<?php
/**
+ * @copyright Copyright (C) 2010-2022, the Friendica project
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
* @package Friendica\modules
* @subpackage FileBrowser
* @author Fabio Comuni <fabrixxm@kirgroup.com>
use Friendica\App;
use Friendica\Core\Renderer;
+use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Photo;
*/
function fbrowser_content(App $a)
{
- if (!local_user()) {
- exit();
+ if (!DI::userSession()->getLocalUserId()) {
+ System::exit();
}
if (DI::args()->getArgc() == 1) {
- exit();
+ System::exit();
}
// Needed to match the correct template in a module that uses a different theme than the user/site/default
- $theme = Strings::sanitizeFilePathItem($_GET['theme'] ?? null);
+ $theme = Strings::sanitizeFilePathItem($_GET['theme'] ?? '');
if ($theme && is_file("view/theme/$theme/config.php")) {
$a->setCurrentTheme($theme);
}
$sql_extra = "";
$sql_extra2 = " ORDER BY created DESC LIMIT 0, 10";
- if (DI::args()->getArgc()==2) {
- $photos = q("SELECT distinct(`album`) AS `album` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' ",
- intval(local_user()),
- DBA::escape(Photo::CONTACT_PHOTOS),
- DBA::escape(DI::l10n()->t(Photo::CONTACT_PHOTOS))
- );
+ if (DI::args()->getArgc() == 2) {
+ $photos = DBA::toArray(DBA::p("SELECT distinct(`album`) AS `album` FROM `photo` WHERE `uid` = ? AND NOT `photo-type` IN (?, ?)",
+ DI::userSession()->getLocalUserId(),
+ Photo::CONTACT_AVATAR,
+ Photo::CONTACT_BANNER
+ ));
$albums = array_column($photos, 'album');
}
$path[$album] = $album;
}
- $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`,
+ $r = DBA::toArray(DBA::p("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`,
min(`scale`) AS `hiq`, max(`scale`) AS `loq`, ANY_VALUE(`desc`) AS `desc`, ANY_VALUE(`created`) AS `created`
- FROM `photo` WHERE `uid` = %d $sql_extra AND `album` != '%s' AND `album` != '%s'
+ FROM `photo` WHERE `uid` = ? $sql_extra AND NOT `photo-type` IN (?, ?)
GROUP BY `resource-id` $sql_extra2",
- intval(local_user()),
- DBA::escape(Photo::CONTACT_PHOTOS),
- DBA::escape(DI::l10n()->t(Photo::CONTACT_PHOTOS))
- );
+ DI::userSession()->getLocalUserId(),
+ Photo::CONTACT_AVATAR,
+ Photo::CONTACT_BANNER
+ ));
function _map_files1($rr)
{
$filename_e = $rr['filename'];
// Take the largest picture that is smaller or equal 640 pixels
- $p = q("SELECT `scale` FROM `photo` WHERE `resource-id` = '%s' AND `height` <= 640 AND `width` <= 640 ORDER BY `resource-id`, `scale` LIMIT 1",
- DBA::escape($rr['resource-id']));
- if ($p) {
- $scale = $p[0]["scale"];
- } else {
- $scale = $rr['loq'];
- }
+ $photo = Photo::selectFirst(['scale'], ["`resource-id` = ? AND `height` <= ? AND `width` <= ?", $rr['resource-id'], 640, 640], ['order' => ['scale']]);
+ $scale = $photo['scale'] ?? $rr['loq'];
return [
- DI::baseUrl() . '/photos/' . $a->getUserNickname() . '/image/' . $rr['resource-id'],
+ DI::baseUrl() . '/photos/' . $a->getLoggedInUserNickname() . '/image/' . $rr['resource-id'],
$filename_e,
- DI::baseUrl() . '/photo/' . $rr['resource-id'] . '-' . $scale . '.'. $ext
+ DI::baseUrl() . '/photo/' . $rr['resource-id'] . '-' . $scale . '.'. $ext,
+ $rr['desc']
];
}
$files = array_map("_map_files1", $r);
'$folders' => $albums,
'$files' => $files,
'$cancel' => DI::l10n()->t('Cancel'),
- '$nickname' => $a->getUserNickname(),
+ '$nickname' => $a->getLoggedInUserNickname(),
'$upload' => DI::l10n()->t('Upload')
]);
break;
case "file":
if (DI::args()->getArgc()==2) {
- $files = q("SELECT `id`, `filename`, `filetype` FROM `attach` WHERE `uid` = %d ",
- intval(local_user())
- );
+ $files = DBA::selectToArray('attach', ['id', 'filename', 'filetype'], ['uid' => DI::userSession()->getLocalUserId()]);
function _map_files2($rr)
{
$tpl = Renderer::getMarkupTemplate($template_file);
$o = Renderer::replaceMacros($tpl, [
'$type' => 'file',
- '$path' => [ [ "", DI::l10n()->t("Files")] ],
+ '$path' => ['' => DI::l10n()->t('Files')],
'$folders' => false,
'$files' => $files,
'$cancel' => DI::l10n()->t('Cancel'),
- '$nickname' => $a->getUserNickname(),
+ '$nickname' => $a->getLoggedInUserNickname(),
'$upload' => DI::l10n()->t('Upload')
]);
}
if (!empty($_GET['mode'])) {
return $o;
} else {
- echo $o;
- exit();
+ System::httpExit($o);
}
}