harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove the rest of the backticks from sql queries; replace with TQUOT const which is driver dependent

Browse Source
This commit is contained in:
zotlabs 2016-10-12 18:15:12 -07:00
parent 40bfce463d
commit 9bb847bb07
8 changed files with 141 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
Zotlabs/Module/Import.php
View File

@ -301,9 +301,9 @@ class Import extends \Zotlabs\Web\Controller {
dbesc_array($xchan); dbesc_array($xchan);
$r = dbq("INSERT INTO xchan (`" $r = dbq("INSERT INTO xchan (" . TQUOT
. implode("`, `", array_keys($xchan)) . implode(TQUOT . ", " . TQUOT, array_keys($xchan))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($xchan)) . implode("', '", array_values($xchan))
. "')" ); . "')" );
@ -387,9 +387,9 @@ class Import extends \Zotlabs\Web\Controller {
} }
dbesc_array($abook); dbesc_array($abook);
$r = dbq("INSERT INTO abook (`" $r = dbq("INSERT INTO abook (" . TQUOT
. implode("`, `", array_keys($abook)) . implode(TQUOT . ", " . TQUOT, array_keys($abook))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($abook)) . implode("', '", array_values($abook))
. "')" ); . "')" );
@ -429,13 +429,13 @@ class Import extends \Zotlabs\Web\Controller {
unset($group['id']); unset($group['id']);
$group['uid'] = $channel['channel_id']; $group['uid'] = $channel['channel_id'];
dbesc_array($group); dbesc_array($group);
$r = dbq("INSERT INTO groups (`" $r = dbq("INSERT INTO groups (" . TQUOT
. implode("`, `", array_keys($group)) . implode(TQUOT . ", " . TQUOT, array_keys($group))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($group)) . implode("', '", array_values($group))
. "')" ); . "')" );
} }
$r = q("select * from `groups` where uid = %d", $r = q("select * from groups where uid = %d",
intval($channel['channel_id']) intval($channel['channel_id'])
); );
if($r) { if($r) {
@ -456,9 +456,9 @@ class Import extends \Zotlabs\Web\Controller {
$group_member['gid'] = $x['new']; $group_member['gid'] = $x['new'];
} }
dbesc_array($group_member); dbesc_array($group_member);
$r = dbq("INSERT INTO group_member (`" $r = dbq("INSERT INTO group_member (" . TQUOT
. implode("`, `", array_keys($group_member)) . implode(TQUOT . ", " . TQUOT, array_keys($group_member))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($group_member)) . implode("', '", array_values($group_member))
. "')" ); . "')" );
} }

6
Zotlabs/Module/Profiles.php
View File

@ -119,9 +119,9 @@ class Profiles extends \Zotlabs\Web\Controller {
dbesc_array($r1[0]); dbesc_array($r1[0]);
$r2 = dbq("INSERT INTO profile (`" $r2 = dbq("INSERT INTO profile (" . TQUOT
. implode("`, `", array_keys($r1[0])) . implode(TQUOT . ", " . TQUOT, array_keys($r1[0]))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($r1[0])) . implode("', '", array_values($r1[0]))
. "')" ); . "')" );

