harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more backticks

Browse Source
This commit is contained in:
redmatrix 2016-10-03 21:48:53 -07:00
parent c44acb3575
commit ce6e81c682
11 changed files with 128 additions and 238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Zotlabs/Module/Channel.php
View File

@ -185,7 +185,7 @@ class Channel extends \Zotlabs\Web\Controller {
$_SESSION['loadtime'] = datetime_convert(); $_SESSION['loadtime'] = datetime_convert();
} }
else { else {
$r = q("SELECT distinct parent AS `item_id`, created from item $r = q("SELECT distinct parent AS item_id, created from item
left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
WHERE uid = %d $item_normal WHERE uid = %d $item_normal
AND item_wall = 1 $simple_update AND item_wall = 1 $simple_update
@ -251,10 +251,10 @@ class Channel extends \Zotlabs\Web\Controller {
$parents_str = ids_to_querystr($r,'item_id'); $parents_str = ids_to_querystr($r,'item_id');
$items = q("SELECT `item`.*, `item`.`id` AS `item_id` $items = q("SELECT item.*, item.id AS item_id
FROM `item` FROM item
WHERE `item`.`uid` = %d $item_normal WHERE item.uid = %d $item_normal
AND `item`.`parent` IN ( %s ) AND item.parent IN ( %s )
$sql_extra ", $sql_extra ",
intval(\App::$profile['profile_uid']), intval(\App::$profile['profile_uid']),
dbesc($parents_str) dbesc($parents_str)

14
Zotlabs/Module/Display.php
View File

@ -214,8 +214,8 @@ class Display extends \Zotlabs\Web\Controller {
$r = q("SELECT * from item $r = q("SELECT * from item
WHERE mid = '%s' WHERE mid = '%s'
AND (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = ''
AND `item`.`deny_gid` = '' AND item_private = 0 ) AND item.deny_gid = '' AND item_private = 0 )
and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
OR uid = %d ) OR uid = %d )
$sql_extra ) $sql_extra )
@ -258,8 +258,8 @@ class Display extends \Zotlabs\Web\Controller {
$r = q("SELECT * from item $r = q("SELECT * from item
WHERE mid = '%s' WHERE mid = '%s'
AND (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = ''
AND `item`.`deny_gid` = '' AND item_private = 0 ) AND item.deny_gid = '' AND item_private = 0 )
and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
OR uid = %d ) OR uid = %d )
$sql_extra ) $sql_extra )
@ -282,8 +282,8 @@ class Display extends \Zotlabs\Web\Controller {
$parents_str = ids_to_querystr($r,'id'); $parents_str = ids_to_querystr($r,'id');
if($parents_str) { if($parents_str) {
$items = q("SELECT `item`.*, `item`.`id` AS `item_id` $items = q("SELECT item.*, item.id AS item_id
FROM `item` FROM item
WHERE parent in ( %s ) $item_normal ", WHERE parent in ( %s ) $item_normal ",
dbesc($parents_str) dbesc($parents_str)
); );
@ -321,7 +321,7 @@ class Display extends \Zotlabs\Web\Controller {
/* /*
elseif((! $update) && (! { elseif((! $update) && (! {
$r = q("SELECT `id`, item_flags FROM `item` WHERE `id` = '%s' OR `mid` = '%s' LIMIT 1", $r = q("SELECT id, item_flags FROM item WHERE id = '%s' OR mid = '%s' LIMIT 1",
dbesc($item_hash), dbesc($item_hash),
dbesc($item_hash) dbesc($item_hash)
); );

