diff options
author | zotlabs <mike@macgirvin.com> | 2018-05-20 20:19:11 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2018-05-20 20:19:11 -0700 |
commit | 0044906fabbfeb837326982bbc8d3fcc64b47fa8 (patch) | |
tree | aa855fe68a468626b15f9b954c000680bb405b0b /Zotlabs/Module/Settings/Oauth2.php | |
parent | ac8706e919d62a3a487fe3776e03160454ca8992 (diff) | |
parent | 469809183d232761b8984848c133f9f11f5e7cea (diff) | |
download | volse-hubzilla-0044906fabbfeb837326982bbc8d3fcc64b47fa8.tar.gz volse-hubzilla-0044906fabbfeb837326982bbc8d3fcc64b47fa8.tar.bz2 volse-hubzilla-0044906fabbfeb837326982bbc8d3fcc64b47fa8.zip |
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into xdev_merge
Diffstat (limited to 'Zotlabs/Module/Settings/Oauth2.php')
-rw-r--r-- | Zotlabs/Module/Settings/Oauth2.php | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php index 88bbea3b8..985095115 100644 --- a/Zotlabs/Module/Settings/Oauth2.php +++ b/Zotlabs/Module/Settings/Oauth2.php @@ -14,7 +14,8 @@ class Oauth2 { $key = $_POST['remove']; q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), - local_channel()); + intval(local_channel()) + ); goaway(z_root()."/settings/oauth2/"); return; } @@ -43,24 +44,24 @@ class Oauth2 { redirect_uri = '%s', grant_types = '%s', scope = '%s', - user_id = '%s' + user_id = %d WHERE client_id='%s'", dbesc($name), dbesc($secret), dbesc($redirect), dbesc($grant), dbesc($scope), - dbesc(local_channel()), + intval(local_channel()), dbesc($name)); } else { $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id) - VALUES ('%s','%s','%s','%s','%s','%s')", + VALUES ('%s','%s','%s','%s','%s',%d)", dbesc($name), dbesc($secret), dbesc($redirect), dbesc($grant), dbesc($scope), - dbesc(local_channel()) + intval(local_channel()) ); $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", dbesc($name), @@ -93,9 +94,9 @@ class Oauth2 { } if((argc() > 3) && (argv(2) === 'edit')) { - $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= '%s'", + $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= %d", dbesc(argv(3)), - dbesc(local_channel()) + intval(local_channel()) ); if (! $r){ @@ -123,21 +124,21 @@ class Oauth2 { if((argc() > 3) && (argv(2) === 'delete')) { check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't'); - $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = '%s'", + $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = %d", dbesc(argv(3)), - dbesc(local_channel()) + intval(local_channel()) ); goaway(z_root()."/settings/oauth2/"); return; } - $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = '%s') AS my + $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my FROM oauth_clients LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id - WHERE oauth_clients.user_id IN ('%s',0)", - dbesc(local_channel()), - dbesc(local_channel()) + WHERE oauth_clients.user_id IN (%d,0)", + intval(local_channel()), + intval(local_channel()) ); $tpl = get_markup_template("settings_oauth2.tpl"); @@ -157,4 +158,4 @@ class Oauth2 { } -}
\ No newline at end of file +} |