jakob/friendica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Replace straightforward q() calls by DBA::selectFirst or DBA::exists in mod/photos

Browse source
This commit is contained in:
Hypolite Petovan 2019-05-02 09:49:20 -04:00
parent 7b1ea6cad6
commit dd0b7d2642
1 changed files with 35 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

102
mod/photos.php
View file

@ -47,16 +47,14 @@ function photos_init(App $a) {
if ($a->argc > 1) { if ($a->argc > 1) {
$nick = $a->argv[1]; $nick = $a->argv[1];
$user = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1", $user = DBA::selectFirst('user', [], ['nickname' => $nick, 'blocked' => false]);
DBA::escape($nick)
);
if (!DBA::isResult($user)) { if (!DBA::isResult($user)) {
return; return;
} }
$a->data['user'] = $user[0]; $a->data['user'] = $user;
$a->profile_uid = $user[0]['uid']; $a->profile_uid = $user['uid'];
$is_owner = (local_user() && (local_user() == $a->profile_uid)); $is_owner = (local_user() && (local_user() == $a->profile_uid));
$profile = Profile::getByNickname($nick, $a->profile_uid); $profile = Profile::getByNickname($nick, $a->profile_uid);
@ -170,12 +168,7 @@ function photos_post(App $a)
} }
if ($contact_id > 0) { if ($contact_id > 0) {
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", if (DBA::exists('contact', ['id' => $contact_id, 'uid' => $page_owner_uid, 'blocked' => false, 'pending' => false])) {
intval($contact_id),
intval($page_owner_uid)
);
if (DBA::isResult($r)) {
$can_post = true; $can_post = true;
$visitor = $contact_id; $visitor = $contact_id;
} }
@ -285,22 +278,18 @@ function photos_post(App $a)
if (!empty($_POST['delete'])) { if (!empty($_POST['delete'])) {
// same as above but remove single photo // same as above but remove single photo
if ($visitor) { if ($visitor) {
$r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `resource-id` = '%s' LIMIT 1", $condition = ['contact-id' => $visitor, 'uid' => $page_owner_uid, 'resource-id' => $a->argv[3]];
intval($visitor),
intval($page_owner_uid),
DBA::escape($a->argv[3])
);
} else { } else {
$r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' LIMIT 1", $condition = ['uid' => local_user(), 'resource-id' => $a->argv[3]];
intval(local_user()),
DBA::escape($a->argv[3])
);
} }
if (DBA::isResult($r)) { $photo = DBA::selectFirst('photo', ['resource-id'], $condition);
Photo::delete(['uid' => $page_owner_uid, 'resource-id' => $r[0]['resource-id']]);
Item::deleteForUser(['resource-id' => $r[0]['resource-id'], 'uid' => $page_owner_uid], $page_owner_uid); if (DBA::isResult($photo)) {
Photo::delete(['uid' => $page_owner_uid, 'resource-id' => $photo['resource-id']]);
Item::deleteForUser(['resource-id' => $photo['resource-id'], 'uid' => $page_owner_uid], $page_owner_uid);
// Update the photo albums cache // Update the photo albums cache
Photo::clearAlbumCache($page_owner_uid); Photo::clearAlbumCache($page_owner_uid);
@ -453,6 +442,7 @@ function photos_post(App $a)
foreach ($tags as $tag) { foreach ($tags as $tag) {
if (strpos($tag, '@') === 0) { if (strpos($tag, '@') === 0) {
$profile = ''; $profile = '';
$contact = null;
$name = substr($tag,1); $name = substr($tag,1);
if ((strpos($name, '@')) || (strpos($name, 'http://'))) { if ((strpos($name, '@')) || (strpos($name, 'http://'))) {
@ -487,34 +477,26 @@ function photos_post(App $a)
} }
if ($tagcid) { if ($tagcid) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", $contact = DBA::selectFirst('contact', [], ['id' => $tagcid, 'uid' => $page_owner_uid]);
intval($tagcid),
intval($page_owner_uid)
);
} else { } else {
$newname = str_replace('_',' ',$name); $newname = str_replace('_',' ',$name);
