aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2012-12-06 19:18:38 -0800
committerfriendica <info@friendica.com>2012-12-06 19:18:38 -0800
commit8f864ebd193076d88c48c94da61088de930ab1bd (patch)
treeda704991195694e659946436062916e06d43d95f
parent435836b224adac299d7c6868279b014010e70d29 (diff)
downloadvolse-hubzilla-8f864ebd193076d88c48c94da61088de930ab1bd.tar.gz
volse-hubzilla-8f864ebd193076d88c48c94da61088de930ab1bd.tar.bz2
volse-hubzilla-8f864ebd193076d88c48c94da61088de930ab1bd.zip
Fixing the acl widget is going to be hard. Here's a start.
-rw-r--r--include/group.php16
-rw-r--r--mod/acl.php40
2 files changed, 33 insertions, 23 deletions
diff --git a/include/group.php b/include/group.php
index 1019daa9c..35ec72167 100644
--- a/include/group.php
+++ b/include/group.php
@@ -26,8 +26,20 @@ function group_add($uid,$name) {
}
return true;
}
- $r = q("INSERT INTO `group` ( `uid`, `name` )
- VALUES( %d, '%s' ) ",
+
+ do {
+ $dups = false;
+ $hash = random_string() . $name;
+
+ $r = q("SELECT id FROM group WHERE hash = '%s' LIMIT 1", dbesc($hash));
+ if(count($r))
+ $dups = true;
+ } while($dups == true);
+
+
+ $r = q("INSERT INTO `group` ( hash, uid, name )
+ VALUES( '%s', %d, '%s' ) ",
+ dbesc($hash),
intval($uid),
dbesc($name)
);
diff --git a/mod/acl.php b/mod/acl.php
index 7bd11765f..338996829 100644
--- a/mod/acl.php
+++ b/mod/acl.php
@@ -27,8 +27,8 @@ function acl_init(&$a){
if ($search!=""){
- $sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
- $sql_extra2 = "AND (`attag` LIKE '%%".dbesc($search)."%%' OR `name` LIKE '%%".dbesc($search)."%%' OR `nick` LIKE '%%".dbesc($search)."%%')";
+ $sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
+ $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . ") ";
$col = ((strpos($search,'@') !== false) ? 'xchan_addr' : 'xchan_name' );
$sql_extra3 = "AND $col like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
@@ -48,14 +48,14 @@ function acl_init(&$a){
}
if ($type=='' || $type=='c'){
- $r = q("SELECT COUNT(`id`) AS c FROM `contact`
- WHERE `uid` = %d AND `self` = 0
- AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
- AND `notify` != '' $sql_extra2" ,
- intval(local_user())
+ $r = q("SELECT COUNT(abook_id) AS c FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE abook_channel = %d AND not ( abook_flags & %d ) $sql_extra2" ,
+ intval(local_user()),
+ intval(ABOOK_FLAG_SELF|ABOOK_FLAG_BLOCKED|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVE)
);
$contact_count = (int)$r[0]['c'];
}
+
elseif ($type == 'm') {
// autocomplete for Private Messages
@@ -94,7 +94,8 @@ function acl_init(&$a){
if ($type=='' || $type=='g'){
- $r = q("SELECT `group`.`id`, `group`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`xchan` SEPARATOR ',') as uids
+ $r = q("SELECT `group`.`id`, `group`.`hash`, `group`.`name`,
+ GROUP_CONCAT(DISTINCT `group_member`.`xchan` SEPARATOR ',') as uids
FROM `group`,`group_member`
WHERE `group`.`deleted` = 0 AND `group`.`uid` = %d
AND `group_member`.`gid`=`group`.`id`
@@ -113,24 +114,23 @@ function acl_init(&$a){
"type" => "g",
"photo" => "images/twopeople.png",
"name" => $g['name'],
- "id" => intval($g['id']),
- "uids" => array_map("intval", explode(",",$g['uids'])),
+ "id" => $g['hash'],
+ "uids" => explode(",",$g['uids']),
"link" => ''
);
}
}
- if ($type=='' || $type=='c'){
-
- $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact`
- WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
- $sql_extra2
- ORDER BY `name` ASC ",
- intval(local_user())
+ if ($type=='' || $type=='c') {
+ $r = q("SELECT xchan_hash as id, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick
+ FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE abook_channel = %d AND not ( abook_flags & %d ) $sql_extra2 order by xchan_name asc" ,
+ intval(local_user()),
+ intval(ABOOK_FLAG_SELF|ABOOK_FLAG_BLOCKED|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVE)
);
}
elseif($type == 'm') {
-dbg(1);
+
$r = q("SELECT xchan_hash as id, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d ))
@@ -139,7 +139,6 @@ dbg(1);
intval(local_user()),
intval(PERMS_W_MAIL)
);
-dbg(0);
}
elseif($type == 'a') {
$r = q("SELECT abook_id as id, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag FROM abook left join xchan on abook_xchan = xchan_hash
@@ -186,8 +185,7 @@ dbg(0);
"type" => "c",
"photo" => $g['micro'],
"name" => $g['name'],
- "id" => intval($g['id']),
- "network" => $g['network'],
+ "id" => $g['id'],
"link" => $g['url'],
"nick" => $g['nick'],
);