8
Zotlabs/Module/Item.php
View File

@ -154,13 +154,13 @@ class Item extends \Zotlabs\Web\Controller {
$obj_type = ACTIVITY_OBJ_COMMENT; $obj_type = ACTIVITY_OBJ_COMMENT;
if($parent) { if($parent) {
$r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", $r = q("SELECT * FROM item WHERE id = %d LIMIT 1",
intval($parent) intval($parent)
); );
} }
elseif($parent_mid && $uid) { elseif($parent_mid && $uid) {
// This is coming from an API source, and we are logged in // This is coming from an API source, and we are logged in
$r = q("SELECT * FROM `item` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", $r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d LIMIT 1",
dbesc($parent_mid), dbesc($parent_mid),
intval($uid) intval($uid)
); );
@ -170,7 +170,7 @@ class Item extends \Zotlabs\Web\Controller {
$parid = $r[0]['parent']; $parid = $r[0]['parent'];
$parent_mid = $r[0]['mid']; $parent_mid = $r[0]['mid'];
if($r[0]['id'] != $r[0]['parent']) { if($r[0]['id'] != $r[0]['parent']) {
$r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", $r = q("SELECT * FROM item WHERE id = parent AND parent = %d LIMIT 1",
intval($parid) intval($parid)
); );
} }
@ -244,7 +244,7 @@ class Item extends \Zotlabs\Web\Controller {
$iconfig = null; $iconfig = null;
if($post_id) { if($post_id) {
$i = q("SELECT * FROM `item` WHERE `uid` = %d AND `id` = %d LIMIT 1", $i = q("SELECT * FROM item WHERE uid = %d AND id = %d LIMIT 1",
intval($profile_uid), intval($profile_uid),
intval($post_id) intval($post_id)
); );

47
Zotlabs/Module/Msearch.php
View File

@ -1,47 +0,0 @@
<?php
namespace Zotlabs\Module;
class Msearch extends \Zotlabs\Web\Controller {
function post() {
$perpage = (($_POST['n']) ? $_POST['n'] : 80);
$page = (($_POST['p']) ? intval($_POST['p'] - 1) : 0);
$startrec = (($page+1) * $perpage) - $perpage;
$search = $_POST['s'];
if(! strlen($search))
killme();
$r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is_default` = 1 AND `user`.`hidewall` = 0 AND MATCH `keywords` AGAINST ('%s') ",
dbesc($search)
);
if(count($r))
$total = $r[0]['total'];
$r = q("SELECT `keywords`, `username`, `nickname`, `user`.`uid` FROM `user` LEFT JOIN `profile` ON `user`.`uid` = `profile`.`uid` WHERE `is_default` = 1 AND `user`.`hidewall` = 0 AND MATCH `keywords` AGAINST ('%s') LIMIT %d , %d ",
dbesc($search),
intval($startrec),
intval($perpage)
);
$results = array();
if(count($r)) {
foreach($r as $rr)
$results[] = array(
'name' => $rr['name'],
'url' => z_root() . '/channel/' . $rr['nickname'],
'photo' => z_root() . '/photo/avatar/' . $rr['uid'],
'tags' => str_replace(array(',',' '),array(' ',' '),$rr['keywords'])
);
}
$output = array('total' => $total, 'items_page' => $perpage, 'page' => $page + 1, 'results' => $results);
echo json_encode($output);
killme();
}
}

