aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorhabeascodice <habeascodice@federated.social>2014-11-13 13:30:29 -0800
committerhabeascodice <habeascodice@federated.social>2014-11-13 13:30:29 -0800
commit2dbecf95454993cdf4996d2d65463d7759cd479b (patch)
treecbef39a4779efed1c0ab3b61a9ff09e37fadb49e /include
parentbc02b933727da7a000d43d2d7d495f066616dc81 (diff)
parentac27db22c18ee7a82a52cbadb3efe2760b910499 (diff)
downloadvolse-hubzilla-2dbecf95454993cdf4996d2d65463d7759cd479b.tar.gz
volse-hubzilla-2dbecf95454993cdf4996d2d65463d7759cd479b.tar.bz2
volse-hubzilla-2dbecf95454993cdf4996d2d65463d7759cd479b.zip
Merge branch 'master' of https://github.com/habeascodice/red
Diffstat (limited to 'include')
-rw-r--r--include/Contact.php56
-rw-r--r--include/Import/Importer.php94
-rw-r--r--include/Import/refimport.php282
-rw-r--r--include/RedDAV/RedDirectory.php16
-rw-r--r--include/RedDAV/RedFile.php10
-rw-r--r--include/account.php31
-rw-r--r--include/acl_selectors.php2
-rw-r--r--include/api.php28
-rw-r--r--include/apps.php4
-rw-r--r--include/attach.php20
-rw-r--r--include/auth.php2
-rw-r--r--include/bb2diaspora.php6
-rw-r--r--include/cache.php2
-rw-r--r--include/chat.php13
-rw-r--r--include/cli_startup.php4
-rw-r--r--include/config.php12
-rw-r--r--include/contact_widgets.php3
-rw-r--r--include/conversation.php30
-rw-r--r--include/datetime.php19
-rwxr-xr-xinclude/dba/dba_driver.php286
-rw-r--r--include/dba/dba_postgres.php112
-rw-r--r--include/deliver.php36
-rwxr-xr-xinclude/diaspora.php23
-rw-r--r--include/dir_fns.php16
-rw-r--r--include/directory.php4
-rw-r--r--include/enotify.php4
-rw-r--r--include/event.php6
-rw-r--r--include/expire.php10
-rw-r--r--include/externals.php9
-rw-r--r--include/follow.php19
-rw-r--r--include/group.php11
-rw-r--r--include/hubloc.php8
-rw-r--r--include/identity.php41
-rwxr-xr-xinclude/items.php132
-rw-r--r--include/menu.php6
-rw-r--r--include/message.php8
-rw-r--r--include/nav.php4
-rw-r--r--include/network.php10
-rw-r--r--include/notifier.php55
-rw-r--r--include/onedirsync.php4
-rw-r--r--include/onepoll.php36
-rw-r--r--include/permissions.php10
-rw-r--r--include/photo/photo_driver.php14
-rw-r--r--include/photos.php11
-rwxr-xr-xinclude/plugin.php6
-rw-r--r--include/poller.php57
-rw-r--r--include/queue.php24
-rw-r--r--include/queue_fn.php4
-rw-r--r--include/reddav.php22
-rw-r--r--include/security.php31
-rw-r--r--include/session.php11
-rw-r--r--include/socgraph.php57
-rw-r--r--include/statistics_fns.php20
-rw-r--r--include/taxonomy.php24
-rw-r--r--include/text.php40
-rw-r--r--include/widgets.php38
-rw-r--r--include/zot.php298
57 files changed, 1605 insertions, 536 deletions
diff --git a/include/Contact.php b/include/Contact.php
index 20e5e1a1e..f0c7cd737 100644
--- a/include/Contact.php
+++ b/include/Contact.php
@@ -22,7 +22,7 @@ function rconnect_url($channel_id,$xchan) {
if(($r) && ($r[0]['xchan_follow']))
return $r[0]['xchan_follow'];
- $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d ) limit 1",
+ $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d )>0 limit 1",
dbesc($xchan),
intval(HUBLOC_FLAGS_PRIMARY)
);
@@ -35,7 +35,7 @@ function rconnect_url($channel_id,$xchan) {
function abook_connections($channel_id, $sql_conditions = '') {
$r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d
- and not ( abook_flags & %d ) $sql_conditions",
+ and not ( abook_flags & %d )>0 $sql_conditions",
intval($channel_id),
intval(ABOOK_FLAG_SELF)
);
@@ -44,7 +44,7 @@ function abook_connections($channel_id, $sql_conditions = '') {
function abook_self($channel_id) {
$r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d
- and ( abook_flags & %d ) limit 1",
+ and ( abook_flags & %d )>0 limit 1",
intval($channel_id),
intval(ABOOK_FLAG_SELF)
);
@@ -52,7 +52,7 @@ function abook_self($channel_id) {
}
function channelx_by_nick($nick) {
- $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and not ( channel_pageflags & %d ) LIMIT 1",
+ $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and not ( channel_pageflags & %d )>0 LIMIT 1",
dbesc($nick),
intval(PAGE_REMOVED)
);
@@ -60,7 +60,7 @@ function channelx_by_nick($nick) {
}
function channelx_by_hash($hash) {
- $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and not ( channel_pageflags & %d ) LIMIT 1",
+ $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and not ( channel_pageflags & %d )>0 LIMIT 1",
dbesc($hash),
intval(PAGE_REMOVED)
);
@@ -68,7 +68,7 @@ function channelx_by_hash($hash) {
}
function channelx_by_n($id) {
- $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and not ( channel_pageflags & %d ) LIMIT 1",
+ $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and not ( channel_pageflags & %d )>0 LIMIT 1",
dbesc($id),
intval(PAGE_REMOVED)
);
@@ -128,7 +128,7 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') {
function abook_toggle_flag($abook,$flag) {
- $r = q("UPDATE abook set abook_flags = (abook_flags ^ %d) where abook_id = %d and abook_channel = %d limit 1",
+ $r = q("UPDATE abook set abook_flags = (abook_flags & ~%d) where abook_id = %d and abook_channel = %d",
intval($flag),
intval($abook['abook_id']),
intval($abook['abook_channel'])
@@ -138,7 +138,7 @@ function abook_toggle_flag($abook,$flag) {
if(($flag === ABOOK_FLAG_ARCHIVED) && ($abook['abook_flags'] & ABOOK_FLAG_ARCHIVED)) {
$r = q("update abook set abook_connected = '%s', abook_updated = '%s'
- where abook_id = %d and abook_channel = %d limit 1",
+ where abook_id = %d and abook_channel = %d",
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($abook['abook_id']),
@@ -173,7 +173,7 @@ function account_remove($account_id,$local = true,$unset_session=true) {
// Don't let anybody nuke the only admin account.
- $r = q("select account_id from account where (account_roles & %d)",
+ $r = q("select account_id from account where (account_roles & %d)>0",
intval(ACCOUNT_ROLE_ADMIN)
);
@@ -201,7 +201,7 @@ function account_remove($account_id,$local = true,$unset_session=true) {
}
}
- $r = q("delete from account where account_id = %d limit 1",
+ $r = q("delete from account where account_id = %d",
intval($account_id)
);
@@ -239,7 +239,7 @@ function channel_remove($channel_id, $local = true, $unset_session=true) {
channel_r_photos = 0, channel_r_abook = 0, channel_w_stream = 0, channel_w_wall = 0, channel_w_tagwall = 0,
channel_w_comment = 0, channel_w_mail = 0, channel_w_photos = 0, channel_w_chat = 0, channel_a_delegate = 0,
channel_r_storage = 0, channel_w_storage = 0, channel_r_pages = 0, channel_w_pages = 0, channel_a_republish = 0
- where channel_id = %d limit 1",
+ where channel_id = %d",
dbesc(datetime_convert()),
intval(PAGE_REMOVED),
intval($channel_id)
@@ -275,12 +275,12 @@ function channel_remove($channel_id, $local = true, $unset_session=true) {
q("DELETE FROM `spam` WHERE `uid` = %d", intval($channel_id));
- q("delete from abook where abook_xchan = '%s' and (abook_flags & %d) limit 1",
+ q("delete from abook where abook_xchan = '%s' and (abook_flags & %d)>0",
dbesc($channel['channel_hash']),
dbesc(ABOOK_FLAG_SELF)
);
- $r = q("update channel set channel_deleted = '%s', channel_pageflags = (channel_pageflags | %d) where channel_id = %d limit 1",
+ $r = q("update channel set channel_deleted = '%s', channel_pageflags = (channel_pageflags | %d) where channel_id = %d",
dbesc(datetime_convert()),
intval(PAGE_REMOVED),
intval($channel_id)
@@ -296,7 +296,7 @@ function channel_remove($channel_id, $local = true, $unset_session=true) {
$hublocs = 0;
- $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d)",
+ $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d)>0",
dbesc($channel['channel_hash']),
intval(HUBLOC_FLAGS_DELETED)
);
@@ -335,10 +335,11 @@ function mark_orphan_hubsxchans() {
if($dirmode == DIRECTORY_MODE_NORMAL)
return;
- $r = q("update hubloc set hubloc_status = (hubloc_status | %d) where not (hubloc_status & %d)
- and hubloc_network = 'zot' and hubloc_connected < utc_timestamp() - interval 36 day",
+ $r = q("update hubloc set hubloc_status = (hubloc_status | %d) where not (hubloc_status & %d)>0
+ and hubloc_network = 'zot' and hubloc_connected < %s - interval %s",
intval(HUBLOC_OFFLINE),
- intval(HUBLOC_OFFLINE)
+ intval(HUBLOC_OFFLINE),
+ db_utcnow(), db_quoteinterval('36 day')
);
// $realm = get_directory_realm();
@@ -354,7 +355,7 @@ function mark_orphan_hubsxchans() {
// }
- $r = q("select hubloc_id, hubloc_hash from hubloc where (hubloc_status & %d) and not (hubloc_flags & %d)",
+ $r = q("select hubloc_id, hubloc_hash from hubloc where (hubloc_status & %d)>0 and not (hubloc_flags & %d)>0",
intval(HUBLOC_OFFLINE),
intval(HUBLOC_FLAGS_ORPHANCHECK)
);
@@ -364,7 +365,7 @@ function mark_orphan_hubsxchans() {
// see if any other hublocs are still alive for this channel
- $x = q("select * from hubloc where hubloc_hash = '%s' and not (hubloc_status & %d)",
+ $x = q("select * from hubloc where hubloc_hash = '%s' and not (hubloc_status & %d)>0",
dbesc($rr['hubloc_hash']),
intval(HUBLOC_OFFLINE)
);
@@ -372,7 +373,7 @@ function mark_orphan_hubsxchans() {
// yes - if the xchan was marked as an orphan, undo it
- $y = q("update xchan set xchan_flags = (xchan_flags ^ %d) where (xchan_flags & %d) and xchan_hash = '%s' limit 1",
+ $y = q("update xchan set xchan_flags = (xchan_flags & ~%d) where (xchan_flags & %d)>0 and xchan_hash = '%s'",
intval(XCHAN_FLAGS_ORPHAN),
intval(XCHAN_FLAGS_ORPHAN),
dbesc($rr['hubloc_hash'])
@@ -383,7 +384,7 @@ function mark_orphan_hubsxchans() {
// nope - mark the xchan as an orphan
- $y = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s' limit 1",
+ $y = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s'",
intval(XCHAN_FLAGS_ORPHAN),
dbesc($rr['hubloc_hash'])
);
@@ -391,7 +392,7 @@ function mark_orphan_hubsxchans() {
// mark that we've checked this entry so we don't need to do it again
- $y = q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d limit 1",
+ $y = q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d",
intval(HUBLOC_FLAGS_ORPHANCHECK),
dbesc($rr['hubloc_id'])
);
@@ -449,7 +450,7 @@ function remove_all_xchan_resources($xchan, $channel_id = 0) {
if($dirmode === false || $dirmode == DIRECTORY_MODE_NORMAL) {
- $r = q("delete from xchan where xchan_hash = '%s' limit 1",
+ $r = q("delete from xchan where xchan_hash = '%s'",
dbesc($xchan)
);
$r = q("delete from hubloc where hubloc_hash = '%s'",
@@ -482,7 +483,7 @@ function contact_remove($channel_id, $abook_id) {
$archive = get_pconfig($channel_id, 'system','archive_removed_contacts');
if($archive) {
- q("update abook set abook_flags = ( abook_flags | %d ) where abook_id = %d and abook_channel = %d limit 1",
+ q("update abook set abook_flags = ( abook_flags | %d ) where abook_id = %d and abook_channel = %d",
intval(ABOOK_FLAG_ARCHIVED),
intval($abook_id),
intval($channel_id)
@@ -514,7 +515,7 @@ function contact_remove($channel_id, $abook_id) {
}
}
- q("delete from abook where abook_id = %d and abook_channel = %d limit 1",
+ q("delete from abook where abook_id = %d and abook_channel = %d",
intval($abook['abook_id']),
intval($channel_id)
);
@@ -541,7 +542,10 @@ function contact_remove($channel_id, $abook_id) {
function random_profile() {
- $r = q("select xchan_url from xchan left join hubloc on hubloc_hash = xchan_hash where hubloc_connected > UTC_TIMESTAMP() - interval 30 day order by rand() limit 1");
+ $randfunc = db_getfunc('rand');
+ $r = q("select xchan_url from xchan left join hubloc on hubloc_hash = xchan_hash where hubloc_connected > %s - interval %s order by $randfunc limit 1",
+ db_utcnow(), db_quoteinterval('30 day')
+ );
if($r)
return $r[0]['xchan_url'];
return '';
diff --git a/include/Import/Importer.php b/include/Import/Importer.php
new file mode 100644
index 000000000..c42344236
--- /dev/null
+++ b/include/Import/Importer.php
@@ -0,0 +1,94 @@
+<?php /** @file */
+
+namespace Redmatrix\Import;
+
+
+class Import {
+
+ $credentials = null;
+ $itemlist = null;
+ $src_items = null;
+
+ $items = null;
+
+ function get_credentials() {
+
+ }
+
+ function get_itemlist() {
+
+
+ }
+
+
+ function get_item_ident($item) {
+
+ }
+
+ function get_item($item_ident) {
+
+ }
+
+ function get_taxonomy($item_ident) {
+
+ }
+
+ function get_children($item_ident) {
+
+ }
+
+ function convert_item($item_ident) {
+
+ }
+
+ function convert_taxonomy($item_ident) {
+
+
+ }
+
+ function convert_child($child) {
+
+ }
+
+ function store($item,$update = false) {
+
+ }
+
+ function run() {
+
+ $this->credentials = $this->get_credentials();
+ $this->itemlist = $this->get_itemlist();
+ if($this->itemlist) {
+ $this->src_items = array();
+ $this->items = array();
+ $cnt = 0;
+ foreach($this->itemlist as $item) {
+ $ident = $item->get_item_ident($item);
+ $this->src_items[$ident]['item'] = $this->get_item($ident);
+ $this->src_items[$ident]['taxonomy'] = $this->get_taxonomy($ident);
+ $this->src_items[$ident]['children'] = $this->get_children($ident);
+ $this->items[$cnt]['item'] = $this->convert_item($ident);
+ $this->items[$cnt]['item']['term'] = $this->convert_taxonomy($ident);
+ if($this->src_items[$ident]['children']) {
+ $this->items[$cnt]['children'] = array();
+ foreach($this->src_items[$ident]['children'] as $child) {
+ $this[$cnt]['children'][] = $this->convert_child($child);
+ }
+ }
+ $cnt ++;
+ }
+
+
+
+
+ }
+
+
+
+
+
+
+ }
+
+
+} \ No newline at end of file
diff --git a/include/Import/refimport.php b/include/Import/refimport.php
new file mode 100644
index 000000000..4f2572660
--- /dev/null
+++ b/include/Import/refimport.php
@@ -0,0 +1,282 @@
+<?php
+
+require_once('include/html2bbcode.php');
+require_once('include/hubloc.php');
+
+// Sample module for importing conversation data from Reflection CMS. Some preparation was used to
+// dump relevant posts, categories and comments into individual JSON files, and also JSON dump of
+// the user table to search for avatars. Importation was also batched in sets of 20 posts per page
+// visit so as to survive shared hosting process limits. This provides some clues as how to handle
+// WordPress imports, which use a somewhat similar DB structure. The batching and individual files
+// might not be needed in VPS environments. As such this could be considered an extreme test case, but
+// the importation was successful in all regards using this code. The module URL was visited repeatedly
+// with a browser until all the posts had been imported.
