*/
namespace Friendica\Protocol;
+use DOMDocument;
+use DOMXPath;
use Friendica\App;
use Friendica\Content\OEmbed;
use Friendica\Content\Text\BBCode;
use Friendica\Core\Config;
use Friendica\Core\L10n;
use Friendica\Core\System;
-use Friendica\Core\Worker;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Model\Event;
use Friendica\Model\GContact;
use Friendica\Model\Group;
use Friendica\Model\Item;
use Friendica\Model\Profile;
+use Friendica\Model\PermissionSet;
use Friendica\Model\User;
use Friendica\Object\Image;
-use Friendica\Protocol\OStatus;
use Friendica\Util\Crypto;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network;
use Friendica\Util\XML;
-use Friendica\Protocol\Diaspora;
-use dba;
-use DOMDocument;
-use DOMXPath;
use HTMLPurifier;
use HTMLPurifier_Config;
}
foreach ($items as $item) {
+ // These values aren't sent when sending from the queue.
+ /// @todo Check if we can set these values from the queue or if they are needed at all.
+ $item["entry:comment-allow"] = defaults($item, "entry:comment-allow", true);
+ $item["entry:cid"] = defaults($item, "entry:cid", 0);
+
$entry = self::entry($doc, "text", $item, $owner, $item["entry:comment-allow"], $item["entry:cid"]);
$root->appendChild($entry);
}
// default permissions - anonymous user
- $sql_extra = " AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' ";
+ $sql_extra = " AND NOT `item`.`private` ";
$r = q(
"SELECT `contact`.*, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`, `user`.`account-type`
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
WHERE `contact`.`self` AND `user`.`nickname` = '%s' LIMIT 1",
- dbesc($owner_nick)
+ DBA::escape($owner_nick)
);
- if (! DBM::is_result($r)) {
+ if (! DBA::isResult($r)) {
logger(sprintf('No contact found for nickname=%d', $owner_nick), LOGGER_WARNING);
killme();
}
$sql_extra = '';
switch ($direction) {
case (-1):
- $sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
+ $sql_extra = sprintf(" AND `issued-id` = '%s' ", DBA::escape($dfrn_id));
$my_id = $dfrn_id;
break;
case 0:
- $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
+ $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", DBA::escape($dfrn_id));
$my_id = '1:' . $dfrn_id;
break;
case 1:
- $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
+ $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", DBA::escape($dfrn_id));
$my_id = '0:' . $dfrn_id;
break;
default:
intval($owner_id)
);
- if (! DBM::is_result($r)) {
+ if (! DBA::isResult($r)) {
logger(sprintf('No contact found for uid=%d', $owner_id), LOGGER_WARNING);
killme();
}
$contact = $r[0];
include_once 'include/security.php';
- $groups = Group::getIdsByContactId($contact['id']);
- if (count($groups)) {
- for ($x = 0; $x < count($groups); $x ++) {
- $groups[$x] = '<' . intval($groups[$x]) . '>' ;
- }
+ $set = PermissionSet::get($owner_id, $contact['id']);
- $gs = implode('|', $groups);
+ if (!empty($set)) {
+ $sql_extra = " AND `item`.`psid` IN (" . implode(',', $set) .")";
} else {
- $gs = '<<>>' ; // Impossible to match
- }
-
- $sql_extra = sprintf(
- "
- AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' )
- AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' )
- AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
- AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s')
- ",
- intval($contact['id']),
- intval($contact['id']),
- dbesc($gs),
- dbesc($gs)
- );
+ $sql_extra = " AND NOT `item`.`private`";
+ }
}
if ($public_feed) {
if (isset($category)) {
$sql_post_table = sprintf(
"INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
- dbesc(protect_sprintf($category)),
+ DBA::escape(protect_sprintf($category)),
intval(TERM_OBJ_POST),
intval(TERM_CATEGORY),
intval($owner_id)
$sql_extra
ORDER BY `item`.`parent` ".$sort.", `item`.`created` ASC LIMIT 0, 300",
intval($owner_id),
- dbesc($check_date),
- dbesc($sort)
+ DBA::escape($check_date),
+ DBA::escape($sort)
);
$ids = [];
if (!empty($ids)) {
$ret = Item::select(Item::DELIVER_FIELDLIST, ['id' => $ids]);
- $items = dba::inArray($ret);
+ $items = Item::inArray($ret);
} else {
$items = [];
}
/// @TODO This hook can't work anymore
// Addon::callHooks('atom_feed', $atom);
- if (!DBM::is_result($items) || $onlyheader) {
+ if (!DBA::isResult($items) || $onlyheader) {
$atom = trim($doc->saveXML());
Addon::callHooks('atom_feed_end', $atom);
}
$ret = Item::select(Item::DELIVER_FIELDLIST, $condition);
- $items = dba::inArray($ret);
- if (!DBM::is_result($items)) {
+ $items = Item::inArray($ret);
+ if (!DBA::isResult($items)) {
killme();
}
}
// For backward compatibility we keep this element
- if ($owner['page-flags'] == PAGE_COMMUNITY) {