113
Zotlabs/Module/Notifications.php
View File

@ -1,70 +1,11 @@
<?php <?php
namespace Zotlabs\Module; namespace Zotlabs\Module;
require_once('include/bbcode.php');
class Notifications extends \Zotlabs\Web\Controller { class Notifications extends \Zotlabs\Web\Controller {
function post() { function get() {
if(! local_channel()) {
goaway(z_root());
}
$request_id = ((\App::$argc > 1) ? \App::$argv[1] : 0);
if($request_id === "all")
return;
if($request_id) {
$r = q("SELECT * FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($request_id),
intval(local_channel())
);
if(count($r)) {
$intro_id = $r[0]['id'];
$contact_id = $r[0]['contact-id'];
}
else {
notice( t('Invalid request identifier.') . EOL);
return;
}
// If it is a friend suggestion, the contact is not a new friend but an existing friend
// that should not be deleted.
$fid = $r[0]['fid'];
if($_POST['submit'] == t('Discard')) {
$r = q("DELETE FROM `intro` WHERE `id` = %d",
intval($intro_id)
);
if(! $fid) {
// The check for blocked and pending is in case the friendship was already approved
// and we just want to get rid of the now pointless notification
$r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1",
intval($contact_id),
intval(local_channel())
);
}
goaway(z_root() . '/notifications/intros');
}
if($_POST['submit'] == t('Ignore')) {
$r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d",
intval($intro_id));
goaway(z_root() . '/notifications/intros');
}
}
}
function get() {
if(! local_channel()) { if(! local_channel()) {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
@ -74,36 +15,32 @@ class Notifications extends \Zotlabs\Web\Controller {
nav_set_selected('notifications'); nav_set_selected('notifications');
$o = ''; $o = '';
$notif_tpl = get_markup_template('notifications.tpl'); $r = q("SELECT * from notify where uid = %d and seen = 0 order by created desc",
intval(local_channel())
);
$not_tpl = get_markup_template('notify.tpl'); if($r) {
require_once('include/bbcode.php'); $notifications_available = 1;
foreach ($r as $it) {
$r = q("SELECT * from notify where uid = %d and seen = 0 order by created desc", $notif_content .= replace_macros(get_markup_template('notify.tpl'),array(
intval(local_channel()) '$item_link' => z_root().'/notify/view/'. $it['id'],
); '$item_image' => $it['photo'],
'$item_text' => strip_tags(bbcode($it['msg'])),
if ($r > 0) { '$item_when' => relative_date($it['created'])
$notifications_available =1; ));
foreach ($r as $it) {
$notif_content .= replace_macros($not_tpl,array(
'$item_link' => z_root().'/notify/view/'. $it['id'],
'$item_image' => $it['photo'],
'$item_text' => strip_tags(bbcode($it['msg'])),
'$item_when' => relative_date($it['created'])
));
}
} else {
$notif_content .= t('No more system notifications.');
} }
}
else {
$notif_content .= t('No more system notifications.');
}
$o .= replace_macros($notif_tpl,array( $o .= replace_macros(get_markup_template('notifications.tpl'),array(
'$notif_header' => t('System Notifications'), '$notif_header' => t('System Notifications'),
'$notif_link_mark_seen' => t('Mark all system notifications seen'), '$notif_link_mark_seen' => t('Mark all system notifications seen'),
'$notif_content' => $notif_content, '$notif_content' => $notif_content,
'$notifications_available' => $notifications_available, '$notifications_available' => $notifications_available,
)); ));
return $o; return $o;
} }

