILES,'media')) {
$nick = $a->argv[1];
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` LEFT JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1",
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1",
dbesc($nick)
);
@ -18,7 +18,7 @@ function wall_upload_post(&$a) {
}
else {
$user_info = api_get_user($a);
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` LEFT JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1",
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1",
dbesc($user_info['screen_name'])
);
}