use Friendica\Core\ACL;
use Friendica\Core\L10n;
use Friendica\Core\Worker;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
use Friendica\Util\DateTimeFormat;
+use Friendica\Util\Strings;
function fsuggest_post(App $a)
{
intval($contact_id),
intval(local_user())
);
- if (! DBM::is_result($r)) {
+ if (! DBA::isResult($r)) {
notice(L10n::t('Contact not found.') . EOL);
return;
}
$new_contact = intval($_POST['suggest']);
- $hash = random_string();
+ $hash = Strings::getRandomHex();
- $note = escape_tags(trim($_POST['note']));
+ $note = Strings::escapeHtml(trim(defaults($_POST, 'note', '')));
if ($new_contact) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($new_contact),
intval(local_user())
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
$x = q("INSERT INTO `fsuggest` ( `uid`,`cid`,`name`,`url`,`request`,`photo`,`note`,`created`)
VALUES ( %d, %d, '%s','%s','%s','%s','%s','%s')",
intval(local_user()),
intval($contact_id),
- dbesc($r[0]['name']),
- dbesc($r[0]['url']),
- dbesc($r[0]['request']),
- dbesc($r[0]['photo']),
- dbesc($hash),
- dbesc(DateTimeFormat::utcNow())
+ DBA::escape($r[0]['name']),
+ DBA::escape($r[0]['url']),
+ DBA::escape($r[0]['request']),
+ DBA::escape($r[0]['photo']),
+ DBA::escape($hash),
+ DBA::escape(DateTimeFormat::utcNow())
);
$r = q("SELECT `id` FROM `fsuggest` WHERE `note` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($hash),
+ DBA::escape($hash),
intval(local_user())
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
$fsuggest_id = $r[0]['id'];
q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d",
- dbesc($note),
+ DBA::escape($note),
intval($fsuggest_id),
intval(local_user())
);
intval($contact_id),
intval(local_user())
);
- if (! DBM::is_result($r)) {
+ if (! DBA::isResult($r)) {
notice(L10n::t('Contact not found.') . EOL);
return;
}