+ if ($owner['page-flags'] == Contact::PAGE_COMMUNITY) {
XML::addElement($doc, $root, "dfrn:community", 1);
}
// The former element is replaced by this one
XML::addElement($doc, $root, "dfrn:account_type", $owner["account-type"]);
- /// @todo We need a way to transmit the different page flags like "PAGE_PRVGROUP"
+ /// @todo We need a way to transmit the different page flags like "Contact::PAGE_PRVGROUP"
XML::addElement($doc, $root, "updated", DateTimeFormat::utcNow(DateTimeFormat::ATOM));
WHERE (`hidewall` OR NOT `net-publish`) AND `user`.`uid` = %d",
intval($owner['uid'])
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
$hidewall = true;
} else {
$hidewall = false;
WHERE `profile`.`is-default` AND NOT `user`.`hidewall` AND `user`.`uid` = %d",
intval($owner['uid'])
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
$profile = $r[0];
XML::addElement($doc, $author, "poco:displayName", $profile["name"]);
$entry->setAttribute("xmlns:statusnet", NAMESPACE_STATUSNET);
}
- if ($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid']) {
+ if ($item['private']) {
$body = Item::fixPrivatePhotos($item['body'], $owner['uid'], $item, $cid);
} else {
$body = $item['body'];
if (($item['parent'] != $item['id']) || ($item['parent-uri'] !== $item['uri']) || (($item['thr-parent'] !== '') && ($item['thr-parent'] !== $item['uri']))) {
$parent_item = (($item['thr-parent']) ? $item['thr-parent'] : $item['parent-uri']);
- $parent = Item::selectFirst(['guid','plink'], ['uri' => $parent_item, 'uid' => $item['uid']]);
+ $parent = Item::selectFirst(['guid', 'plink'], ['uri' => $parent_item, 'uid' => $item['uid']]);
$attributes = ["ref" => $parent_item, "type" => "text/html",
"href" => $parent['plink'],
"dfrn:diaspora_guid" => $parent['guid']];
$conversation_uri = $conversation_href;
if (isset($parent_item)) {
- $conversation = dba::selectFirst('conversation', ['conversation-uri', 'conversation-href'], ['item-uri' => $item['parent-uri']]);
- if (DBM::is_result($conversation)) {
- if ($r['conversation-uri'] != '') {
+ $conversation = DBA::selectFirst('conversation', ['conversation-uri', 'conversation-href'], ['item-uri' => $item['parent-uri']]);
+ if (DBA::isResult($conversation)) {
+ if ($conversation['conversation-uri'] != '') {
$conversation_uri = $conversation['conversation-uri'];
}
- if ($r['conversation-href'] != '') {
+ if ($conversation['conversation-href'] != '') {
$conversation_href = $conversation['conversation-href'];
}
}
XML::addElement($doc, $entry, "georss:point", $item['coord']);
}
- if (($item['private']) || strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) {
- XML::addElement($doc, $entry, "dfrn:private", (($item['private']) ? $item['private'] : 1));
+ if ($item['private']) {
+ XML::addElement($doc, $entry, "dfrn:private", ($item['private'] ? $item['private'] : 1));
}
if ($item['extid']) {
XML::addElement($doc, $entry, "dfrn:extid", $item['extid']);
}
- if ($item['bookmark']) {
+ if ($item['post-type'] == Item::PT_PAGE) {
XML::addElement($doc, $entry, "dfrn:bookmark", "true");
}
$r = q(
"SELECT `forum`, `prv` FROM `contact` WHERE `uid` = %d AND `nurl` = '%s'",
intval($owner["uid"]),
- dbesc(normalise_link($mention))
+ DBA::escape(normalise_link($mention))
);
- if (DBM::is_result($r) && ($r[0]["forum"] || $r[0]["prv"])) {
+ if (DBA::isResult($r) && ($r[0]["forum"] || $r[0]["prv"])) {
XML::addElement(
$doc,
$entry,
$ret = Network::curl($url);
- if ($ret['errno'] == CURLE_OPERATION_TIMEDOUT) {
+ if (!empty($ret["errno"]) && ($ret['errno'] == CURLE_OPERATION_TIMEDOUT)) {
Contact::markForArchival($contact);
return -2; // timed out
}
$res = XML::parseString($xml);
- if ((intval($res->status) != 0) || !strlen($res->challenge) || !strlen($res->dfrn_id)) {
+ if (!is_object($res) || (intval($res->status) != 0) || !strlen($res->challenge) || !strlen($res->dfrn_id)) {
Contact::markForArchival($contact);
- return ($res->status ? $res->status : 3);
+
+ if (empty($res->status)) {
+ $status = 3;
+ } else {
+ $status = $res->status;
+ }
+
+ return $status;
}
$postvars = [];
$perm = (($res->perm) ? $res->perm : null);
$dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
$rino_remote_version = intval($res->rino);
- $page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
+ $page = (($owner['page-flags'] == Contact::PAGE_COMMUNITY) ? 1 : 0);
logger("Remote rino version: ".$rino_remote_version." for ".$contact["url"], LOGGER_DEBUG);
- if ($owner['page-flags'] == PAGE_PRVGROUP) {
+ if ($owner['page-flags'] == Contact::PAGE_PRVGROUP) {
$page = 2;
}
}
if (($contact['duplex'] && strlen($contact['pubkey']))
- || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))
- || ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))
+ || ($owner['page-flags'] == Contact::PAGE_COMMUNITY && strlen($contact['pubkey']))
+ || ($contact['rel'] == Contact::SHARING && strlen($contact['pubkey']))
) {
openssl_public_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['pubkey']);
openssl_public_decrypt($challenge, $postvars['challenge'], $contact['pubkey']);
$postvars['dissolve'] = '1';
}
- if ((($contact['rel']) && ($contact['rel'] != CONTACT_IS_SHARING) && (! $contact['blocked'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
+ if ((($contact['rel']) && ($contact['rel'] != Contact::SHARING) && (! $contact['blocked'])) || ($owner['page-flags'] == Contact::PAGE_COMMUNITY)) {
$postvars['data'] = $atom;
$postvars['perm'] = 'rw';
} else {
if ($dfrn_version >= 2.1) {
if (($contact['duplex'] && strlen($contact['pubkey']))
- || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))
- || ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))
+ || ($owner['page-flags'] == Contact::PAGE_COMMUNITY && strlen($contact['pubkey']))
+ || ($contact['rel'] == Contact::SHARING && strlen($contact['pubkey']))
) {
openssl_public_encrypt($key, $postvars['key'], $contact['pubkey']);
} else {
openssl_private_encrypt($key, $postvars['key'], $contact['prvkey']);
}
} else {
- if (($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
+ if (($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == Contact::PAGE_COMMUNITY)) {
openssl_private_encrypt($key, $postvars['key'], $contact['prvkey']);
} else {
openssl_public_encrypt($key, $postvars['key'], $contact['pubkey']);
if (empty($contact['addr'])) {
logger('Empty contact handle for ' . $contact['id'] . ' - ' . $contact['url'] . ' - trying to update it.');
if (Contact::updateFromProbe($contact['id'])) {
- $new_contact = dba::selectFirst('contact', ['addr'], ['id' => $contact['id']]);
+ $new_contact = DBA::selectFirst('contact', ['addr'], ['id' => $contact['id']]);
$contact['addr'] = $new_contact['addr'];
}
"SELECT `id` FROM `event` WHERE `uid` = %d AND `cid` = %d AND `start` = '%s' AND `type` = '%s' LIMIT 1",
intval($contact['uid']),
intval($contact['id']),
- dbesc(DateTimeFormat::utc($birthday)),
- dbesc('birthday')
+ DBA::escape(DateTimeFormat::utc($birthday)),
+ DBA::escape('birthday')
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
return;
}
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
intval($contact['uid']),
intval($contact['id']),
- dbesc(DateTimeFormat::utcNow()),
- dbesc(DateTimeFormat::utcNow()),
- dbesc(DateTimeFormat::utc($birthday)),
- dbesc(DateTimeFormat::utc($birthday . ' + 1 day ')),
- dbesc($bdtext),
- dbesc($bdtext2),
- dbesc('birthday')
+ DBA::escape(DateTimeFormat::utcNow()),
+ DBA::escape(DateTimeFormat::utcNow()),
+ DBA::escape(DateTimeFormat::utc($birthday)),
+ DBA::escape(DateTimeFormat::utc($birthday . ' + 1 day ')),
+ DBA::escape($bdtext),
+ DBA::escape($bdtext2),
+ DBA::escape('birthday')
);
}
private static function fetchauthor($xpath, $context, $importer, $element, $onlyfetch, $xml = "")
{
$author = [];
- $author["name"] = $xpath->evaluate($element."/atom:name/text()", $context)->item(0)->nodeValue;
- $author["link"] = $xpath->evaluate($element."/atom:uri/text()", $context)->item(0)->nodeValue;
+ $author["name"] = XML::getFirstNodeValue($xpath, $element."/atom:name/text()", $context);
+ $author["link"] = XML::getFirstNodeValue($xpath, $element."/atom:uri/text()", $context);
$fields = ['id', 'uid', 'url', 'network', 'avatar-date', 'avatar', 'name-date', 'uri-date', 'addr',
'name', 'nick', 'about', 'location', 'keywords', 'xmpp', 'bdyear', 'bd', 'hidden', 'contact-type'];
$condition = ["`uid` = ? AND `nurl` = ? AND `network` != ?",
$importer["importer_uid"], normalise_link($author["link"]), NETWORK_STATUSNET];
- $contact_old = dba::selectFirst('contact', $fields, $condition);
+ $contact_old = DBA::selectFirst('contact', $fields, $condition);
- if (DBM::is_result($contact_old)) {
+ if (DBA::isResult($contact_old)) {
$author["contact-id"] = $contact_old["id"];
$author["network"] = $contact_old["network"];
} else {
logger("Contact ".$author["link"]." wasn't found for user ".$importer["importer_uid"]." XML: ".$xml, LOGGER_DEBUG);
}
+ $author["contact-unknown"] = true;
$author["contact-id"] = $importer["id"];
$author["network"] = $importer["network"];
$onlyfetch = true;
$author["avatar"] = current($avatarlist);
}
- if (DBM::is_result($contact_old) && !$onlyfetch) {
+ if (DBA::isResult($contact_old) && !$onlyfetch) {
logger("Check if contact details for contact " . $contact_old["id"] . " (" . $contact_old["nick"] . ") have to be updated.", LOGGER_DEBUG);
$poco = ["url" => $contact_old["url"]];