34
Zotlabs/Module/Photos.php
View File

@ -195,7 +195,7 @@ class Photos extends \Zotlabs\Web\Controller {
if(! $ob_hash) if(! $ob_hash)
goaway(z_root() . '/' . $_SESSION['photo_return']); goaway(z_root() . '/' . $_SESSION['photo_return']);
$r = q("SELECT `id`, `resource_id` FROM `photo` WHERE ( xchan = '%s' or `uid` = %d ) AND `resource_id` = '%s' LIMIT 1", $r = q("SELECT id, resource_id FROM photo WHERE ( xchan = '%s' or uid = %d ) AND resource_id = '%s' LIMIT 1",
dbesc($ob_hash), dbesc($ob_hash),
intval(local_channel()), intval(local_channel()),
dbesc(\App::$argv[2]) dbesc(\App::$argv[2])
@ -241,7 +241,7 @@ class Photos extends \Zotlabs\Web\Controller {
( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) { ( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) {
logger('rotate'); logger('rotate');
$r = q("select * from photo where `resource_id` = '%s' and uid = %d and imgscale = 0 limit 1", $r = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0 limit 1",
dbesc($resource_id), dbesc($resource_id),
intval($page_owner_uid) intval($page_owner_uid)
); );
@ -270,7 +270,7 @@ class Photos extends \Zotlabs\Web\Controller {
$fsize = strlen($data); $fsize = strlen($data);
} }
$x = q("update photo set content = '%s', filesize = %d, height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 0", $x = q("update photo set content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 0",
dbescbin($data), dbescbin($data),
intval($fsize), intval($fsize),
intval($height), intval($height),
@ -285,7 +285,7 @@ class Photos extends \Zotlabs\Web\Controller {
$width = $ph->getWidth(); $width = $ph->getWidth();
$height = $ph->getHeight(); $height = $ph->getHeight();
$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 1", $x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 1",
dbescbin($ph->imageString()), dbescbin($ph->imageString()),
intval($height), intval($height),
intval($width), intval($width),
@ -300,7 +300,7 @@ class Photos extends \Zotlabs\Web\Controller {
$width = $ph->getWidth(); $width = $ph->getWidth();
$height = $ph->getHeight(); $height = $ph->getHeight();
$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 2", $x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 2",
dbescbin($ph->imageString()), dbescbin($ph->imageString()),
intval($height), intval($height),
intval($width), intval($width),
@ -315,7 +315,7 @@ class Photos extends \Zotlabs\Web\Controller {
$width = $ph->getWidth(); $width = $ph->getWidth();
$height = $ph->getHeight(); $height = $ph->getHeight();
$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 3", $x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 3",
dbescbin($ph->imageString()), dbescbin($ph->imageString()),
intval($height), intval($height),
intval($width), intval($width),
@ -333,7 +333,7 @@ class Photos extends \Zotlabs\Web\Controller {
if($p) { if($p) {
$ext = $phototypes[$p[0]['mimetype']]; $ext = $phototypes[$p[0]['mimetype']];
$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", $r = q("UPDATE photo SET description = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' WHERE resource_id = '%s' AND uid = %d",
dbesc($desc), dbesc($desc),
dbesc($perm['allow_cid']), dbesc($perm['allow_cid']),
dbesc($perm['allow_gid']), dbesc($perm['allow_gid']),
@ -367,7 +367,7 @@ class Photos extends \Zotlabs\Web\Controller {
} }
if($item_id) { if($item_id) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1",
intval($item_id), intval($item_id),
intval($page_owner_uid) intval($page_owner_uid)
); );
@ -695,8 +695,8 @@ class Photos extends \Zotlabs\Web\Controller {
\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n"; \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n";
$r = q("SELECT `resource_id`, max(`imgscale`) AS `imgscale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' $r = q("SELECT resource_id, max(imgscale) AS imgscale FROM photo WHERE uid = %d AND album = '%s'
AND `imgscale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`", AND imgscale <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id",
intval($owner_uid), intval($owner_uid),
dbesc($album), dbesc($album),
intval(PHOTO_NORMAL), intval(PHOTO_NORMAL),
@ -843,8 +843,8 @@ class Photos extends \Zotlabs\Web\Controller {
// fetch image, item containing image, then comments // fetch image, item containing image, then comments
$ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,description,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM photo WHERE uid = %d AND resource_id = '%s'
$sql_extra ORDER BY `imgscale` ASC ", $sql_extra ORDER BY imgscale ASC ",
intval($owner_uid), intval($owner_uid),
dbesc($datum) dbesc($datum)
); );
@ -875,8 +875,8 @@ class Photos extends \Zotlabs\Web\Controller {
$order = 'DESC'; $order = 'DESC';
$prvnxt = q("SELECT `resource_id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `imgscale` = 0 $prvnxt = q("SELECT resource_id FROM photo WHERE album = '%s' AND uid = %d AND imgscale = 0
$sql_extra ORDER BY `created` $order ", $sql_extra ORDER BY created $order ",
dbesc($ph[0]['album']), dbesc($ph[0]['album']),
intval($owner_uid) intval($owner_uid)
); );
@ -993,7 +993,7 @@ class Photos extends \Zotlabs\Web\Controller {
} }
if((local_channel()) && (local_channel() == $link_item['uid'])) { if((local_channel()) && (local_channel() == $link_item['uid'])) {
q("UPDATE `item` SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1", q("UPDATE item SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1",
intval($link_item['parent']), intval($link_item['parent']),
intval(local_channel()) intval(local_channel())
); );
@ -1283,8 +1283,8 @@ class Photos extends \Zotlabs\Web\Controller {
\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n"; \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n";
$r = q("SELECT `resource_id`, max(`imgscale`) AS `imgscale` FROM `photo` WHERE `uid` = %d $r = q("SELECT resource_id, max(imgscale) AS imgscale FROM photo WHERE uid = %d
and photo_usage in ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`", and photo_usage in ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id",
intval(\App::$data['channel']['channel_id']), intval(\App::$data['channel']['channel_id']),
intval(PHOTO_NORMAL), intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE), intval(PHOTO_PROFILE),