9
include/dba/dba_driver.php
View File

@ -72,6 +72,7 @@ class DBA {
define('NULL_DATE', self::$dba->get_null_date()); define('NULL_DATE', self::$dba->get_null_date());
define('ACTIVE_DBTYPE', self::$dbtype); define('ACTIVE_DBTYPE', self::$dbtype);
define('TQUOT', self::$dba->get_table_quote());
return self::$dba; return self::$dba;
} }
@ -88,6 +89,7 @@ abstract class dba_driver {
const INSTALL_SCRIPT='install/schema_mysql.sql'; const INSTALL_SCRIPT='install/schema_mysql.sql';
const NULL_DATE = '0001-01-01 00:00:00'; const NULL_DATE = '0001-01-01 00:00:00';
const UTC_NOW = 'UTC_TIMESTAMP()'; const UTC_NOW = 'UTC_TIMESTAMP()';
const TQUOT = "`";
protected $db; protected $db;
protected $pdo = array(); protected $pdo = array();
@ -157,6 +159,11 @@ abstract class dba_driver {
return static::INSTALL_SCRIPT; return static::INSTALL_SCRIPT;
} }
function get_table_quote() {
return static::TQUOT;
}
function utcnow() { function utcnow() {
return static::UTC_NOW; return static::UTC_NOW;
} }
@ -313,7 +320,7 @@ function db_concat($fld, $sep) {
* queries return true if the command was successful or false if it wasn't. * queries return true if the command was successful or false if it wasn't.
* *
* Example: * Example:
* $r = q("SELECT * FROM `%s` WHERE `uid` = %d", * $r = q("SELECT * FROM %s WHERE `uid` = %d",
* 'user', 1); * 'user', 1);
* *
* @param string $sql The SQL query to execute * @param string $sql The SQL query to execute

1
include/dba/dba_postgres.php
View File

@ -7,6 +7,7 @@ class dba_postgres extends dba_driver {
const INSTALL_SCRIPT='install/schema_postgres.sql'; const INSTALL_SCRIPT='install/schema_postgres.sql';
const NULL_DATE = '0001-01-01 00:00:00'; const NULL_DATE = '0001-01-01 00:00:00';
const UTC_NOW = "now() at time zone 'UTC'"; const UTC_NOW = "now() at time zone 'UTC'";
const TQUOT = '"';
function connect($server,$port,$user,$pass,$db) { function connect($server,$port,$user,$pass,$db) {
if(!$port) $port = 5432; if(!$port) $port = 5432;

