X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=include%2Facl_selectors.php;h=69181b7359bcb1ab68af4e84892782156771bf8c;hb=df312402e46cc3cdc788c73d0c41874b6c71fcb3;hp=05856bd21738955bd4e5f538ed44c3923b45a8ff;hpb=26983bafff024adab0339b828ec21d83fc5d1007;p=friendica.git

diff --git a/include/acl_selectors.php b/include/acl_selectors.php
index 05856bd217..69181b7359 100644
--- a/include/acl_selectors.php
+++ b/include/acl_selectors.php
@@ -1,6 +1,7 @@
 <?php
 
 require_once("include/contact_selectors.php");
+require_once("include/contact_widgets.php");
 require_once("include/features.php");
 require_once("mod/proxy.php");
 
@@ -19,7 +20,7 @@ function group_select($selname,$selclass,$preselected = false,$size = 4) {
 
 	$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n";
 
-	$r = q("SELECT * FROM `group` WHERE `deleted` = 0 AND `uid` = %d ORDER BY `name` ASC",
+	$r = q("SELECT `id`, `name` FROM `group` WHERE NOT `deleted` AND `uid` = %d ORDER BY `name` ASC",
 		intval(local_user())
 	);
 
@@ -308,7 +309,7 @@ function populate_acl($user = null, $show_jotnets = false) {
 		$pubmail_enabled = false;
 
 		if(! $mail_disabled) {
-			$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
+			$r = q("SELECT `pubmail` FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
 				intval(local_user())
 			);
 			if(count($r)) {
@@ -392,7 +393,6 @@ function acl_lookup(&$a, $out_type = 'json') {
 	if(!local_user())
 		return "";
 
-
 	$start = (x($_REQUEST,'start')?$_REQUEST['start']:0);
 	$count = (x($_REQUEST,'count')?$_REQUEST['count']:100);
 	$search = (x($_REQUEST,'search')?$_REQUEST['search']:"");
@@ -407,7 +407,7 @@ function acl_lookup(&$a, $out_type = 'json') {
 		$search = $_REQUEST['query'];
 	}
 
-//	logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
+	logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
 
 	if ($search!=""){
 		$sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
@@ -426,6 +426,8 @@ function acl_lookup(&$a, $out_type = 'json') {
 		$group_count = 0;
 	}
 
+	$sql_extra2 .= " ".unavailable_networks();
+
 	if ($type=='' || $type=='c'){
 		$r = q("SELECT COUNT(*) AS c FROM `contact`
 				WHERE `uid` = %d AND `self` = 0
@@ -492,7 +494,7 @@ function acl_lookup(&$a, $out_type = 'json') {
 			$groups[] = array(
 				"type"  => "g",
 				"photo" => "images/twopeople.png",
-				"name"  => $g['name'],
+				"name"  => htmlentities($g['name']),
 				"id"	=> intval($g['id']),
 				"uids"  => array_map("intval", explode(",",$g['uids'])),
 				"link"  => '',
@@ -501,7 +503,7 @@ function acl_lookup(&$a, $out_type = 'json') {
 		}
 	}
 
-	if ($type=='' || $type=='c'){
+	if ($type==''){
 
 		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, forum FROM `contact`
 			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
@@ -512,6 +514,17 @@ function acl_lookup(&$a, $out_type = 'json') {
 			dbesc(NETWORK_OSTATUS), dbesc(NETWORK_STATUSNET)
 		);
 	}
+	elseif ($type=='c'){
+
+		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, forum FROM `contact`
+			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
+			AND NOT (`network` IN ('%s'))
+			$sql_extra2
+			ORDER BY `name` ASC ",
+			intval(local_user()),
+			dbesc(NETWORK_STATUSNET)
+		);
+	}
 	elseif($type == 'm') {
 		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact`
 			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
@@ -547,7 +560,7 @@ function acl_lookup(&$a, $out_type = 'json') {
 			foreach($r as $g) {
 				$x['photos'][] = proxy_url($g['micro'], false, PROXY_SIZE_MICRO);
 				$x['links'][] = $g['url'];
-				$x['suggestions'][] = $g['name'];
+				$x['suggestions'][] = htmlentities($g['name']);
 				$x['data'][] = intval($g['id']);
 			}
 		}
@@ -560,11 +573,11 @@ function acl_lookup(&$a, $out_type = 'json') {
 			$contacts[] = array(
 				"type"  => "c",
 				"photo" => proxy_url($g['micro'], false, PROXY_SIZE_MICRO),
-				"name"  => $g['name'],
+				"name"  => htmlentities($g['name']),
 				"id"	=> intval($g['id']),
 				"network" => $g['network'],
 				"link" => $g['url'],
-				"nick" => ($g['attag']) ? $g['attag'] : $g['nick'],
+				"nick" => htmlentities(($g['attag']) ? $g['attag'] : $g['nick']),
 				"forum" => $g['forum']
 			);
 		}
@@ -605,11 +618,11 @@ function acl_lookup(&$a, $out_type = 'json') {
 				$unknow_contacts[] = array(
 					"type"  => "c",
 					"photo" => proxy_url($row['author-avatar'], false, PROXY_SIZE_MICRO),
-					"name"  => $row['author-name'],
+					"name"  => htmlentities($row['author-name']),
 					"id"	=> '',
 					"network" => "unknown",
 					"link" => $row['author-link'],
-					"nick" => $nick,
+					"nick" => htmlentities($nick),
 					"forum" => false
 				);
 			}