use Friendica\Protocol\Diaspora;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network;
+use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Util\XML;
require_once 'include/conversation.php';
require_once 'mod/item.php';
require_once 'include/security.php';
require_once 'mod/wall_upload.php';
-require_once 'mod/proxy.php';
define('API_METHOD_ANY', '*');
define('API_METHOD_GET', 'GET');
// Searching for contact URL
if (!is_null($contact_id) && (intval($contact_id) == 0)) {
- $user = dbesc(normalise_link($contact_id));
+ $user = DBA::escape(normalise_link($contact_id));
$url = $user;
$extra_query = "AND `contact`.`nurl` = '%s' ";
if (api_user() !== false) {
// Searching for contact id with uid = 0
if (!is_null($contact_id) && (intval($contact_id) != 0)) {
- $user = dbesc(api_unique_id_to_nurl(intval($contact_id)));
+ $user = DBA::escape(api_unique_id_to_nurl(intval($contact_id)));
if ($user == "") {
throw new BadRequestException("User ID ".$contact_id." not found.");
}
if (is_null($user) && x($_GET, 'user_id')) {
- $user = dbesc(api_unique_id_to_nurl($_GET['user_id']));
+ $user = DBA::escape(api_unique_id_to_nurl($_GET['user_id']));
if ($user == "") {
throw new BadRequestException("User ID ".$_GET['user_id']." not found.");
}
}
if (is_null($user) && x($_GET, 'screen_name')) {
- $user = dbesc($_GET['screen_name']);
+ $user = DBA::escape($_GET['screen_name']);
$extra_query = "AND `contact`.`nick` = '%s' ";
if (api_user() !== false) {
$extra_query .= "AND `contact`.`uid`=".intval(api_user());
}
if (is_null($user) && x($_GET, 'profileurl')) {
- $user = dbesc(normalise_link($_GET['profileurl']));
+ $user = DBA::escape(normalise_link($_GET['profileurl']));
$extra_query = "AND `contact`.`nurl` = '%s' ";
if (api_user() !== false) {
$extra_query .= "AND `contact`.`uid`=".intval(api_user());
list($user, $null) = explode(".", $a->argv[$argid]);
}
if (is_numeric($user)) {
- $user = dbesc(api_unique_id_to_nurl(intval($user)));
+ $user = DBA::escape(api_unique_id_to_nurl(intval($user)));
if ($user != "") {
$url = $user;
}
}
} else {
- $user = dbesc($user);
+ $user = DBA::escape($user);
$extra_query = "AND `contact`.`nick` = '%s' ";
if (api_user() !== false) {
$extra_query .= "AND `contact`.`uid`=" . intval(api_user());
// if the contact wasn't found, fetch it from the contacts with uid = 0
if (!DBA::isResult($uinfo)) {
- $r = [];
-
- if ($url != "") {
- $r = q("SELECT * FROM `contact` WHERE `uid` = 0 AND `nurl` = '%s' LIMIT 1", dbesc(normalise_link($url)));
+ if ($url == "") {
+ throw new BadRequestException("User not found.");
}
- if (DBA::isResult($r)) {
- $network_name = ContactSelector::networkToName($r[0]['network'], $r[0]['url']);
+ $contact = DBA::selectFirst('contact', [], ['uid' => 0, 'nurl' => normalise_link($url)]);
+
+ if (DBA::isResult($contact)) {
+ $network_name = ContactSelector::networkToName($contact['network'], $contact['url']);
// If no nick where given, extract it from the address
- if (($r[0]['nick'] == "") || ($r[0]['name'] == $r[0]['nick'])) {
- $r[0]['nick'] = api_get_nick($r[0]["url"]);
+ if (($contact['nick'] == "") || ($contact['name'] == $contact['nick'])) {
+ $contact['nick'] = api_get_nick($contact["url"]);
}
$ret = [
- 'id' => $r[0]["id"],
- 'id_str' => (string) $r[0]["id"],
- 'name' => $r[0]["name"],
- 'screen_name' => (($r[0]['nick']) ? $r[0]['nick'] : $r[0]['name']),
- 'location' => ($r[0]["location"] != "") ? $r[0]["location"] : $network_name,
- 'description' => $r[0]["about"],
- 'profile_image_url' => $r[0]["micro"],
- 'profile_image_url_https' => $r[0]["micro"],
- 'profile_image_url_profile_size' => $r[0]["thumb"],
- 'profile_image_url_large' => $r[0]["photo"],