112
include/import.php
View File

@ -84,9 +84,9 @@ function import_channel($channel, $account_id, $seize) {
if($clean) { if($clean) {
dbesc_array($clean); dbesc_array($clean);
$r = dbq("INSERT INTO channel (`" $r = dbq("INSERT INTO channel (" . TQUOT
. implode("`, `", array_keys($clean)) . implode(TQUOT . ", " . TQUOT, array_keys($clean))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($clean)) . implode("', '", array_values($clean))
. "')" . "')"
); );
@ -132,9 +132,9 @@ function import_config($channel,$configs) {
unset($config['id']); unset($config['id']);
$config['uid'] = $channel['channel_id']; $config['uid'] = $channel['channel_id'];
dbesc_array($config); dbesc_array($config);
$r = dbq("INSERT INTO pconfig (`" $r = dbq("INSERT INTO pconfig (" . TQUOT
. implode("`, `", array_keys($config)) . implode(TQUOT . ", " . TQUOT, array_keys($config))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($config)) . implode("', '", array_values($config))
. "')" ); . "')" );
} }
@ -163,9 +163,9 @@ function import_profiles($channel,$profiles) {
$profile['thumb'] = z_root() . '/photo/profile/m/' . $channel['channel_id']; $profile['thumb'] = z_root() . '/photo/profile/m/' . $channel['channel_id'];
dbesc_array($profile); dbesc_array($profile);
$r = dbq("INSERT INTO profile (`" $r = dbq("INSERT INTO profile (" . TQUOT
. implode("`, `", array_keys($profile)) . implode(TQUOT . ", " . TQUOT, array_keys($profile))
. "`) VALUES ('" . TQUOT ") VALUES ('"
. implode("', '", array_values($profile)) . implode("', '", array_values($profile))
. "')" . "')"
); );
@ -205,9 +205,9 @@ function import_hublocs($channel,$hublocs,$seize) {
unset($hubloc['hubloc_id']); unset($hubloc['hubloc_id']);
dbesc_array($hubloc); dbesc_array($hubloc);
$r = dbq("INSERT INTO hubloc (`" $r = dbq("INSERT INTO hubloc (" . TQUOT
. implode("`, `", array_keys($hubloc)) . implode(TQUOT . ", " . TQUOT, array_keys($hubloc))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($hubloc)) . implode("', '", array_values($hubloc))
. "')" . "')"
); );
@ -244,9 +244,9 @@ function import_objs($channel,$objs) {
dbesc_array($obj); dbesc_array($obj);
$r = dbq("INSERT INTO obj (`" $r = dbq("INSERT INTO obj (" . TQUOT
. implode("`, `", array_keys($obj)) . implode(TQUOT . ", " . TQUOT, array_keys($obj))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($obj)) . implode("', '", array_values($obj))
. "')" . "')"
); );
@ -304,7 +304,7 @@ function sync_objs($channel,$objs) {
if($exists) { if($exists) {
unset($obj['obj_obj']); unset($obj['obj_obj']);
foreach($obj as $k => $v) { foreach($obj as $k => $v) {
$r = q("UPDATE obj SET `%s` = '%s' WHERE obj_obj = '%s' AND obj_channel = %d", $r = q("UPDATE obj SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE obj_obj = '%s' AND obj_channel = %d",
dbesc($k), dbesc($k),
dbesc($v), dbesc($v),
dbesc($hash), dbesc($hash),
@ -316,9 +316,9 @@ function sync_objs($channel,$objs) {
dbesc_array($obj); dbesc_array($obj);
$r = dbq("INSERT INTO obj (`" $r = dbq("INSERT INTO obj (" . TQUOT
. implode("`, `", array_keys($obj)) . implode(TQUOT . ", " . TQUOT, array_keys($obj))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($obj)) . implode("', '", array_values($obj))
. "')" . "')"
); );
@ -352,9 +352,9 @@ function import_apps($channel,$apps) {
$hash = $app['app_id']; $hash = $app['app_id'];
dbesc_array($app); dbesc_array($app);
$r = dbq("INSERT INTO app (`" $r = dbq("INSERT INTO app (" . TQUOT
. implode("`, `", array_keys($app)) . implode(TQUOT . ", " . TQUOT, array_keys($app))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($app)) . implode("', '", array_values($app))
. "')" . "')"
); );
@ -451,7 +451,7 @@ function sync_apps($channel,$apps) {
if($exists) { if($exists) {
unset($app['app_id']); unset($app['app_id']);
foreach($app as $k => $v) { foreach($app as $k => $v) {
$r = q("UPDATE app SET `%s` = '%s' WHERE app_id = '%s' AND app_channel = %d", $r = q("UPDATE app SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE app_id = '%s' AND app_channel = %d",
dbesc($k), dbesc($k),
dbesc($v), dbesc($v),
dbesc($hash), dbesc($hash),
@ -461,9 +461,9 @@ function sync_apps($channel,$apps) {
} }
else { else {
dbesc_array($app); dbesc_array($app);
$r = dbq("INSERT INTO app (`" $r = dbq("INSERT INTO app (" . TQUOT
. implode("`, `", array_keys($app)) . implode(TQUOT . ", " . TQUOT, array_keys($app))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($app)) . implode("', '", array_values($app))
. "')" . "')"
); );
@ -503,9 +503,9 @@ function import_chatrooms($channel,$chatrooms) {
$chatroom['cr_uid'] = $channel['channel_id']; $chatroom['cr_uid'] = $channel['channel_id'];
dbesc_array($chatroom); dbesc_array($chatroom);
$r = dbq("INSERT INTO chatroom (`" $r = dbq("INSERT INTO chatroom (" . TQUOT