+
+
+
+
+define('REDMATRIX_IMPORTCHANNEL','mike');
+define('REFLECT_EXPORTUSERNAME','mike');
+define('REFLECT_BLOGNAME','Diary and Other Rantings');
+define('REFLECT_BASEURL','http://example.com/');
+define('REFLECT_USERFILE','user.json');
+
+// set to true if you need to process everything again
+define('REFLECT_OVERWRITE',false);
+
+// we'll only process a small number of posts at a time on a shared host.
+
+define('REFLECT_MAXPERRUN',30);
+
+function reflect_get_channel() {
+
+ // this will be the channel_address or nickname of the red channel
+
+ $c = q("select * from channel left join xchan on channel_hash = xchan_hash
+ where channel_address = '%s' limit 1",
+ dbesc(REDMATRIX_IMPORTCHANNEL)
+ );
+ return $c[0];
+}
+
+
+function refimport_content(&$a) {
+
+ $channel = reflect_get_channel();
+
+ // load the user file. We need that to find the commenter's avatars
+
+ $u = file_get_contents(REFLECT_USERFILE);
+ if($u) {
+ $users = json_decode($u,true);
+ }
+
+ $ignored = 0;
+ $processed = 0;
+
+ $files = glob('article/*');
+ if(! $files)
+ return;
+
+ foreach($files as $f) {
+ $s = file_get_contents($f);
+ $j = json_decode($s,true);
+
+ if(! $j)
+ continue;
+
+ $arr = array();
+
+ // see if this article was already processed
+ $r = q("select * from item where mid = '%s' and uid = %d limit 1",
+ dbesc($j['guid']),
+ intval($channel['channel_id'])
+ );
+ if($r) {
+ if(REFLECT_OVERWRITE)
+ $arr['id'] = $r[0]['id'];
+ else {
+ $ignored ++;
+ rename($f,str_replace('article','done',$f));
+ continue;
+ }
+ }
+
+ $arr['uid'] = $channel['channel_account_id'];
+ $arr['aid'] = $channel['channel_id'];
+ $arr['mid'] = $arr['parent_mid'] = $j['guid'];
+ $arr['created'] = $j['created'];
+ $arr['edited'] = $j['edited'];
+ $arr['author_xchan'] = $channel['channel_hash'];
+ $arr['owner_xchan'] = $channel['channel_hash'];
+ $arr['app'] = REFLECT_BLOGNAME;
+ $arr['item_flags'] = ITEM_ORIGIN|ITEM_WALL|ITEM_THREAD_TOP;
+ $arr['verb'] = ACTIVITY_POST;
+
+ // this is an assumption
+ $arr['comment_policy'] = 'contacts';
+
+
+ // import content. In this case the content is XHTML.
+
+ $arr['title'] = html2bbcode($j['title']);
+ $arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false);
+
+
+ $arr['body'] = html2bbcode($j['body']);
+ $arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false);
+
+
+ // convert relative urls to other posts on that service to absolute url on our service.
+ $arr['body'] = preg_replace_callback("/\[url\=\/+article\/(.*?)\](.*?)\[url\]/",'reflect_article_callback',$arr['body']);
+
+ // also import any photos
+ $arr['body'] = preg_replace_callback("/\[img(.*?)\](.*?)\[\/img\]/",'reflect_photo_callback',$arr['body']);
+
+
+ // add categories
+
+ if($j['taxonomy'] && is_array($j['taxonomy']) && count($j['taxonomy'])) {
+ $arr['term'] = array();
+ foreach($j['taxonomy'] as $tax) {
+ $arr['term'][] = array(
+ 'uid' => $channel['channel_id'],
+ 'type' => TERM_CATEGORY,
+ 'otype' => TERM_OBJ_POST,
+ 'term' => trim($tax['name']),
+ 'url' => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($tax['name']))
+ );
+ }
+ }
+
+ // store the item
+
+ if($arr['id'])
+ item_store_update($arr);
+ else
+ item_store($arr);
+
+ // if there are any comments, process them
+ // $comment['registered'] is somebody with an account on the system. Others are mostly anonymous
+
+ if($j['comments']) {
+ foreach($j['comments'] as $comment) {
+ $user = (($comment['registered']) ? reflect_find_user($users,$comment['author']) : null);
+ reflect_comment_store($channel,$arr,$comment,$user);
+ }
+ }
+ $processed ++;
+
+ if(REFLECT_MAXPERRUN && $processed > REFLECT_MAXPERRUN)
+ break;
+ }
+ return 'processed: ' . $processed . EOL . 'completed: ' . $ignored . EOL;
+
+}
+
+function reflect_article_callback($matches) {
+ return '[zrl=' . z_root() . '/display/'. $matches[1] . ']' . $matches[2] . '[/zrl]';
+}
+
+function reflect_photo_callback($matches) {
+
+ if(strpos($matches[2],'http') !== false)
+ return $matches[0];
+
+ $prefix = REFLECT_BASEURL;
+ $x = z_fetch_url($prefix.$matches[2],true);
+
+ $hash = basename($matches[2]);
+
+ if($x['success']) {
+ $channel = reflect_get_channel();
+ require_once('include/photos.php');
+ $p = photo_upload($channel,$channel,
+ array('data' => $x['body'],
+ 'resource_id' => str_replace('-','',$hash),
+ 'filename' => $hash . '.jpg',
+ 'type' => 'image/jpeg',
+ 'not_visible' => true
+ )
+ );
+
+ if($p['success'])
+ $newlink = $p['resource_id'] . '-0.jpg';
+
+
+ // import photo and locate the link for it.
+ return '[zmg]' . z_root() . '/photo/' . $newlink . '[/zmg]';
+
+ }
+ // no replacement. Leave it alone.
+ return $matches[0];
+}
+
+function reflect_find_user($users,$name) {
+ if($users) {
+ foreach($users as $x) {
+ if($x['name'] === $name) {
+ return $x;
+ }
+ }
+ }
+
+ return false;
+
+}
+
+function reflect_comment_store($channel,$post,$comment,$user) {
+
+ // if the commenter was the channel owner, use their redmatrix xchan
+
+ if($comment['author'] === REFLECT_EXPORTUSERNAME && $comment['registered'])
+ $hash = $channel['xchan_hash'];
+ else {
+ // we need a unique hash for the commenter. We don't know how many may have supplied
+ // http://yahoo.com as their URL, so we'll use their avatar guid if they have one.
+ // anonymous folks may get more than one xchan_hash if they commented more than once.
+
+ $hash = (($comment['registered'] && $user) ? $user['avatar'] : '');
+ if(! $hash)
+ $hash = random_string() . '.unknown';
+
+ // create an xchan for them which will also import their profile photo
+ // they will have a network type 'unknown'.
+
+ $x = array(
+ 'hash' => $hash,
+ 'guid' => $hash,
+ 'url' => (($comment['url']) ? $comment['url'] : z_root()),
+ 'photo' => (($user) ? REFLECT_BASEURL . $user['avatar'] : z_root() . '/' . get_default_profile_photo()),
+ 'name' => $comment['author']
+ );
+ xchan_store($x);
+
+ }
+
+ $arr = array();
+
+ $r = q("select * from item where mid = '%s' and uid = %d limit 1",
+ dbesc($comment['guid']),
+ intval($channel['channel_id'])
+ );
+ if($r) {
+ if(REFLECT_OVERWRITE)
+ $arr['id'] = $r[0]['id'];
+ else
+ return;
+ }
+
+ // this is a lot like storing the post except for subtle differences, like parent_mid, flags, author_xchan,
+ // and we don't have a comment edited field so use creation date
+
+ $arr['uid'] = $channel['channel_account_id'];
+ $arr['aid'] = $channel['channel_id'];
+ $arr['mid'] = $comment['guid'];
+ $arr['parent_mid'] = $post['mid'];
+ $arr['created'] = $comment['created'];
+ $arr['edited'] = $comment['created'];
+ $arr['author_xchan'] = $hash;
+ $arr['owner_xchan'] = $channel['channel_hash'];
+ $arr['item_flags'] = ITEM_ORIGIN|ITEM_WALL;
+ $arr['verb'] = ACTIVITY_POST;
+ $arr['comment_policy'] = 'contacts';
+
+
+ $arr['title'] = html2bbcode($comment['title']);
+ $arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false);
+
+
+ $arr['body'] = html2bbcode($comment['body']);
+ $arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false);
+ $arr['body'] = preg_replace_callback("/\[url\=\/+article\/(.*?)\](.*?)\[url\]/",'reflect_article_callback',$arr['body']);
+ $arr['body'] = preg_replace_callback("/\[img(.*?)\](.*?)\[\/img\]/",'reflect_photo_callback',$arr['body']);
+
+ // logger('comment: ' . print_r($arr,true));
+
+ if($arr['id'])
+ item_store_update($arr);
+ else
+ item_store($arr);
+
+}
diff --git a/include/RedDAV/RedDirectory.php b/include/RedDAV/RedDirectory.php
index a46b77f5f..85af0d57f 100644
--- a/include/RedDAV/RedDirectory.php
+++ b/include/RedDAV/RedDirectory.php
@@ -159,7 +159,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
list($parent_path, ) = DAV\URLUtil::splitPath($this->red_path);
$new_path = $parent_path . '/' . $name;
- $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND uid = %d",
dbesc($name),
dbesc($this->folder_hash),
intval($this->auth->owner_id)
@@ -197,7 +197,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
$mimetype = z_mime_content_type($name);
- $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d) LIMIT 1",
+ $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d)>0 LIMIT 1",
intval($this->auth->owner_id),
intval(PAGE_REMOVED)
);
@@ -246,7 +246,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
$edited = datetime_convert();
// updates entry with filesize and timestamp
- $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc($size),
dbesc($edited),
dbesc($hash),
@@ -254,7 +254,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
);
// update the folder's lastmodified timestamp
- $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc($edited),
dbesc($this->folder_hash),
intval($c[0]['channel_id'])
@@ -293,7 +293,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
throw new DAV\Exception\Forbidden('Permission denied.');
}
- $r = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d) LIMIT 1",
+ $r = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d)>0 LIMIT 1",
intval($this->auth->owner_id),
intval(PAGE_REMOVED)
);
@@ -362,7 +362,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
$channel_name = $path_arr[0];
- $r = q("SELECT channel_id FROM channel WHERE channel_address = '%s' AND NOT ( channel_pageflags & %d ) LIMIT 1",
+ $r = q("SELECT channel_id FROM channel WHERE channel_address = '%s' AND NOT ( channel_pageflags & %d )>0 LIMIT 1",
dbesc($channel_name),
intval(PAGE_REMOVED)
);
@@ -380,7 +380,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
$os_path = '';
for ($x = 1; $x < count($path_arr); $x++) {
- $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)",
+ $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)>0",
dbesc($folder),
dbesc($path_arr[$x]),
intval($channel_id),
@@ -440,7 +440,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
$free = disk_free_space('store');
if ($this->auth->owner_id) {
- $c = q("select * from channel where channel_id = %d and not (channel_pageflags & %d) limit 1",
+ $c = q("select * from channel where channel_id = %d and not (channel_pageflags & %d)>0 limit 1",
intval($this->auth->owner_id),
intval(PAGE_REMOVED)
);
diff --git a/include/RedDAV/RedFile.php b/include/RedDAV/RedFile.php
index f96790631..3a5230dc1 100644
--- a/include/RedDAV/RedFile.php
+++ b/include/RedDAV/RedFile.php
@@ -79,7 +79,7 @@ class RedFile extends DAV\Node implements DAV\IFile {
$newName = str_replace('/', '%2F', $newName);
- $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND id = %d LIMIT 1",
+ $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND id = %d",
dbesc($this->data['filename']),
intval($this->data['id'])
);
@@ -96,7 +96,7 @@ class RedFile extends DAV\Node implements DAV\IFile {
$size = 0;
// @todo only 3 values are needed
- $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d) LIMIT 1",
+ $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d)>0 LIMIT 1",
intval($this->auth->owner_id),
intval(PAGE_REMOVED)
);
@@ -113,7 +113,7 @@ class RedFile extends DAV\Node implements DAV\IFile {
$size = @filesize($f);
logger('filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG);
} else {
- $r = q("UPDATE attach SET data = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $r = q("UPDATE attach SET data = '%s' WHERE hash = '%s' AND uid = %d",
dbesc(stream_get_contents($data)),
dbesc($this->data['hash']),
intval($this->data['uid'])
@@ -131,7 +131,7 @@ class RedFile extends DAV\Node implements DAV\IFile {
// returns now()
$edited = datetime_convert();
- $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc($size),
dbesc($edited),
dbesc($this->data['hash']),
@@ -139,7 +139,7 @@ class RedFile extends DAV\Node implements DAV\IFile {
);
// update the folder's lastmodified timestamp
- $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc($edited),
dbesc($r[0]['folder']),
intval($c[0]['channel_id'])
diff --git a/include/account.php b/include/account.php
index df484e608..8df44acba 100644
--- a/include/account.php
+++ b/include/account.php
@@ -202,7 +202,7 @@ function create_account($arr) {
// Set the parent record to the current record_id if no parent was provided
if(! $parent) {
- $r = q("update account set account_parent = %d where account_id = %d limit 1",
+ $r = q("update account set account_parent = %d where account_id = %d",
intval($result['account']['account_id']),
intval($result['account']['account_id'])
);
@@ -367,16 +367,16 @@ function user_allow($hash) {
if(! $account)
return $ret;
- $r = q("DELETE FROM register WHERE hash = '%s' LIMIT 1",
+ $r = q("DELETE FROM register WHERE hash = '%s'",
dbesc($register[0]['hash'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
intval($register[0]['uid'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
intval($register[0]['uid'])
@@ -430,11 +430,11 @@ function user_deny($hash) {
if(! $account)
return false;
- $r = q("DELETE FROM account WHERE account_id = %d LIMIT 1",
+ $r = q("DELETE FROM account WHERE account_id = %d",
intval($register[0]['uid'])
);
- $r = q("DELETE FROM `register` WHERE id = %d LIMIT 1",
+ $r = q("DELETE FROM `register` WHERE id = %d",
dbesc($register[0]['id'])
);
notice( sprintf(t('Registration revoked for %s'), $account[0]['account_email']) . EOL);
@@ -463,21 +463,21 @@ function user_approve($hash) {
if(! $account)
return $ret;
- $r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify' LIMIT 1",
+ $r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify'",
dbesc($register[0]['hash'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
intval($register[0]['uid'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
intval($register[0]['uid'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_UNVERIFIED),
intval(ACCOUNT_UNVERIFIED),
intval($register[0]['uid'])
@@ -510,11 +510,12 @@ function user_approve($hash) {
function downgrade_accounts() {
- $r = q("select * from account where not ( account_flags & %d )
+ $r = q("select * from account where not ( account_flags & %d )>0
and account_expires != '%s'
- and account_expires < UTC_TIMESTAMP() ",
+ and account_expires < %s ",
intval(ACCOUNT_EXPIRED),
- dbesc(NULL_DATE)
+ dbesc(NULL_DATE),
+ db_getfunc('UTC_TIMESTAMP')
);
if(! $r)
@@ -527,7 +528,7 @@ function downgrade_accounts() {
if(($basic) && ($rr['account_service_class']) && ($rr['account_service_class'] != $basic)) {
$x = q("UPDATE account set account_service_class = '%s', account_expires = '%s'
- where account_id = %d limit 1",
+ where account_id = %d",
dbesc($basic),
dbesc(NULL_DATE),
intval($rr['account_id'])
@@ -537,7 +538,7 @@ function downgrade_accounts() {
logger('downgrade_accounts: Account id ' . $rr['account_id'] . ' downgraded.');
}
else {
- $x = q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d limit 1",
+ $x = q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d",
intval(ACCOUNT_EXPIRED),
intval($rr['account_id'])
);
diff --git a/include/acl_selectors.php b/include/acl_selectors.php
index 5adafff2c..243e7a549 100644
--- a/include/acl_selectors.php
+++ b/include/acl_selectors.php
@@ -171,7 +171,7 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";
$r = q("SELECT abook_id, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash
- where abook_flags = 0 or not ( abook_flags & %d ) and abook_channel = %d
+ where abook_flags = 0 or not ( abook_flags & %d )>0 and abook_channel = %d
$sql_extra
ORDER BY xchan_name ASC ",
intval(ABOOK_FLAG_SELF),
diff --git a/include/api.php b/include/api.php
index 9fe2ef47d..aeee95d3b 100644
--- a/include/api.php
+++ b/include/api.php
@@ -309,7 +309,7 @@ require_once('include/items.php');
return False;
} else {
$user = local_user();
- $extra_query = " AND abook_channel = %d AND (abook_flags & " . ABOOK_FLAG_SELF . " ) ";
+ $extra_query = " AND abook_channel = %d AND (abook_flags & " . ABOOK_FLAG_SELF . " )>0 ";
}
}
@@ -336,7 +336,7 @@ require_once('include/items.php');
// count public wall messages
$r = q("SELECT COUNT(`id`) as `count` FROM `item`
WHERE `uid` = %d
- AND ( item_flags & %d ) and item_restrict = 0
+ AND ( item_flags & %d )>0 and item_restrict = 0
AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
intval($usr[0]['channel_id']),
intval(ITEM_WALL)
@@ -363,7 +363,7 @@ require_once('include/items.php');
$countfollowers = $r[0]['count'];
}
- $r = q("SELECT count(`id`) as `count` FROM item where ( item_flags & %d ) and uid = %d and item_restrict = 0",
+ $r = q("SELECT count(`id`) as `count` FROM item where ( item_flags & %d )>0 and uid = %d and item_restrict = 0",
intval($uinfo[0]['channel_id']),
intval(ITEM_STARRED)
);
@@ -1004,8 +1004,8 @@ require_once('include/items.php');
// at the network timeline just mark everything seen.