}
// Update contact data
- $value = $xpath->evaluate($element . "/dfrn:handle/text()", $context)->item(0)->nodeValue;
+ $value = XML::getFirstNodeValue($xpath, $element . "/dfrn:handle/text()", $context);
if ($value != "") {
$poco["addr"] = $value;
}
- $value = $xpath->evaluate($element . "/poco:displayName/text()", $context)->item(0)->nodeValue;
+ $value = XML::getFirstNodeValue($xpath, $element . "/poco:displayName/text()", $context);
if ($value != "") {
$poco["name"] = $value;
}
- $value = $xpath->evaluate($element . "/poco:preferredUsername/text()", $context)->item(0)->nodeValue;
+ $value = XML::getFirstNodeValue($xpath, $element . "/poco:preferredUsername/text()", $context);
if ($value != "") {
$poco["nick"] = $value;
}
- $value = $xpath->evaluate($element . "/poco:note/text()", $context)->item(0)->nodeValue;
+ $value = XML::getFirstNodeValue($xpath, $element . "/poco:note/text()", $context);
if ($value != "") {
$poco["about"] = $value;
}
- $value = $xpath->evaluate($element . "/poco:address/poco:formatted/text()", $context)->item(0)->nodeValue;
+ $value = XML::getFirstNodeValue($xpath, $element . "/poco:address/poco:formatted/text()", $context);
if ($value != "") {
$poco["location"] = $value;
}
/// @todo Only search for elements with "poco:type" = "xmpp"
- $value = $xpath->evaluate($element . "/poco:ims/poco:value/text()", $context)->item(0)->nodeValue;
+ $value = XML::getFirstNodeValue($xpath, $element . "/poco:ims/poco:value/text()", $context);
if ($value != "") {
$poco["xmpp"] = $value;
}
/// - poco:country
// If the "hide" element is present then the profile isn't searchable.
- $hide = intval($xpath->evaluate($element . "/dfrn:hide/text()", $context)->item(0)->nodeValue == "true");
+ $hide = intval(XML::getFirstNodeValue($xpath, $element . "/dfrn:hide/text()", $context) == "true");
logger("Hidden status for contact " . $contact_old["url"] . ": " . $hide, LOGGER_DEBUG);
}
// "dfrn:birthday" contains the birthday converted to UTC
- $birthday = $xpath->evaluate($element . "/dfrn:birthday/text()", $context)->item(0)->nodeValue;
+ $birthday = XML::getFirstNodeValue($xpath, $element . "/poco:birthday/text()", $context);
if (strtotime($birthday) > time()) {
$bd_timestamp = strtotime($birthday);
}
// "poco:birthday" is the birthday in the format "yyyy-mm-dd"
- $value = $xpath->evaluate($element . "/poco:birthday/text()", $context)->item(0)->nodeValue;
+ $value = XML::getFirstNodeValue($xpath, $element . "/poco:birthday/text()", $context);
if (!in_array($value, ["", "0000-00-00", "0001-01-01"])) {
$bdyear = date("Y");
`addr` = '%s', `keywords` = '%s', `bdyear` = '%s', `bd` = '%s', `hidden` = %d,
`xmpp` = '%s', `name-date` = '%s', `uri-date` = '%s'
WHERE `id` = %d AND `network` = '%s'",
- dbesc($contact["name"]), dbesc($contact["nick"]), dbesc($contact["about"]), dbesc($contact["location"]),
- dbesc($contact["addr"]), dbesc($contact["keywords"]), dbesc($contact["bdyear"]),
- dbesc($contact["bd"]), intval($contact["hidden"]), dbesc($contact["xmpp"]),
- dbesc(DBM::date($contact["name-date"])), dbesc(DBM::date($contact["uri-date"])),
- intval($contact["id"]), dbesc($contact["network"])
+ DBA::escape($contact["name"]), DBA::escape($contact["nick"]), DBA::escape($contact["about"]), DBA::escape($contact["location"]),
+ DBA::escape($contact["addr"]), DBA::escape($contact["keywords"]), DBA::escape($contact["bdyear"]),
+ DBA::escape($contact["bd"]), intval($contact["hidden"]), DBA::escape($contact["xmpp"]),
+ DBA::escape(DateTimeFormat::utc($contact["name-date"])), DBA::escape(DateTimeFormat::utc($contact["uri-date"])),
+ intval($contact["id"]), DBA::escape($contact["network"])
);
}
$msg["seen"] = 0;
$msg["replied"] = 0;
- dba::insert('mail', $msg);
+ DBA::insert('mail', $msg);
// send notifications.
/// @TODO Arange this mess
$r = q(
"SELECT `id` FROM `contact` WHERE `name` = '%s' AND `nurl` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($suggest["name"]),
- dbesc(normalise_link($suggest["url"])),
+ DBA::escape($suggest["name"]),
+ DBA::escape(normalise_link($suggest["url"])),
intval($suggest["uid"])
);
*
* @see https://github.com/friendica/friendica/pull/3254#discussion_r107315246
*/
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
return false;
}
$fid = 0;
$r = q(
"SELECT `id` FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1",
- dbesc($suggest["url"]),
- dbesc($suggest["name"]),
- dbesc($suggest["request"])
+ DBA::escape($suggest["url"]),
+ DBA::escape($suggest["name"]),
+ DBA::escape($suggest["request"])
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
$fid = $r[0]["id"];
// OK, we do. Do we already have an introduction for this person ?
