code cleanup for profile_photos

1 files changed, 45 insertions, 20 deletions

diff --git a/include/photos.php b/include/photos.php
index da6118b38..c70478146 100644
--- a/include/photos.php
+++ b/include/photos.php
@@ -707,40 +707,65 @@ function gps2Num($coordPart) {
     return floatval($parts[0]) / floatval($parts[1]);
 }
 
-function profile_photo_set_profile_perms($profileid = '') {
+function profile_photo_set_profile_perms($uid, $profileid = 0) {
 	
 		$allowcid = '';
-		if (x($profileid)) {
-	
-			$r = q("SELECT photo, profile_guid, id, is_default, uid  FROM profile WHERE profile.id = %d OR profile.profile_guid = '%s' LIMIT 1", intval($profileid), dbesc($profileid));
-	
-		} else {
-	
+		if($profileid) {
+			$r = q("SELECT photo, profile_guid, id, is_default, uid
+				FROM profile WHERE uid = %d and ( profile.id = %d OR profile.profile_guid = '%s') LIMIT 1", 
+				intval($profileid), 
+				dbesc($profileid)
+			);
+		} 
+		else {
 			logger('Resetting permissions on default-profile-photo for user'.local_channel());
-			$r = q("SELECT photo, profile_guid, id, is_default, uid  FROM profile WHERE profile.uid = %d AND is_default = 1 LIMIT 1", intval(local_channel()) ); //If no profile is given, we update the default profile
+
+			$r = q("SELECT photo, profile_guid, id, is_default, uid  FROM profile 
+				WHERE profile.uid = %d AND is_default = 1 LIMIT 1", 
+				intval($uid) 
+			); //If no profile is given, we update the default profile
 		}
+		if(! $r)
+			return;
 	
 		$profile = $r[0];
-		if(x($profile['id']) && x($profile['photo'])) { 
-		       	preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
-		       	$resource_id = $resource_id[0];
+
+		if($profile['id'] && $profile['photo']) { 
+	      	preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
+	       	$resource_id = $resource_id[0];
 	
-			if (intval($profile['is_default']) != 1) {
-				$r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1", intval(local_channel()) );
-				$r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%d' ", intval($profile['id'])); //Should not be needed in future. Catches old int-profile-ids.
-				$r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'", dbesc($profile['profile_guid']));
+			if (! intval($profile['is_default'])) {
+				$r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1", 
+					intval($uid) 
+				);
+				//Should not be needed in future. Catches old int-profile-ids.
+				$r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%d' ", 
+					intval($profile['id'])
+				);
+				$r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'",
+					dbesc($profile['profile_guid'])
+				);
 				$allowcid = "<" . $r0[0]['channel_hash'] . ">";
 				foreach ($r1 as $entry) {
 					$allowcid .= "<" . $entry['abook_xchan'] . ">"; 
 				}
 				foreach ($r2 as $entry) {
-	               	                $allowcid .= "<" . $entry['abook_xchan'] . ">";
-		                      	}
+					$allowcid .= "<" . $entry['abook_xchan'] . ">";
+				}
 	
-				q("UPDATE `photo` SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",dbesc($allowcid),dbesc($resource_id),intval($profile['uid']));
+				q("UPDATE photo SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",
+					dbesc($allowcid),
+					dbesc($resource_id),
+					intval($uid)
+				);
 	
-			} else {
-				q("UPDATE `photo` SET allow_cid = '' WHERE profile = 1 AND uid = %d",intval($profile['uid'])); //Reset permissions on default profile picture to public
+			} 
+			else {
+				//Reset permissions on default profile picture to public
+				q("UPDATE photo SET allow_cid = '' WHERE photo_usage = %d AND uid = %d",
+					intval(PHOTO_PROFILE),
+					intval($uid)
+				); 
 			}
 		}