. implode("`, `", array_keys($chatroom)) . implode(TQUOT . ", " . TQUOT, array_keys($chatroom))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($chatroom)) . implode("', '", array_values($chatroom))
. "')" . "')"
); );
@ -559,7 +559,7 @@ function sync_chatrooms($channel,$chatrooms) {
if($exists) { if($exists) {
foreach($chatroom as $k => $v) { foreach($chatroom as $k => $v) {
$r = q("UPDATE chatroom SET `%s` = '%s' WHERE cr_name = '%s' AND cr_uid = %d", $r = q("UPDATE chatroom SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE cr_name = '%s' AND cr_uid = %d",
dbesc($k), dbesc($k),
dbesc($v), dbesc($v),
dbesc($name), dbesc($name),
@ -569,9 +569,9 @@ function sync_chatrooms($channel,$chatrooms) {
} }
else { else {
dbesc_array($chatroom); dbesc_array($chatroom);
$r = dbq("INSERT INTO chatroom (`" $r = dbq("INSERT INTO chatroom (" . TQUOT
. implode("`, `", array_keys($chatroom)) . implode(TQUOT . ", " . TQUOT, array_keys($chatroom))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($chatroom)) . implode("', '", array_values($chatroom))
. "')" . "')"
); );
@ -685,9 +685,9 @@ function import_events($channel,$events) {
convert_oldfields($event,'ignore','dismissed'); convert_oldfields($event,'ignore','dismissed');
dbesc_array($event); dbesc_array($event);
$r = dbq("INSERT INTO event (`" $r = dbq("INSERT INTO event (" . TQUOT
. implode("`, `", array_keys($event)) . implode(TQUOT . ", " . TQUOT, array_keys($event))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($event)) . implode("', '", array_values($event))
. "')" . "')"
); );
@ -736,7 +736,7 @@ function sync_events($channel,$events) {
if($exists) { if($exists) {
foreach($event as $k => $v) { foreach($event as $k => $v) {
$r = q("UPDATE event SET `%s` = '%s' WHERE event_hash = '%s' AND uid = %d", $r = q("UPDATE event SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE event_hash = '%s' AND uid = %d",
dbesc($k), dbesc($k),
dbesc($v), dbesc($v),
dbesc($event['event_hash']), dbesc($event['event_hash']),
@ -746,9 +746,9 @@ function sync_events($channel,$events) {
} }
else { else {
dbesc_array($event); dbesc_array($event);
$r = dbq("INSERT INTO event (`" $r = dbq("INSERT INTO event (" . TQUOT
. implode("`, `", array_keys($event)) . implode(TQUOT . ", " . TQUOT, array_keys($event))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($event)) . implode("', '", array_values($event))
. "')" . "')"
); );
@ -928,9 +928,9 @@ function import_likes($channel,$likes) {
continue; continue;
dbesc_array($like); dbesc_array($like);
$r = dbq("INSERT INTO likes (`" $r = dbq("INSERT INTO likes (" . TQUOT
. implode("`, `", array_keys($like)) . implode(TQUOT . ", " . TQUOT, array_keys($like))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($like)) . implode("', '", array_values($like))
. "')" ); . "')" );
} }
@ -961,9 +961,9 @@ function import_conv($channel,$convs) {
continue; continue;
dbesc_array($conv); dbesc_array($conv);
$r = dbq("INSERT INTO conv (`" $r = dbq("INSERT INTO conv (" . TQUOT
. implode("`, `", array_keys($conv)) . implode(TQUOT . ", " . TQUOT, array_keys($conv))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($conv)) . implode("', '", array_values($conv))
. "')" ); . "')" );
} }
@ -1118,15 +1118,15 @@ function sync_files($channel,$files) {
foreach($att as $k => $v) { foreach($att as $k => $v) {
if($str) if($str)
$str .= ","; $str .= ",";
$str .= " `" . $k . "` = '" . $v . "' "; $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' ";
} }
$r = dbq("update `attach` set " . $str . " where id = " . intval($attach_id) ); $r = dbq("update attach set " . $str . " where id = " . intval($attach_id) );
} }
else { else {
logger('sync_files attach does not exists: ' . print_r($att,true), LOGGER_DEBUG); logger('sync_files attach does not exists: ' . print_r($att,true), LOGGER_DEBUG);
$r = dbq("INSERT INTO attach (`" $r = dbq("INSERT INTO attach (" . TQUOT
. implode("`, `", array_keys($att)) . implode(TQUOT . ", " . TQUOT, array_keys($att))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($att)) . implode("', '", array_values($att))
. "')" ); . "')" );
} }
@ -1236,14 +1236,14 @@ function sync_files($channel,$files) {
foreach($p as $k => $v) { foreach($p as $k => $v) {
if($str) if($str)
$str .= ","; $str .= ",";
$str .= " `" . $k . "` = '" . $v . "' "; $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' ";
} }
$r = dbq("update `photo` set " . $str . " where id = " . intval($exists[0]['id']) ); $r = dbq("update photo set " . $str . " where id = " . intval($exists[0]['id']) );
} }
else { else {
$r = dbq("INSERT INTO photo (`" $r = dbq("INSERT INTO photo (" . TQUOT
. implode("`, `", array_keys($p)) . implode(TQUOT . ", " . TQUOT, array_keys($p))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($p)) . implode("', '", array_values($p))
. "')" ); . "')" );
} }

