X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fphotos.php;h=b908234ab74631db72204a0f989bfa652945db84;hb=3488b937ead0b3988d1f22c632bc2cc81393249b;hp=d0e06a806ab8e2dc2e72ec5296866e07af60b02f;hpb=0ec44f3e8a73229c3aadea86f61b5571a701c6b7;p=friendica.git diff --git a/mod/photos.php b/mod/photos.php index d0e06a806a..b908234ab7 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -45,10 +45,10 @@ function photos_init(App $a) { if ($a->argc > 1) { $nick = $a->argv[1]; $user = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1", - dbesc($nick) + DBA::escape($nick) ); - if (!DBA::is_result($user)) { + if (!DBA::isResult($user)) { return; } @@ -123,7 +123,10 @@ function photos_init(App $a) { } $a->page['aside'] .= $vcard_widget; - $a->page['aside'] .= $photo_albums_widget; + + if (!empty($photo_albums_widget)) { + $a->page['aside'] .= $photo_albums_widget; + } $tpl = get_markup_template("photos_head.tpl"); @@ -147,7 +150,7 @@ function photos_post(App $a) $visitor = 0; $page_owner_uid = $a->data['user']['uid']; - $community_page = $a->data['user']['page-flags'] == PAGE_COMMUNITY; + $community_page = $a->data['user']['page-flags'] == Contact::PAGE_COMMUNITY; if (local_user() && (local_user() == $page_owner_uid)) { $can_post = true; @@ -169,7 +172,7 @@ function photos_post(App $a) intval($page_owner_uid) ); - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { $can_post = true; $visitor = $contact_id; } @@ -198,10 +201,10 @@ function photos_post(App $a) } $r = q("SELECT `album` FROM `photo` WHERE `album` = '%s' AND `uid` = %d", - dbesc($album), + DBA::escape($album), intval($page_owner_uid) ); - if (!DBA::is_result($r)) { + if (!DBA::isResult($r)) { notice(L10n::t('Album not found.') . EOL); goaway($_SESSION['photo_return']); return; // NOTREACHED @@ -216,8 +219,8 @@ function photos_post(App $a) $newalbum = notags(trim($_POST['albumname'])); if ($newalbum != $album) { q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d", - dbesc($newalbum), - dbesc($album), + DBA::escape($newalbum), + DBA::escape($album), intval($page_owner_uid) ); // Update the photo albums cache @@ -262,17 +265,17 @@ function photos_post(App $a) $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `album` = '%s'", intval($visitor), intval($page_owner_uid), - dbesc($album) + DBA::escape($album) ); } else { $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'", intval(local_user()), - dbesc($album) + DBA::escape($album) ); } - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { foreach ($r as $rr) { - $res[] = "'" . dbesc($rr['rid']) . "'" ; + $res[] = "'" . DBA::escape($rr['rid']) . "'" ; } } else { goaway($_SESSION['photo_return']); @@ -327,19 +330,19 @@ function photos_post(App $a) $r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `resource-id` = '%s' LIMIT 1", intval($visitor), intval($page_owner_uid), - dbesc($a->argv[2]) + DBA::escape($a->argv[2]) ); } else { $r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' LIMIT 1", intval(local_user()), - dbesc($a->argv[2]) + DBA::escape($a->argv[2]) ); } - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { q("DELETE FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'", intval($page_owner_uid), - dbesc($r[0]['resource-id']) + DBA::escape($r[0]['resource-id']) ); Item::deleteForUser(['resource-id' => $r[0]['resource-id'], 'uid' => $page_owner_uid], $page_owner_uid); @@ -374,11 +377,11 @@ function photos_post(App $a) logger('rotate'); $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = 0 LIMIT 1", - dbesc($resource_id), + DBA::escape($resource_id), intval($page_owner_uid) ); - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { $image = new Image($r[0]['data'], $r[0]['type']); if ($image->isValid()) { @@ -389,10 +392,10 @@ function photos_post(App $a) $height = $image->getHeight(); $x = q("UPDATE `photo` SET `data` = '%s', `height` = %d, `width` = %d WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = 0", - dbesc($image->asString()), + DBA::escape($image->asString()), intval($height), intval($width), - dbesc($resource_id), + DBA::escape($resource_id), intval($page_owner_uid) ); @@ -402,10 +405,10 @@ function photos_post(App $a) $height = $image->getHeight(); $x = q("UPDATE `photo` SET `data` = '%s', `height` = %d, `width` = %d WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = 1", - dbesc($image->asString()), + DBA::escape($image->asString()), intval($height), intval($width), - dbesc($resource_id), + DBA::escape($resource_id), intval($page_owner_uid) ); } @@ -416,10 +419,10 @@ function photos_post(App $a) $height = $image->getHeight(); $x = q("UPDATE `photo` SET `data` = '%s', `height` = %d, `width` = %d WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = 2", - dbesc($image->asString()), + DBA::escape($image->asString()), intval($height), intval($width), - dbesc($resource_id), + DBA::escape($resource_id), intval($page_owner_uid) ); } @@ -428,19 +431,19 @@ function photos_post(App $a) } $p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC", - dbesc($resource_id), + DBA::escape($resource_id), intval($page_owner_uid) ); - if (DBA::is_result($p)) { + if (DBA::isResult($p)) { $ext = $phototypes[$p[0]['type']]; $r = q("UPDATE `photo` SET `desc` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource-id` = '%s' AND `uid` = %d", - dbesc($desc), - dbesc($albname), - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - dbesc($resource_id), + DBA::escape($desc), + DBA::escape($albname), + DBA::escape($str_contact_allow), + DBA::escape($str_group_allow), + DBA::escape($str_contact_deny), + DBA::escape($str_group_deny), + DBA::escape($resource_id), intval($page_owner_uid) ); @@ -495,7 +498,7 @@ function photos_post(App $a) if ($item_id) { $item = Item::selectFirst(['tag', 'inform'], ['id' => $item_id, 'uid' => $page_owner_uid]); } - if (DBA::is_result($item)) { + if (DBA::isResult($item)) { $old_tag = $item['tag']; $old_inform = $item['inform']; } @@ -554,21 +557,21 @@ function photos_post(App $a) //select someone from this user's contacts by name $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", - dbesc($newname), + DBA::escape($newname), intval($page_owner_uid) ); - if (!DBA::is_result($r)) { + if (!DBA::isResult($r)) { //select someone by attag or nick and the name passed in $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", - dbesc($name), - dbesc($name), + DBA::escape($name), + DBA::escape($name), intval($page_owner_uid) ); } } - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { $newname = $r[0]['name']; $profile = $r[0]['url']; $notify = 'cid:' . $r[0]['id']; @@ -707,11 +710,11 @@ function photos_post(App $a) */ $r = q("SELECT * FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `created` > UTC_TIMESTAMP() - INTERVAL 3 HOUR ", - dbesc($album), + DBA::escape($album), intval($page_owner_uid) ); - if (!DBA::is_result($r) || ($album == L10n::t('Profile Photos'))) { + if (!DBA::isResult($r) || ($album == L10n::t('Profile Photos'))) { $visible = 1; } else { $visible = 0; @@ -900,7 +903,7 @@ function photos_post(App $a) Worker::add(PRIORITY_HIGH, "Notifier", 'wall-new', $item_id); } - Addon::callHooks('photo_post_end', intval($item_id)); + Addon::callHooks('photo_post_end', $item_id); // addon uploaders should call "killme()" [e.g. exit] within the photo_post_end hook // if they do not wish to be redirected @@ -964,7 +967,7 @@ function photos_content(App $a) $owner_uid = $a->data['user']['uid']; - $community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false); + $community_page = (($a->data['user']['page-flags'] == Contact::PAGE_COMMUNITY) ? true : false); if (local_user() && (local_user() == $owner_uid)) { $can_post = true; @@ -984,7 +987,7 @@ function photos_content(App $a) intval($contact_id), intval($owner_uid) ); - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { $can_post = true; $contact = $r[0]; $remote_contact = true; @@ -1013,7 +1016,7 @@ function photos_content(App $a) intval($contact_id), intval($owner_uid) ); - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { $contact = $r[0]; $remote_contact = true; } @@ -1050,7 +1053,7 @@ function photos_content(App $a) $albumselect = ''; $albumselect .