use Friendica\Module\Login;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Proxy as ProxyUtils;
+use Friendica\Util\Strings;
use Friendica\Util\Temporal;
require_once 'include/conversation.php';
return;
}
- $replyto = x($_REQUEST, 'replyto') ? notags(trim($_REQUEST['replyto'])) : '';
- $subject = x($_REQUEST, 'subject') ? notags(trim($_REQUEST['subject'])) : '';
- $body = x($_REQUEST, 'body') ? escape_tags(trim($_REQUEST['body'])) : '';
- $recipient = x($_REQUEST, 'messageto') ? intval($_REQUEST['messageto']) : 0;
+ $replyto = !empty($_REQUEST['replyto']) ? Strings::escapeTags(trim($_REQUEST['replyto'])) : '';
+ $subject = !empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '';
+ $body = !empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
+ $recipient = !empty($_REQUEST['messageto']) ? intval($_REQUEST['messageto']) : 0;
$ret = Mail::send($recipient, $body, $subject, $replyto);
$norecip = false;
if (!DBA::isResult($r)) {
$r = q("SELECT `name`, `url`, `id` FROM `contact` WHERE `uid` = %d AND `nurl` = '%s' LIMIT 1",
intval(local_user()),
- DBA::escape(normalise_link(base64_decode($a->argv[2])))
+ DBA::escape(Strings::normaliseLink(base64_decode($a->argv[2])))
);
}
'$prefill' => $prefill,
'$preid' => $preid,
'$subject' => L10n::t('Subject:'),
- '$subjtxt' => x($_REQUEST, 'subject') ? strip_tags($_REQUEST['subject']) : '',
- '$text' => x($_REQUEST, 'body') ? escape_tags(htmlspecialchars($_REQUEST['body'])) : '',
+ '$subjtxt' => !empty($_REQUEST['subject']) ? strip_tags($_REQUEST['subject']) : '',
+ '$text' => !empty($_REQUEST['body']) ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : '',
'$readonly' => '',
'$yourmessage' => L10n::t('Your message:'),
'$select' => $select,
}
}
-function get_messages($user, $lstart, $lend)
+/**
+ * @param int $uid
+ * @param int $start
+ * @param int $limit
+ * @return array
+ */
+function get_messages($uid, $start, $limit)
{
- //TODO: rewritte with a sub-query to get the first message of each private thread with certainty
- return q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`,
- ANY_VALUE(`mail`.`id`) AS `id`, ANY_VALUE(`mail`.`uid`) AS `uid`, ANY_VALUE(`mail`.`guid`) AS `guid`,
- ANY_VALUE(`mail`.`from-name`) AS `from-name`, ANY_VALUE(`mail`.`from-photo`) AS `from-photo`,
- ANY_VALUE(`mail`.`from-url`) AS `from-url`, ANY_VALUE(`mail`.`contact-id`) AS `contact-id`,
- ANY_VALUE(`mail`.`convid`) AS `convid`, ANY_VALUE(`mail`.`title`) AS `title`, ANY_VALUE(`mail`.`body`) AS `body`,
- ANY_VALUE(`mail`.`seen`) AS `seen`, ANY_VALUE(`mail`.`reply`) AS `reply`, ANY_VALUE(`mail`.`replied`) AS `replied`,
- ANY_VALUE(`mail`.`unknown`) AS `unknown`, ANY_VALUE(`mail`.`uri`) AS `uri`,
- `mail`.`parent-uri`,
- ANY_VALUE(`mail`.`created`) AS `created`, ANY_VALUE(`contact`.`name`) AS `name`, ANY_VALUE(`contact`.`url`) AS `url`,
- ANY_VALUE(`contact`.`thumb`) AS `thumb`, ANY_VALUE(`contact`.`network`) AS `network`,
- count( * ) as `count`
- FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
- WHERE `mail`.`uid` = %d GROUP BY `parent-uri` ORDER BY `mailcreated` DESC LIMIT %d , %d ",
- intval($user), intval($lstart), intval($lend)
- );
+ return DBA::toArray(DBA::p('SELECT
+ m.`id`,
+ m.`uid`,
+ m.`guid`,
+ m.`from-name`,
+ m.`from-photo`,
+ m.`from-url`,
+ m.`contact-id`,
+ m.`convid`,
+ m.`title`,
+ m.`body`,
+ m.`seen`,
+ m.`reply`,
+ m.`replied`,
+ m.`unknown`,
+ m.`uri`,
+ m.`parent-uri`,
+ m.`created`,
+ c.`name`,
+ c.`url`,
+ c.`thumb`,
+ c.`network`,
+ m2.`count`,
+ m2.`mailcreated`,
+ m2.`mailseen`
+ FROM `mail` m
+ JOIN (
+ SELECT
+ `parent-uri`,
+ MIN(`id`) AS `id`,
+ COUNT(*) AS `count`,
+ MAX(`created`) AS `mailcreated`,
+ MIN(`seen`) AS `mailseen`
+ FROM `mail`
+ WHERE `uid` = ?
+ GROUP BY `parent-uri`
+ ) m2 ON m.`parent-uri` = m2.`parent-uri` AND m.`id` = m2.`id`
+ LEFT JOIN `contact` c ON m.`contact-id` = c.`id`
+ WHERE m.`uid` = ?
+ ORDER BY m2.`mailcreated` DESC
+ LIMIT ?, ?'
+ , $uid, $uid, $start, $limit));
}
function render_messages(array $msg, $t)
foreach ($msg as $rr) {
if ($rr['unknown']) {
$participants = L10n::t("Unknown sender - %s", $rr['from-name']);
- } elseif (link_compare($rr['from-url'], $myprofile)) {
+ } elseif (Strings::compareLink($rr['from-url'], $myprofile)) {
$participants = L10n::t("You and %s", $rr['name']);
} else {
$participants = L10n::t("%s and You", $rr['from-name']);
projects / friendica.git / blobdiff