14
include/items.php
View File

@ -1855,9 +1855,9 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
dbesc_array($arr); dbesc_array($arr);
$r = dbq("INSERT INTO `item` (`" $r = dbq("INSERT INTO " . TQUOT . 'item' . TQUOT . " (" . TQUOT
. implode("`, `", array_keys($arr)) . implode(TQUOT . ', ' . TQUOT, array_keys($arr))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($arr)) . implode("', '", array_values($arr))
. "')" ); . "')" );
@ -2174,7 +2174,7 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) {
foreach($arr as $k => $v) { foreach($arr as $k => $v) {
if($str) if($str)
$str .= ","; $str .= ",";
$str .= " `" . $k . "` = '" . $v . "' "; $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' ";
} }
$r = dbq("update item set " . $str . " where id = " . $orig_post_id ); $r = dbq("update item set " . $str . " where id = " . $orig_post_id );
@ -3092,9 +3092,9 @@ function mail_store($arr) {
logger('mail_store: ' . print_r($arr,true), LOGGER_DATA); logger('mail_store: ' . print_r($arr,true), LOGGER_DATA);
$r = dbq("INSERT INTO mail (`" $r = dbq("INSERT INTO mail (" . TQUOT
. implode("`, `", array_keys($arr)) . implode(TQUOT . ', ' . TQUOT, array_keys($arr))
. "`) VALUES ('" . TQUOT . ") VALUES ('"
. implode("', '", array_values($arr)) . implode("', '", array_values($arr))
. "')" ); . "')" );