= ''; - if (count($a->data['albums'])) { + if (!empty($a->data['albums'])) { foreach ($a->data['albums'] as $album) { if (($album['album'] === '') || ($album['album'] === 'Contact Photos') || ($album['album'] === L10n::t('Contact Photos'))) { continue; @@ -1111,9 +1114,9 @@ function photos_content(App $a) $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' AND `scale` <= 4 $sql_extra GROUP BY `resource-id`", intval($owner_uid), - dbesc($album) + DBA::escape($album) ); - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { $a->set_pager_total(count($r)); $a->set_pager_itemspage(20); } @@ -1132,7 +1135,7 @@ function photos_content(App $a) FROM `photo` WHERE `uid` = %d AND `album` = '%s' AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` $order LIMIT %d , %d", intval($owner_uid), - dbesc($album), + DBA::escape($album), intval($a->pager['start']), intval($a->pager['itemspage']) ); @@ -1169,7 +1172,7 @@ function photos_content(App $a) $photos = []; - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { // "Twist" is only used for the duepunto theme with style "slackr" $twist = false; foreach ($r as $rr) { @@ -1216,16 +1219,16 @@ function photos_content(App $a) $ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' $sql_extra ORDER BY `scale` ASC ", intval($owner_uid), - dbesc($datum) + DBA::escape($datum) ); - if (!DBA::is_result($ph)) { + if (!DBA::isResult($ph)) { $ph = q("SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' LIMIT 1", intval($owner_uid), - dbesc($datum) + DBA::escape($datum) ); - if (DBA::is_result($ph)) { + if (DBA::isResult($ph)) { notice(L10n::t('Permission denied. Access to this item may be restricted.')); } else { notice(L10n::t('Photo not available') . EOL); @@ -1252,11 +1255,13 @@ function photos_content(App $a) $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 $sql_extra ORDER BY `created` $order ", - dbesc($ph[0]['album']), + DBA::escape($ph[0]['album']), intval($owner_uid) ); - if (DBA::is_result($prvnxt)) { + if (DBA::isResult($prvnxt)) { + $prv = null; + $nxt = null; foreach ($prvnxt as $z => $entry) { if ($entry['resource-id'] == $ph[0]['resource-id']) { $prv = $z - 1; @@ -1271,8 +1276,12 @@ function photos_content(App $a) } } $edit_suffix = ((($cmd === 'edit') && $can_post) ? '/edit' : ''); - $prevlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix . ($order_field === 'posted' ? '?f=&order=posted' : ''); - $nextlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix . ($order_field === 'posted' ? '?f=&order=posted' : ''); + if (!is_null($prv)) { + $prevlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix . ($order_field === 'posted' ? '?f=&order=posted' : ''); + } + if (!is_null($nxt)) { + $nextlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix . ($order_field === 'posted' ? '?f=&order=posted' : ''); + } } } @@ -1347,13 +1356,13 @@ function photos_content(App $a) /// @todo Rewrite this query. To do so, $sql_extra must be changed $linked_items = q("SELECT `id` FROM `item` WHERE `resource-id` = '%s' $sql_extra LIMIT 1", - dbesc($datum) + DBA::escape($datum) ); $map = null; $link_item = []; - if (DBA::is_result($linked_items)) { + if (DBA::isResult($linked_items)) { // This is a workaround to not being forced to rewrite the while $sql_extra handling $link_item = Item::selectFirst([], ['id' => $linked_items[0]['id']]); @@ -1449,7 +1458,7 @@ function photos_content(App $a) ]); } - if (!DBA::is_result($items)) { + if (!DBA::isResult($items)) { if (($can_post || can_write_wall($owner_uid))) { $comments .= replace_macros($cmnt_tpl, [ '$return_path' => '', @@ -1476,7 +1485,7 @@ function photos_content(App $a) ]; // display comments - if (DBA::is_result($items)) { + if (DBA::isResult($items)) { foreach ($items as $item) { builtin_activity_puller($item, $conv_responses); } @@ -1615,11 +1624,11 @@ function photos_content(App $a) $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra GROUP BY `resource-id`", intval($a->data['user']['uid']), - dbesc('Contact Photos'), - dbesc(L10n::t('Contact Photos')) + DBA::escape('Contact Photos'), + DBA::escape(L10n::t('Contact Photos')) ); - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { $a->set_pager_total(count($r)); $a->set_pager_itemspage(20); } @@ -1630,14 +1639,14 @@ function photos_content(App $a) WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", intval($a->data['user']['uid']), - dbesc('Contact Photos'), - dbesc(L10n::t('Contact Photos')), + DBA::escape('Contact Photos'), + DBA::escape(L10n::t('Contact Photos')), intval($a->pager['start']), intval($a->pager['itemspage']) ); $photos = []; - if (DBA::is_result($r)) { + if (DBA::isResult($r)) { // "Twist" is only used for the duepunto theme with style "slackr" $twist = false; foreach ($r as $rr) {