diff options
author | friendica <info@friendica.com> | 2012-12-06 19:18:38 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2012-12-06 19:18:38 -0800 |
commit | 8f864ebd193076d88c48c94da61088de930ab1bd (patch) | |
tree | da704991195694e659946436062916e06d43d95f | |
parent | 435836b224adac299d7c6868279b014010e70d29 (diff) | |
download | volse-hubzilla-8f864ebd193076d88c48c94da61088de930ab1bd.tar.gz volse-hubzilla-8f864ebd193076d88c48c94da61088de930ab1bd.tar.bz2 volse-hubzilla-8f864ebd193076d88c48c94da61088de930ab1bd.zip |
Fixing the acl widget is going to be hard. Here's a start.
-rw-r--r-- | include/group.php | 16 | ||||
-rw-r--r-- | mod/acl.php | 40 |
2 files changed, 33 insertions, 23 deletions
diff --git a/include/group.php b/include/group.php index 1019daa9c..35ec72167 100644 --- a/include/group.php +++ b/include/group.php @@ -26,8 +26,20 @@ function group_add($uid,$name) { } return true; } - $r = q("INSERT INTO `group` ( `uid`, `name` ) - VALUES( %d, '%s' ) ", + + do { + $dups = false; + $hash = random_string() . $name; + + $r = q("SELECT id FROM group WHERE hash = '%s' LIMIT 1", dbesc($hash)); + if(count($r)) + $dups = true; + } while($dups == true); + + + $r = q("INSERT INTO `group` ( hash, uid, name ) + VALUES( '%s', %d, '%s' ) ", + dbesc($hash), intval($uid), dbesc($name) ); diff --git a/mod/acl.php b/mod/acl.php index 7bd11765f..338996829 100644 --- a/mod/acl.php +++ b/mod/acl.php @@ -27,8 +27,8 @@ function acl_init(&$a){ if ($search!=""){ - $sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'"; - $sql_extra2 = "AND (`attag` LIKE '%%".dbesc($search)."%%' OR `name` LIKE '%%".dbesc($search)."%%' OR `nick` LIKE '%%".dbesc($search)."%%')"; + $sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " "; + $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . ") "; $col = ((strpos($search,'@') !== false) ? 'xchan_addr' : 'xchan_name' ); $sql_extra3 = "AND $col like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " "; @@ -48,14 +48,14 @@ function acl_init(&$a){ } if ($type=='' || $type=='c'){ - $r = q("SELECT COUNT(`id`) AS c FROM `contact` - WHERE `uid` = %d AND `self` = 0 - AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 - AND `notify` != '' $sql_extra2" , - intval(local_user()) + $r = q("SELECT COUNT(abook_id) AS c FROM abook left join xchan on abook_xchan = xchan_hash + WHERE abook_channel = %d AND not ( abook_flags & %d ) $sql_extra2" , + intval(local_user()), + intval(ABOOK_FLAG_SELF|ABOOK_FLAG_BLOCKED|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVE) ); $contact_count = (int)$r[0]['c']; } + elseif ($type == 'm') { // autocomplete for Private Messages @@ -94,7 +94,8 @@ function acl_init(&$a){ if ($type=='' || $type=='g'){ - $r = q("SELECT `group`.`id`, `group`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`xchan` SEPARATOR ',') as uids + $r = q("SELECT `group`.`id`, `group`.`hash`, `group`.`name`, + GROUP_CONCAT(DISTINCT `group_member`.`xchan` SEPARATOR ',') as uids FROM `group`,`group_member` WHERE `group`.`deleted` = 0 AND `group`.`uid` = %d AND `group_member`.`gid`=`group`.`id` @@ -113,24 +114,23 @@ function acl_init(&$a){ "type" => "g", "photo" => "images/twopeople.png", "name" => $g['name'], - "id" => intval($g['id']), - "uids" => array_map("intval", explode(",",$g['uids'])), + "id" => $g['hash'], + "uids" => explode(",",$g['uids']), "link" => '' ); } } - if ($type=='' || $type=='c'){ - - $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact` - WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != '' - $sql_extra2 - ORDER BY `name` ASC ", - intval(local_user()) + if ($type=='' || $type=='c') { + $r = q("SELECT xchan_hash as id, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick + FROM abook left join xchan on abook_xchan = xchan_hash + WHERE abook_channel = %d AND not ( abook_flags & %d ) $sql_extra2 order by xchan_name asc" , + intval(local_user()), + intval(ABOOK_FLAG_SELF|ABOOK_FLAG_BLOCKED|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVE) ); } elseif($type == 'm') { -dbg(1); + $r = q("SELECT xchan_hash as id, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )) @@ -139,7 +139,6 @@ dbg(1); intval(local_user()), intval(PERMS_W_MAIL) ); -dbg(0); } elseif($type == 'a') { $r = q("SELECT abook_id as id, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag FROM abook left join xchan on abook_xchan = xchan_hash @@ -186,8 +185,7 @@ dbg(0); "type" => "c", "photo" => $g['micro'], "name" => $g['name'], - "id" => intval($g['id']), - "network" => $g['network'], + "id" => $g['id'], "link" => $g['url'], "nick" => $g['nick'], ); |