100
include/photo/photo_driver.php
View File

@ -340,31 +340,31 @@ abstract class photo_driver {
intval($p['imgscale']) intval($p['imgscale'])
); );
if($x) { if($x) {
$r = q("UPDATE `photo` set $r = q("UPDATE photo set
`aid` = %d, aid = %d,
`uid` = %d, uid = %d,
`xchan` = '%s', xchan = '%s',
`resource_id` = '%s', resource_id = '%s',
`created` = '%s', created = '%s',
`edited` = '%s', edited = '%s',
`filename` = '%s', filename = '%s',
`mimetype` = '%s', mimetype = '%s',
`album` = '%s', album = '%s',
`height` = %d, height = %d,
`width` = %d, width = %d,
`content` = '%s', content = '%s',
`os_storage` = %d, os_storage = %d,
`filesize` = %d, filesize = %d,
`imgscale` = %d, imgscale = %d,
`photo_usage` = %d, photo_usage = %d,
`title` = '%s', title = '%s',
`description` = '%s', description = '%s',
`os_path` = '%s', os_path = '%s',
`display_path` = '%s', display_path = '%s',
`allow_cid` = '%s', allow_cid = '%s',
`allow_gid` = '%s', allow_gid = '%s',
`deny_cid` = '%s', deny_cid = '%s',
`deny_gid` = '%s' deny_gid = '%s'
where id = %d", where id = %d",
intval($p['aid']), intval($p['aid']),
@ -395,8 +395,8 @@ abstract class photo_driver {
); );
} }
else { else {
$r = q("INSERT INTO `photo` $r = q("INSERT INTO photo
( `aid`, `uid`, `xchan`, `resource_id`, `created`, `edited`, `filename`, mimetype, `album`, `height`, `width`, `content`, `os_storage`, `filesize`, `imgscale`, `photo_usage`, `title`, `description`, `os_path`, `display_path`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` ) ( aid, uid, xchan, resource_id, created, edited, filename, mimetype, album, height, width, content, os_storage, filesize, imgscale, photo_usage, title, description, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
intval($p['aid']), intval($p['aid']),
intval($p['uid']), intval($p['uid']),
@ -432,33 +432,33 @@ abstract class photo_driver {
public function store($aid, $uid, $xchan, $rid, $filename, $album, $scale, $usage = PHOTO_NORMAL, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') { public function store($aid, $uid, $xchan, $rid, $filename, $album, $scale, $usage = PHOTO_NORMAL, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') {
$x = q("select id from photo where `resource_id` = '%s' and uid = %d and `xchan` = '%s' and `imgscale` = %d limit 1", $x = q("select id from photo where resource_id = '%s' and uid = %d and xchan = '%s' and imgscale = %d limit 1",
dbesc($rid), dbesc($rid),
intval($uid), intval($uid),
dbesc($xchan), dbesc($xchan),
intval($scale) intval($scale)
); );
if(count($x)) { if(count($x)) {
$r = q("UPDATE `photo` $r = q("UPDATE photo
set `aid` = %d, set aid = %d,
`uid` = %d, uid = %d,
`xchan` = '%s', xchan = '%s',
`resource_id` = '%s', resource_id = '%s',
`created` = '%s', created = '%s',
`edited` = '%s', edited = '%s',
`filename` = '%s', filename = '%s',
`mimetype` = '%s', mimetype = '%s',
`album` = '%s', album = '%s',
`height` = %d, height = %d,
`width` = %d, width = %d,
`content` = '%s', content = '%s',
`filesize` = %d, filesize = %d,
`imgscale` = %d, imgscale = %d,
`photo_usage` = %d, photo_usage = %d,
`allow_cid` = '%s', allow_cid = '%s',
`allow_gid` = '%s', allow_gid = '%s',
`deny_cid` = '%s', deny_cid = '%s',
`deny_gid` = '%s' deny_gid = '%s'
where id = %d", where id = %d",
intval($aid), intval($aid),
@ -484,8 +484,8 @@ abstract class photo_driver {
); );
} }
else { else {
$r = q("INSERT INTO `photo` $r = q("INSERT INTO photo
( `aid`, `uid`, `xchan`, `resource_id`, `created`, `edited`, `filename`, mimetype, `album`, `height`, `width`, `content`, `filesize`, `imgscale`, `photo_usage`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` ) ( aid, uid, xchan, resource_id, created, edited, filename, mimetype, album, height, width, content, filesize, imgscale, photo_usage, allow_cid, allow_gid, deny_cid, deny_gid )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s' )", VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s' )",
intval($aid), intval($aid),
intval($uid), intval($uid),

5
include/zot.php
View File

@ -3521,8 +3521,9 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
if(count($clean)) { if(count($clean)) {
foreach($clean as $k => $v) { foreach($clean as $k => $v) {
$r = dbq("UPDATE profile set `" . dbesc($k) . "` = '" . dbesc($v) $r = dbq("UPDATE profile set " . TQUOT . dbesc($k) . TQUOT . " = '" . dbesc($v)
. "' where profile_guid = '" . dbesc($profile['profile_guid']) . "' and uid = " . intval($channel['channel_id'])); . "' where profile_guid = '" . dbesc($profile['profile_guid'])
. "' and uid = " . intval($channel['channel_id']));
} }
} }
} }