diff options
author | Mario <mario@mariovavti.com> | 2021-09-07 09:26:06 +0000 |
---|---|---|
committer | Mario <mario@mariovavti.com> | 2021-09-07 09:26:06 +0000 |
commit | 1d3a59e0cdbbea476029a6b0c3b7c0045144fa31 (patch) | |
tree | 531f11c9e4843606ffb992f790a258cb0847adb9 /Zotlabs | |
parent | fe62b245ca9bac0aeaf58e43011eb12321d05c20 (diff) | |
download | volse-hubzilla-1d3a59e0cdbbea476029a6b0c3b7c0045144fa31.tar.gz volse-hubzilla-1d3a59e0cdbbea476029a6b0c3b7c0045144fa31.tar.bz2 volse-hubzilla-1d3a59e0cdbbea476029a6b0c3b7c0045144fa31.zip |
resolve some vsprintf issues
Diffstat (limited to 'Zotlabs')
-rw-r--r-- | Zotlabs/Module/Channel.php | 3 | ||||
-rw-r--r-- | Zotlabs/Module/Network.php | 21 | ||||
-rw-r--r-- | Zotlabs/Module/Pubstream.php | 11 | ||||
-rw-r--r-- | Zotlabs/Module/Search.php | 2 |
4 files changed, 17 insertions, 20 deletions
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 34e1ea666..f726426ad 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -74,7 +74,8 @@ class Channel extends Controller { if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) { $data = json_encode(Libzot::zotinfo(['address' => $channel['channel_address'], 'target_url' => $sigdata['signer']])); - $s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", + + $s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", dbesc($sigdata['signer']) ); diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 03437d109..03c56b9a2 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -289,8 +289,8 @@ class Network extends \Zotlabs\Web\Controller { // This is for threaded view cid queries (e.g. if a forum is selected from the forum filter) $ttype = (($pf) ? TERM_FORUM : TERM_MENTION); - $p1 = q("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal "); - $p2 = q("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'"); + $p1 = dbq("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal "); + $p2 = dbq("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'"); $p_str = ids_to_querystr(array_merge($p1, $p2), 'parent'); if(! $p_str) @@ -465,7 +465,7 @@ class Network extends \Zotlabs\Web\Controller { if($nouveau && $load) { // "New Item View" - show all items unthreaded in reverse created date order - $items = q("SELECT item.*, item.id AS item_id, created FROM item + $items = dbq("SELECT item.*, item.id AS item_id, created FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_normal @@ -494,7 +494,7 @@ class Network extends \Zotlabs\Web\Controller { if($load) { // Fetch a page full of parent items for this page - $r = q("SELECT item.parent AS item_id FROM item + $r = dbq("SELECT item.parent AS item_id FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_thread_top $item_normal @@ -508,26 +508,23 @@ class Network extends \Zotlabs\Web\Controller { else { // this is an update - $r = q("SELECT item.parent AS item_id FROM item + $r = dbq("SELECT item.parent AS item_id FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_normal_update $simple_update and (abook.abook_blocked = 0 or abook.abook_flags is null) - $sql_extra3 $sql_extra $sql_options $sql_nets $net_query2" + $sql_extra3 $sql_extra $sql_options $sql_nets $net_query2 " ); } // Then fetch all the children of the parents that are on this page if($r) { - $parents_str = ids_to_querystr($r, 'item_id'); - - $items = q("SELECT item.*, item.id AS item_id FROM item + $items = dbq("SELECT item.*, item.id AS item_id FROM item WHERE true $uids $item_normal - AND item.parent IN ( %s ) - $sql_extra ", - dbesc($parents_str) + AND item.parent IN ( $parents_str ) + $sql_extra " ); xchan_query($items, true); diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php index e1a95be67..583974e22 100644 --- a/Zotlabs/Module/Pubstream.php +++ b/Zotlabs/Module/Pubstream.php @@ -206,7 +206,7 @@ class Pubstream extends \Zotlabs\Web\Controller { } else { // Fetch a page full of parent items for this page - $r = q("SELECT item.id AS item_id FROM item + $r = dbq("SELECT item.id AS item_id FROM item left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids and item.item_thread_top = 1 $item_normal @@ -228,7 +228,7 @@ class Pubstream extends \Zotlabs\Web\Controller { ); } else { - $r = q("SELECT parent AS item_id FROM item + $r = dbq("SELECT parent AS item_id FROM item left join abook on item.author_xchan = abook.abook_xchan $net_query WHERE true $uids $item_normal_update @@ -246,11 +246,10 @@ class Pubstream extends \Zotlabs\Web\Controller { $parents_str = ids_to_querystr($r,'item_id'); - $items = q("SELECT item.*, item.id AS item_id FROM item + $items = dbq("SELECT item.*, item.id AS item_id FROM item WHERE true $uids $item_normal - AND item.parent IN ( %s ) - $sql_extra ", - dbesc($parents_str) + AND item.parent IN ( $parents_str ) + $sql_extra" ); // use effective_uid param of xchan_query to help sort out comment permission diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index 274b02321..06a761998 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -215,7 +215,7 @@ class Search extends Controller { } if ($r) { $str = ids_to_querystr($r, 'item_id'); - $r = q("select *, id as item_id from item where id in ( " . $str . ") order by created desc "); + $r = dbq("select *, id as item_id from item where id in ( " . $str . ") order by created desc"); } } else { |