12
Zotlabs/Module/Ping.php
View File

@ -173,7 +173,7 @@ class Ping extends \Zotlabs\Web\Controller {
); );
break; break;
case 'all_events': case 'all_events':
$r = q("update event set `dismissed` = 1 where `dismissed` = 0 and uid = %d AND dtstart < '%s' AND dtstart > '%s' ", $r = q("update event set dismissed = 1 where dismissed = 0 and uid = %d AND dtstart < '%s' AND dtstart > '%s' ",
intval(local_channel()), intval(local_channel()),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
@ -325,9 +325,9 @@ class Ping extends \Zotlabs\Web\Controller {
$result = array(); $result = array();
$r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash $r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash
WHERE `event`.`uid` = %d AND dtstart < '%s' AND dtstart > '%s' and `dismissed` = 0 WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
and etype in ( 'event', 'birthday' ) and etype in ( 'event', 'birthday' )
ORDER BY `dtstart` DESC LIMIT 1000", ORDER BY dtstart DESC LIMIT 1000",
intval(local_channel()), intval(local_channel()),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
@ -443,10 +443,10 @@ class Ping extends \Zotlabs\Web\Controller {
$t5 = dba_timer(); $t5 = dba_timer();
if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) { if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) {
$events = q("SELECT etype, dtstart, adjust FROM `event` $events = q("SELECT etype, dtstart, adjust FROM event
WHERE `event`.`uid` = %d AND dtstart < '%s' AND dtstart > '%s' and `dismissed` = 0 WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
and etype in ( 'event', 'birthday' ) and etype in ( 'event', 'birthday' )
ORDER BY `dtstart` ASC ", ORDER BY dtstart ASC ",
intval(local_channel()), intval(local_channel()),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))

