From b0dd16696a466b43ca5b3d4fb10864c8e0b58e74 Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Mon, 2 Dec 2013 20:30:24 +0100 Subject: [PATCH] Solving some more SQL warnings ("limit" must never be used in update statements) --- mod/dfrn_request.php | 16 ++++++++-------- mod/notifications.php | 32 ++++++++++++++++---------------- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 5a32d946e2..b609a5451c 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -96,16 +96,16 @@ function dfrn_request_post(&$a) { else $contact_record = $r[0]; } - + if(is_array($contact_record)) { - $r = q("UPDATE `contact` SET `ret-aes` = %d, hidden = %d WHERE `id` = %d LIMIT 1", + $r = q("UPDATE `contact` SET `ret-aes` = %d, hidden = %d WHERE `id` = %d", intval($aes_allow), intval($hidden), intval($contact_record['id']) ); } else { - + /** * Scrape the other site's profile page to pick up the dfrn links, key, fn, and photo */ @@ -406,7 +406,7 @@ function dfrn_request_post(&$a) { `uri-date` = '%s', `avatar-date` = '%s', `hidden` = 0, - WHERE `id` = %d LIMIT 1 + WHERE `id` = %d ", dbesc($photos[0]), dbesc($photos[1]), @@ -486,7 +486,7 @@ function dfrn_request_post(&$a) { if(is_array($contact_record)) { // There is a contact record but no issued-id, so this // is a reciprocal introduction from a known contact - $r = q("UPDATE `contact` SET `issued-id` = '%s' WHERE `id` = %d LIMIT 1", + $r = q("UPDATE `contact` SET `issued-id` = '%s' WHERE `id` = %d", dbesc($issued_id), intval($contact_record['id']) ); @@ -565,7 +565,7 @@ function dfrn_request_post(&$a) { if(count($r)) $contact_record = $r[0]; } - + } if($r === false) { notice( t('Failed to update contact record.') . EOL ); @@ -573,7 +573,7 @@ function dfrn_request_post(&$a) { } $hash = random_string() . (string) time(); // Generate a confirm_key - + if(is_array($contact_record)) { $ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`) VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )", @@ -741,7 +741,7 @@ function dfrn_request_content(&$a) { // If we are auto_confirming, this record will have already been nuked // in dfrn_confirm_post() - $r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s' LIMIT 1", + $r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s'", dbesc($_GET['confirm_key']) ); } diff --git a/mod/notifications.php b/mod/notifications.php index c7f8e1bbd9..cde7fda0c6 100644 --- a/mod/notifications.php +++ b/mod/notifications.php @@ -5,9 +5,9 @@ function notifications_post(&$a) { if(! local_user()) { goaway(z_root()); } - + $request_id = (($a->argc > 1) ? $a->argv[1] : 0); - + if($request_id === "all") return; @@ -17,7 +17,7 @@ function notifications_post(&$a) { intval($request_id), intval(local_user()) ); - + if(count($r)) { $intro_id = $r[0]['id']; $contact_id = $r[0]['contact-id']; @@ -35,7 +35,7 @@ function notifications_post(&$a) { if($_POST['submit'] == t('Discard')) { $r = q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", intval($intro_id) - ); + ); if(! $fid) { // The check for blocked and pending is in case the friendship was already approved @@ -49,7 +49,7 @@ function notifications_post(&$a) { goaway($a->get_baseurl(true) . '/notifications/intros'); } if($_POST['submit'] == t('Ignore')) { - $r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d LIMIT 1", + $r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d", intval($intro_id)); goaway($a->get_baseurl(true) . '/notifications/intros'); } @@ -67,7 +67,7 @@ function notifications_content(&$a) { return; } - nav_set_selected('notifications'); + nav_set_selected('notifications'); $json = (($a->argc > 1 && $a->argv[$a->argc - 1] === 'json') ? true : false); @@ -105,19 +105,19 @@ function notifications_content(&$a) { 'sel'=> '', ), ); - + $o = ""; - + if( (($a->argc > 1) && ($a->argv[1] == 'intros')) || (($a->argc == 1))) { nav_set_selected('introductions'); if(($a->argc > 2) && ($a->argv[2] == 'all')) $sql_extra = ''; else $sql_extra = " AND `ignore` = 0 "; - + $notif_tpl = get_markup_template('notifications.tpl'); - + $notif_content .= '' . ((strlen($sql_extra)) ? t('Show Ignored Requests') : t('Hide Ignored Requests')) . '' . "\r\n"; @@ -189,12 +189,12 @@ function notifications_content(&$a) { '$as_friend' => t('Friend'), '$as_fan' => (($rr['network'] == NETWORK_DIASPORA) ? t('Sharer') : t('Fan/Admirer')) )); - } + } $notif_content .= replace_macros($tpl, array( '$str_notifytype' => t('Notification type: '), '$notify_type' => (($rr['network'] !== NETWORK_OSTATUS) ? t('Friend/Connect Request') : t('New Follower')), - '$dfrn_text' => $dfrn_text, + '$dfrn_text' => $dfrn_text, '$dfrn_id' => $rr['issued-id'], '$uid' => $_SESSION['uid'], '$intro_id' => $rr['intro_id'], @@ -221,14 +221,14 @@ function notifications_content(&$a) { '$tabs' => $tabs, '$notif_content' => $notif_content, )); - + $o .= paginate($a); return $o; - + } else if (($a->argc > 1) && ($a->argv[1] == 'network')) { - + $notif_tpl = get_markup_template('notifications.tpl'); - + $r = q("SELECT `item`.`id`,`item`.`parent`, `item`.`verb`, `item`.`author-name`, `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object` as `object`, `pitem`.`author-name` as `pname`, `pitem`.`author-link` as `plink`