]> git.mxchange.org Git - friendica.git/commitdiff
projects / friendica.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 40fa941)
Bugfix for pictures that weren't stored / reworked database calls
authorMichael <heluecht@pirati.ca>
Fri, 15 Sep 2017 19:41:30 +0000 (19:41 +0000)
committerMichael <heluecht@pirati.ca>
Fri, 15 Sep 2017 19:41:30 +0000 (19:41 +0000)
12 files changed:
include/Contact.php patch | blob | history
include/Photo.php patch | blob | history
include/dba.php patch | blob | history
include/dfrn.php patch | blob | history
include/message.php patch | blob | history
include/threads.php patch | blob | history
mod/delegate.php patch | blob | history
mod/profiles.php patch | blob | history
mod/proxy.php patch | blob | history
mod/search.php patch | blob | history
mod/settings.php patch | blob | history
mod/suggest.php patch | blob | history

diff --git a/include/Contact.php b/include/Contact.php
index 7d480ab020759e7f979ece2bf5f84395d09701f9..69c3b121f8be29c0e88b27612f8b09a1fc79d5eb 100644 (file)
--- a/include/Contact.php
+++ b/include/Contact.php
@@ -9,27 +9,27 @@ use Friendica\Network\Probe;
 // authorisation to do this.
 
 function user_remove($uid) {
-       if(! $uid)
+       if (!$uid) {
                return;
+       }
+
        logger('Removing user: ' . $uid);
 
-       $r = q("select * from user where uid = %d limit 1", intval($uid));
+       $r = dba::select('user', array(), array('uid' => $uid), array("limit" => 1));
 
-       call_hooks('remove_user',$r[0]);
+       call_hooks('remove_user',$r);
 
        // save username (actually the nickname as it is guaranteed
        // unique), so it cannot be re-registered in the future.
 
-       q("insert into userd ( username ) values ( '%s' )",
-               $r[0]['nickname']
-       );
+       dba::insert('userd', array('username' => $r['nickname']));
 
        // The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
        q("UPDATE `user` SET `account_removed` = 1, `account_expires_on` = UTC_TIMESTAMP() WHERE `uid` = %d", intval($uid));
        proc_run(PRIORITY_HIGH, "include/notifier.php", "removeme", $uid);
 
        // Send an update to the directory
-       proc_run(PRIORITY_LOW, "include/directory.php", $r[0]['url']);
+       proc_run(PRIORITY_LOW, "include/directory.php", $r['url']);
 
        if($uid == local_user()) {
                unset($_SESSION['authenticated']);
diff --git a/include/Photo.php b/include/Photo.php
index f02ee130a0c865ce878eac2788011933bbeed5a8..78d448fbc240814eb432888384fc5d548ade937f 100644 (file)
--- a/include/Photo.php
+++ b/include/Photo.php
@@ -628,92 +628,24 @@ class Photo {
 
        public function store($uid, $cid, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '', $desc = '') {
 
-               $r = q("SELECT `guid` FROM `photo` WHERE `resource-id` = '%s' AND `guid` != '' LIMIT 1",
-                       dbesc($rid)
-               );
+               $r = dba::select('photo', array('guid'), array("`resource-id` = ? AND `guid` != ?", $rid, ''), array('limit' => 1));
                if (dbm::is_result($r)) {
-                       $guid = $r[0]['guid'];
+                       $guid = $r['guid'];
                } else {
                        $guid = get_guid();
                }
 