- 'url' => $r[0]["url"],
+ 'id' => $contact["id"],
+ 'id_str' => (string) $contact["id"],
+ 'name' => $contact["name"],
+ 'screen_name' => (($contact['nick']) ? $contact['nick'] : $contact['name']),
+ 'location' => ($contact["location"] != "") ? $contact["location"] : $network_name,
+ 'description' => $contact["about"],
+ 'profile_image_url' => $contact["micro"],
+ 'profile_image_url_https' => $contact["micro"],
+ 'profile_image_url_profile_size' => $contact["thumb"],
+ 'profile_image_url_large' => $contact["photo"],
+ 'url' => $contact["url"],
'protected' => false,
'followers_count' => 0,
'friends_count' => 0,
'listed_count' => 0,
- 'created_at' => api_date($r[0]["created"]),
+ 'created_at' => api_date($contact["created"]),
'favourites_count' => 0,
'utc_offset' => 0,
'time_zone' => 'UTC',
'follow_request_sent' => false,
'statusnet_blocking' => false,
'notifications' => false,
- 'statusnet_profile_url' => $r[0]["url"],
+ 'statusnet_profile_url' => $contact["url"],
'uid' => 0,
- 'cid' => Contact::getIdForURL($r[0]["url"], api_user(), true),
- 'pid' => Contact::getIdForURL($r[0]["url"], 0, true),
+ 'cid' => Contact::getIdForURL($contact["url"], api_user(), true),
+ 'pid' => Contact::getIdForURL($contact["url"], 0, true),
'self' => 0,
- 'network' => $r[0]["network"],
+ 'network' => $contact["network"],
];
return $ret;
if ($uinfo[0]['self']) {
if ($uinfo[0]['network'] == "") {
- $uinfo[0]['network'] = NETWORK_DFRN;
+ $uinfo[0]['network'] = Protocol::DFRN;
}
$usr = DBA::selectFirst('user', ['default-location'], ['uid' => api_user()]);
'contributors_enabled' => false,
'is_translator' => false,
'is_translation_enabled' => false,
- 'following' => (($uinfo[0]['rel'] == CONTACT_IS_FOLLOWER) || ($uinfo[0]['rel'] == CONTACT_IS_FRIEND)),
+ 'following' => (($uinfo[0]['rel'] == Contact::FOLLOWER) || ($uinfo[0]['rel'] == Contact::FRIEND)),
'follow_request_sent' => false,
'statusnet_blocking' => false,
'notifications' => false,
$userlist = [];
if (x($_GET, 'q')) {
- $r = q("SELECT id FROM `contact` WHERE `uid` = 0 AND `name` = '%s'", dbesc($_GET["q"]));
+ $r = q("SELECT id FROM `contact` WHERE `uid` = 0 AND `name` = '%s'", DBA::escape($_GET["q"]));
if (!DBA::isResult($r)) {
- $r = q("SELECT `id` FROM `contact` WHERE `uid` = 0 AND `nick` = '%s'", dbesc($_GET["q"]));
+ $r = q("SELECT `id` FROM `contact` WHERE `uid` = 0 AND `nick` = '%s'", DBA::escape($_GET["q"]));
}
if (DBA::isResult($r)) {
preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images);
foreach ($images[1] as $image) {
- $replace = proxy_url($image);
+ $replace = ProxyUtils::proxifyUrl($image);
$text = str_replace($image, $replace, $text);
}
return [];
// If image cache is activated, then use the following sizes:
// thumb (150), small (340), medium (600) and large (1024)
if (!Config::get("system", "proxy_disabled")) {
- $media_url = proxy_url($url);
+ $media_url = ProxyUtils::proxifyUrl($url);
$sizes = [];
$scale = Image::getScalingDimensions($image[0], $image[1], 150);
'favorited' => $item['starred'] ? true : false,
'user' => $status_user ,
'friendica_owner' => $owner_user,
+ 'friendica_private' => $item['private'] == 1,
//'entities' => NULL,
'statusnet_html' => $converted["html"],
'statusnet_conversation_id' => $item['parent'],
$sql_extra = '';
if ($qtype == 'friends') {
- $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND));
+ $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(Contact::SHARING), intval(Contact::FRIEND));
} elseif ($qtype == 'followers') {
- $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_FOLLOWER), intval(CONTACT_IS_FRIEND));
+ $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(Contact::FOLLOWER), intval(Contact::FRIEND));