100
Zotlabs/Module/Profiles.php
View File

@ -16,7 +16,7 @@ class Profiles extends \Zotlabs\Web\Controller {
} }
if((argc() > 2) && (argv(1) === "drop") && intval(argv(2))) { if((argc() > 2) && (argv(1) === "drop") && intval(argv(2))) {
$r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d AND `is_default` = 0 LIMIT 1", $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d AND is_default = 0 LIMIT 1",
intval(argv(2)), intval(argv(2)),
intval(local_channel()) intval(local_channel())
); );
@ -36,7 +36,7 @@ class Profiles extends \Zotlabs\Web\Controller {
dbesc($profile_guid), dbesc($profile_guid),
intval(local_channel()) intval(local_channel())
); );
$r = q("DELETE FROM `profile` WHERE `id` = %d AND `uid` = %d", $r = q("DELETE FROM profile WHERE id = %d AND uid = %d",
intval(argv(2)), intval(argv(2)),
intval(local_channel()) intval(local_channel())
); );
@ -61,16 +61,16 @@ class Profiles extends \Zotlabs\Web\Controller {
// check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't'); // check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't');
$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d", $r0 = q("SELECT id FROM profile WHERE uid = %d",
intval(local_channel())); intval(local_channel()));
$num_profiles = count($r0); $num_profiles = count($r0);
$name = t('Profile-') . ($num_profiles + 1); $name = t('Profile-') . ($num_profiles + 1);
$r1 = q("SELECT `fullname`, `photo`, `thumb` FROM `profile` WHERE `uid` = %d AND `is_default` = 1 LIMIT 1", $r1 = q("SELECT fullname, photo, thumb FROM profile WHERE uid = %d AND is_default = 1 LIMIT 1",
intval(local_channel())); intval(local_channel()));
$r2 = q("INSERT INTO `profile` (`aid`, `uid` , `profile_guid`, `profile_name` , `fullname`, `photo`, `thumb`) $r2 = q("INSERT INTO profile (aid, uid , profile_guid, profile_name , fullname, photo, thumb)
VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s' )", VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s' )",
intval(get_account_id()), intval(get_account_id()),
intval(local_channel()), intval(local_channel()),
@ -81,7 +81,7 @@ class Profiles extends \Zotlabs\Web\Controller {
dbesc($r1[0]['thumb']) dbesc($r1[0]['thumb'])
); );
$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile_name` = '%s' LIMIT 1", $r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1",
intval(local_channel()), intval(local_channel()),
dbesc($name) dbesc($name)
); );
@ -97,12 +97,12 @@ class Profiles extends \Zotlabs\Web\Controller {
check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't'); check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't');
$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d", $r0 = q("SELECT id FROM profile WHERE uid = %d",
intval(local_channel())); intval(local_channel()));
$num_profiles = count($r0); $num_profiles = count($r0);
$name = t('Profile-') . ($num_profiles + 1); $name = t('Profile-') . ($num_profiles + 1);
$r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1", $r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1",
intval(local_channel()), intval(local_channel()),
intval(\App::$argv[2]) intval(\App::$argv[2])
); );
@ -119,13 +119,13 @@ class Profiles extends \Zotlabs\Web\Controller {
dbesc_array($r1[0]); dbesc_array($r1[0]);
$r2 = dbq("INSERT INTO `profile` (`" $r2 = dbq("INSERT INTO profile (`"
. implode("`, `", array_keys($r1[0])) . implode("`, `", array_keys($r1[0]))
. "`) VALUES ('" . "`) VALUES ('"
. implode("', '", array_values($r1[0])) . implode("', '", array_values($r1[0]))
. "')" ); . "')" );
$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile_name` = '%s' LIMIT 1", $r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1",
intval(local_channel()), intval(local_channel()),
dbesc($name) dbesc($name)
); );
@ -143,7 +143,7 @@ class Profiles extends \Zotlabs\Web\Controller {
if((argc() > 2) && (argv(1) === 'export')) { if((argc() > 2) && (argv(1) === 'export')) {
$r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1", $r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1",
intval(local_channel()), intval(local_channel()),
intval(argv(2)) intval(argv(2))
); );
@ -181,7 +181,7 @@ class Profiles extends \Zotlabs\Web\Controller {
if($x) if($x)
$id = $x[0]['id']; $id = $x[0]['id'];
} }
$r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1",
intval($id), intval($id),
intval(local_channel()) intval(local_channel())
); );
@ -238,7 +238,7 @@ class Profiles extends \Zotlabs\Web\Controller {
if((argc() > 1) && (argv(1) !== "new") && intval(argv(1))) { if((argc() > 1) && (argv(1) !== "new") && intval(argv(1))) {
$orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", $orig = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1",
intval(\App::$argv[1]), intval(\App::$argv[1]),
intval(local_channel()) intval(local_channel())
); );
@ -484,41 +484,41 @@ class Profiles extends \Zotlabs\Web\Controller {
} }
$r = q("UPDATE `profile` $r = q("UPDATE profile
SET `profile_name` = '%s', SET profile_name = '%s',
`fullname` = '%s', fullname = '%s',
`pdesc` = '%s', pdesc = '%s',
`gender` = '%s', gender = '%s',
`dob` = '%s', dob = '%s',
`address` = '%s', address = '%s',
`locality` = '%s', locality = '%s',
`region` = '%s', region = '%s',
`postal_code` = '%s', postal_code = '%s',
`country_name` = '%s', country_name = '%s',
`marital` = '%s', marital = '%s',
`partner` = '%s', partner = '%s',
`howlong` = '%s', howlong = '%s',
`sexual` = '%s', sexual = '%s',
`homepage` = '%s', homepage = '%s',
`hometown` = '%s', hometown = '%s',
`politic` = '%s', politic = '%s',
`religion` = '%s', religion = '%s',
`keywords` = '%s', keywords = '%s',
`likes` = '%s', likes = '%s',
`dislikes` = '%s', dislikes = '%s',
`about` = '%s', about = '%s',
`interest` = '%s', interest = '%s',
`contact` = '%s', contact = '%s',
`channels` = '%s', channels = '%s',
`music` = '%s', music = '%s',
`book` = '%s', book = '%s',
`tv` = '%s', tv = '%s',
`film` = '%s', film = '%s',
`romance` = '%s', romance = '%s',
`employment` = '%s', employment = '%s',
`education` = '%s', education = '%s',
`hide_friends` = %d hide_friends = %d
WHERE `id` = %d AND `uid` = %d", WHERE id = %d AND uid = %d",
dbesc($profile_name), dbesc($profile_name),
dbesc($name), dbesc($name),
dbesc($pdesc), dbesc($pdesc),
@ -617,7 +617,7 @@ class Profiles extends \Zotlabs\Web\Controller {
if($x) if($x)
$id = $x[0]['id']; $id = $x[0]['id'];
} }
$r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1",
intval($id), intval($id),
intval(local_channel()) intval(local_channel())
); );
@ -755,7 +755,7 @@ class Profiles extends \Zotlabs\Web\Controller {
} }
else { else {
$r = q("SELECT * FROM `profile` WHERE `uid` = %d", $r = q("SELECT * FROM profile WHERE uid = %d",
local_channel()); local_channel());
if($r) { if($r) {