//select someone from this user's contacts by name //select someone from this user's contacts by name
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", $contact = DBA::selectFirst('contact', [], ['name' => $newname, 'uid' => $page_owner_uid]);
DBA::escape($newname), if (!DBA::isResult($contact)) {
intval($page_owner_uid)
);
if (!DBA::isResult($r)) {
//select someone by attag or nick and the name passed in //select someone by attag or nick and the name passed in
$r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", $contact = DBA::selectFirst('contact', [],
DBA::escape($name), ['(`attag` = ? OR `nick` = ?) AND `uid` = ?', $name, $name, $page_owner_uid],
DBA::escape($name), ['order' => ['attag' => true]]
intval($page_owner_uid)
); );
} }
} }
if (DBA::isResult($r)) { if (DBA::isResult($contact)) {
$newname = $r[0]['name']; $newname = $contact['name'];
$profile = $r[0]['url']; $profile = $contact['url'];
$notify = 'cid:' . $r[0]['id']; $notify = 'cid:' . $contact['id'];
if (strlen($inform)) { if (strlen($inform)) {
$inform .= ','; $inform .= ',';
} }
@ -523,8 +505,8 @@ function photos_post(App $a)
} }
if ($profile) { if ($profile) {
if (substr($notify, 0, 4) === 'cid:') { if (!empty($contact)) {
$taginfo[] = [$newname, $profile, $notify, $r[0], '@[url=' . str_replace(',','%2c',$profile) . ']' . $newname . '[/url]']; $taginfo[] = [$newname, $profile, $notify, $contact, '@[url=' . str_replace(',', '%2c', $profile) . ']' . $newname . '[/url]'];
} else { } else {
$taginfo[] = [$newname, $profile, $notify, null, $str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]']; $taginfo[] = [$newname, $profile, $notify, null, $str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]'];
} }
@ -917,15 +899,12 @@ function photos_content(App $a)
} }
} }
} }
if ($contact_id) {
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", if ($contact_id) {
intval($contact_id), $contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $owner_uid, 'blocked' => false, 'pending' => false]);
intval($owner_uid)
); if (DBA::isResult($contact)) {
if (DBA::isResult($r)) {
$can_post = true; $can_post = true;
$contact = $r[0];
$remote_contact = true; $remote_contact = true;
$visitor = $contact_id; $visitor = $contact_id;
} }
@ -946,16 +925,13 @@ function photos_content(App $a)
} }
} }
} }
if ($contact_id) { if ($contact_id) {
$groups = Group::getIdsByContactId($contact_id); $groups = Group::getIdsByContactId($contact_id);
$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
intval($contact_id), $contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $owner_uid, 'blocked' => false, 'pending' => false]);
intval($owner_uid)
); $remote_contact = DBA::isResult($contact);
if (DBA::isResult($r)) {
$contact = $r[0];
$remote_contact = true;
}
} }
} }
@ -1187,12 +1163,7 @@ function photos_content(App $a)
); );
if (!DBA::isResult($ph)) { if (!DBA::isResult($ph)) {
$ph = q("SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' if (DBA::exists('photo', ['resource-id' => $datum, 'uid' => $owner_uid])) {
LIMIT 1",
intval($owner_uid),
DBA::escape($datum)
);
if (DBA::isResult($ph)) {
notice(L10n::t('Permission denied. Access to this item may be restricted.')); notice(L10n::t('Permission denied. Access to this item may be restricted.'));
} else { } else {
notice(L10n::t('Photo not available') . EOL); notice(L10n::t('Photo not available') . EOL);
@ -1323,9 +1294,6 @@ function photos_content(App $a)
'filename' => $hires['filename'], 'filename' => $hires['filename'],
]; ];
// Do we have an item for this photo? // Do we have an item for this photo?
// FIXME! - replace following code to display the conversation with our normal // FIXME! - replace following code to display the conversation with our normal