]> git.mxchange.org Git - friendica.git/blobdiff - mod/dfrn_notify.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[vier] Add missing addeditortext() JS function in compose private message page
[friendica.git] / mod / dfrn_notify.php
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 7a128f0d2d5761419011dad9e9ab08e04773564c..d2250720a56a3e021543c4bc95b5b5e6f30e6724 100644 (file)
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -27,7 +27,7 @@ function dfrn_notify_post(App $a) {
                        $nick = defaults($a->argv, 1, '');
 
                        $user = DBA::selectFirst('user', [], ['nickname' => $nick, 'account_expired' => false, 'account_removed' => false]);
-                       if (!DBA::is_result($user)) {
+                       if (!DBA::isResult($user)) {
                                System::httpExit(500);
                        }
                        dfrn_dispatch_private($user, $postdata);
@@ -74,13 +74,13 @@ function dfrn_notify_post(App $a) {
        $sql_extra = '';
        switch ($direction) {
                case (-1):
-                       $sql_extra = sprintf(" AND ( `issued-id` = '%s' OR `dfrn-id` = '%s' ) ", dbesc($dfrn_id), dbesc($dfrn_id));
+                       $sql_extra = sprintf(" AND ( `issued-id` = '%s' OR `dfrn-id` = '%s' ) ", DBA::escape($dfrn_id), DBA::escape($dfrn_id));
                        break;
                case 0:
-                       $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
+                       $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", DBA::escape($dfrn_id));
                        break;
                case 1:
-                       $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
+                       $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", DBA::escape($dfrn_id));
                        break;
                default:
                        System::xmlExit(3, 'Invalid direction');
@@ -104,10 +104,10 @@ function dfrn_notify_post(App $a) {
                        LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
                        WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0
                                AND `user`.`nickname` = '%s' AND `user`.`account_expired` = 0 AND `user`.`account_removed` = 0 $sql_extra LIMIT 1",
-               dbesc($a->argv[1])
+               DBA::escape($a->argv[1])
        );
 
-       if (!DBA::is_result($r)) {
+       if (!DBA::isResult($r)) {
                logger('contact not found for dfrn_id ' . $dfrn_id);
                System::xmlExit(3, 'Contact not found');
                //NOTREACHED
@@ -212,15 +212,22 @@ function dfrn_dispatch_public($postdata)
        }
 
        // We now have some contact, so we fetch it
-       $importer = DBA::fetchFirst("SELECT *, `name` as `senderName`
+       $importer = DBA::fetchFirst("SELECT *, `name` as `senderName`,
+                                       0 AS `importer_uid`,
+                                       '' AS `uprvkey`,
+                                       'UTC' AS `timezone`,
+                                       '' AS `nickname`,
+                                       '' AS `sprvkey`,
+                                       '' AS `spubkey`,
+                                       0 AS `page-flags`,
+                                       0 AS `account-type`,
+                                       0 AS `prvnets`
                                        FROM `contact`
                                        WHERE NOT `blocked` AND `id` = ? LIMIT 1",
                                        $contact['id']);
 
-       $importer['importer_uid']  = 0;
-
        // This should never fail
-       if (!DBA::is_result($importer)) {
+       if (!DBA::isResult($importer)) {
                logger('Contact not found for address ' . $msg['author']);
                System::xmlExit(3, 'Contact ' . $msg['author'] . ' not found');
        }
@@ -257,7 +264,7 @@ function dfrn_dispatch_private($user, $postdata)
                                        $cid);
 
        // This should never fail
-       if (!DBA::is_result($importer)) {
+       if (!DBA::isResult($importer)) {
                logger('Contact not found for address ' . $msg['author']);
                System::xmlExit(3, 'Contact ' . $msg['author'] . ' not found');
        }
@@ -312,15 +319,15 @@ function dfrn_notify_content(App $a) {
                $sql_extra = '';
                switch($direction) {
                        case (-1):
-                               $sql_extra = sprintf(" AND (`issued-id` = '%s' OR `dfrn-id` = '%s') ", dbesc($dfrn_id), dbesc($dfrn_id));
+                               $sql_extra = sprintf(" AND (`issued-id` = '%s' OR `dfrn-id` = '%s') ", DBA::escape($dfrn_id), DBA::escape($dfrn_id));
                                $my_id = $dfrn_id;
                                break;
                        case 0:
-                               $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
+                               $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", DBA::escape($dfrn_id));
                                $my_id = '1:' . $dfrn_id;
                                break;
                        case 1:
-                               $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
+                               $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", DBA::escape($dfrn_id));
                                $my_id = '0:' . $dfrn_id;
                                break;
                        default:
@@ -331,10 +338,10 @@ function dfrn_notify_content(App $a) {
                $r = q("SELECT `contact`.*, `user`.`nickname`, `user`.`page-flags` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
                                WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s'
                                AND `user`.`account_expired` = 0 AND `user`.`account_removed` = 0 $sql_extra LIMIT 1",
-                               dbesc($a->argv[1])
+                               DBA::escape($a->argv[1])
                );
 
-               if (!DBA::is_result($r)) {
+               if (!DBA::isResult($r)) {
                        logger('No user data found for ' . $a->argv[1] . ' - SQL: ' . $sql_extra);
                        killme();
                }
@@ -375,7 +382,7 @@ function dfrn_notify_content(App $a) {
                        $rino = $rino_remote;
                }
 
-               if (($r[0]['rel'] && ($r[0]['rel'] != CONTACT_IS_SHARING)) || ($r[0]['page-flags'] == PAGE_COMMUNITY)) {
+               if (($r[0]['rel'] && ($r[0]['rel'] != Contact::SHARING)) || ($r[0]['page-flags'] == Contact::PAGE_COMMUNITY)) {
                        $perm = 'rw';
                } else {
                        $perm = 'r';
Unnamed repository; edit this file 'description' to name the repository.