if (api_user() == $user_info['uid']) {
- $r = q("UPDATE `item` SET item_flags = ( item_flags ^ %d )
- WHERE item_flags & %d and uid = %d",
+ $r = q("UPDATE `item` SET item_flags = ( item_flags & ~%d )
+ WHERE (item_flags & %d)>0 and uid = %d",
intval(ITEM_UNSEEN),
intval(ITEM_UNSEEN),
intval($user_info['uid'])
@@ -1062,10 +1062,10 @@ require_once('include/items.php');
and uid in ( " . stream_perms_api_uids() . " )
$sql_extra
AND id > %d group by mid
- order by received desc LIMIT %d, %d ",
+ order by received desc LIMIT %d OFFSET %d ",
intval($since_id),
- intval($start),
- intval($count)
+ intval($count),
+ intval($start)
);
xchan_query($r,true);
@@ -1706,9 +1706,9 @@ require_once('include/items.php');
// For Red, the closest thing we can do to figure out if you're friends is if both of you are sending each other your streams.
// This won't work if either of you send your stream to everybody on the network
if($qtype == 'friends')
- $sql_extra = sprintf(" AND ( abook_their_perms & %d ) and ( abook_my_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
+ $sql_extra = sprintf(" AND ( abook_their_perms & %d )>0 and ( abook_my_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
if($qtype == 'followers')
- $sql_extra = sprintf(" AND ( abook_my_perms & %d ) and not ( abook_their_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
+ $sql_extra = sprintf(" AND ( abook_my_perms & %d )>0 and not ( abook_their_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
$r = q("SELECT abook_id FROM abook where abook_flags = 0 and abook_channel = %d $sql_extra",
intval(api_user())
@@ -1822,9 +1822,9 @@ require_once('include/items.php');
// This won't work if either of you send your stream to everybody on the network
if($qtype == 'friends')
- $sql_extra = sprintf(" AND ( abook_their_perms & %d ) and ( abook_my_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
+ $sql_extra = sprintf(" AND ( abook_their_perms & %d )>0 and ( abook_my_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
if($qtype == 'followers')
- $sql_extra = sprintf(" AND ( abook_my_perms & %d ) and not ( abook_their_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
+ $sql_extra = sprintf(" AND ( abook_my_perms & %d )>0 and not ( abook_their_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
$r = q("SELECT abook_id FROM abook where abook_flags = 0 and abook_channel = %d $sql_extra",
intval(api_user())
@@ -1940,9 +1940,9 @@ require_once('include/items.php');
$sql_extra = "`from-url`!='".dbesc( $profile_url )."'";
}
- $r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d,%d",
+ $r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d OFFSET %d",
intval(api_user()),
- intval($start), intval($count)
+ intval($count), intval($start)
);
$ret = Array();
diff --git a/include/apps.php b/include/apps.php
index cd0c2984e..9c4fe826a 100644
--- a/include/apps.php
+++ b/include/apps.php
@@ -267,7 +267,7 @@ function app_install($uid,$app) {
function app_destroy($uid,$app) {
if($uid && $app['guid']) {
- $r = q("delete from app where app_id = '%s' and app_channel = %d limit 1",
+ $r = q("delete from app where app_id = '%s' and app_channel = %d",
dbesc($app['guid']),
intval($uid)
);
@@ -388,7 +388,7 @@ function app_update($arr) {
$darray['app_page'] = ((x($arr,'page')) ? escape_tags($arr['page']) : '');
$darray['app_requires'] = ((x($arr,'requires')) ? escape_tags($arr['requires']) : '');
- $r = q("update app set app_sig = '%s', app_author = '%s', app_name = '%s', app_desc = '%s', app_url = '%s', app_photo = '%s', app_version = '%s', app_addr = '%s', app_price = '%s', app_page = '%s', app_requires = '%s' where app_id = '%s' and app_channel = %d limit 1",
+ $r = q("update app set app_sig = '%s', app_author = '%s', app_name = '%s', app_desc = '%s', app_url = '%s', app_photo = '%s', app_version = '%s', app_addr = '%s', app_price = '%s', app_page = '%s', app_requires = '%s' where app_id = '%s' and app_channel = %d",
dbesc($darray['app_sig']),
dbesc($darray['app_author']),
dbesc($darray['app_name']),
diff --git a/include/attach.php b/include/attach.php
index 6bce617cd..87d618afa 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -400,7 +400,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
$created = datetime_convert();
if($options === 'replace') {
- $r = q("update attach set filename = '%s', filetype = '%s', filesize = %d, data = '%s', edited = '%s' where id = %d and uid = %d limit 1",
+ $r = q("update attach set filename = '%s', filetype = '%s', filesize = %d, data = '%s', edited = '%s' where id = %d and uid = %d",
dbesc($filename),
dbesc($mimetype),
intval($filesize),
@@ -432,7 +432,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
}
elseif($options === 'update') {
$r = q("update attach set filename = '%s', filetype = '%s', edited = '%s',
- allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d limit 1",
+ allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d",
dbesc((array_key_exists('filename',$arr)) ? $arr['filename'] : $x[0]['filename']),
dbesc((array_key_exists('filetype',$arr)) ? $arr['filetype'] : $x[0]['filetype']),
dbesc($created),
@@ -517,7 +517,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') {
if(count($paths) > 1) {
$curpath = array_shift($paths);
- $r = q("select hash, id from attach where uid = %d and filename = '%s' and (flags & %d ) " . permissions_sql($channel_id) . " limit 1",
+ $r = q("select hash, id from attach where uid = %d and filename = '%s' and (flags & %d )>0 " . permissions_sql($channel_id) . " limit 1",
intval($channel_id),
dbesc($curpath),
intval(ATTACH_FLAG_DIR)
@@ -533,7 +533,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') {
else
$paths = array($pathname);
- $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and (flags & %d ) " . permissions_sql($channel_id),
+ $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and (flags & %d )>0 " . permissions_sql($channel_id),
intval($channel_id),
dbesc($parent_hash),
dbesc($paths[0]),
@@ -617,7 +617,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
$sql_options = permissions_sql($channel['channel_id']);
do {
- $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )
+ $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )>0
$sql_options limit 1",
intval($channel['channel_id']),
dbesc($lfile),
@@ -669,7 +669,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
$ret['data'] = $arr;
// update the parent folder's lastmodified timestamp
- $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc($created),
dbesc($arr['folder']),
intval($channel_id)
@@ -722,7 +722,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi
}
}
- $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d limit 1",
+ $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d",
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
@@ -790,13 +790,13 @@ function attach_delete($channel_id, $resource) {
}
// delete from database
- $z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d",
dbesc($resource),
intval($channel_id)
);
// update the parent folder's lastmodified timestamp
- $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc(datetime_convert()),
dbesc($r[0]['folder']),
intval($channel_id)
@@ -831,7 +831,7 @@ function get_cloudpath($arr) {
$lfile = $arr['folder'];
do {
- $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )
+ $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )>0
limit 1",
intval($arr['uid']),
dbesc($lfile),
diff --git a/include/auth.php b/include/auth.php
index 8f68fc562..94c64e58d 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -123,7 +123,7 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
// if our authenticated guest is allowed to take control of the admin channel, make it so.
