X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=view%2Ftheme%2Ffrio%2Ftheme.php;h=72e5ab0b6140b693464ec8d8170e19281d008bdd;hb=253ac95ca03be59ad52acd2d457294b14400e087;hp=d9a7bbb31dab46a6c3fd92b48972e2a1e938189e;hpb=ecea7425f8ad11ace4af39d476919e3203bff44f;p=friendica.git

diff --git a/view/theme/frio/theme.php b/view/theme/frio/theme.php
index d9a7bbb31d..72e5ab0b61 100644
--- a/view/theme/frio/theme.php
+++ b/view/theme/frio/theme.php
@@ -2,7 +2,7 @@
 /*
  * Name: frio
  * Description: Bootstrap V3 theme. The theme is currently under construction, so it is far from finished. For further information have a look at the <a href="https://github.com/friendica/friendica/tree/develop/view/theme/frio/README.md">ReadMe</a>.
- * Version: V.0.8
+ * Version: V.0.8.5
  * Author: Rabuzarus <https://friendica.kommune4.de/profile/rabuzarus>
  *
  */
@@ -150,8 +150,18 @@ function frio_item_photo_menu(App $a, &$arr)
 function frio_contact_photo_menu(App $a, &$args)
 {
 	$cid = $args['contact']['id'];
-	$pokelink = $args['menu']['poke'][1];
-	$pmlink = $args['menu']['pm'][1];
+
+	if (!empty($args['menu']['poke'])) {
+		$pokelink = $args['menu']['poke'][1];
+	} else {
+		$pokelink = '';
+	}
+
+	if (!empty($args['menu']['poke'])) {
+		$pmlink = $args['menu']['pm'][1];
+	} else {
+		$pmlink = '';
+	}
 
 	// Set the the indicator for opening the status, profile and photo pages
 	// in a new tab to false if the contact a dfrn (friendica) contact
@@ -239,7 +249,7 @@ function frio_remote_nav($a, &$nav)
 	} elseif (Profile::getMyURL()) {
 		$r = q("SELECT `name`, `nick`, `photo` FROM `gcontact`
 				WHERE `addr` = '%s' AND `network` = 'dfrn'",
-			dbesc($webbie));
+			DBA::escape($webbie));
 		$nav['remote'] = L10n::t('Visitor');
 	} else {
 		$r = false;
@@ -299,12 +309,12 @@ function frio_acl_lookup(App $a, &$results)
 
 	$sql_extra = '';
 	if ($results['search']) {
-		$search_txt = dbesc(protect_sprintf(preg_quote($results['search'])));
-		$sql_extra .= " AND (`attag` LIKE '%%" . dbesc($search_txt) . "%%' OR `name` LIKE '%%" . dbesc($search_txt) . "%%' OR `nick` LIKE '%%" . dbesc($search_txt) . "%%') ";
+		$search_txt = DBA::escape(protect_sprintf(preg_quote($results['search'])));
+		$sql_extra .= " AND (`attag` LIKE '%%" . $search_txt . "%%' OR `name` LIKE '%%" . $search_txt . "%%' OR `nick` LIKE '%%" . $search_txt . "%%') ";
 	}
 
 	if ($nets) {
-		$sql_extra .= sprintf(" AND network = '%s' ", dbesc($nets));
+		$sql_extra .= sprintf(" AND network = '%s' ", DBA::escape($nets));
 	}
 
 	$total = 0;