-               $x = q("SELECT `id` FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `contact-id` = %d AND `scale` = %d LIMIT 1",
-                       dbesc($rid),
-                       intval($uid),
-                       intval($cid),
-                       intval($scale)
-               );
+               $x = dba::select('photo', array('id'), array('resource-id' => $rid, 'uid' => $uid, 'contact-id' => $cid, 'scale' => $scale), array('limit' => 1));
+
+               $fields = array('uid' => $uid, 'contact-id' => $cid, 'guid' => $guid, 'resource-id' => $rid, 'created' => datetime_convert(), 'edited' => datetime_convert(),
+                               'filename' => basename($filename), 'type' => $this->getType(), 'album' => $album, 'height' => $this->getHeight(), 'width' => $this->getWidth(),
+                               'datasize' => strlen($this->imageString()), 'data' => $this->imageString(), 'scale' => $scale, 'profile' => $profile,
+                               'allow_cid' => $allow_cid, 'allow_gid' => $allow_gid, 'deny_cid' => $deny_cid, 'deny_gid' => $deny_gid, 'desc' => $desc);
+
                if (dbm::is_result($x)) {
-                       $r = q("UPDATE `photo`
-                               SET `uid` = %d,
-                               `contact-id` = %d,
-                               `guid` = '%s',
-                               `resource-id` = '%s',
-                               `created` = '%s',
-                               `edited` = '%s',
-                               `filename` = '%s',
-                               `type` = '%s',
-                               `album` = '%s',
-                               `height` = %d,
-                               `width` = %d,
-                               `datasize` = %d,
-                               `data` = '%s',
-                               `scale` = %d,
-                               `profile` = %d,
-                               `allow_cid` = '%s',
-                               `allow_gid` = '%s',
-                               `deny_cid` = '%s',
-                               `deny_gid` = '%s',
-                               `desc` = '%s'
-                               WHERE `id` = %d",
-
-                               intval($uid),
-                               intval($cid),
-                               dbesc($guid),
-                               dbesc($rid),
-                               dbesc(datetime_convert()),
-                               dbesc(datetime_convert()),
-                               dbesc(basename($filename)),
-                               dbesc($this->getType()),
-                               dbesc($album),
-                               intval($this->getHeight()),
-                               intval($this->getWidth()),
-                               dbesc(strlen($this->imageString())),
-                               dbesc($this->imageString()),
-                               intval($scale),
-                               intval($profile),
-                               dbesc($allow_cid),
-                               dbesc($allow_gid),
-                               dbesc($deny_cid),
-                               dbesc($deny_gid),
-                               dbesc($desc),
-                               intval($x[0]['id'])
-                       );
+                       $r = dba::update('photo', $fields, array('id' => $x['id']));
                } else {
-                       $r = q("INSERT INTO `photo`
-                               (`uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `datasize`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `desc`)
-                               VALUES (%d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s')",
-                               intval($uid),
-                               intval($cid),
-                               dbesc($guid),
-                               dbesc($rid),
-                               dbesc(datetime_convert()),
-                               dbesc(datetime_convert()),
-                               dbesc(basename($filename)),
-                               dbesc($this->getType()),
-                               dbesc($album),
-                               intval($this->getHeight()),
-                               intval($this->getWidth()),
-                               dbesc(strlen($this->imageString())),
-                               dbesc($this->imageString()),
-                               intval($scale),
-                               intval($profile),
-                               dbesc($allow_cid),
-                               dbesc($allow_gid),
-                               dbesc($deny_cid),
-                               dbesc($deny_gid),
-                               dbesc($desc)
-                       );
+                       $r = dba::insert('photo', $fields);
                }
 
                return $r;
diff --git a/include/dba.php b/include/dba.php
index 9bf7a67d46de9cdc5055e7195ba97d0ce1cc8996..fa33f245aeb0210c3a23030f16c4f3d72e3ceaf1 100644 (file)
--- a/include/dba.php
+++ b/include/dba.php
@@ -1400,37 +1400,6 @@ function qu($sql) {
        return false;
 }
 
-/**
- *
- * Raw db query, no arguments
- *
- */
-function dbq($sql) {
-       global $db;
-
-       if ($db && $db->connected) {
-               $ret = $db->q($sql);
-       } else {
-               $ret = false;
-       }
-       return $ret;
-}
-
-// Caller is responsible for ensuring that any integer arguments to
-// dbesc_array are actually integers and not malformed strings containing
-// SQL injection vectors. All integer array elements should be specifically
-// cast to int to avoid trouble.
-function dbesc_array_cb(&$item, $key) {
-       if (is_string($item))
-               $item = dbesc($item);
-}
-
-function dbesc_array(&$arr) {
-       if (is_array($arr) && count($arr)) {
-               array_walk($arr,'dbesc_array_cb');
-       }
-}
-
 function dba_timer() {
        return microtime(true);
 }
diff --git a/include/dfrn.php b/include/dfrn.php
index c8e89fe40fc0b5787217bbdee96e903fdaa205a1..9a821a9d9125fe6a7c414a9df0c4ce50a637279d 100644 (file)
--- a/include/dfrn.php
+++ b/include/dfrn.php
@@ -1669,9 +1669,7 @@ class dfrn {
                $msg["seen"] = 0;
                $msg["replied"] = 0;
 
-               dbm::esc_array($msg, true);
-
-               $r = dbq("INSERT INTO `mail` (`".implode("`, `", array_keys($msg))."`) VALUES (".implode(", ", array_values($msg)).")");
+               dba::insert('mail', $msg);
 