$admins = get_config('system', 'remote_admin');
if($admins && is_array($admins) && in_array($_SESSION['visitor_id'], $admins)) {
- $x = q("select * from account where account_email = '%s' and account_email != '' and ( account_flags & %d ) limit 1",
+ $x = q("select * from account where account_email = '%s' and account_email != '' and ( account_flags & %d )>0 limit 1",
dbesc(get_config('system', 'admin_email')),
intval(ACCOUNT_ROLE_ADMIN)
);
diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php
index 8a178d1ac..3c4f07568 100644
--- a/include/bb2diaspora.php
+++ b/include/bb2diaspora.php
@@ -277,7 +277,7 @@ function bb2diaspora_itemwallwall(&$item) {
}
if(($item['mid'] == $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (is_array($item['author']))) {
- logger('bb2diaspora_itemwallwall: author: ' . print_r($item['author'],true), LOGGER_DEBUG);
+ logger('bb2diaspora_itemwallwall: author: ' . print_r($item['author'],true), LOGGER_DATA);
}
if(($item['mid'] == $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (is_array($item['author'])) && $item['author']['xchan_url'] && $item['author']['xchan_name'] && $item['author']['xchan_photo_m']) {
@@ -388,7 +388,7 @@ function bb2diaspora_itembody($item,$force_update = false) {
}
}
- logger('bb2diaspora_itembody : ' . $body);
+// logger('bb2diaspora_itembody : ' . $body, LOGGER_DATA);
return html_entity_decode($body);
@@ -462,7 +462,7 @@ function format_event_diaspora($ev) {
$bd_format = t('l F d, Y \@ g:i A') ; // Friday January 18, 2011 @ 8 AM
- $o = 'Friendica event notification:' . "\n";
+ $o = t('Redmatrix event notification:') . "\n";
$o .= '**' . (($ev['summary']) ? bb2diaspora($ev['summary']) : bb2diaspora($ev['desc'])) . '**' . "\n";
diff --git a/include/cache.php b/include/cache.php
index a70650b5e..4a3f453e1 100644
--- a/include/cache.php
+++ b/include/cache.php
@@ -21,7 +21,7 @@
dbesc($key)
);
if($r) {
- q("UPDATE cache SET v = '%s', updated = '%s' WHERE k = '%s' limit 1",
+ q("UPDATE cache SET v = '%s', updated = '%s' WHERE k = '%s'",
dbesc($value),
dbesc(datetime_convert()),
dbesc($key));
diff --git a/include/chat.php b/include/chat.php
index 5c3d0c9d9..533c03dde 100644
--- a/include/chat.php
+++ b/include/chat.php
@@ -77,7 +77,7 @@ function chatroom_destroy($channel,$arr) {
return $ret;
}
- q("delete from chatroom where cr_id = %d limit 1",
+ q("delete from chatroom where cr_id = %d",
intval($r[0]['cr_id'])
);
if($r[0]['cr_id']) {
@@ -129,8 +129,11 @@ function chatroom_enter($observer_xchan,$room_id,$status,$client) {
}
if(intval($x[0]['cr_expire'])) {
- $sql = "delete from chat where created < UTC_TIMESTAMP() - INTERVAL " . intval($x[0]['cr_expire']) . " MINUTE and chat_room = " . intval($x[0]['cr_id']);
- $r = q($sql);
+ $r = q("delete from chat where created < %s - INTERVAL %s and chat_room = %d",
+ db_utcnow(),
+ db_quoteinterval( intval($x[0]['cr_expire']) . ' MINUTE' ),
+ intval($x[0]['cr_id'])
+ );
}
$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1",
@@ -138,7 +141,7 @@ function chatroom_enter($observer_xchan,$room_id,$status,$client) {
intval($room_id)
);
if($r) {
- q("update chatpresence set cp_last = '%s' where cp_id = %d and cp_client = '%s' limit 1",
+ q("update chatpresence set cp_last = '%s' where cp_id = %d and cp_client = '%s'",
dbesc(datetime_convert()),
intval($r[0]['cp_id']),
dbesc($client)
@@ -169,7 +172,7 @@ function chatroom_leave($observer_xchan,$room_id,$client) {
dbesc($client)
);
if($r) {
- q("delete from chatpresence where cp_id = %d limit 1",
+ q("delete from chatpresence where cp_id = %d",
intval($r[0]['cp_id'])
);
}
diff --git a/include/cli_startup.php b/include/cli_startup.php
index f90a75cd1..027d62953 100644
--- a/include/cli_startup.php
+++ b/include/cli_startup.php
@@ -19,8 +19,8 @@ function cli_startup() {
date_default_timezone_set($a->timezone);
require_once('include/dba/dba_driver.php');
- $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data);
- unset($db_host, $db_port, $db_user, $db_pass, $db_data);
+ $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type);
+ unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type);
};
require_once('include/session.php');
diff --git a/include/config.php b/include/config.php
index 3292059d1..9eaa6b2e6 100644
--- a/include/config.php
+++ b/include/config.php
@@ -154,7 +154,7 @@ function set_config($family, $key, $value) {
return $ret;
}
- $ret = q("UPDATE config SET v = '%s' WHERE cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("UPDATE config SET v = '%s' WHERE cat = '%s' AND k = '%s'",
dbesc($dbvalue),
dbesc($family),
dbesc($key)
@@ -185,7 +185,7 @@ function del_config($family, $key) {
if(array_key_exists($family, $a->config) && array_key_exists($key, $a->config[$family]))
unset($a->config[$family][$key]);
- $ret = q("DELETE FROM config WHERE cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("DELETE FROM config WHERE cat = '%s' AND k = '%s'",
dbesc($family),
dbesc($key)
);
@@ -318,7 +318,7 @@ function set_pconfig($uid, $family, $key, $value) {
return $ret;
}
- $ret = q("UPDATE pconfig SET v = '%s' WHERE uid = %d and cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("UPDATE pconfig SET v = '%s' WHERE uid = %d and cat = '%s' AND k = '%s'",
dbesc($dbvalue),
intval($uid),
dbesc($family),
@@ -362,7 +362,7 @@ function del_pconfig($uid, $family, $key) {
if(x($a->config[$uid][$family], $key))
unset($a->config[$uid][$family][$key]);
- $ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
intval($uid),
dbesc($family),
dbesc($key)
@@ -483,7 +483,7 @@ function set_xconfig($xchan, $family, $key, $value) {
return $ret;
}
- $ret = q("UPDATE xconfig SET v = '%s' WHERE xchan = '%s' and cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("UPDATE xconfig SET v = '%s' WHERE xchan = '%s' and cat = '%s' AND k = '%s'",
dbesc($dbvalue),
dbesc($xchan),
dbesc($family),
@@ -517,7 +517,7 @@ function del_xconfig($xchan, $family, $key) {
if(x($a->config[$xchan][$family], $key))
unset($a->config[$xchan][$family][$key]);
- $ret = q("DELETE FROM `xconfig` WHERE `xchan` = '%s' AND `cat` = '%s' AND `k` = '%s' LIMIT 1",
+ $ret = q("DELETE FROM `xconfig` WHERE `xchan` = '%s' AND `cat` = '%s' AND `k` = '%s'",
dbesc($xchan),
dbesc($family),
dbesc($key)
diff --git a/include/contact_widgets.php b/include/contact_widgets.php
index 28a9fcfd3..ee9394e95 100644
--- a/include/contact_widgets.php
+++ b/include/contact_widgets.php
@@ -29,8 +29,7 @@ function findpeople_widget() {
'$random' => t('Random Profile'),
'$inv' => t('Invite Friends'),
'$advanced_search' => $advanced_search,
- '$advanced_hint' => t('Exammple: name=fred and country=iceland'),
- '$find_advanced' => t('Advanced Find'),
+ '$advanced_hint' => "\r\n" . t('Advanced example: name=fred and country=iceland'),
'$loggedin' => local_user()
));
diff --git a/include/conversation.php b/include/conversation.php
index 48fe8af60..c2258c20a 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -1493,8 +1493,12 @@ function network_tabs() {
function profile_tabs($a, $is_owner=False, $nickname=Null){
- //echo "<pre>"; var_dump($a->user); killme();
-
+
+ // Don't provide any profile tabs if we're running as the sys channel
+
+ if($a->is_sys)
+ return;
+
$channel = $a->get_channel();
if (is_null($nickname))
@@ -1551,16 +1555,18 @@ function profile_tabs($a, $is_owner=False, $nickname=Null){
);
}
- require_once('include/chat.php');
- $has_chats = chatroom_list_count($uid);
- if ($has_chats) {
- $tabs[] = array(
- 'label' => t('Chatrooms'),
- 'url' => $a->get_baseurl() . '/chat/' . $nickname,
- 'sel' => ((argv(0) == 'chat') ? 'active' : '' ),
- 'title' => t('Chatrooms'),
- 'id' => 'chat-tab',
- );
+ if($p['chat']) {
+ require_once('include/chat.php');
+ $has_chats = chatroom_list_count($uid);
+ if ($has_chats) {
+ $tabs[] = array(
+ 'label' => t('Chatrooms'),
+ 'url' => $a->get_baseurl() . '/chat/' . $nickname,
+ 'sel' => ((argv(0) == 'chat') ? 'active' : '' ),
+ 'title' => t('Chatrooms'),
+ 'id' => 'chat-tab',
+ );
+ }
}
require_once('include/menu.php');
diff --git a/include/datetime.php b/include/datetime.php
index fe0f29c7a..270be5e3d 100644
--- a/include/datetime.php
+++ b/include/datetime.php
@@ -134,7 +134,17 @@ function dob($dob) {
if(! $f)
$f = 'ymd';
- $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),mktime(0,0,0,$month,$day,$year),'dob');
+ if($dob === '0000-00-00')
+ $value = '';
+ else
+ $value = (($year) ? datetime_convert('UTC','UTC',$dob,'Y-m-d') : datetime_convert('UTC','UTC',$dob,'m-d'));
+
+ $o = '<input type="text" name="dob" value="' . $value . '" placeholder="' . t('YYYY-MM-DD or MM-DD') . '" />';
+
+// if ($dob && $dob != '0000-00-00')
+// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),mktime(0,0,0,$month,$day,$year),'dob');
+// else
+// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),false,'dob');
return $o;
}
@@ -450,7 +460,10 @@ function update_birthdays() {
require_once('include/permissions.php');
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
- WHERE abook_dob > utc_timestamp() + interval 7 day and abook_dob < utc_timestamp() + interval 14 day");
+ WHERE abook_dob > %s + interval %s and abook_dob < %s + interval %s",
+ db_utcnow(), db_quoteinterval('7 day'),
+ db_utcnow(), db_quoteinterval('14 day')
+ );
if($r) {
foreach($r as $rr) {
@@ -472,7 +485,7 @@ function update_birthdays() {
$z = event_store_event($ev);
if($z) {
$item_id = event_store_item($ev,$z);
- q("update abook set abook_dob = '%s' where abook_id = %d limit 1",
+ q("update abook set abook_dob = '%s' where abook_id = %d",
dbesc(intval($rr['abook_dob']) + 1 . substr($rr['abook_dob'],4)),
intval($rr['abook_id'])
);
diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
index 3e19b7aa4..ddff80d7c 100755
--- a/include/dba/dba_driver.php
+++ b/include/dba/dba_driver.php
@@ -1,42 +1,124 @@
-<?php /** @file */
+<?php
+/**
+ * @file dba_driver.php
+ * @brief some database related functions and abstract driver class.
+ *
+ * This file contains the abstract database driver class dba_driver and some
+ * functions for working with databases.
+ */
-function dba_factory($server, $port,$user,$pass,$db,$install = false) {
+/**
+ * @brief Returns the database driver object.
+ *
+ * If available it will use PHP's mysqli otherwise mysql driver.
+ *
+ * @param string $server DB server name
+ * @param string $port DB port
+ * @param string $user DB username
+ * @param string $pass DB password
+ * @param string $db database name
+ * @param string $dbtype 0 for mysql, 1 for postgres
+ * @param bool $install Defaults to false
+ * @return null|dba_driver A database driver object (dba_mysql|dba_mysqli) or null if no driver found.
+ */
+function dba_factory($server, $port,$user,$pass,$db,$dbtype,$install = false) {
$dba = null;
- if(class_exists('mysqli')) {
- if (is_null($port)) $port = ini_get("mysqli.default_port");
- require_once('include/dba/dba_mysqli.php');
- $dba = new dba_mysqli($server, $port,$user,$pass,$db,$install);
- }
- else {
- if (is_null($port)) $port = "3306";
- require_once('include/dba/dba_mysql.php');
- $dba = new dba_mysql($server, $port,$user,$pass,$db,$install);
+ if($dbtype == 1) {
+ require_once('include/dba/dba_postgres.php');
+ if(is_null($port)) $port = 5432;
+ $dba = new dba_postgres($server, $port, $user, $pass, $db, $install);
+ } else {
+ if(class_exists('mysqli')) {
+ if (is_null($port)) $port = ini_get("mysqli.default_port");
+ require_once('include/dba/dba_mysqli.php');
+ $dba = new dba_mysqli($server, $port,$user,$pass,$db,$install);
+ } else {
+ if (is_null($port)) $port = "3306";
+ require_once('include/dba/dba_mysql.php');
+ $dba = new dba_mysql($server, $port,$user,$pass,$db,$install);
+ }
}
-
+ define('NULL_DATE', $dba->get_null_date());
+ define('ACTIVE_DBTYPE', $dbtype);
return $dba;
}
-
+/**
+ * @brief abstract database driver class.
+ *
+ * This class gets extended by the real database driver classes, e.g. dba_mysql,
+ * dba_mysqli.
+ */
abstract class dba_driver {
-
+ // legacy behavior
+ const INSTALL_SCRIPT='install/schema_mysql.sql';
+ const NULL_DATE = '0000-00-00 00:00:00';
+ const UTC_NOW = 'UTC_TIMESTAMP()';
+
protected $debug = 0;
protected $db;
public $connected = false;
public $error = false;
- abstract function connect($server, $port, $user,$pass,$db);
+ /**
+ * @brief Connect to the database.
+ *
+ * This abstract function needs to be implemented in the real driver.
+ *
+ * @param string $server DB server name
+ * @param string $port DB port
+ * @param string $user DB username
+ * @param string $pass DB password
+ * @param string $db database name
+ * @return bool
+ */
+ abstract function connect($server, $port, $user, $pass, $db);
+
+ /**
+ * @brief Perform a DB query with the SQL statement $sql.
+ *
+ * This abstract function needs to be implemented in the real driver.
+ *
+ * @param string $sql The SQL query to execute
+ */
abstract function q($sql);
+
+ /**
+ * @brief Escape a string before being passed to a DB query.
+ *
+ * This abstract function needs to be implemented in the real driver.
+ *
+ * @param string $str The string to escape.
+ */
abstract function escape($str);
+
+ /**
+ * @brief Close the database connection.
+ *
+ * This abstract function needs to be implemented in the real driver.
+ */
abstract function close();
+
function __construct($server, $port, $user,$pass,$db,$install = false) {
- if(($install) && (! $this->install($server, $port, $user,$pass,$db))) {
+ if(($install) && (! $this->install($server, $port, $user, $pass, $db))) {
return;
}
- $this->connect($server, $port, $user,$pass,$db);
+ $this->connect($server, $port, $user, $pass, $db);
}
+ function get_null_date() {
+ return static::NULL_DATE;
+ }
+
+ function get_install_script() {
+ return static::INSTALL_SCRIPT;
+ }
+
+ function utcnow() {
+ return static::UTC_NOW;
+ }
function install($server,$user,$pass,$db) {
if (!(strlen($server) && strlen($user))){
@@ -56,7 +138,11 @@ abstract class dba_driver {
return true;
}
-
+ /**
+ * @brief Sets the database driver's debugging state.
+ *
+ * @param int $dbg 0 to disable debugging
+ */
function dbg($dbg) {
$this->debug = $dbg;
}
@@ -67,10 +153,31 @@ abstract class dba_driver {
}
}
-}
+ function quote_interval($txt) {
+ return $txt;
+ }
+
+ function optimize_table($table) {
+ q('OPTIMIZE TABLE '.$table);
+ }
+
+ function concat($fld, $sep) {
+ return 'GROUP_CONCAT(DISTINCT '.$fld.' SEPARATOR \''.$sep.'\')';
+ }
+
+ function escapebin($str) {
+ return $this->escape($str);
+ }
+
+ function unescapebin($str) {
+ return $str;
+ }
+} // end abstract dba_driver class
+// Procedural functions
+
function printable($s) {
$s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s);
$s = str_replace("\x00",'.',$s);
@@ -79,24 +186,79 @@ function printable($s) {
return $s;
}
-// Procedural functions
-
+/**
+ * @brief set database driver debugging state.
+ *
+ * @param int $state 0 to disable debugging
+ */
function dbg($state) {
global $db;
+
if($db)
- $db->dbg($state);
+ $db->dbg($state);
}
-
+/**
+ * @brief Escape strings being passed to DB queries.
+ *
+ * Always escape strings being used in DB queries. This function returns the
+ * escaped string. Integer DB parameters should all be proven integers by
+ * wrapping with intval().
+ *
+ * @param string $str A string to pass to a DB query
+ * @return Return an escaped string of the value to pass to a DB query.
+ */
function dbesc($str) {
global $db;
+
if($db && $db->connected)
return($db->escape($str));
else
- return(str_replace("'","\\'",$str));
+ return(str_replace("'", "\\'", $str));
+}
+function dbescbin($str) {
+ global $db;
+ return $db->escapebin($str);
+}
+
+function dbunescbin($str) {
+ global $db;
+ return $db->unescapebin($str);
}
+function dbescdate($date) {
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES && $date == '0000-00-00 00:00:00') {
+ $date = NULL_DATE;
+ } else if(ACTIVE_DBTYPE != DBTYPE_POSTGRES && $date == '0001-01-01 00:00:00') {
+ $date = NULL_DATE;
+ }
+ return $date;
+}
+
+function db_quoteinterval($txt) {
+ global $db;
+ return $db->quote_interval($txt);
+}
+
+function dbesc_identifier($str) {
+ global $db;
+ return $db->escape_identifier($txt);
+}
+
+function db_utcnow() {
+ global $db;
+ return $db->utcnow();
+}
+
+function db_optimizetable($table) {
+ global $db;
+ $db->optimize_table($table);
+}
+function db_concat($fld, $sep) {
+ global $db;
+ return $db->concat($fld, $sep);
+}
// Function: q($sql,$args);
// Description: execute SQL query with printf style args.
@@ -104,68 +266,108 @@ function dbesc($str) {
// 'user', 1);
+/**
+ * @brief Execute a SQL query with printf style args.
+ *
+ * printf style arguments %s and %d are replaced with variable arguments, which
+ * should each be appropriately dbesc() or intval().
+ * SELECT queries return an array of results or false if SQL or DB error. Other
+ * queries return true if the command was successful or false if it wasn't.
+ *
+ * Example:
+ * $r = q("SELECT * FROM `%s` WHERE `uid` = %d",
+ * 'user', 1);
+ *
+ * @param string $sql The SQL query to execute
+ * @return bool|array
+ */
function q($sql) {
-
global $db;
+
$args = func_get_args();
unset($args[0]);
if($db && $db->connected) {
- $stmt = vsprintf($sql,$args);
+ $stmt = vsprintf($sql, $args);
if($stmt === false) {
- if(version_compare(PHP_VERSION,'5.4.0') >= 0)
- logger('dba: vsprintf error: ' . print_r(debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT,1),true));
+ if(version_compare(PHP_VERSION, '5.4.0') >= 0)
+ logger('dba: vsprintf error: ' .