*
* @see https://github.com/friendica/friendica/pull/3254#discussion_r107315246
*/
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
return false;
}
}
if (!$fid) {
$r = q(
"INSERT INTO `fcontact` (`name`,`url`,`photo`,`request`) VALUES ('%s', '%s', '%s', '%s')",
- dbesc($suggest["name"]),
- dbesc($suggest["url"]),
- dbesc($suggest["photo"]),
- dbesc($suggest["request"])
+ DBA::escape($suggest["name"]),
+ DBA::escape($suggest["url"]),
+ DBA::escape($suggest["photo"]),
+ DBA::escape($suggest["request"])
);
}
$r = q(
"SELECT `id` FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1",
- dbesc($suggest["url"]),
- dbesc($suggest["name"]),
- dbesc($suggest["request"])
+ DBA::escape($suggest["url"]),
+ DBA::escape($suggest["name"]),
+ DBA::escape($suggest["request"])
);
/*
* If no record in fcontact is found, below INSERT statement will not
* link an introduction to it.
*/
- if (!DBM::is_result($r)) {
- // database record did not get created. Quietly give up.
+ if (!DBA::isResult($r)) {
+ // Database record did not get created. Quietly give up.
killme();
}
intval($suggest["uid"]),
intval($fid),
intval($suggest["cid"]),
- dbesc($suggest["body"]),
- dbesc($hash),
- dbesc(DateTimeFormat::utcNow()),
+ DBA::escape($suggest["body"]),
+ DBA::escape($hash),
+ DBA::escape(DateTimeFormat::utcNow()),
intval(0)
);
// update contact
$r = q(
- "SELECT `photo`, `url` FROM `contact` WHERE `id` = %d AND `uid` = %d;",
+ "SELECT `photo`, `url` FROM `contact` WHERE `id` = %d AND `uid` = %d",
intval($importer["id"]),
intval($importer["importer_uid"])
);
- if (!DBM::is_result($r)) {
+ if (!DBA::isResult($r)) {
logger("Query failed to execute, no result returned in " . __FUNCTION__);
return false;
}
'url' => $relocate["url"], 'nurl' => normalise_link($relocate["url"]),
'addr' => $relocate["addr"], 'connect' => $relocate["addr"],
'notify' => $relocate["notify"], 'server_url' => $relocate["server_url"]];
- dba::update('gcontact', $fields, ['nurl' => normalise_link($old["url"])]);
+ DBA::update('gcontact', $fields, ['nurl' => normalise_link($old["url"])]);
// Update the contact table. We try to find every entry.
$fields = ['name' => $relocate["name"], 'avatar' => $relocate["avatar"],
'poll' => $relocate["poll"], 'site-pubkey' => $relocate["sitepubkey"]];
$condition = ["(`id` = ?) OR (`nurl` = ?)", $importer["id"], normalise_link($old["url"])];
- dba::update('contact', $fields, $condition);
+ DBA::update('contact', $fields, $condition);
Contact::updateAvatar($relocate["avatar"], $importer["importer_uid"], $importer["id"], true);
logger('Contacts are updated.');
- // update items
- // This is an extreme performance killer
- Item::update(['owner-link' => $relocate["url"]], ['owner-link' => $old["url"], 'uid' => $importer["importer_uid"]]);
- Item::update(['author-link' => $relocate["url"]], ['author-link' => $old["url"], 'uid' => $importer["importer_uid"]]);
-
- logger('Items are updated.');
-
/// @TODO
/// merge with current record, current contents have priority
/// update record, set url-updated
if ($item["parent-uri"] != $item["uri"]) {
$community = false;
- if ($importer["page-flags"] == PAGE_COMMUNITY || $importer["page-flags"] == PAGE_PRVGROUP) {
+ if ($importer["page-flags"] == Contact::PAGE_COMMUNITY || $importer["page-flags"] == Contact::PAGE_PRVGROUP) {
$sql_extra = "";
$community = true;
logger("possible community action");
$is_a_remote_action = false;
$parent = Item::selectFirst(['parent-uri'], ['uri' => $item["parent-uri"]]);
- if (DBM::is_result($parent)) {
+ if (DBA::isResult($parent)) {
$r = q(
"SELECT `item`.`forum_mode`, `item`.`wall` FROM `item`
INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `item`.`uid` = %d
$sql_extra
LIMIT 1",
- dbesc($parent["parent-uri"]),
- dbesc($parent["parent-uri"]),
- dbesc($parent["parent-uri"]),
+ DBA::escape($parent["parent-uri"]),
+ DBA::escape($parent["parent-uri"]),
+ DBA::escape($parent["parent-uri"]),
intval($importer["importer_uid"])
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
$is_a_remote_action = true;
}
}
}
if ($Blink && link_compare($Blink, System::baseUrl() . "/profile/" . $importer["nickname"])) {
- $author = dba::selectFirst('contact', ['name', 'thumb', 'url'], ['id' => $item['author-id']]);
+ $author = DBA::selectFirst('contact', ['name', 'thumb', 'url'], ['id' => $item['author-id']]);
// send a notification
notification(
|| ($item["verb"] == ACTIVITY_ATTENDMAYBE)
) {
$is_like = true;
- $item["type"] = "activity";
