]> git.mxchange.org Git - friendica.git/blobdiff - mod/profile_photo.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #5967 from annando/ap-nick
[friendica.git] / mod / profile_photo.php
diff --git a/mod/profile_photo.php b/mod/profile_photo.php
index 4565f6e23a0389bc29570dc5228b37ec69f99aa1..5fdff41e8c6b6d54820f5a45bac9279197032c69 100644 (file)
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@@ -4,15 +4,17 @@
  */
 
 use Friendica\App;
+use Friendica\BaseModule;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
 use Friendica\Core\System;
 use Friendica\Core\Worker;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
 use Friendica\Model\Contact;
 use Friendica\Model\Photo;
 use Friendica\Model\Profile;
 use Friendica\Object\Image;
+use Friendica\Util\Security;
 
 function profile_photo_init(App $a)
 {
@@ -30,7 +32,7 @@ function profile_photo_post(App $a)
                return;
        }
 
-       check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
+       BaseModule::checkFormSecurityTokenRedirectOnError('/profile_photo', 'profile_photo');
 
        if (!empty($_POST['cropfinal']) && $_POST['cropfinal'] == 1) {
 
@@ -42,7 +44,7 @@ function profile_photo_post(App $a)
                                intval(local_user())
                        );
 
-                       if (DBM::is_result($r) && (!intval($r[0]['is-default']))) {
+                       if (DBA::isResult($r) && (!intval($r[0]['is-default']))) {
                                $is_default_profile = 0;
                        }
                }
@@ -69,12 +71,11 @@ function profile_photo_post(App $a)
                $srcW = $_POST['xfinal'] - $srcX;
                $srcH = $_POST['yfinal'] - $srcY;
 
-               $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", dbesc($image_id),
-                       dbesc(local_user()), intval($scale));
+               $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", DBA::escape($image_id),
+                       DBA::escape(local_user()), intval($scale));
 
                $url = System::baseUrl() . '/profile/' . $a->user['nickname'];
-               if (DBM::is_result($r)) {
-
+               if (DBA::isResult($r)) {
                        $base_image = $r[0];
 
                        $Image = new Image($base_image['data'], $base_image['type']);
@@ -110,12 +111,12 @@ function profile_photo_post(App $a)
 
                                if ($is_default_profile) {
                                        $r = q("UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d",
-                                               dbesc($base_image['resource-id']), intval(local_user())
+                                               DBA::escape($base_image['resource-id']), intval(local_user())
                                        );
                                } else {
                                        $r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d",
-                                               dbesc(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-4.' . $Image->getExt()),
-                                               dbesc(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-5.' . $Image->getExt()),
+                                               DBA::escape(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-4.' . $Image->getExt()),
+                                               DBA::escape(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-5.' . $Image->getExt()),
                                                intval($_REQUEST['profile']), intval(local_user())
                                        );
                                }
@@ -187,15 +188,15 @@ function profile_photo_content(App $a)
        $imagecrop = [];
 
        if (isset($a->argv[1]) && $a->argv[1] == 'use' && $a->argc >= 3) {
-               // check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
+               // BaseModule::checkFormSecurityTokenRedirectOnError('/profile_photo', 'profile_photo');
 
                $resource_id = $a->argv[2];
                //die(":".local_user());
                $r = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' ORDER BY `scale` ASC", intval(local_user()),
-                       dbesc($resource_id)
+                       DBA::escape($resource_id)
                );
 
-               if (!DBM::is_result($r)) {
+               if (!DBA::isResult($r)) {
                        notice(L10n::t('Permission denied.') . EOL);
                        return;
                }
@@ -213,7 +214,7 @@ function profile_photo_content(App $a)
                        $r = q("UPDATE `photo` SET `profile`=0 WHERE `profile`=1 AND `uid`=%d", intval(local_user()));
 
                        $r = q("UPDATE `photo` SET `profile`=1 WHERE `uid` = %d AND `resource-id` = '%s'", intval(local_user()),
-                               dbesc($resource_id)
+                               DBA::escape($resource_id)
                        );
 
                        Contact::updateSelfFromUserID(local_user(), true);
@@ -247,7 +248,7 @@ function profile_photo_content(App $a)
                        '$title' => L10n::t('Upload Profile Photo'),
                        '$submit' => L10n::t('Upload'),
                        '$profiles' => $profiles,
-                       '$form_security_token' => get_form_security_token("profile_photo"),
+                       '$form_security_token' => BaseModule::getFormSecurityToken("profile_photo"),
                        '$select' => sprintf('%s %s', L10n::t('or'),
                                ($newuser) ? '<a href="' . System::baseUrl() . '">' . L10n::t('skip this step') . '</a>' : '<a href="' . System::baseUrl() . '/photos/' . $a->user['nickname'] . '">' . L10n::t('select a photo from your photo albums') . '</a>')
                ]);
@@ -264,7 +265,7 @@ function profile_photo_content(App $a)
                        '$image_url' => System::baseUrl() . '/photo/' . $filename,
                        '$title'     => L10n::t('Crop Image'),
                        '$desc'      => L10n::t('Please adjust the image cropping for optimum viewing.'),
-                       '$form_security_token' => get_form_security_token("profile_photo"),
+                       '$form_security_token' => BaseModule::getFormSecurityToken("profile_photo"),
                        '$done'      => L10n::t('Done Editing')
                ]);
                return $o;
@@ -318,7 +319,6 @@ function profile_photo_crop_ui_head(App $a, Image $image)
        }
 
        $a->page['htmlhead'] .= replace_macros(get_markup_template("crophead.tpl"), []);
-       $a->page['end'] .= replace_macros(get_markup_template("cropend.tpl"), []);
 
        $imagecrop = [
                'hash'       => $hash,
Unnamed repository; edit this file 'description' to name the repository.