                // send notifications.
                /// @TODO Arange this mess
diff --git a/include/message.php b/include/message.php
index 6800663b5c838a4b831a3e4ba71bd8cfbbec3d1a..59146214164f92c92094eacc22bf563308e436dd 100644 (file)
--- a/include/message.php
+++ b/include/message.php
@@ -60,22 +60,14 @@ function send_message($recipient=0, $body='', $subject='', $replyto=''){
 
                $handles = $recip_handle . ';' . $sender_handle;
 
-               $r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ",
-                       intval(local_user()),
-                       dbesc($conv_guid),
-                       dbesc($sender_handle),
-                       dbesc(datetime_convert()),
-                       dbesc(datetime_convert()),
-                       dbesc($subject),
-                       dbesc($handles)
-               );
+               $fields = array('uid' => local_user(), 'guid' => $conv_guid, 'creator' => $sender_handle,
+                               'created' => datetime_convert(), 'updated' => datetime_convert(),
+                               'subject' => $subject, 'recips' => $handles);
+               $r = dba::insert('conv', $fields);
 
-               $r = q("select * from conv where guid = '%s' and uid = %d limit 1",
-                       dbesc($conv_guid),
-                       intval(local_user())
-               );
+               $r = dba::select('conv', array('id', array('guid' => $conv_guid, 'uid' => local_user())), array('limit' => 1));
                if (dbm::is_result($r))
-                       $convid = $r[0]['id'];
+                       $convid = $r['id'];
        }
 
        if (! $convid) {
@@ -194,28 +186,18 @@ function send_wallmessage($recipient='', $body='', $subject='', $replyto=''){
 
        $handles = $recip_handle . ';' . $sender_handle;
 
-       $r = q("INSERT INTO `conv` (`uid`,`guid`,`creator`,`created`,`updated`,`subject`,`recips`) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ",
-               intval($recipient['uid']),
-               dbesc($conv_guid),
-               dbesc($sender_handle),
-               dbesc(datetime_convert()),
-               dbesc(datetime_convert()),
-               dbesc($subject),
-               dbesc($handles)
-       );
-
-       $r = q("SELECT * FROM `conv` WHERE `guid` = '%s' AND `uid` = %d LIMIT 1",
-               dbesc($conv_guid),
-               intval($recipient['uid'])
-       );
-
+       $fields = array('uid' => $recipient['uid'], 'guid' => $conv_guid, 'creator' => $sender_handle,
+                       'created' => datetime_convert(), 'updated' => datetime_convert(),
+                       'subject' => $subject, 'recips' => $handles);
+       $r = dba::insert('conv', $fields);
 
-       if (! dbm::is_result($r)) {
+       $r = dba::select('conv', array('id', array('guid' => $conv_guid, 'uid' => $recipient['uid'])), array('limit' => 1));
+       if (!dbm::is_result($r)) {
                logger('send message: conversation not found.');
                return -4;
        }
 
-       $convid = $r[0]['id'];
+       $convid = $r['id'];
 
        $r = q("INSERT INTO `mail` ( `uid`, `guid`, `convid`, `from-name`, `from-photo`, `from-url`,
                `contact-id`, `title`, `body`, `seen`, `reply`, `replied`, `uri`, `parent-uri`, `created`, `unknown`)
diff --git a/include/threads.php b/include/threads.php
index 4cb881569389a7093f72d6d2b42502dec9a5fbd3..906766da8707179afbb39f4c596901a3f9717a9f 100644 (file)
--- a/include/threads.php
+++ b/include/threads.php
@@ -16,11 +16,7 @@ function add_thread($itemid, $onlyshadow = false) {
        $item['iid'] = $itemid;
 
        if (!$onlyshadow) {
-               $result = dbq("INSERT INTO `thread` (`"
-                               .implode("`, `", array_keys($item))
-                               ."`) VALUES ('"
-                               .implode("', '", array_values($item))
-                               ."')");
+               $result = dba::insert('thread', $item);
 
                logger("Add thread for item ".$itemid." - ".print_r($result, true), LOGGER_DEBUG);
        }
diff --git a/mod/delegate.php b/mod/delegate.php
index 4d35d46c70ca8bd5c9feaeb1e8a68c4c0f58b5a4..4bccf1142ae0884f61285207e960e3ce9c5cf804 100644 (file)
--- a/mod/delegate.php
+++ b/mod/delegate.php
@@ -35,10 +35,7 @@ function delegate_content(App $a) {
                                dbesc(normalise_link(System::baseUrl() . '/profile/' . $r[0]['nickname']))
                        );
                        if (dbm::is_result($r)) {
-                               q("insert into manage ( uid, mid ) values ( %d , %d ) ",
-                                       intval($a->argv[2]),
-                                       intval(local_user())
-                               );
+                               dba::insert('manage', array('uid' => $a->argv[2], 'mid' => local_user()));
                        }
                }
                goaway(System::baseUrl() . '/delegate');
diff --git a/mod/profiles.php b/mod/profiles.php
index 42f458756338bb21235f7d938f788241810e73ab..4a1d1ad93479033342ec504ff7cfa949b3f0ce78 100644 (file)
--- a/mod/profiles.php
+++ b/mod/profiles.php
@@ -108,13 +108,7 @@ function profiles_init(App $a) {
                $r1[0]['net-publish'] = 0;
                $r1[0]['profile-name'] = dbesc($name);
 