12
Zotlabs/Module/Search.php
View File

@ -79,7 +79,7 @@ class Search extends \Zotlabs\Web\Controller {
return $o; return $o;
if($tag) { if($tag) {
$sql_extra = sprintf(" AND `item`.`id` IN (select `oid` from term where otype = %d and ttype in ( %d , %d) and term = '%s') ", $sql_extra = sprintf(" AND item.id IN (select oid from term where otype = %d and ttype in ( %d , %d) and term = '%s') ",
intval(TERM_OBJ_POST), intval(TERM_OBJ_POST),
intval(TERM_HASHTAG), intval(TERM_HASHTAG),
intval(TERM_COMMUNITYTAG), intval(TERM_COMMUNITYTAG),
@ -88,7 +88,7 @@ class Search extends \Zotlabs\Web\Controller {
} }
else { else {
$regstr = db_getfunc('REGEXP'); $regstr = db_getfunc('REGEXP');
$sql_extra = sprintf(" AND `item`.`body` $regstr '%s' ", dbesc(protect_sprintf(preg_quote($search)))); $sql_extra = sprintf(" AND item.body $regstr '%s' ", dbesc(protect_sprintf(preg_quote($search))));
} }
// Here is the way permissions work in the search module... // Here is the way permissions work in the search module...
@ -165,8 +165,8 @@ class Search extends \Zotlabs\Web\Controller {
} }
if(local_channel()) { if(local_channel()) {
$r = q("SELECT $prefix mid, item.id as item_id, item.* from item $r = q("SELECT $prefix mid, item.id as item_id, item.* from item
WHERE ((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND item_private = 0 ) WHERE ((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 )
OR ( `item`.`uid` = %d )) OR item.owner_xchan = '%s' ) OR ( item.uid = %d )) OR item.owner_xchan = '%s' )
$item_normal $item_normal
$sql_extra $sql_extra
$suffix $pager_sql ", $suffix $pager_sql ",
@ -176,8 +176,8 @@ class Search extends \Zotlabs\Web\Controller {
} }
if($r === null) { if($r === null) {
$r = q("SELECT $prefix mid, item.id as item_id, item.* from item $r = q("SELECT $prefix mid, item.id as item_id, item.* from item
WHERE (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' WHERE (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = ''
AND `item`.`deny_gid` = '' AND item_private = 0 ) AND item.deny_gid = '' AND item_private = 0 )
and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
$pub_sql ) OR owner_xchan = '%s') $pub_sql ) OR owner_xchan = '%s')
$item_normal $item_normal