- $item["gravity"] = GRAVITY_LIKE;
+ $item["gravity"] = GRAVITY_ACTIVITY;
// only one like or dislike per person
// splitted into two queries for performance issues
- $condition = ['uid' => $item["uid"], 'author-id' => $item["author-id"],
+ $condition = ['uid' => $item["uid"], 'author-id' => $item["author-id"], 'gravity' => GRAVITY_ACTIVITY,
'verb' => $item["verb"], 'parent-uri' => $item["parent-uri"]];
- if (dba::exists('item', $condition)) {
+ if (Item::exists($condition)) {
return false;
}
- $condition = ['uid' => $item["uid"], 'author-id' => $item["author-id"],
+ $condition = ['uid' => $item["uid"], 'author-id' => $item["author-id"], 'gravity' => GRAVITY_ACTIVITY,
'verb' => $item["verb"], 'thr-parent' => $item["parent-uri"]];
- if (dba::exists('item', $condition)) {
+ if (Item::exists($condition)) {
return false;
}
} else {
if ($xt->type == ACTIVITY_OBJ_NOTE) {
$item_tag = Item::selectFirst(['id', 'tag'], ['uri' => $xt->id, 'uid' => $importer["importer_uid"]]);
- if (!DBM::is_result($item_tag)) {
+
+ if (!DBA::isResult($item_tag)) {
logger("Query failed to execute, no result returned in " . __FUNCTION__);
return false;
}
$item["source"] = $xml;
// Get the uri
- $item["uri"] = $xpath->query("atom:id/text()", $entry)->item(0)->nodeValue;
+ $item["uri"] = XML::getFirstNodeValue($xpath, "atom:id/text()", $entry);
- $item["edited"] = $xpath->query("atom:updated/text()", $entry)->item(0)->nodeValue;
+ $item["edited"] = XML::getFirstNodeValue($xpath, "atom:updated/text()", $entry);
- $current = dba::selectFirst('item',
- ['id', 'uid', 'edited', 'body'],
+ $current = Item::selectFirst(['id', 'uid', 'edited', 'body'],
['uri' => $item["uri"], 'uid' => $importer["importer_uid"]]
);
// Is there an existing item?
- if (DBM::is_result($current) && !self::isEditedTimestampNewer($current, $item)) {
+ if (DBA::isResult($current) && !self::isEditedTimestampNewer($current, $item)) {
logger("Item ".$item["uri"]." (".$item['edited'].") already existed.", LOGGER_DEBUG);
return;
}
// Fetch the owner
$owner = self::fetchauthor($xpath, $entry, $importer, "dfrn:owner", true);
+ $owner_unknown = (isset($owner["contact-unknown"]) && $owner["contact-unknown"]);
+
$item["owner-link"] = $owner["link"];
$item["owner-id"] = Contact::getIdForURL($owner["link"], 0);
$item["author-link"] = $author["link"];
$item["author-id"] = Contact::getIdForURL($author["link"], 0);
- $item["title"] = $xpath->query("atom:title/text()", $entry)->item(0)->nodeValue;
+ $item["title"] = XML::getFirstNodeValue($xpath, "atom:title/text()", $entry);
- $item["created"] = $xpath->query("atom:published/text()", $entry)->item(0)->nodeValue;
+ $item["created"] = XML::getFirstNodeValue($xpath, "atom:published/text()", $entry);
- $item["body"] = $xpath->query("dfrn:env/text()", $entry)->item(0)->nodeValue;
+ $item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry);
$item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]);
// make sure nobody is trying to sneak some html tags by us
$item["body"] = notags(base64url_decode($item["body"]));
// We don't need the content element since "dfrn:env" is always present
//$item["body"] = $xpath->query("atom:content/text()", $entry)->item(0)->nodeValue;
- $item["location"] = $xpath->query("dfrn:location/text()", $entry)->item(0)->nodeValue;
+ $item["location"] = XML::getFirstNodeValue($xpath, "dfrn:location/text()", $entry);
- $georsspoint = $xpath->query("georss:point", $entry);
- if ($georsspoint) {
- $item["coord"] = $georsspoint->item(0)->nodeValue;
- }
+ $item["coord"] = XML::getFirstNodeValue($xpath, "georss:point", $entry);
- $item["private"] = $xpath->query("dfrn:private/text()", $entry)->item(0)->nodeValue;
+ $item["private"] = XML::getFirstNodeValue($xpath, "dfrn:private/text()", $entry);
- $item["extid"] = $xpath->query("dfrn:extid/text()", $entry)->item(0)->nodeValue;
+ $item["extid"] = XML::getFirstNodeValue($xpath, "dfrn:extid/text()", $entry);
- if ($xpath->query("dfrn:bookmark/text()", $entry)->item(0)->nodeValue == "true") {
- $item["bookmark"] = true;
+ if (XML::getFirstNodeValue($xpath, "dfrn:bookmark/text()", $entry) == "true") {
+ $item["post-type"] = Item::PT_PAGE;
}
$notice_info = $xpath->query("statusnet:notice_info", $entry);
}
}
- $item["guid"] = $xpath->query("dfrn:diaspora_guid/text()", $entry)->item(0)->nodeValue;
+ $item["guid"] = XML::getFirstNodeValue($xpath, "dfrn:diaspora_guid/text()", $entry);
