aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2021-09-07 09:26:06 +0000
committerMario <mario@mariovavti.com>2021-09-07 09:26:06 +0000
commit1d3a59e0cdbbea476029a6b0c3b7c0045144fa31 (patch)
tree531f11c9e4843606ffb992f790a258cb0847adb9 /Zotlabs/Module
parentfe62b245ca9bac0aeaf58e43011eb12321d05c20 (diff)
downloadvolse-hubzilla-1d3a59e0cdbbea476029a6b0c3b7c0045144fa31.tar.gz
volse-hubzilla-1d3a59e0cdbbea476029a6b0c3b7c0045144fa31.tar.bz2
volse-hubzilla-1d3a59e0cdbbea476029a6b0c3b7c0045144fa31.zip
resolve some vsprintf issues
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r--Zotlabs/Module/Channel.php3
-rw-r--r--Zotlabs/Module/Network.php21
-rw-r--r--Zotlabs/Module/Pubstream.php11
-rw-r--r--Zotlabs/Module/Search.php2
4 files changed, 17 insertions, 20 deletions
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php
index 34e1ea666..f726426ad 100644
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -74,7 +74,8 @@ class Channel extends Controller {
if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) {
$data = json_encode(Libzot::zotinfo(['address' => $channel['channel_address'], 'target_url' => $sigdata['signer']]));
- $s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
+
+ $s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
dbesc($sigdata['signer'])
);
diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php
index 03437d109..03c56b9a2 100644
--- a/Zotlabs/Module/Network.php
+++ b/Zotlabs/Module/Network.php
@@ -289,8 +289,8 @@ class Network extends \Zotlabs\Web\Controller {
// This is for threaded view cid queries (e.g. if a forum is selected from the forum filter)
$ttype = (($pf) ? TERM_FORUM : TERM_MENTION);
- $p1 = q("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal ");
- $p2 = q("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'");
+ $p1 = dbq("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal ");
+ $p2 = dbq("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'");
$p_str = ids_to_querystr(array_merge($p1, $p2), 'parent');
if(! $p_str)
@@ -465,7 +465,7 @@ class Network extends \Zotlabs\Web\Controller {
if($nouveau && $load) {
// "New Item View" - show all items unthreaded in reverse created date order
- $items = q("SELECT item.*, item.id AS item_id, created FROM item
+ $items = dbq("SELECT item.*, item.id AS item_id, created FROM item
left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
$net_query
WHERE true $uids $item_normal
@@ -494,7 +494,7 @@ class Network extends \Zotlabs\Web\Controller {
if($load) {
// Fetch a page full of parent items for this page
- $r = q("SELECT item.parent AS item_id FROM item
+ $r = dbq("SELECT item.parent AS item_id FROM item
left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
$net_query
WHERE true $uids $item_thread_top $item_normal
@@ -508,26 +508,23 @@ class Network extends \Zotlabs\Web\Controller {
else {
// this is an update
- $r = q("SELECT item.parent AS item_id FROM item
+ $r = dbq("SELECT item.parent AS item_id FROM item
left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
$net_query
WHERE true $uids $item_normal_update $simple_update
and (abook.abook_blocked = 0 or abook.abook_flags is null)
- $sql_extra3 $sql_extra $sql_options $sql_nets $net_query2"
+ $sql_extra3 $sql_extra $sql_options $sql_nets $net_query2 "
);
}
// Then fetch all the children of the parents that are on this page
if($r) {
-
$parents_str = ids_to_querystr($r, 'item_id');
-
- $items = q("SELECT item.*, item.id AS item_id FROM item
+ $items = dbq("SELECT item.*, item.id AS item_id FROM item
WHERE true $uids $item_normal
- AND item.parent IN ( %s )
- $sql_extra ",
- dbesc($parents_str)
+ AND item.parent IN ( $parents_str )
+ $sql_extra "
);
xchan_query($items, true);
diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php
index e1a95be67..583974e22 100644
--- a/Zotlabs/Module/Pubstream.php
+++ b/Zotlabs/Module/Pubstream.php
@@ -206,7 +206,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
}
else {
// Fetch a page full of parent items for this page
- $r = q("SELECT item.id AS item_id FROM item
+ $r = dbq("SELECT item.id AS item_id FROM item
left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids )
$net_query
WHERE true $uids and item.item_thread_top = 1 $item_normal
@@ -228,7 +228,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
);
}
else {
- $r = q("SELECT parent AS item_id FROM item
+ $r = dbq("SELECT parent AS item_id FROM item
left join abook on item.author_xchan = abook.abook_xchan
$net_query
WHERE true $uids $item_normal_update
@@ -246,11 +246,10 @@ class Pubstream extends \Zotlabs\Web\Controller {
$parents_str = ids_to_querystr($r,'item_id');
- $items = q("SELECT item.*, item.id AS item_id FROM item
+ $items = dbq("SELECT item.*, item.id AS item_id FROM item
WHERE true $uids $item_normal
- AND item.parent IN ( %s )
- $sql_extra ",
- dbesc($parents_str)
+ AND item.parent IN ( $parents_str )
+ $sql_extra"
);
// use effective_uid param of xchan_query to help sort out comment permission
diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php
index 274b02321..06a761998 100644
--- a/Zotlabs/Module/Search.php
+++ b/Zotlabs/Module/Search.php
@@ -215,7 +215,7 @@ class Search extends Controller {
}
if ($r) {
$str = ids_to_querystr($r, 'item_id');
- $r = q("select *, id as item_id from item where id in ( " . $str . ") order by created desc ");
+ $r = dbq("select *, id as item_id from item where id in ( " . $str . ") order by created desc");
}
}
else {