6
Zotlabs/Module/Tagrm.php
View File

@ -18,7 +18,7 @@ class Tagrm extends \Zotlabs\Web\Controller {
$tag = ((x($_POST,'tag')) ? trim($_POST['tag']) : ''); $tag = ((x($_POST,'tag')) ? trim($_POST['tag']) : '');
$item = ((x($_POST,'item')) ? intval($_POST['item']) : 0 ); $item = ((x($_POST,'item')) ? intval($_POST['item']) : 0 );
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1",
intval($item), intval($item),
intval(local_channel()) intval(local_channel())
); );
@ -67,7 +67,7 @@ class Tagrm extends \Zotlabs\Web\Controller {
$item = intval(argv(2)); $item = intval(argv(2));
$tag = argv(3); $tag = argv(3);
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1",
intval($item), intval($item),
intval(local_channel()) intval(local_channel())
); );
@ -107,7 +107,7 @@ class Tagrm extends \Zotlabs\Web\Controller {
$item = intval(argv(2)); $item = intval(argv(2));
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1",
intval($item), intval($item),
intval(local_channel()) intval(local_channel())
); );

10
Zotlabs/Web/SessionHandler.php
View File

@ -18,13 +18,13 @@ class SessionHandler implements \SessionHandlerInterface {
function read ($id) { function read ($id) {
if($id) { if($id) {
$r = q("SELECT `sess_data` FROM `session` WHERE `sid`= '%s'", dbesc($id)); $r = q("SELECT sess_data FROM session WHERE sid= '%s'", dbesc($id));
if($r) { if($r) {
return $r[0]['sess_data']; return $r[0]['sess_data'];
} }
else { else {
q("INSERT INTO `session` (sess_data, sid, expire) values ('%s', '%s', '%s')", q("INSERT INTO session (sess_data, sid, expire) values ('%s', '%s', '%s')",
dbesc(''), dbesc(''),
dbesc($id), dbesc($id),
dbesc(time() + 300) dbesc(time() + 300)
@ -59,8 +59,8 @@ class SessionHandler implements \SessionHandlerInterface {
$expire = time() + (60 * 60 * 24 * 1); $expire = time() + (60 * 60 * 24 * 1);
} }
q("UPDATE `session` q("UPDATE session
SET `sess_data` = '%s', `expire` = '%s' WHERE `sid` = '%s'", SET sess_data = '%s', expire = '%s' WHERE sid = '%s'",
dbesc($data), dbesc($data),
dbesc($expire), dbesc($expire),
dbesc($id) dbesc($id)
@ -76,7 +76,7 @@ class SessionHandler implements \SessionHandlerInterface {
function destroy ($id) { function destroy ($id) {
q("DELETE FROM `session` WHERE `sid` = '%s'", dbesc($id)); q("DELETE FROM session WHERE sid = '%s'", dbesc($id));
return true; return true;
} }