return;
$which = $a->user['nickname'];
- $profile = $a->argv[1];
+ $profile = $a->argv[1];
profile_load($a,$which,$profile);
if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
- $r = q("SELECT `id` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `self` = 0
- AND `network` = 'dfrn' AND `id` = %d AND `uid` = %d LIMIT 1",
+ $r = q("SELECT `id` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `self` = 0
+ AND `network` = '%s' AND `id` = %d AND `uid` = %d LIMIT 1",
+ dbesc(NETWORK_DFRN),
intval($a->argv[2]),
intval(local_user())
);
if($change) {
if(in_array($change,$ingroup)) {
- q("UPDATE `contact` SET `profile-id` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ q("UPDATE `contact` SET `profile-id` = 0 WHERE `id` = %d AND `uid` = %d",
intval($change),
intval(local_user())
);
}
else {
- q("UPDATE `contact` SET `profile-id` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ q("UPDATE `contact` SET `profile-id` = %d WHERE `id` = %d AND `uid` = %d",
intval($a->argv[1]),
intval($change),
intval(local_user())
$o .= '<h3>' . t("All Contacts \x28with secure profile access\x29") . '</h3>';
$o .= '</div>';
$o .= '<div id="prof-all-contacts">';
-
- $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `blocked` = 0 and `pending` = 0 and `self` = 0
- AND `network` = 'dfrn' ORDER BY `name` ASC",
- intval(local_user())
+
+ $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `blocked` = 0 and `pending` = 0 and `self` = 0
+ AND `network` = '%s' ORDER BY `name` ASC",
+ intval(local_user()),
+ dbesc(NETWORK_DFRN)
);
if(count($r)) {