// We store the data from "dfrn:diaspora_signature" in a different table, this is done in "Item::insert"
- $dsprsig = unxmlify($xpath->query("dfrn:diaspora_signature/text()", $entry)->item(0)->nodeValue);
+ $dsprsig = unxmlify(XML::getFirstNodeValue($xpath, "dfrn:diaspora_signature/text()", $entry));
if ($dsprsig != "") {
$item["dsprsig"] = $dsprsig;
}
- $item["verb"] = $xpath->query("activity:verb/text()", $entry)->item(0)->nodeValue;
+ $item["verb"] = XML::getFirstNodeValue($xpath, "activity:verb/text()", $entry);
- if ($xpath->query("activity:object-type/text()", $entry)->item(0)->nodeValue != "") {
- $item["object-type"] = $xpath->query("activity:object-type/text()", $entry)->item(0)->nodeValue;
+ if (XML::getFirstNodeValue($xpath, "activity:object-type/text()", $entry) != "") {
+ $item["object-type"] = XML::getFirstNodeValue($xpath, "activity:object-type/text()", $entry);
}
$object = $xpath->query("activity:object", $entry)->item(0);
$termhash = array_shift($parts);
$termurl = implode(":", $parts);
- if (strlen($item["tag"])) {
+ if (!empty($item["tag"])) {
$item["tag"] .= ",";
+ } else {
+ $item["tag"] = "";
}
$item["tag"] .= $termhash . "[url=" . $termurl . "]" . $term . "[/url]";
self::parseLinks($links, $item);
}
- $item['conversation-uri'] = $xpath->query('ostatus:conversation/text()', $entry)->item(0)->nodeValue;
+ $item['conversation-uri'] = XML::getFirstNodeValue($xpath, 'ostatus:conversation/text()', $entry);
$conv = $xpath->query('ostatus:conversation', $entry);
if (is_object($conv->item(0))) {
}
if ($entrytype == DFRN::REPLY_RC) {
- $item["type"] = "remote-comment";
$item["wall"] = 1;
} elseif ($entrytype == DFRN::TOP_LEVEL) {
if (!isset($item["object-type"])) {
}
// Is it an event?
- if ($item["object-type"] == ACTIVITY_OBJ_EVENT) {
+ if (($item["object-type"] == ACTIVITY_OBJ_EVENT) && !$owner_unknown) {
logger("Item ".$item["uri"]." seems to contain an event.", LOGGER_DEBUG);
$ev = Event::fromBBCode($item["body"]);
if ((x($ev, "desc") || x($ev, "summary")) && x($ev, "start")) {
$ev["edited"] = $item["edited"];
$ev["private"] = $item["private"];
$ev["guid"] = $item["guid"];
+ $ev["plink"] = $item["plink"];
$r = q(
"SELECT `id` FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($item["uri"]),
+ DBA::escape($item["uri"]),
intval($importer["importer_uid"])
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
$ev["id"] = $r[0]["id"];
}
return;
}
+ // This check is done here to be able to receive connection requests in "processVerbs"
+ if (($entrytype == DFRN::TOP_LEVEL) && $owner_unknown) {
+ logger("Item won't be stored because user " . $importer["importer_uid"] . " doesn't follow " . $item["owner-link"] . ".", LOGGER_DEBUG);
+ return;
+ }
+
+
// Update content if 'updated' changes
- if (DBM::is_result($current)) {
+ if (DBA::isResult($current)) {
if (self::updateContent($current, $item, $importer, $entrytype)) {
logger("Item ".$item["uri"]." was updated.", LOGGER_DEBUG);
} else {
$item["owner-id"] = Contact::getIdForURL($importer["url"], 0);
}
- if (($importer["rel"] == CONTACT_IS_FOLLOWER) && (!self::tgroupCheck($importer["importer_uid"], $item))) {
+ if (($importer["rel"] == Contact::FOLLOWER) && (!self::tgroupCheck($importer["importer_uid"], $item))) {
logger("Contact ".$importer["id"]." is only follower and tgroup check was negative.", LOGGER_DEBUG);
return;
}
return false;
}
- $condition = ["`uri` = ? AND `uid` = ? AND NOT `file` LIKE '%[%'", $uri, $importer["importer_uid"]];
- $item = dba::selectFirst('item', ['id', 'parent', 'contact-id'], $condition);
- if (!DBM::is_result($item)) {
+ $condition = ['uri' => $uri, 'uid' => $importer["importer_uid"]];
+ $item = Item::selectFirst(['id', 'parent', 'contact-id', 'file', 'deleted'], $condition);
+ if (!DBA::isResult($item)) {
logger("Item with uri " . $uri . " for user " . $importer["importer_uid"] . " wasn't found.", LOGGER_DEBUG);
return;
}
+ if (strstr($item['file'], '[')) {
+ logger("Item with uri " . $uri . " for user " . $importer["importer_uid"] . " is filed. So it won't be deleted.", LOGGER_DEBUG);
+ return;
+ }
+
// When it is a starting post it has to belong to the person that wants to delete it
if (($item['id'] == $item['parent']) && ($item['contact-id'] != $importer["id"])) {
logger("Item with uri " . $uri . " don't belong to contact " . $importer["id"] . " - ignoring deletion.", LOGGER_DEBUG);
// Comments can be deleted by the thread owner or comment owner
if (($item['id'] != $item['parent']) && ($item['contact-id'] != $importer["id"])) {