}
// friends and followers only for self
$r = q(
"SELECT `id`, `nurl`, `network` FROM `contact` WHERE `uid`=%d AND `nick`='%s'",
intval(api_user()),
- dbesc($_POST['screen_name'])
+ DBA::escape($_POST['screen_name'])
);
if (DBA::isResult($r)) {
}
// add parent-uri to sql command if specified by calling app
- $sql_extra = ($parenturi != "" ? " AND `parent-uri` = '" . dbesc($parenturi) . "'" : "");
+ $sql_extra = ($parenturi != "" ? " AND `parent-uri` = '" . DBA::escape($parenturi) . "'" : "");
// get data of the specified message id
$r = q(
// filters
if ($box=="sentbox") {
- $sql_extra = "`mail`.`from-url`='" . dbesc($profile_url) . "'";
+ $sql_extra = "`mail`.`from-url`='" . DBA::escape($profile_url) . "'";
} elseif ($box == "conversation") {
- $sql_extra = "`mail`.`parent-uri`='" . dbesc(defaults($_GET, 'uri', '')) . "'";
+ $sql_extra = "`mail`.`parent-uri`='" . DBA::escape(defaults($_GET, 'uri', '')) . "'";
} elseif ($box == "all") {
$sql_extra = "true";
} elseif ($box == "inbox") {
- $sql_extra = "`mail`.`from-url`!='" . dbesc($profile_url) . "'";
+ $sql_extra = "`mail`.`from-url`!='" . DBA::escape($profile_url) . "'";
}
if ($max_id > 0) {
if ($user_id != "") {
$sql_extra .= ' AND `mail`.`contact-id` = ' . intval($user_id);
} elseif ($screen_name !="") {
- $sql_extra .= " AND `contact`.`nick` = '" . dbesc($screen_name). "'";
+ $sql_extra .= " AND `contact`.`nick` = '" . DBA::escape($screen_name). "'";
}
$r = q(
$r = q(
"SELECT DISTINCT `resource-id` FROM `photo` WHERE `uid` = %d AND `album` = '%s'",
intval(api_user()),
- dbesc($album)
+ DBA::escape($album)
);
if (!DBA::isResult($r)) {
throw new BadRequestException("album not available");
$r = q(
"SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' AND `album` = '%s'",
intval(api_user()),
- dbesc($photo_id),
- dbesc($album)
+ DBA::escape($photo_id),
+ DBA::escape($album)
);
if (!DBA::isResult($r)) {
throw new BadRequestException("photo not available");
$sql_extra,
DateTimeFormat::utcNow(), // update edited timestamp
intval(api_user()),
- dbesc($photo_id),
- dbesc($album)
+ DBA::escape($photo_id),
+ DBA::escape($album)
);
} else {
$nothingtodo = true;
$r = q(
"SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'",
intval(api_user()),
- dbesc($photo_id)
+ DBA::escape($photo_id)
);
if (!DBA::isResult($r)) {
throw new BadRequestException("photo not available");
foreach ($cid_array as $cid) {
$cid = str_replace("<", "", $cid);
$cid = str_replace(">", "", $cid);
- $contact = q(
- "SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d",
- intval($cid),
- intval(api_user())
- );
- $contact_not_found |= !DBA::isResult($contact);
+ $condition = ['id' => $cid, 'uid' => api_user()];
+ $contact_not_found |= !DBA::exists('contact', $condition);
}
return $contact_not_found;
}
{
// get data about the api authenticated user
$uri = Item::newURI(intval(api_user()));
- $owner_record = q("SELECT * FROM `contact` WHERE `uid`= %d AND `self` LIMIT 1", intval(api_user()));
+ $owner_record = DBA::selectFirst('contact', [], ['uid' => api_user(), 'self' => true]);
$arr = [];
$arr['guid'] = System::createGUID(32);
$arr['type'] = 'photo';
$arr['wall'] = 1;
$arr['resource-id'] = $hash;
- $arr['contact-id'] = $owner_record[0]['id'];
- $arr['owner-name'] = $owner_record[0]['name'];
- $arr['owner-link'] = $owner_record[0]['url'];
- $arr['owner-avatar'] = $owner_record[0]['thumb'];
- $arr['author-name'] = $owner_record[0]['name'];
- $arr['author-link'] = $owner_record[0]['url'];
- $arr['author-avatar'] = $owner_record[0]['thumb'];
+ $arr['contact-id'] = $owner_record['id'];
+ $arr['owner-name'] = $owner_record['name'];
+ $arr['owner-link'] = $owner_record['url'];
