X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fprofile_photo.php;h=5fdff41e8c6b6d54820f5a45bac9279197032c69;hb=f10481796778811d3ea4fab803508be3ffde84e4;hp=4565f6e23a0389bc29570dc5228b37ec69f99aa1;hpb=7876d6547b661dc9343946fc567eba75ada9fd84;p=friendica.git
diff --git a/mod/profile_photo.php b/mod/profile_photo.php
index 4565f6e23a..5fdff41e8c 100644
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@@ -4,15 +4,17 @@
*/
use Friendica\App;
+use Friendica\BaseModule;
use Friendica\Core\Config;
use Friendica\Core\L10n;
use Friendica\Core\System;
use Friendica\Core\Worker;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Model\Photo;
use Friendica\Model\Profile;
use Friendica\Object\Image;
+use Friendica\Util\Security;
function profile_photo_init(App $a)
{
@@ -30,7 +32,7 @@ function profile_photo_post(App $a)
return;
}
- check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
+ BaseModule::checkFormSecurityTokenRedirectOnError('/profile_photo', 'profile_photo');
if (!empty($_POST['cropfinal']) && $_POST['cropfinal'] == 1) {
@@ -42,7 +44,7 @@ function profile_photo_post(App $a)
intval(local_user())
);
- if (DBM::is_result($r) && (!intval($r[0]['is-default']))) {
+ if (DBA::isResult($r) && (!intval($r[0]['is-default']))) {
$is_default_profile = 0;
}
}
@@ -69,12 +71,11 @@ function profile_photo_post(App $a)
$srcW = $_POST['xfinal'] - $srcX;
$srcH = $_POST['yfinal'] - $srcY;
- $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", dbesc($image_id),
- dbesc(local_user()), intval($scale));
+ $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", DBA::escape($image_id),
+ DBA::escape(local_user()), intval($scale));
$url = System::baseUrl() . '/profile/' . $a->user['nickname'];
- if (DBM::is_result($r)) {
-
+ if (DBA::isResult($r)) {
$base_image = $r[0];
$Image = new Image($base_image['data'], $base_image['type']);
@@ -110,12 +111,12 @@ function profile_photo_post(App $a)
if ($is_default_profile) {
$r = q("UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d",
- dbesc($base_image['resource-id']), intval(local_user())
+ DBA::escape($base_image['resource-id']), intval(local_user())
);
} else {
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d",
- dbesc(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-4.' . $Image->getExt()),
- dbesc(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-5.' . $Image->getExt()),
+ DBA::escape(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-4.' . $Image->getExt()),
+ DBA::escape(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-5.' . $Image->getExt()),
intval($_REQUEST['profile']), intval(local_user())
);
}
@@ -187,15 +188,15 @@ function profile_photo_content(App $a)
$imagecrop = [];
if (isset($a->argv[1]) && $a->argv[1] == 'use' && $a->argc >= 3) {
- // check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
+ // BaseModule::checkFormSecurityTokenRedirectOnError('/profile_photo', 'profile_photo');
$resource_id = $a->argv[2];
//die(":".local_user());
$r = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' ORDER BY `scale` ASC", intval(local_user()),
- dbesc($resource_id)
+ DBA::escape($resource_id)
);
- if (!DBM::is_result($r)) {
+ if (!DBA::isResult($r)) {
notice(L10n::t('Permission denied.') . EOL);
return;
}
@@ -213,7 +214,7 @@ function profile_photo_content(App $a)
$r = q("UPDATE `photo` SET `profile`=0 WHERE `profile`=1 AND `uid`=%d", intval(local_user()));
$r = q("UPDATE `photo` SET `profile`=1 WHERE `uid` = %d AND `resource-id` = '%s'", intval(local_user()),
- dbesc($resource_id)
+ DBA::escape($resource_id)
);
Contact::updateSelfFromUserID(local_user(), true);
@@ -247,7 +248,7 @@ function profile_photo_content(App $a)
'$title' => L10n::t('Upload Profile Photo'),
'$submit' => L10n::t('Upload'),
'$profiles' => $profiles,
- '$form_security_token' => get_form_security_token("profile_photo"),
+ '$form_security_token' => BaseModule::getFormSecurityToken("profile_photo"),
'$select' => sprintf('%s %s', L10n::t('or'),
($newuser) ? '' . L10n::t('skip this step') . '' : '' . L10n::t('select a photo from your photo albums') . '')
]);
@@ -264,7 +265,7 @@ function profile_photo_content(App $a)
'$image_url' => System::baseUrl() . '/photo/' . $filename,
'$title' => L10n::t('Crop Image'),
'$desc' => L10n::t('Please adjust the image cropping for optimum viewing.'),
- '$form_security_token' => get_form_security_token("profile_photo"),
+ '$form_security_token' => BaseModule::getFormSecurityToken("profile_photo"),
'$done' => L10n::t('Done Editing')
]);
return $o;
@@ -318,7 +319,6 @@ function profile_photo_crop_ui_head(App $a, Image $image)
}
$a->page['htmlhead'] .= replace_macros(get_markup_template("crophead.tpl"), []);
- $a->page['end'] .= replace_macros(get_markup_template("cropend.tpl"), []);
$imagecrop = [
'hash' => $hash,