jakob/friendica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Simplify openid query, and (needlessly) quote all fields

Browse source 
Fields quoting was requested by rabuzarus
This commit is contained in:
Sandro Santilli 2016-05-25 16:06:16 +02:00
parent b7bc428630
commit 10e6a243ea
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
mod/openid.php
View file

@ -18,7 +18,6 @@ function openid_content(&$a) {
if($openid->validate()) {
#$authid = normalise_openid($_REQUEST['openid_identity']);
$authid = $_REQUEST['openid_identity'];
if(! strlen($authid)) {
@ -31,9 +30,11 @@ function openid_content(&$a) {
// mod/settings.php in 8367cad so it might have left mixed
// records in the user table
//
$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
FROM `user` WHERE ( openid = '%s' OR openid = '%s' ) AND blocked = 0
AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1",
$r = q("SELECT * FROM `user`
WHERE ( `openid` = '%s' OR `openid` = '%s' )
AND `blocked` = 0 AND `account_expired` = 0
AND `account_removed` = 0 AND `verified` = 1
LIMIT 1",
dbesc($authid), dbesc(normalise_openid($authid))
);