+ print_r(debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT, 1), true));
else
- logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true));
+ logger('dba: vsprintf error: ' . print_r(debug_backtrace(), true));
}
return $db->q($stmt);
}
- /**
- *
+ /*
* This will happen occasionally trying to store the
* session data after abnormal program termination
- *
*/
logger('dba: no database: ' . print_r($args,true));
- return false;
+ return false;
}
/**
+ * @brief Raw DB query, no arguments.
*
- * Raw db query, no arguments
+ * This function executes a raw DB query without any arguments.
*
+ * @param string $sql The SQL query to execute
*/
-
-
function dbq($sql) {
-
global $db;
+
if($db && $db->connected)
$ret = $db->q($sql);
else
$ret = false;
+
return $ret;
}
-// Caller is responsible for ensuring that any integer arguments to
+
+// Caller is responsible for ensuring that any integer arguments to
// dbesc_array are actually integers and not malformed strings containing
// SQL injection vectors. All integer array elements should be specifically
// cast to int to avoid trouble.
-
-
function dbesc_array_cb(&$item, $key) {
- if(is_string($item))
+ if(is_string($item)) {
+ if($item == '0000-00-00 00:00:00' && ACTIVE_DBTYPE == DBTYPE_POSTGRES)
+ $item = '0001-01-01 00:00:00';
$item = dbesc($item);
+ }
}
-
function dbesc_array(&$arr) {
if(is_array($arr) && count($arr)) {
array_walk($arr,'dbesc_array_cb');
}
}
+
+function db_getfunc($f) {
+ $lookup = array(
+ 'rand'=>array(
+ DBTYPE_MYSQL=>'RAND()',
+ DBTYPE_POSTGRES=>'RANDOM()'
+ ),
+ 'utc_timestamp'=>array(
+ DBTYPE_MYSQL=>'UTC_TIMESTAMP()',
+ DBTYPE_POSTGRES=>"now() at time zone 'UTC'"
+ ),
+ 'regexp'=>array(
+ DBTYPE_MYSQL=>'REGEXP',
+ DBTYPE_POSTGRES=>'~'
+ )
+ );
+ $f = strtolower($f);
+ if(isset($lookup[$f]) && isset($lookup[$f][ACTIVE_DBTYPE]))
+ return $lookup[$f][ACTIVE_DBTYPE];
+
+ logger('Unable to abstract DB function "'. $f . '"', LOG_DEBUG);
+ return $f;
+}
+
diff --git a/include/dba/dba_postgres.php b/include/dba/dba_postgres.php
new file mode 100644
index 000000000..a390292a5
--- /dev/null
+++ b/include/dba/dba_postgres.php
@@ -0,0 +1,112 @@
+<?php
+
+require_once('include/dba/dba_driver.php');
+
+
+class dba_postgres extends dba_driver {
+ const INSTALL_SCRIPT='install/schema_postgres.sql';
+ const NULL_DATE = '0001-01-01 00:00:00';
+ const UTC_NOW = "now() at time zone 'UTC'";
+
+ function connect($server,$port,$user,$pass,$db) {
+ if(!$port) $port = 5432;
+ $connstr = 'host=' . $server . ' port='.$port . ' user=' . $user . ' password=' . $pass . ' dbname='. $db;
+ $this->db = pg_connect($connstr);
+ if($this->db !== false) {
+ $this->connected = true;
+ } else {
+ $this->connected = false;
+ }
+ $this->q("SET standard_conforming_strings = 'off'; SET backslash_quote = 'on';"); // emulate mysql string escaping to prevent massive code-clobber
+ return $this->connected;
+ }
+
+ function q($sql) {
+ if((! $this->db) || (! $this->connected))
+ return false;
+
+ if(!strpos($sql, ';'))
+ $sql .= ';';
+
+ if(strpos($sql, '`')) // this is a hack. quoted identifiers should be replaced everywhere in the code with dbesc_identifier(), remove this once it is
+ $sql = str_replace('`', '"', $sql);
+
+ $this->error = '';
+ $result = @pg_query($this->db, $sql);
+ if(file_exists('db-allqueries.out')) {
+ $bt = debug_backtrace();
+ $trace = array();
+ foreach($bt as $frame) {
+ if(!empty($frame['file']) && @strstr($frame['file'], $_SERVER['DOCUMENT_ROOT']))
+ $frame['file'] = substr($frame['file'], strlen($_SERVER['DOCUMENT_ROOT'])+1);
+
+ $trace[] = $frame['file'] . ':' . $frame['function'] . '():' . $frame['line'] ;
+ }
+ $compact = join(', ', $trace);
+ file_put_contents('db-allqueries.out', datetime_convert() . ": " . $sql . ' is_resource: '.var_export(is_resource($result), true).', backtrace: '.$compact."\n\n", FILE_APPEND);
+ }
+
+ if($result === false)
+ $this->error = pg_last_error($this->db);
+
+ if($result === false || $this->error) {
+ //logger('dba_postgres: ' . printable($sql) . ' returned false.' . "\n" . $this->error);
+ if(file_exists('dbfail.out'))
+ file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
+ }
+
+ if(($result === true) || ($result === false))
+ return $result;
+
+ if(pg_result_status($result) == PGSQL_COMMAND_OK)
+ return true;
+
+ $r = array();
+ if(pg_num_rows($result)) {
+ while($x = pg_fetch_array($result, null, PGSQL_ASSOC))
+ $r[] = $x;
+ pg_free_result($result);
+ if($this->debug)
+ logger('dba_postgres: ' . printable(print_r($r,true)));
+ }
+ return $r;
+ }
+
+ function escape($str) {
+ if($this->db && $this->connected) {
+ $x = @pg_escape_string($this->db, $str);
+ return $x;
+ }
+ }
+
+ function escapebin($str) {
+ return pg_escape_bytea($str);
+ }
+
+ function unescapebin($str) {
+ return pg_unescape_bytea($str);
+ }
+
+ function close() {
+ if($this->db)
+ pg_close($this->db);
+ $this->connected = false;
+ }
+
+ function quote_interval($txt) {
+ return "'$txt'";
+ }
+
+ function escape_identifier($str) {
+ return pg_escape_identifier($this->db, $str);
+ }
+
+ function optimize_table($table) {
+ // perhaps do some equivalent thing here, vacuum, etc? I think this is the DBA's domain anyway. Applications should not need to muss with this.
+ // for now do nothing without a compelling reason. function overrides default legacy mysql.
+ }
+
+ function concat($fld, $sep) {
+ return 'string_agg(' . $fld . ',\'' . $sep . '\')';
+ }
+} \ No newline at end of file
diff --git a/include/deliver.php b/include/deliver.php
index f4fae6061..47d8562df 100644
--- a/include/deliver.php
+++ b/include/deliver.php
@@ -24,13 +24,13 @@ function deliver_run($argv, $argc) {
$result = z_post_url($r[0]['outq_posturl'],$r[0]['outq_msg']);
if($result['success'] && $result['return_code'] < 300) {
logger('deliver: queue post success to ' . $r[0]['outq_posturl'], LOGGER_DEBUG);
- $y = q("delete from outq where outq_hash = '%s' limit 1",
+ $y = q("delete from outq where outq_hash = '%s'",
dbesc($argv[$x])
);
}
else {
logger('deliver: queue post returned ' . $result['return_code'] . ' from ' . $r[0]['outq_posturl'],LOGGER_DEBUG);
- $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1",
+ $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'",
dbesc(datetime_convert()),
dbesc($argv[$x])
);
@@ -38,16 +38,34 @@ function deliver_run($argv, $argc) {
continue;
}
- if($r[0]['outq_posturl'] === z_root() . '/post') {
+ $notify = json_decode($r[0]['outq_notify'],true);
+
+ // Check if this is a conversation request packet. It won't have outq_msg
+ // but will be an encrypted packet - so will need to be handed off to
+ // web delivery rather than processed inline.
+
+ $sendtoweb = false;
+ if(array_key_exists('iv',$notify) && (! $r[0]['outq_msg']))
+ $sendtoweb = true;
+
+ if(($r[0]['outq_posturl'] === z_root() . '/post') && (! $sendtoweb)) {
logger('deliver: local delivery', LOGGER_DEBUG);
// local delivery
// we should probably batch these and save a few delivery processes
- // If there is no outq_msg, this is a refresh_all message which does not require local handling
- if($r[0]['outq_msg']) {
- $msg = array('body' => json_encode(array('pickup' => array(array('notify' => json_decode($r[0]['outq_notify'],true),'message' => json_decode($r[0]['outq_msg'],true))))));
- zot_import($msg,z_root());
- $r = q("delete from outq where outq_hash = '%s' limit 1",
+ if($r[0]['outq_msg']) {
+ $m = json_decode($r[0]['outq_msg'],true);
+ if(array_key_exists('message_list',$m)) {
+ foreach($m['message_list'] as $mm) {
+ $msg = array('body' => json_encode(array('pickup' => array(array('notify' => $notify,'message' => $mm)))));
+ zot_import($msg,z_root());
+ }
+ }
+ else {
+ $msg = array('body' => json_encode(array('pickup' => array(array('notify' => $notify,'message' => $m)))));
+ zot_import($msg,z_root());
+ }
+ $r = q("delete from outq where outq_hash = '%s'",
dbesc($argv[$x])
);
}
@@ -59,7 +77,7 @@ function deliver_run($argv, $argc) {
zot_process_response($r[0]['outq_posturl'],$result, $r[0]);
}
else {
- $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1",
+ $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'",
dbesc(datetime_convert()),
dbesc($argv[$x])
);
diff --git a/include/diaspora.php b/include/diaspora.php
index c6d4b7423..09521b82b 100755
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -58,7 +58,7 @@ function diaspora_dispatch($importer,$msg,$attempt=1) {
$xmlbase = $parsed_xml->post;
- logger('diaspora_dispatch: ' . print_r($xmlbase,true), LOGGER_DATA);
+// logger('diaspora_dispatch: ' . print_r($xmlbase,true), LOGGER_DATA);
if($xmlbase->request) {
@@ -657,7 +657,7 @@ function diaspora_request($importer,$xml) {
$newperms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK|PERMS_W_STREAM|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT|PERMS_R_STORAGE|PERMS_R_PAGES;
- $r = q("update abook set abook_their_perms = %d where abook_id = %d and abook_channel = %d limit 1",
+ $r = q("update abook set abook_their_perms = %d where abook_id = %d and abook_channel = %d",
intval($newperms),
intval($contact['abook_id']),
intval($importer['channel_id'])
@@ -673,16 +673,15 @@ function diaspora_request($importer,$xml) {
return;
}
- $default_perms = 0;
- // look for default permissions to apply in return - e.g. auto-friend
- $z = q("select * from abook where abook_channel = %d and (abook_flags & %d) limit 1",
- intval($importer['channel_id']),
- intval(ABOOK_FLAG_SELF)
- );
-
- if($z)
- $default_perms = intval($z[0]['abook_my_perms']);
-
+ $role = get_pconfig($channel['channel_id'],'system','permissions_role');
+ if($role) {
+ $x = get_role_perms($role);
+ if($x['perms_auto'])
+ $default_perms = $x['perms_accept'];
+ }
+ if(! $default_perms)
+ $default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms'));
+
$their_perms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK|PERMS_W_STREAM|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT|PERMS_R_STORAGE|PERMS_R_PAGES;
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_my_perms, abook_their_perms, abook_closeness, abook_rating, abook_created, abook_updated, abook_connected, abook_dob, abook_flags) values ( %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', %d )",
diff --git a/include/dir_fns.php b/include/dir_fns.php
index f58e7c307..8f27fb85d 100644
--- a/include/dir_fns.php
+++ b/include/dir_fns.php
@@ -38,7 +38,7 @@ function check_upstream_directory() {
*/
$directory = get_config('system','directory_server');
if ($directory) {
- $r = q("select * from site where site_url = '%s' and (site_flags & %d) ",
+ $r = q("select * from site where site_url = '%s' and (site_flags & %d)>0 ",
dbesc($directory),
intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY|DIRECTORY_MODE_STANDALONE)
);
@@ -86,14 +86,14 @@ function sync_directories($dirmode) {
$realm = get_directory_realm();
if($realm == DIRECTORY_REALM) {
- $r = q("select * from site where (site_flags & %d) and site_url != '%s' and ( site_realm = '%s' or site_realm = '') ",
+ $r = q("select * from site where (site_flags & %d)>0 and site_url != '%s' and ( site_realm = '%s' or site_realm = '') ",
intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY),
dbesc(z_root()),
dbesc($realm)
);
}
else {
- $r = q("select * from site where (site_flags & %d) and site_url != '%s' and site_realm like '%s' ",
+ $r = q("select * from site where (site_flags & %d)>0 and site_url != '%s' and site_realm like '%s' ",
intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY),
dbesc(z_root()),
dbesc(protect_sprintf('%' . $realm . '%'))
@@ -120,7 +120,7 @@ function sync_directories($dirmode) {
dbesc($r[0]['site_realm'])
);
- $r = q("select * from site where (site_flags & %d) and site_url != '%s'",
+ $r = q("select * from site where (site_flags & %d)>0 and site_url != '%s'",
intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY),
dbesc(z_root())
);
@@ -146,7 +146,7 @@ function sync_directories($dirmode) {
if((! $j['transactions']) || (! is_array($j['transactions'])))
continue;
- q("update site set site_sync = '%s' where site_url = '%s' limit 1",
+ q("update site set site_sync = '%s' where site_url = '%s'",
dbesc(datetime_convert()),
dbesc($rr['site_url'])
);
@@ -267,7 +267,7 @@ function local_dir_update($uid,$force) {
if($new_flags != $r[0]['xchan_flags']) {
- $r = q("update xchan set xchan_flags = %d where xchan_hash = '%s' limit 1",
+ $r = q("update xchan set xchan_flags = %d where xchan_hash = '%s'",
intval($new_flags),
dbesc($p[0]['channel_hash'])
);
@@ -281,10 +281,10 @@ function local_dir_update($uid,$force) {
}
else {
// they may have made it private
- $r = q("delete from xprof where xprof_hash = '%s' limit 1",
+ $r = q("delete from xprof where xprof_hash = '%s'",
dbesc($hash)
);
- $r = q("delete from xtag where xtag_hash = '%s' limit 1",
+ $r = q("delete from xtag where xtag_hash = '%s'",
dbesc($hash)
);
}
diff --git a/include/directory.php b/include/directory.php
index 60070f7ec..a7324a99a 100644
--- a/include/directory.php
+++ b/include/directory.php
@@ -42,7 +42,7 @@ function directory_run($argv, $argc){
local_dir_update($argv[1],$force);
- q("update channel set channel_dirdate = '%s' where channel_id = %d limit 1",
+ q("update channel set channel_dirdate = '%s' where channel_id = %d",
dbesc(datetime_convert()),
intval($channel['channel_id'])
);
@@ -85,7 +85,7 @@ function directory_run($argv, $argc){
);
}
else {
- q("update channel set channel_dirdate = '%s' where channel_id = %d limit 1",
+ q("update channel set channel_dirdate = '%s' where channel_id = %d",
dbesc(datetime_convert()),
intval($channel['channel_id'])
);
diff --git a/include/enotify.php b/include/enotify.php
index 2503f9ab0..f3eb80117 100644
--- a/include/enotify.php
+++ b/include/enotify.php
@@ -18,7 +18,7 @@ function notification($params) {
}
if($params['to_xchan']) {
$y = q("select channel.*, account.* from channel left join account on channel_account_id = account_id
- where channel_hash = '%s' and not (channel_pageflags & %d) limit 1",
+ where channel_hash = '%s' and not (channel_pageflags & %d)>0 limit 1",
dbesc($params['to_xchan']),
intval(PAGE_REMOVED)
);
@@ -394,7 +394,7 @@ function notification($params) {
if(($a->language === 'en' || (! $a->language)) && strpos($msg,', '))
$msg = substr($msg,strpos($msg,', ')+1);
- $r = q("update notify set msg = '%s' where id = %d and uid = %d limit 1",
+ $r = q("update notify set msg = '%s' where id = %d and uid = %d",
dbesc($msg),
intval($notify_id),
intval($datarray['uid'])
diff --git a/include/event.php b/include/event.php
index 03ecaa0a7..d95e8b401 100644