$condition = ['id' => $item['parent'], 'contact-id' => $importer["id"]];
- if (!dba::exists('item', $condition)) {
+ if (!Item::exists($condition)) {
logger("Item with uri " . $uri . " wasn't found or mustn't be deleted by contact " . $importer["id"] . " - ignoring deletion.", LOGGER_DEBUG);
return;
}
$header = [];
$header["uid"] = $importer["importer_uid"];
$header["network"] = NETWORK_DFRN;
- $header["type"] = "remote";
$header["wall"] = 0;
$header["origin"] = 0;
$header["contact-id"] = $importer["id"];
logger("Import DFRN message for user " . $importer["importer_uid"] . " from contact " . $importer["id"], LOGGER_DEBUG);
// is it a public forum? Private forums aren't exposed with this method
- $forum = intval($xpath->evaluate("/atom:feed/dfrn:community/text()")->item(0)->nodeValue);
+ $forum = intval(XML::getFirstNodeValue($xpath, "/atom:feed/dfrn:community/text()"));
// The account type is new since 3.5.1
if ($xpath->query("/atom:feed/dfrn:account_type")->length > 0) {
- $accounttype = intval($xpath->evaluate("/atom:feed/dfrn:account_type/text()")->item(0)->nodeValue);
+ $accounttype = intval(XML::getFirstNodeValue($xpath, "/atom:feed/dfrn:account_type/text()"));
if ($accounttype != $importer["contact-type"]) {
- dba::update('contact', ['contact-type' => $accounttype], ['id' => $importer["id"]]);
+ DBA::update('contact', ['contact-type' => $accounttype], ['id' => $importer["id"]]);
}
// A forum contact can either have set "forum" or "prv" - but not both
- if (($accounttype == ACCOUNT_TYPE_COMMUNITY) && (($forum != $importer["forum"]) || ($forum == $importer["prv"]))) {
+ if (($accounttype == Contact::ACCOUNT_TYPE_COMMUNITY) && (($forum != $importer["forum"]) || ($forum == $importer["prv"]))) {
$condition = ['(`forum` != ? OR `prv` != ?) AND `id` = ?', $forum, !$forum, $importer["id"]];
- dba::update('contact', ['forum' => $forum, 'prv' => !$forum], $condition);
+ DBA::update('contact', ['forum' => $forum, 'prv' => !$forum], $condition);
}
} elseif ($forum != $importer["forum"]) { // Deprecated since 3.5.1
$condition = ['`forum` != ? AND `id` = ?', $forum, $importer["id"]];
- dba::update('contact', ['forum' => $forum], $condition);
+ DBA::update('contact', ['forum' => $forum], $condition);
}
$newentries = [];
$entries = $xpath->query("/atom:feed/atom:entry");
foreach ($entries as $entry) {
- $created = $xpath->query("atom:published/text()", $entry)->item(0)->nodeValue;
+ $created = XML::getFirstNodeValue($xpath, "atom:published/text()", $entry);
$newentries[strtotime($created)] = $entry;
}
/// @todo Why is there a query for "url" *and* "nurl"? Especially this normalising is strange.
$r = q("SELECT `id` FROM `contact` WHERE `uid` = (SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1)
AND `nick` = '%s' AND NOT `self` AND (`url` LIKE '%%%s%%' OR `nurl` LIKE '%%%s%%') AND NOT `blocked` AND NOT `pending` LIMIT 1",
- dbesc($contact_nick),
- dbesc($a->user['nickname']),
- dbesc($baseurl),
- dbesc($nurl)
+ DBA::escape($contact_nick),
+ DBA::escape($a->user['nickname']),
+ DBA::escape($baseurl),
+ DBA::escape($nurl)
);
- if ((! DBM::is_result($r)) || $r[0]['id'] == remote_user()) {
+ if ((! DBA::isResult($r)) || $r[0]['id'] == remote_user()) {
return;
}
$r = q("SELECT * FROM contact WHERE nick = '%s'
AND network = '%s' AND uid = %d AND url LIKE '%%%s%%' LIMIT 1",
- dbesc($contact_nick),
- dbesc(NETWORK_DFRN),
+ DBA::escape($contact_nick),
+ DBA::escape(NETWORK_DFRN),
intval(local_user()),
- dbesc($baseurl)
+ DBA::escape($baseurl)
);
- if (! DBM::is_result($r)) {
+ if (! DBA::isResult($r)) {
return;
}
$sec = random_string();
- dba::insert('profile_check', ['uid' => local_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id, 'sec' => $sec, 'expire' => time() + 45]);
+ DBA::insert('profile_check', ['uid' => local_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id, 'sec' => $sec, 'expire' => time() + 45]);
$url = curPageURL();
$u = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($uid)
);
- if (!DBM::is_result($u)) {
+ if (!DBA::isResult($u)) {
return false;
}
- $community_page = ($u[0]['page-flags'] == PAGE_COMMUNITY);
- $prvgroup = ($u[0]['page-flags'] == PAGE_PRVGROUP);
+ $community_page = ($u[0]['page-flags'] == Contact::PAGE_COMMUNITY);
+ $prvgroup = ($u[0]['page-flags'] == Contact::PAGE_PRVGROUP);
$link = normalise_link(System::baseUrl() . '/profile/' . $u[0]['nickname']);
projects / friendica.git / blobdiff