Fix limit and search parameters in frio_acl_lookup

diff --git a/view/theme/frio/theme.php b/view/theme/frio/theme.php
index b3b8e9009f0fbd362b826f170788f5635a646b34..132ed0d3be66ea7c3ec1154b58636a8d34a2a7fb 100644 (file)
--- a/view/theme/frio/theme.php
+++ b/view/theme/frio/theme.php
@@ -292,46 +292,47 @@ function frio_acl_lookup(App $a, &$results)
 
        // we introduce a new search type, r should do the same query like it's
        // done in /mod/contacts for connections
-       if ($results["type"] == "r") {
-               $searching = false;
-               if ($search) {
-                       $search_hdr = $search;
-                       $search_txt = dbesc(protect_sprintf(preg_quote($search)));
-                       $searching = true;
-               }
-               $sql_extra = '';
-               if ($searching) {
-                       $sql_extra .= " AND (`attag` LIKE '%%" . dbesc($search_txt) . "%%' OR `name` LIKE '%%" . dbesc($search_txt) . "%%' OR `nick` LIKE '%%" . dbesc($search_txt) . "%%') ";
-               }
+       if ($results["type"] !== "r") {
+               return;
+       }
 
-               if ($nets) {
-                       $sql_extra .= sprintf(" AND network = '%s' ", dbesc($nets));
-               }
+       $searching = false;
+       if ($results["search"]) {
+               $search_txt = dbesc(protect_sprintf(preg_quote($results["search"])));
+               $searching = true;
+       }
+       
+       $sql_extra = '';
+       if ($searching) {
+               $sql_extra .= " AND (`attag` LIKE '%%" . dbesc($search_txt) . "%%' OR `name` LIKE '%%" . dbesc($search_txt) . "%%' OR `nick` LIKE '%%" . dbesc($search_txt) . "%%') ";
+       }
 
-               $r = q("SELECT COUNT(*) AS `total` FROM `contact`
-                       WHERE `uid` = %d AND NOT `self` AND NOT `pending` $sql_extra ",
-                       intval($_SESSION['uid']));
-               if (DBM::is_result($r)) {
-                       $total = $r[0]["total"];
-               }
+       if ($nets) {
+               $sql_extra .= sprintf(" AND network = '%s' ", dbesc($nets));
+       }
 
-               $sql_extra3 = Widget::unavailableNetworks();
+       $r = q("SELECT COUNT(*) AS `total` FROM `contact`
+               WHERE `uid` = %d AND NOT `self` AND NOT `pending` $sql_extra ", intval($_SESSION['uid']));
+       if (DBM::is_result($r)) {
+               $total = $r[0]["total"];
+       }
 
-               $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND NOT `self` AND NOT `pending` $sql_extra $sql_extra3 ORDER BY `name` ASC LIMIT 100 ",
-                       intval($_SESSION['uid'])
-               );
+       $sql_extra3 = Widget::unavailableNetworks();
 
-               $contacts = [];
+       $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND NOT `self` AND NOT `pending` $sql_extra $sql_extra3 ORDER BY `name` ASC LIMIT %d, %d ",
+               intval($_SESSION['uid']), intval($results['start']), intval($results['count'])
+       );
 
-               if (DBM::is_result($r)) {
-                       foreach ($r as $rr) {
-                               $contacts[] = _contact_detail_for_template($rr);
-                       }
-               }
+       $contacts = [];
 
-               $results["items"] = $contacts;
-               $results["tot"] = $total;
+       if (DBM::is_result($r)) {
+               foreach ($r as $rr) {
+                       $contacts[] = _contact_detail_for_template($rr);
+               }
        }
+
+       $results["items"] = $contacts;
+       $results["tot"] = $total;
 }
 
 /**