--- a/include/event.php
+++ b/include/event.php
@@ -183,7 +183,7 @@ function event_store_event($arr) {
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s'
- WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ WHERE `id` = %d AND `uid` = %d",
dbesc($arr['edited']),
dbesc($arr['start']),
@@ -284,7 +284,7 @@ function event_addtocal($item_id, $uid) {
$event = event_store_event($ev);
if($event) {
- $r = q("update item set resource_id = '%s', resource_type = 'event' where id = %d and uid = %d limit 1",
+ $r = q("update item set resource_id = '%s', resource_type = 'event' where id = %d and uid = %d",
dbesc($event['event_hash']),
intval($item['id']),
intval($channel['channel_id'])
@@ -359,7 +359,7 @@ function event_store_item($arr,$event) {
$private = (($arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid']) ? 1 : 0);
- q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d, item_private = %d WHERE id = %d AND uid = %d LIMIT 1",
+ q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d, item_private = %d WHERE id = %d AND uid = %d",
dbesc($arr['summary']),
dbesc($prefix . format_event_bbcode($arr)),
dbesc($object),
diff --git a/include/expire.php b/include/expire.php
index 442914a39..a229bd4ac 100644
--- a/include/expire.php
+++ b/include/expire.php
@@ -7,9 +7,10 @@ function expire_run($argv, $argc){
cli_startup();
- $r = q("select id from item where (item_restrict & %d) and not (item_restrict & %d) and changed < UTC_TIMESTAMP() - INTERVAL 10 DAY",
+ $r = q("select id from item where (item_restrict & %d)>0 and not (item_restrict & %d)>0 and changed < %s - INTERVAL %s",
intval(ITEM_DELETED),
- intval(ITEM_PENDING_REMOVE)
+ intval(ITEM_PENDING_REMOVE),
+ db_utcnow(), db_quoteinterval('10 DAY')
);
if($r) {
foreach($r as $rr) {
@@ -19,8 +20,9 @@ function expire_run($argv, $argc){
// physically remove anything that has been deleted for more than two months
- $r = q("delete from item where ( item_restrict & %d ) and changed < UTC_TIMESTAMP() - INTERVAL 36 DAY",
- intval(ITEM_PENDING_REMOVE)
+ $r = q("delete from item where ( item_restrict & %d )>0 and changed < %s - INTERVAL %s",
+ intval(ITEM_PENDING_REMOVE),
+ db_utcnow(), db_quoteinterval('36 DAY')
);
// make this optional as it could have a performance impact on large sites
diff --git a/include/externals.php b/include/externals.php
index 280daf4a4..0be5d0fde 100644
--- a/include/externals.php
+++ b/include/externals.php
@@ -25,7 +25,8 @@ function externals_run($argv, $argc){
$url = $arr['url'];
}
else {
- $r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d order by rand() limit 1",
+ $randfunc = db_getfunc('RAND');
+ $r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d order by $randfunc limit 1",
dbesc(z_root()),
intval(DIRECTORY_MODE_STANDALONE)
);
@@ -76,7 +77,7 @@ function externals_run($argv, $argc){
$x = z_fetch_url($feedurl);
if(($x) && ($x['success'])) {
- q("update site set site_pull = '%s' where site_url = '%s' limit 1",
+ q("update site set site_pull = '%s' where site_url = '%s'",
dbesc(datetime_convert()),
dbesc($url)
);
@@ -99,12 +100,12 @@ $z = null;
$flag_bits = ITEM_WALL|ITEM_ORIGIN|ITEM_UPLINK;
// preserve the source
- $r = q("update item set source_xchan = owner_xchan where id = %d limit 1",
+ $r = q("update item set source_xchan = owner_xchan where id = %d",
intval($z[0]['id'])
);
$r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s'
- where id = %d limit 1",
+ where id = %d",
intval($flag_bits),
dbesc($sys['xchan_hash']),
intval($z[0]['id'])
diff --git a/include/follow.php b/include/follow.php
index 20fd7f5fc..1abd0e3b9 100644
--- a/include/follow.php
+++ b/include/follow.php
@@ -37,7 +37,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
// check service class limits
- $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d) ",
+ $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
intval($uid),
intval(ABOOK_FLAG_SELF)
);
@@ -64,13 +64,9 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$j = json_decode($ret['body'],true);
}
- if($is_red && $j) {
-
+ $my_perms = get_channel_default_perms($uid);
- // fixme - we need to be able to define these somewhere for the custom role
- $my_perms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
- |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
- |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+ if($is_red && $j) {
$role = get_pconfig($uid,'system','permissions_role');
if($role) {
@@ -141,7 +137,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
}
}
- $my_perms = 0;
$their_perms = 0;
$xchan_hash = '';
@@ -168,7 +163,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
if($r) {
$xchan_hash = $r[0]['xchan_hash'];
$their_perms = 0;
- $my_perms = PERMS_W_STREAM|PERMS_W_MAIL;
$role = get_pconfig($uid,'system','permissions_role');
if($role) {
$x = get_role_perms($role);
@@ -209,8 +203,9 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
return $result;
}
- $r = q("select count(*) as total from abook where abook_account = %d and ( abook_flags & ABOOK_FLAG_FEED )",
- intval($aid)
+ $r = q("select count(*) as total from abook where abook_account = %d and ( abook_flags & %d )>0",
+ intval($aid),
+ intval(ABOOK_FLAG_FEED)
);
if($r)
$total_feeds = $r[0]['total'];
@@ -231,7 +226,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
intval($uid)
);
if($r) {
- $x = q("update abook set abook_their_perms = %d where abook_id = %d limit 1",
+ $x = q("update abook set abook_their_perms = %d where abook_id = %d",
intval($their_perms),
intval($r[0]['abook_id'])
);
diff --git a/include/group.php b/include/group.php
index d4f08108f..28cf5d80d 100644
--- a/include/group.php
+++ b/include/group.php
@@ -18,10 +18,11 @@ function group_add($uid,$name,$public = 0) {
intval($r)
);
if(count($z) && $z[0]['deleted']) {
- $r = q("UPDATE `groups` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
+ /*$r = q("UPDATE `groups` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
intval($uid),
dbesc($name)
- );
+ );*/
+ q('UPDATE groups SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL);
}
return true;
@@ -107,7 +108,7 @@ function group_rmv($uid,$name) {
);
// remove group
- $r = q("UPDATE `groups` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
+ $r = q("UPDATE `groups` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s'",
intval($uid),
dbesc($name)
);
@@ -152,7 +153,7 @@ function group_rmv_member($uid,$name,$member) {
return false;
if(! ( $uid && $gid && $member))
return false;
- $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND xchan = '%s' LIMIT 1 ",
+ $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND xchan = '%s' ",
intval($uid),
intval($gid),
dbesc($member)
@@ -199,7 +200,7 @@ function group_get_members($gid) {
if(intval($gid)) {
$r = q("SELECT * FROM `group_member`
LEFT JOIN abook ON abook_xchan = `group_member`.`xchan` left join xchan on xchan_hash = abook_xchan
- WHERE `gid` = %d AND abook_channel = %d and `group_member`.`uid` = %d and not ( xchan_flags & %d ) and not ( abook_flags & %d ) and not ( abook_flags & %d ) ORDER BY xchan_name ASC ",
+ WHERE `gid` = %d AND abook_channel = %d and `group_member`.`uid` = %d and not ( xchan_flags & %d )>0 and not ( abook_flags & %d )>0 and not ( abook_flags & %d )>0 ORDER BY xchan_name ASC ",
intval($gid),
intval(local_user()),
intval(local_user()),
diff --git a/include/hubloc.php b/include/hubloc.php
index 0a1b51331..43187fcee 100644
--- a/include/hubloc.php
+++ b/include/hubloc.php
@@ -96,7 +96,7 @@ function remove_obsolete_hublocs() {
? intval(get_config('system','delivery_interval')) : 2 );
foreach($r as $rr) {
- q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d limit 1",
+ q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d",
intval(HUBLOC_FLAGS_DELETED),
intval($rr['hubloc_id'])
);
@@ -134,7 +134,7 @@ function hubloc_change_primary($hubloc) {
dbesc($hubloc['hubloc_hash'])
);
if(($r) && (! $r[0]['channel_primary'])) {
- q("update channel set channel_primary = 1 where channel_id = %d limit 1",
+ q("update channel set channel_primary = 1 where channel_id = %d",
intval($r[0]['channel_id'])
);
}
@@ -156,7 +156,7 @@ function hubloc_change_primary($hubloc) {
$url = $hubloc['hubloc_url'];
$lwebbie = substr($hubloc['hubloc_addr'],0,strpos($hubloc['hubloc_addr'],'@'));
- $r = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_follow = '%s', xchan_connurl = '%s' where xchan_hash = '%s' limit 1",
+ $r = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_follow = '%s', xchan_connurl = '%s' where xchan_hash = '%s'",
dbesc($hubloc['hubloc_addr']),
dbesc($url . '/channel/' . $lwebbie),
dbesc($url . '/follow?f=&url=%s'),
@@ -214,7 +214,7 @@ function xchan_store($arr) {
return $r;
$photos = import_profile_photo($arr['photo'],$arr['hash']);
- $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' limit 1",
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
dbesc(datetime_convert()),
dbesc($photos[0]),
dbesc($photos[1]),
diff --git a/include/identity.php b/include/identity.php
index 9a574ea65..a238959a5 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -22,7 +22,7 @@ require_once('include/crypto.php');
function identity_check_service_class($account_id) {
$ret = array('success' => false, $message => '');
- $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d ) ",
+ $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d )>0 ",
intval($account_id),
intval(PAGE_REMOVED)
);
@@ -104,7 +104,7 @@ function create_sys_channel() {
}
function get_sys_channel() {
- $r = q("select * from channel left join xchan on channel_hash = xchan_hash where (channel_pageflags & %d) limit 1",
+ $r = q("select * from channel left join xchan on channel_hash = xchan_hash where (channel_pageflags & %d)>0 limit 1",
intval(PAGE_SYSTEM)
);
if($r)
@@ -132,7 +132,7 @@ function is_sys_channel($channel_id) {
*/
function channel_total() {
- $r = q("select channel_id from channel where not ( channel_pageflags & %d )",
+ $r = q("select channel_id from channel where not ( channel_pageflags & %d )>0",
intval(PAGE_REMOVED)
);
@@ -348,10 +348,13 @@ function create_identity($arr) {
dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}")
);
- $myperms = 0;
if($role_permissions) {
$myperms = ((array_key_exists('perms_auto',$role_permissions) && $role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0);
}
+ else
+ $myperms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags, abook_my_perms )
values ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ",
@@ -373,6 +376,8 @@ function create_identity($arr) {
set_pconfig($newuid,'system','permissions_role',$arr['permissions_role']);
if(array_key_exists('online',$role_permissions))
set_pconfig($newuid,'system','hide_presence',1-intval($role_permissions['online']));
+ if(array_key_exists('perms_auto',$role_permissions))
+ set_pconfig($newuid,'system','autoperms',(($role_permissions['perms_auto']) ? $role_permissions['perms_accept'] : 0));
}
// Create a group with yourself as a member. This allows somebody to use it
@@ -390,7 +395,7 @@ function create_identity($arr) {
dbesc( t('Friends') )
);
if($r) {
- q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d limit 1",
+ q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d",
dbesc($r[0]['hash']),
dbesc('<' . $r[0]['hash'] . '>'),
intval($newuid)
@@ -446,7 +451,7 @@ function set_default_login_identity($account_id,$channel_id,$force = true) {
);
if($r) {
if((intval($r[0]['account_default_channel']) == 0) || ($force)) {
- $r = q("update account set account_default_channel = %d where account_id = %d limit 1",
+ $r = q("update account set account_default_channel = %d where account_id = %d",
intval($channel_id),
intval($account_id)
);
@@ -584,7 +589,7 @@ function identity_basic_export($channel_id, $items = false) {
// warning: this may run into memory limits on smaller systems
- $r = q("select * from item where (item_flags & %d) and not (item_restrict & %d) and uid = %d",
+ $r = q("select * from item where (item_flags & %d)>0 and not (item_restrict & %d)>0 and uid = %d",
intval(ITEM_WALL),
intval(ITEM_DELETED),
intval($channel_id)
@@ -673,7 +678,7 @@ function profile_load(&$a, $nickname, $profile = '') {
if(! $p) {
$p = q("SELECT profile.uid AS profile_uid, profile.*, channel.* FROM profile
LEFT JOIN channel ON profile.uid = channel.channel_id
- WHERE channel.channel_address = '%s' and not ( channel_pageflags & %d )
+ WHERE channel.channel_address = '%s' and not ( channel_pageflags & %d )>0
AND profile.is_default = 1 LIMIT 1",
dbesc($nickname),
intval(PAGE_REMOVED)
@@ -885,6 +890,8 @@ function profile_sidebar($profile, $block = 0, $show_connect = true) {
|| (x($profile,'country_name') == 1))
$location = t('Location:');
+ $profile['homepage'] = linkify($profile['homepage']);
+
$gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
$marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
$homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
@@ -1466,7 +1473,7 @@ function get_channel_by_nick($nick) {
function identity_selector() {
if(local_user()) {
- $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and not ( channel_pageflags & %d ) order by channel_name ",
+ $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and not ( channel_pageflags & %d )>0 order by channel_name ",
intval(get_account_id()),
intval(PAGE_REMOVED)
);
@@ -1546,7 +1553,7 @@ function notifications_off($channel_id) {
$r = q("select channel_notifyflags from channel where channel_id = %d limit 1",
intval($channel_id)
);
- $x = q("update channel set channel_notifyflags = 0 where channel_id = %d limit 1",
+ $x = q("update channel set channel_notifyflags = 0 where channel_id = %d",
intval($channel_id)
);
@@ -1556,9 +1563,21 @@ function notifications_off($channel_id) {
function notifications_on($channel_id,$value) {
- $x = q("update channel set channel_notifyflags = %d where channel_id = %d limit 1",
+ $x = q("update channel set channel_notifyflags = %d where channel_id = %d",
intval($value),
intval($channel_id)
);
return $x;
+}
+
+
+function get_channel_default_perms($uid) {
+
+ $r = q("select abook_my_perms from abook where abook_channel = %d and abook_flags & %d limit 1",
+ intval($uid),
+ intval(ABOOK_FLAG_SELF)
+ );
+ if($r)
+ return $r[0]['abook_my_perms'];
+ return 0;
} \ No newline at end of file
diff --git a/include/items.php b/include/items.php
index 41c211953..6447de4e7 100755
--- a/include/items.php
+++ b/include/items.php
@@ -30,7 +30,7 @@ function collect_recipients($item,&$private_envelope) {
// as that would allow the denied person to see the post by logging out.
