]> git.mxchange.org Git - quix0rs-gnu-social.git/commitdiff
Only show profiles of local users
authorZach Copley <zach@status.net>
Sat, 5 Mar 2011 01:25:58 +0000 (17:25 -0800)
committerZach Copley <zach@status.net>
Sat, 5 Mar 2011 01:25:58 +0000 (17:25 -0800)
plugins/Directory/actions/userdirectory.php
plugins/Directory/lib/sortablesubscriptionlist.php

index 7b8dbbdf6071077a4898f43ca01e1d6de8f62bde..60ab43693bc1f72f363958615f6c366f19a7c908 100644 (file)
@@ -119,7 +119,8 @@ class UserdirectoryAction extends Action
         parent::prepare($args);
 
         $this->page   = ($this->arg('page')) ? ($this->arg('page') + 0) : 1;
-        $this->filter = $this->arg('filter') ? $this->arg('filter') : 'all';
+        $filter       = $this->arg('filter');
+        $this->filter = isset($filter) ? $filter : 'all';
         $this->sort   = $this->arg('sort');
         $this->order  = $this->boolean('asc'); // ascending or decending
 
@@ -225,26 +226,30 @@ class UserdirectoryAction extends Action
      */
     function getUsers()
     {
-        $offset = ($this->page - 1) * PROFILES_PER_PAGE;
-        $limit  =  PROFILES_PER_PAGE + 1;
 
         $profile = new Profile();
 
-        // XXX Any chance of SQL injection here?
+        $offset = ($this->page - 1) * PROFILES_PER_PAGE;
+        $limit  = PROFILES_PER_PAGE + 1;
+        $sort   = $this->getSortKey();
+        $sql    = 'SELECT profile.* FROM profile, user WHERE profile.id = user.id';
 
         if ($this->filter != 'all') {
-            $profile->whereAdd(
-                sprintf('LEFT(lower(nickname), 1) = \'%s\'', $this->filter)
+            $sql .= sprintf(
+                ' AND LEFT(LOWER(profile.nickname), 1) = \'%s\'',
+                $this->filter
             );
         }
 
-        $sort  = $this->getSortKey();
-        $order = ($this->order) ? 'ASC' : 'DESC';
-
-        $profile->orderBy("$sort $order, nickname");
-        $profile->limit($limit, $offset);
+        $sql .= sprintf(
+            ' ORDER BY profile.%s %s, profile.nickname DESC LIMIT %d, %d',
+            $sort,
+            ($this->order) ? 'ASC' : 'DESC',
+            $offset,
+            $limit
+        );
 
-        $profile->find();
+        $profile->query($sql);
 
         return $profile;
     }
index 2a412a628d6f3ab95e15405369bb1dfa0fc67939..a22aeadb3d25873337abd7012ec328afaa068e87 100644 (file)
@@ -245,4 +245,15 @@ class SortableSubscriptionListItem extends SubscriptionListItem
         $this->out->elementEnd('td');
     }
 
+    /**
+     * Only show the tags if we're logged in
+     */
+    function showTags()
+    {
+         if (common_logged_in()) {
+            parent::showTags();
+        }
+
+    }
+
 }