-               dbm::esc_array($r1[0], true);
-
-               $r2 = dbq("INSERT INTO `profile` (`"
-                       . implode("`, `", array_keys($r1[0]))
-                       . "`) VALUES ("
-                       . implode(", ", array_values($r1[0]))
-                       . ")" );
+               dba::insert('profile', $r1[0]);
 
                $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
                        intval(local_user()),
diff --git a/mod/proxy.php b/mod/proxy.php
index 20d02af85a174ae9c743e365a1b5a789acd7b049..d6f76da70bdf9a514e994cc8bf00a77deef49301 100644 (file)
--- a/mod/proxy.php
+++ b/mod/proxy.php
@@ -142,10 +142,10 @@ function proxy_init(App $a) {
        $r = array();
 
        if (!$direct_cache && ($cachefile == '')) {
-               $r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", $urlhash);
+               $r = dba::select('photo', array('data', 'desc'), array('resource-id' => $urlhash), array('limit' => 1));
                if (dbm::is_result($r)) {
-                       $img_str = $r[0]['data'];
-                       $mime = $r[0]['desc'];
+                       $img_str = $r['data'];
+                       $mime = $r['desc'];
                        if ($mime == '') {
                                $mime = 'image/jpeg';
                        }
@@ -181,23 +181,11 @@ function proxy_init(App $a) {
                                die();
                        }
 
-                       q("INSERT INTO `photo`
-                       ( `uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, `album`, `height`, `width`, `desc`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
-                       VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s' )",
-                               0, 0, get_guid(), dbesc($urlhash),
-                               dbesc(datetime_convert()),
-                               dbesc(datetime_convert()),
-                               dbesc(basename(dbesc($_REQUEST['url']))),
-                               dbesc(''),
-                               intval(imagesy($image)),
-                               intval(imagesx($image)),
-                               $mime,
-                               dbesc($img_str),
-                               100,
-                               intval(0),
-                               dbesc(''), dbesc(''), dbesc(''), dbesc('')
-                       );
-
+                       $fields = array('uid' => 0, 'contact-id' => 0, 'guid' => get_guid(), 'resource-id' => $urlhash, 'created' => datetime_convert(), 'edited' => datetime_convert(),
+                               'filename' => basename($_REQUEST['url']), 'type' => '', 'album' => '', 'height' => imagesy($image), 'width' => imagesx($image),
+                               'datasize' => 0, 'data' => $img_str, 'scale' => 100, 'profile' => 0,
+                               'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '', 'desc' => $mime);
+                       dba::insert('photo', $fields);
                } else {
                        $img = new Photo($img_str, $mime);
                        if ($img->is_valid() && !$direct_cache && ($cachefile == '')) {
diff --git a/mod/search.php b/mod/search.php
index 1975a05bf662e7a0df98b39c8ef86ebc385e913c..ee652ee8aa9431f7bace8b1bf01ba242211f7100 100644 (file)
--- a/mod/search.php
+++ b/mod/search.php
@@ -11,7 +11,7 @@ function search_saved_searches() {
 
        $o = '';
 
-       if(! feature_enabled(local_user(),'savedsearch'))
+       if (! feature_enabled(local_user(),'savedsearch'))
                return $o;
 
        $r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d",
@@ -50,30 +50,23 @@ function search_init(App $a) {
 
        $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
 
-       if(local_user()) {
-               if(x($_GET,'save') && $search) {
+       if (local_user()) {
+               if (x($_GET,'save') && $search) {
                        $r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1",
                                intval(local_user()),
                                dbesc($search)
                        );
-                       if (! dbm::is_result($r)) {
-                               q("INSERT INTO `search` (`uid`,`term`) VALUES ( %d, '%s')",
-                                       intval(local_user()),
-                                       dbesc($search)
-                               );
+                       if (!dbm::is_result($r)) {
+                               dbm::insert('search', array('uid' => local_user(), 'term' => $search));
                        }
                }
-               if(x($_GET,'remove') && $search) {
-                       q("DELETE FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1",
-                               intval(local_user()),
-                               dbesc($search)
-                       );
+               if (x($_GET,'remove') && $search) {
+                       dbm::delete('search', array('uid' => local_user(), 'term' => $search));
                }
 