if((! $item['allow_cid']) && (! $item['allow_gid'])) {
- $r = q("select * from abook where abook_channel = %d and not (abook_flags & %d) ",
+ $r = q("select * from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
intval($item['uid']),
intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED)
);
@@ -68,7 +68,7 @@ function collect_recipients($item,&$private_envelope) {
$private_envelope = false;
if(array_key_exists('public_policy',$item) && $item['public_policy'] !== 'self') {
- $r = q("select abook_xchan, xchan_network from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d) ",
+ $r = q("select abook_xchan, xchan_network from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d)>0 ",
intval($item['uid']),
intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED)
);
@@ -258,7 +258,7 @@ function add_source_route($iid,$hash) {
);
if($r) {
$new_route = (($r[0]['route']) ? $r[0]['route'] . ',' : '') . $hash;
- q("update item set route = '%s' where id = %d limit 1",
+ q("update item set route = '%s' where id = %d",
(dbesc($new_route)),
intval($iid)
);
@@ -969,7 +969,7 @@ function import_author_rss($x) {
$photos = import_profile_photo($x['photo']['src'],$x['url']);
if($photos) {
- $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'rss' limit 1",
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'rss'",
dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])),
dbesc($photos[0]),
dbesc($photos[1]),
@@ -1014,7 +1014,7 @@ function import_author_unknown($x) {
$photos = import_profile_photo($x['photo']['src'],$x['url']);
if($photos) {
- $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'unknown' limit 1",
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'unknown'",
dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])),
dbesc($photos[0]),
dbesc($photos[1]),
@@ -2213,7 +2213,7 @@ function item_store($arr,$allow_exec = false) {
$r = q("UPDATE item SET parent = %d, allow_cid = '%s', allow_gid = '%s',
deny_cid = '%s', deny_gid = '%s', public_policy = '%s', item_private = %d, comments_closed = '%s'
- WHERE id = %d LIMIT 1",
+ WHERE id = %d",
intval($parent_id),
dbesc($allow_cid),
dbesc($allow_gid),
@@ -2258,13 +2258,13 @@ function item_store($arr,$allow_exec = false) {
// update the commented timestamp on the parent
- $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and not ( item_restrict & %d ) ",
+ $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and not ( item_restrict & %d )>0 ",
dbesc($arr['parent_mid']),
intval($arr['uid']),
intval(ITEM_DELAYED_PUBLISH)
);
- q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d LIMIT 1",
+ q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d",
dbesc(($z) ? $z[0]['commented'] : (datetime_convert())),
dbesc(datetime_convert()),
intval($parent_id)
@@ -2476,7 +2476,7 @@ function item_store_update($arr,$allow_exec = false) {
$str .= " `" . $k . "` = '" . $v . "' ";
}
- $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id . " limit 1");
+ $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id );
if($r)
logger('item_store_update: updated item ' . $orig_post_id, LOGGER_DEBUG);
@@ -2553,7 +2553,7 @@ function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id,
$key = get_config('system','pubkey');
$y = crypto_encapsulate(json_encode($x),$key);
- $r = q("update item set diaspora_meta = '%s' where id = %d limit 1",
+ $r = q("update item set diaspora_meta = '%s' where id = %d",
dbesc(json_encode($y)),
intval($post_id)
);
@@ -2749,7 +2749,7 @@ function tag_deliver($uid,$item_id) {
$taglink = get_rel_link($j_obj['link'],'alternate');
store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_HASHTAG,$j_obj['title'],$j_obj['id']);
- $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d limit 1",
+ $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d",
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
@@ -2815,7 +2815,7 @@ function tag_deliver($uid,$item_id) {
if($mention) {
logger('tag_deliver: mention found for ' . $u[0]['channel_name']);
- $r = q("update item set item_flags = ( item_flags | %d ) where id = %d limit 1",
+ $r = q("update item set item_flags = ( item_flags | %d ) where id = %d",
intval(ITEM_MENTIONSME),
intval($item_id)
);
@@ -2930,7 +2930,7 @@ function tgroup_check($uid,$item) {
// or is a followup and we have already accepted the top level post as an uplink
if($item['mid'] != $item['parent_mid']) {
- $r = q("select id from item where mid = '%s' and uid = %d and ( item_flags & %d ) limit 1",
+ $r = q("select id from item where mid = '%s' and uid = %d and ( item_flags & %d )>0 limit 1",
dbesc($item['parent_mid']),
intval($uid),
intval(ITEM_UPLINK)
@@ -2974,7 +2974,15 @@ function tgroup_check($uid,$item) {
// At this point we've determined that the person receiving this post was mentioned in it.
// Now let's check if this mention was inside a reshare so we don't spam a forum
- $body = preg_replace('/\[share(.*?)\[\/share\]/','',$item['body']);
+
+ $body = $item['body'];
+
+ if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED) && $body) {
+ $key = get_config('system','prvkey');
+ $body = crypto_unencapsulate(json_decode($body,true),$key);
+ }
+
+ $body = preg_replace('/\[share(.*?)\[\/share\]/','',$body);
$pattern = '/@\!?\[zrl\=' . preg_quote($term['url'],'/') . '\]' . preg_quote($term['term'] . '+','/') . '\[\/zrl\]/';
@@ -3020,14 +3028,14 @@ function start_delivery_chain($channel,$item,$item_id,$parent) {
// when we created the delivery fork
if($parent) {
- $r = q("update item set source_xchan = '%s' where id = %d limit 1",
+ $r = q("update item set source_xchan = '%s' where id = %d",
dbesc($parent['source_xchan']),
intval($item_id)
);
}
else {
$flag_bits = $flag_bits | ITEM_UPLINK;
- $r = q("update item set source_xchan = owner_xchan where id = %d limit 1",
+ $r = q("update item set source_xchan = owner_xchan where id = %d",
intval($item_id)
);
}
@@ -3057,7 +3065,7 @@ function start_delivery_chain($channel,$item,$item_id,$parent) {
}
$r = q("update item set item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
- deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s' where id = %d limit 1",
+ deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s' where id = %d",
intval($flag_bits),
dbesc($channel['channel_hash']),
dbesc($channel['channel_allow_cid']),
@@ -3097,7 +3105,7 @@ function start_delivery_chain($channel,$item,$item_id,$parent) {
function check_item_source($uid,$item) {
- $r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' || src_xchan = '*' ) limit 1",
+ $r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' or src_xchan = '*' ) limit 1",
intval($uid),
dbesc(($item['source_xchan']) ? $item['source_xchan'] : $item['owner_xchan'])
);
@@ -3837,17 +3845,17 @@ function item_expire($uid,$days) {
$expire_network_only = 1;
- $sql_extra = ((intval($expire_network_only)) ? " AND not (item_flags & " . intval(ITEM_WALL) . ") " : "");
+ $sql_extra = ((intval($expire_network_only)) ? " AND not (item_flags & " . intval(ITEM_WALL) . ")>0 " : "");
$r = q("SELECT * FROM `item`
WHERE `uid` = %d
- AND `created` < UTC_TIMESTAMP() - INTERVAL %d DAY
+ AND `created` < %s - INTERVAL %s
AND `id` = `parent`
$sql_extra
- AND NOT ( item_flags & %d )
+ AND NOT ( item_flags & %d )>0
AND (item_restrict = 0 ) ",
intval($uid),
- intval($days),
+ db_utcnow(), db_quoteinterval(intval($days).' DAY'),
intval(ITEM_RETAINED)
);
@@ -3885,7 +3893,7 @@ function item_expire($uid,$days) {
}
function retain_item($id) {
- $r = q("update item set item_flags = (item_flags | %d ) where id = %d limit 1",
+ $r = q("update item set item_flags = (item_flags | %d ) where id = %d",
intval(ITEM_RETAINED),
intval($id)
);
@@ -3961,7 +3969,7 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) {
// set the deleted flag immediately on this item just in case the
// hook calls a remote process which loops. We'll delete it properly in a second.
- $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ) WHERE id = %d LIMIT 1",
+ $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ) WHERE id = %d",
intval(ITEM_DELETED),
intval($item['id'])
);
@@ -4018,7 +4026,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
switch($stage) {
case DROPITEM_PHASE2:
$r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '',
- changed = '%s', edited = '%s' WHERE id = %d LIMIT 1",
+ changed = '%s', edited = '%s' WHERE id = %d",
intval(ITEM_PENDING_REMOVE),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
@@ -4028,7 +4036,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
case DROPITEM_PHASE1:
$r = q("UPDATE item SET item_restrict = ( item_restrict | %d ),
- changed = '%s', edited = '%s' WHERE id = %d LIMIT 1",
+ changed = '%s', edited = '%s' WHERE id = %d",
intval(ITEM_DELETED),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
@@ -4039,7 +4047,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
case DROPITEM_NORMAL:
default:
$r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '',
- changed = '%s', edited = '%s' WHERE id = %d LIMIT 1",
+ changed = '%s', edited = '%s' WHERE id = %d",
intval(ITEM_DELETED),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
@@ -4051,7 +4059,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
// immediately remove any undesired profile likes.
- q("delete from likes where iid = %d and channel_id = %d limit 1",
+ q("delete from likes where iid = %d and channel_id = %d",
intval($item['id']),
intval($item['uid'])
);
@@ -4062,7 +4070,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
if(strlen($item['resource_id'])) {
if($item['resource_type'] === 'event') {
- q("delete from event where event_hash = '%s' and uid = %d limit 1",
+ q("delete from event where event_hash = '%s' and uid = %d",
dbesc($item['resource_id']),
intval($item['uid'])
);
@@ -4082,12 +4090,12 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
if($stage == DROPITEM_PHASE1)
return true;
- $r = q("delete from term where otype = %d and oid = %d limit 1",
+ $r = q("delete from term where otype = %d and oid = %d",
intval(TERM_OBJ_POST),
intval($item['id'])
);
- q("delete from item_id where iid = %d and uid = %d limit 1",
+ q("delete from item_id where iid = %d and uid = %d",
intval($item['id']),
intval($item['uid'])
);
@@ -4106,7 +4114,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
function first_post_date($uid,$wall = false) {
- $wall_sql = (($wall) ? sprintf(" and item_flags & %d ", ITEM_WALL) : "" );
+ $wall_sql = (($wall) ? sprintf(" and (item_flags & %d)>0 ", ITEM_WALL) : "" );
$r = q("select id, created from item
where item_restrict = %d and uid = %d and id = parent $wall_sql
@@ -4128,10 +4136,13 @@ function first_post_date($uid,$wall = false) {
* current flat list of all representative dates.