+ $arr['owner-avatar'] = $owner_record['thumb'];
+ $arr['author-name'] = $owner_record['name'];
+ $arr['author-link'] = $owner_record['url'];
+ $arr['author-avatar'] = $owner_record['thumb'];
$arr['title'] = "";
$arr['allow_cid'] = $allow_cid;
$arr['allow_gid'] = $allow_gid;
];
// adds link to the thumbnail scale photo
- $arr['body'] = '[url=' . System::baseUrl() . '/photos/' . $owner_record[0]['nick'] . '/image/' . $hash . ']'
+ $arr['body'] = '[url=' . System::baseUrl() . '/photos/' . $owner_record['nick'] . '/image/' . $hash . ']'
. '[img]' . System::baseUrl() . '/photo/' . $hash . '-' . "2" . '.'. $typetoext[$filetype] . '[/img]'
. '[/url]';
FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' %s GROUP BY `resource-id`",
$data_sql,
intval(local_user()),
- dbesc($photo_id),
+ DBA::escape($photo_id),
$scale_sql
);
$contact = DBA::selectFirst('contact', [], ['uid' => api_user(), 'nurl' => $c_url]);
- if (!DBA::isResult($contact) || ($contact['network'] !== NETWORK_DFRN)) {
+ if (!DBA::isResult($contact) || ($contact['network'] !== Protocol::DFRN)) {
throw new BadRequestException("Unknown contact");
}
$r = q(
"SELECT `nick` FROM `contact` WHERE `uid` = 0 AND `nurl` = '%s'",
- dbesc(normalise_link($profile))
+ DBA::escape(normalise_link($profile))
);
if (DBA::isResult($r)) {
if (!$nick == "") {
$r = q(
"SELECT `nick` FROM `contact` WHERE `uid` = 0 AND `nurl` = '%s'",
- dbesc(normalise_link($profile))
+ DBA::escape(normalise_link($profile))
);
if (DBA::isResult($r)) {
"SELECT * FROM `group` WHERE `uid` = %d AND `id` = %d AND `name` = '%s'",
intval($uid),
intval($gid),
- dbesc($name)
+ DBA::escape($name)
);
// error message if specified gid is not in database
if (!DBA::isResult($rname)) {
$rname = q(
"SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' AND `deleted` = 0",
intval($uid),
- dbesc($name)
+ DBA::escape($name)
);
// error message if specified group name already exists
if (DBA::isResult($rname)) {
$rname = q(
"SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' AND `deleted` = 1",
intval($uid),
- dbesc($name)
+ DBA::escape($name)
);
// error message if specified group name already exists
if (DBA::isResult($rname)) {
if ($note['otype']=='item') {
// would be really better with an ItemsManager and $im->getByID() :-P
$item = Item::selectFirstForUser(api_user(), [], ['id' => $note['iid'], 'uid' => api_user()]);
- if (DBA::isResult($$item)) {
+ if (DBA::isResult($item)) {
// we found the item, return it to the user
$ret = api_format_items([$item], $user_info, false, $type);
$data = ['status' => $ret];
$r = q(
"SELECT `mail`.*, `contact`.`nurl` AS `contact-url` FROM `mail`,`contact` WHERE `mail`.`contact-id` = `contact`.`id` AND `mail`.`uid`=%d AND `body` LIKE '%s' ORDER BY `mail`.`id` DESC",
intval($uid),
- dbesc('%'.$searchstring.'%')
+ DBA::escape('%'.$searchstring.'%')
);
$profile_url = $user_info["url"];
$nurls = q(
"SELECT `id`, `nurl` FROM `contact` WHERE `uid`= %d AND `profile-id` = %d",
intval(api_user()),
- intval($rr['profile_id'])
+ intval($rr['id'])
);
foreach ($nurls as $nurl) {
}
// return settings, authenticated user and profiles data
- $self = q("SELECT `nurl` FROM `contact` WHERE `uid`= %d AND `self` LIMIT 1", intval(api_user()));
+ $self = DBA::selectFirst('contact', ['nurl'], ['uid' => api_user(), 'self' => true]);
$result = ['multi_profiles' => $multi_profiles ? true : false,
'global_dir' => $directory,
- 'friendica_owner' => api_get_user($a, $self[0]['nurl']),
+ 'friendica_owner' => api_get_user($a, $self['nurl']),
'profiles' => $profiles];
return api_format_data("friendica_profiles", $type, ['$result' => $result]);
}
projects / friendica.git / blobdiff