                $a->page['aside'] .= search_saved_searches();
 
-       }
-       else {
+       } else {
                unset($_SESSION['theme']);
                unset($_SESSION['mobile-theme']);
        }
@@ -85,7 +78,7 @@ function search_init(App $a) {
 
 
 function search_post(App $a) {
-       if(x($_POST,'search'))
+       if (x($_POST,'search'))
                $a->data['search'] = $_POST['search'];
 }
 
@@ -135,13 +128,13 @@ function search_content(App $a) {
 
        nav_set_selected('search');
 
-       if(x($a->data,'search'))
+       if (x($a->data,'search'))
                $search = notags(trim($a->data['search']));
        else
                $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
 
        $tag = false;
-       if(x($_GET,'tag')) {
+       if (x($_GET,'tag')) {
                $tag = true;
                $search = ((x($_GET,'tag')) ? notags(trim(rawurldecode($_GET['tag']))) : '');
        }
@@ -154,18 +147,18 @@ function search_content(App $a) {
                '$content' => search($search,'search-box','search',((local_user()) ? true : false), false)
        ));
 
-       if(strpos($search,'#') === 0) {
+       if (strpos($search,'#') === 0) {
                $tag = true;
                $search = substr($search,1);
        }
-       if(strpos($search,'@') === 0) {
+       if (strpos($search,'@') === 0) {
                return dirfind_content($a);
        }
-       if(strpos($search,'!') === 0) {
+       if (strpos($search,'!') === 0) {
                return dirfind_content($a);
        }
 
-       if(x($_GET,'search-option'))
+       if (x($_GET,'search-option'))
                switch($_GET['search-option']) {
                        case 'fulltext':
                                break;
@@ -180,7 +173,7 @@ function search_content(App $a) {
                                break;
                }
 
-       if(! $search)
+       if (! $search)
                return $o;
 
        if (get_config('system','only_tag_search'))
@@ -191,7 +184,7 @@ function search_content(App $a) {
        // OR your own posts if you are a logged in member
        // No items will be shown if the member has a blocked profile wall.
 
-       if($tag) {
+       if ($tag) {
                logger("Start tag search for '".$search."'", LOGGER_DEBUG);
 
                $r = q("SELECT %s
@@ -224,7 +217,7 @@ function search_content(App $a) {
        }
 
 
-       if($tag)
+       if ($tag)
                $title = sprintf( t('Items tagged with: %s'), $search);
        else
                $title = sprintf( t('Results for: %s'), $search);
diff --git a/mod/settings.php b/mod/settings.php
index c98e1b99be5cdeb371e429a12c9313b9fa68475d..9970d32595a9815a3792b394891790e6ff3d4143 100644 (file)
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -231,17 +231,12 @@ function settings_post(App $a) {
                                        intval(local_user())
                                );
                                if (! dbm::is_result($r)) {
-                                       q("INSERT INTO `mailacct` (`uid`) VALUES (%d)",
-                                               intval(local_user())
-                                       );
+                                       dba::insert('mailacct', array('uid' => local_user()));
                                }
                                if(strlen($mail_pass)) {
                                        $pass = '';
                                        openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']);
-                                       q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d",
-                                               dbesc(bin2hex($pass)),
-                                               intval(local_user())
-                                       );
+                                       dba::update('mailacct', array('pass' => bin2hex($pass)), array('uid' => local_user()));
                                }
                                $r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s',
                                        `action` = %d, `movetofolder` = '%s',
diff --git a/mod/suggest.php b/mod/suggest.php
index 19e89f05ba7155c85334aeac1373f7ae80a84589..e71c726952c582f5c24aefad147763b4bb3e6184 100644 (file)
--- a/mod/suggest.php
+++ b/mod/suggest.php
@@ -39,10 +39,7 @@ function suggest_init(App $a) {
                }
                // Now check how the user responded to the confirmation query
                if (!$_REQUEST['canceled']) {
-                       q("INSERT INTO `gcign` ( `uid`, `gcid` ) VALUES ( %d, %d ) ",
-                               intval(local_user()),
-                               intval($_GET['ignore'])
-                       );
+                       dba::insert('gcign', array('uid' => local_user(), 'gcid' => $_GET['ignore']));
                }
        }
 
Unnamed repository; edit this file 'description' to name the repository.