*/
-function list_post_dates($uid,$wall) {
+function list_post_dates($uid,$wall,$mindate) {
$dnow = datetime_convert('',date_default_timezone_get(),'now','Y-m-d');
- $dthen = first_post_date($uid,$wall);
+ if($mindate)
+ $dthen = datetime_convert('',date_default_timezone_get(),$mindate);
+ else
+ $dthen = first_post_date($uid,$wall);
if(! $dthen)
return array();
@@ -4249,14 +4260,24 @@ function fetch_post_tags($items,$link = false) {
-function zot_feed($uid,$observer_xchan,$mindate) {
+function zot_feed($uid,$observer_xchan,$arr) {
$result = array();
- $mindate = datetime_convert('UTC','UTC',$mindate);
+ $mindate = null;
+ $message_id = null;
+
+ if(array_key_exists('mindate',$arr)) {
+ $mindate = datetime_convert('UTC','UTC',$arr['mindate']);
+ }
+
+ if(array_key_exists('message_id',$arr)) {
+ $message_id = $arr['message_id'];
+ }
+
+
if(! $mindate)
$mindate = NULL_DATE;
-
$mindate = dbesc($mindate);
logger('zot_feed: ' . $uid);
@@ -4278,23 +4299,28 @@ function zot_feed($uid,$observer_xchan,$mindate) {
else
$limit = " limit 0, 50 ";
+ if($message_id) {
+ $sql_extra .= " and mid = '" . dbesc($message_id) . "' ";
+ $limit = '';
+ }
+
$items = array();
if(is_sys_channel($uid)) {
require_once('include/security.php');
- $r = q("SELECT distinct parent from item
+ $r = q("SELECT distinct parent, created from item
WHERE uid != %d
and uid in (" . stream_perms_api_uids(PERMS_PUBLIC) . ") AND item_restrict = 0
- AND (item_flags & %d)
+ AND (item_flags & %d)>0
and item_private = 0 $sql_extra ORDER BY created ASC $limit",
intval($uid),
intval(ITEM_WALL)
);
}
else {
- $r = q("SELECT distinct parent from item
+ $r = q("SELECT distinct parent, created from item
WHERE uid = %d AND item_restrict = 0
- AND (item_flags & %d)
+ AND (item_flags & %d)>0
$sql_extra ORDER BY created ASC $limit",
intval($uid),
intval(ITEM_WALL)
@@ -4357,12 +4383,12 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
}
if($arr['star'])
- $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ") ";
+ $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ")>0 ";
if($arr['wall'])
- $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ") ";
+ $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ")>0 ";
- $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") $sql_options ) ";
+ $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ")>0 $sql_options ) ";
if($arr['since_id'])
$sql_extra .= " and item.id > " . $since_id . " ";
@@ -4400,7 +4426,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
}
elseif($arr['cid'] && $uid) {
- $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ") limit 1",
+ $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ")>0 limit 1",
intval($arr['cid']),
intval(local_user())
);
@@ -4440,7 +4466,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
}
if($arr['conv'] && $channel) {
- $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d ))) ",
+ $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d )>0)) ",
dbesc(protect_sprintf($uidhash)),
intval(ITEM_MENTIONSME)
);
@@ -4456,11 +4482,11 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
else {
$itemspage = (($channel) ? get_pconfig($uid,'system','itemspage') : 20);
$a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
- $pager_sql = sprintf(" LIMIT %d, %d ",intval(get_app()->pager['start']), intval(get_app()->pager['itemspage']));
+ $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(get_app()->pager['itemspage']), intval(get_app()->pager['start']));
}
if(isset($arr['start']) && isset($arr['records']))
- $pager_sql = sprintf(" LIMIT %d, %d ",intval($arr['start']), intval($arr['records']));
+ $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($arr['records']), intval($arr['start']));
if(array_key_exists('cmin',$arr) || array_key_exists('cmax',$arr)) {
if(($arr['cmin'] != 0) || ($arr['cmax'] != 99)) {
@@ -4482,7 +4508,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
}
}
- $simple_update = (($client_mode & CLIENT_MODE_UPDATE) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : '');
+ $simple_update = (($client_mode & CLIENT_MODE_UPDATE) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " )>0 " : '');
if($client_mode & CLIENT_MODE_LOAD)
$simple_update = '';
@@ -4526,7 +4552,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
// Fetch a page full of parent items for this page
- $r = q("SELECT distinct item.id AS item_id FROM item
+ $r = q("SELECT distinct item.id AS item_id, item.$ordering FROM item
left join abook on item.author_xchan = abook.abook_xchan
WHERE $item_uids $item_restrict
AND item.parent = item.id
@@ -4624,7 +4650,7 @@ function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remo
dbesc($page_type)
);
if($r) {
- q("update item_id set sid = '%s' where id = %d limit 1",
+ q("update item_id set sid = '%s' where id = %d",
dbesc(($pagetitle) ? $pagetitle : substr($mid,0,16)),
intval($r[0]['id'])
);
@@ -4655,7 +4681,7 @@ function item_add_cid($xchan_hash,$mid,$uid) {
dbesc('<' . $xchan_hash . '>')
);
if(! $r) {
- $r = q("update item set allow_cid = concat(allow_cid,'%s') where mid = '%s' and uid = %d limit 1",
+ $r = q("update item set allow_cid = concat(allow_cid,'%s') where mid = '%s' and uid = %d",
dbesc('<' . $xchan_hash . '>'),
dbesc($mid),
intval($uid)
@@ -4670,7 +4696,7 @@ function item_remove_cid($xchan_hash,$mid,$uid) {
dbesc('<' . $xchan_hash . '>')
);
if($r) {
- $x = q("update item set allow_cid = '%s' where mid = '%s' and uid = %d limit 1",
+ $x = q("update item set allow_cid = '%s' where mid = '%s' and uid = %d",
dbesc(str_replace('<' . $xchan_hash . '>','',$r[0]['allow_cid'])),
dbesc($mid),
intval($uid)
diff --git a/include/menu.php b/include/menu.php
index 8997d2e39..9dc236605 100644
--- a/include/menu.php
+++ b/include/menu.php
@@ -176,7 +176,7 @@ function menu_edit($arr) {
}
return q("update menu set menu_name = '%s', menu_desc = '%s', menu_flags = %d
- where menu_id = %d and menu_channel_id = %d limit 1",
+ where menu_id = %d and menu_channel_id = %d",
dbesc($menu_name),
dbesc($menu_desc),
intval($menu_flags),
@@ -303,7 +303,7 @@ function menu_edit_item($menu_id, $uid, $arr) {
}
- $r = q("update menu_item set mitem_link = '%s', mitem_desc = '%s', mitem_flags = %d, allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', mitem_order = %d where mitem_channel_id = %d and mitem_menu_id = %d and mitem_id = %d limit 1",
+ $r = q("update menu_item set mitem_link = '%s', mitem_desc = '%s', mitem_flags = %d, allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', mitem_order = %d where mitem_channel_id = %d and mitem_menu_id = %d and mitem_id = %d",
dbesc($mitem_link),
dbesc($mitem_desc),
intval($mitem_flags),
@@ -323,7 +323,7 @@ function menu_edit_item($menu_id, $uid, $arr) {
function menu_del_item($menu_id,$uid,$item_id) {
- $r = q("delete from menu_item where mitem_menu_id = %d and mitem_channel_id = %d and mitem_id = %d limit 1",
+ $r = q("delete from menu_item where mitem_menu_id = %d and mitem_channel_id = %d and mitem_id = %d",
intval($menu_id),
intval($uid),
intval($item_id)
diff --git a/include/message.php b/include/message.php
index b063530d6..49278f273 100644
--- a/include/message.php
+++ b/include/message.php
@@ -243,7 +243,7 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
$limit = '';
if($numitems)
- $limit = " LIMIT " . intval($start) . ", " . intval($numitems);
+ $limit = " LIMIT " . intval($numitems) . " OFFSET " . intval($start);
if($mailbox !== '') {
$x = q("select channel_hash from channel where channel_id = %d limit 1",
@@ -332,7 +332,7 @@ function private_messages_fetch_message($channel_id, $messageitem_id, $updatesee
}
if($updateseen) {
- $r = q("UPDATE `mail` SET mail_flags = (mail_flags ^ %d) where not (mail_flags & %d) and id = %d AND channel_id = %d",
+ $r = q("UPDATE `mail` SET mail_flags = (mail_flags | %d) where not (mail_flags & %d)>0 and id = %d AND channel_id = %d",
intval(MAIL_SEEN),
intval(MAIL_SEEN),
dbesc($messageitem_id),
@@ -363,7 +363,7 @@ function private_messages_drop($channel_id, $messageitem_id, $drop_conversation
}
}
else {
- $r = q("DELETE FROM mail WHERE id = %d AND channel_id = %d LIMIT 1",
+ $r = q("DELETE FROM mail WHERE id = %d AND channel_id = %d",
intval($messageitem_id),
intval($channel_id)
);
@@ -421,7 +421,7 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda
if($updateseen) {
- $r = q("UPDATE `mail` SET mail_flags = (mail_flags ^ %d) where not (mail_flags & %d) and parent_mid = '%s' AND channel_id = %d",
+ $r = q("UPDATE `mail` SET mail_flags = (mail_flags | %d) where not (mail_flags & %d)>0 and parent_mid = '%s' AND channel_id = %d",
intval(MAIL_SEEN),
intval(MAIL_SEEN),
dbesc($r[0]['parent_mid']),
diff --git a/include/nav.php b/include/nav.php
index f1f89db20..b4aa0f14a 100644
--- a/include/nav.php
+++ b/include/nav.php
@@ -38,7 +38,7 @@ EOT;
intval($channel['channel_id'])
);
- $chans = q("select channel_name, channel_id from channel where channel_account_id = %d and not ( channel_pageflags & %d ) order by channel_name ",
+ $chans = q("select channel_name, channel_id from channel where channel_account_id = %d and not ( channel_pageflags & %d )>0 order by channel_name ",
intval(get_account_id()),
intval(PAGE_REMOVED)
);
@@ -173,7 +173,7 @@ EOT;
$nav['search'] = array('search', t('Search'), "", t('Search site content'));
- $nav['directory'] = array('directory', t('Directory'), "", t('Channel Locator'));
+ $nav['directory'] = array('directory', t('Directory'), "", t('Channel Directory'));
/**
diff --git a/include/network.php b/include/network.php
index 25ed615c6..ee2a6a59b 100644
--- a/include/network.php
+++ b/include/network.php
@@ -991,7 +991,7 @@ function discover_by_url($url,$arr = null) {
);
$photos = import_profile_photo($photo,$guid);
- $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' limit 1",
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
dbesc(datetime_convert()),
dbesc($photos[0]),
dbesc($photos[1]),
@@ -1104,7 +1104,7 @@ function discover_by_webbie($webbie) {
dbesc($vcard['fn']),
dbesc($network),
dbesc(z_root()),
- dbesc(datetime_convert())
+ dbescdate(datetime_convert())
);
$r = q("select * from hubloc where hubloc_hash = '%s' limit 1",
@@ -1119,13 +1119,13 @@ function discover_by_webbie($webbie) {
dbesc(trim($diaspora_base,'/')),
dbesc($hostname),
dbesc($notify),
- dbesc(datetime_convert()),
+ dbescdate(datetime_convert()),
intval(HUBLOC_FLAGS_PRIMARY)
);
}
$photos = import_profile_photo($vcard['photo'],$addr);
- $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' limit 1",
- dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])),
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
+ dbescdate(datetime_convert('UTC','UTC',$arr['photo_updated'])),
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
diff --git a/include/notifier.php b/include/notifier.php
index 79a6886ad..cb97fcdf8 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -58,6 +58,7 @@ require_once('include/html2plain.php');
* expire channel_id
* relay item_id (item was relayed to owner, we will deliver it as owner)
* location channel_id
+ * request channel_id xchan_hash message_id
*
*/
@@ -98,7 +99,7 @@ function notifier_run($argv, $argc){
// Get the recipient
$r = q("select abook.*, hubloc.* from abook
left join hubloc on hubloc_hash = abook_xchan
- where abook_id = %d and not ( abook_flags & %d ) limit 1",
+ where abook_id = %d and not ( abook_flags & %d )>0 limit 1",
intval($item_id),
intval(ABOOK_FLAG_SELF)
);
@@ -142,6 +143,7 @@ function notifier_run($argv, $argc){
$expire = false;
+ $request = false;
$mail = false;
$fsuggest = false;
$top_level = false;
@@ -175,6 +177,22 @@ function notifier_run($argv, $argc){
$channel = $s[0];
}
+ elseif($cmd === 'request') {
+ $channel_id = $item_id;
+ $xchan = $argv[3];
+ $request_message_id = $argv[4];
+
+ $s = q("select * from channel where channel_id = %d limit 1",
+ intval($channel_id)
+ );
+ if($s)
+ $channel = $s[0];
+
+ $private = true;
+ $recipients[] = $xchan;
+ $packet_type = 'request';
+ $normal_mode = false;
+ }
elseif($cmd === 'expire') {
// FIXME
@@ -187,11 +205,12 @@ function notifier_run($argv, $argc){
$normal_mode = false;
$expire = true;
- $items = q("SELECT * FROM item WHERE uid = %d AND ( item_flags & %d )
- AND ( item_restrict & %d ) AND `changed` > UTC_TIMESTAMP() - INTERVAL 10 MINUTE",
+ $items = q("SELECT * FROM item WHERE uid = %d AND ( item_flags & %d )>0
+ AND ( item_restrict & %d )>0 AND `changed` > %s - INTERVAL %s",
intval($item_id),
intval(ITEM_WALL),
- intval(ITEM_DELETED)
+ intval(ITEM_DELETED),
+ db_utcnow(), db_quoteinterval('10 MINUTE')
);
$uid = $item_id;
$item_id = 0;
@@ -477,13 +496,19 @@ function notifier_run($argv, $argc){
where hubloc_hash in (" . implode(',',$recipients) . ") group by hubloc_sitekey order by hubloc_connected desc limit 1");
}
else {
-
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $r = q("select distinct on (hubloc_sitekey) hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host from hubloc
+ where hubloc_hash in (" . implode(',',$recipients) . ") and not (hubloc_flags & %d)>0 and not (hubloc_status & %d)>0",
+ intval(HUBLOC_FLAGS_DELETED),
+ intval(HUBLOC_OFFLINE)
+ );
+ } else {
$r = q("select hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host from hubloc
- where hubloc_hash in (" . implode(',',$recipients) . ") and not (hubloc_flags & %d) and not (hubloc_status & %d) group by hubloc_sitekey",
+ where hubloc_hash in (" . implode(',',$recipients) . ") and not (hubloc_flags & %d)>0 and not (hubloc_status & %d)>0 group by hubloc_sitekey",
intval(HUBLOC_FLAGS_DELETED),
intval(HUBLOC_OFFLINE)
);
-
+ }
}
if(! $r) {
@@ -550,6 +575,7 @@ function notifier_run($argv, $argc){
'mail' => $mail,
'location' => $location,
'fsuggest' => $fsuggest,
+ 'request' => $request,
'normal_mode' => $normal_mode,
'packet_type' => $packet_type,
'walltowall' => $walltowall
@@ -579,6 +605,21 @@ function notifier_run($argv, $argc){
dbesc('')
);
}
+ elseif($packet_type === 'request') {
+ $n = zot_build_packet($channel,'request',$env_recips,$hub['hubloc_sitekey'],$hash,array('message_id' => $request_message_id));
+ q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_created, outq_updated, outq_notify, outq_msg ) values ( '%s', %d, %d, '%s', '%s', %d, '%s', '%s', '%s', '%s' )",
+ dbesc($hash),
+ intval($channel['channel_account_id']),
+ intval($channel['channel_id']),
+ dbesc('zot'),
+ dbesc($hub['hubloc_callback']),
+ intval(1),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($n),
+ dbesc('')
+ );
+ }
else {
$n = zot_build_packet($channel,'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null),$hash);
q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_created, outq_updated, outq_notify, outq_msg ) values ( '%s', %d, %d, '%s', '%s', %d, '%s', '%s', '%s', '%s' )",
diff --git a/include/onedirsync.php b/include/onedirsync.php
index 8ae1df5e5..09c4c9d9a 100644
--- a/include/onedirsync.php
+++ b/include/onedirsync.php
@@ -35,13 +35,13 @@ function onedirsync_run($argv, $argc){
// (where we received this update from) ?
// If we have, we don't need to do anything except mark any older entries updated
- $x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d ) order by ud_date desc limit 1",
+ $x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d )>0 order by ud_date desc limit 1",
dbesc($r[0]['ud_addr']),
dbesc($r[0]['ud_date']),
intval(UPDATE_FLAGS_UPDATED)
);
if($x) {
- $y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not ( ud_flags & %d ) and ud_date < '%s' ",
+ $y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not ( ud_flags & %d )>0 and ud_date < '%s' ",
intval(UPDATE_FLAGS_UPDATED),
dbesc($r[0]['ud_addr']),
intval(UPDATE_FLAGS_UPDATED),
diff --git a/include/onepoll.php b/include/onepoll.php
index 98d52db93..095edd095 100644
--- a/include/onepoll.php
+++ b/include/onepoll.php
@@ -15,12 +15,6 @@ function onepoll_run($argv, $argc){
logger('onepoll: start');
- $manual_id = 0;
- $generation = 0;
-
- $force = false;
- $restart = false;
-
if(($argc > 1) && (intval($argv[1])))
$contact_id = intval($argv[1]);
@@ -28,14 +22,14 @@ function onepoll_run($argv, $argc){
logger('onepoll: no contact');
return;
}
-
+
$d = datetime_convert();
$contacts = q("SELECT abook.*, xchan.*, account.*
FROM abook LEFT JOIN account on abook_account = account_id left join xchan on xchan_hash = abook_xchan
where abook_id = %d
- AND (( abook_flags & %d ) OR ( abook_flags = %d ))
- AND NOT ( abook_flags & %d )
+ AND (( abook_flags & %d )>0 OR ( abook_flags = %d ))
+ AND NOT ( abook_flags & %d )>0
AND (( account_flags = %d ) OR ( account_flags = %d )) limit 1",
intval($contact_id),
intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_UNCONNECTED|ABOOK_FLAG_FEED),
@@ -75,7 +69,7 @@ function onepoll_run($argv, $argc){
if($contact['xchan_network'] === 'rss') {
logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG);
handle_feed($importer['channel_id'],$contact_id,$contact['xchan_hash']);
- q("update abook set abook_connected = '%s' where abook_id = %d limit 1",
+ q("update abook set abook_connected = '%s' where abook_id = %d",
dbesc(datetime_convert()),
intval($contact['abook_id'])
);
@@ -90,18 +84,19 @@ function onepoll_run($argv, $argc){
$x = zot_refresh($contact,$importer);
$responded = false;
- $updated = datetime_convert();
+ $updated = datetime_convert();
+ $connected = datetime_convert();
if(! $x) {
// mark for death by not updating abook_connected, this is caught in include/poller.php
- q("update abook set abook_updated = '%s' where abook_id = %d limit 1",
+ q("update abook set abook_updated = '%s' where abook_id = %d",
dbesc($updated),
intval($contact['abook_id'])
);
}
else {
- q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d limit 1",
- dbesc($updated),
+ q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d",
dbesc($updated),
+ dbesc($connected),
intval($contact['abook_id'])
);
$responded = true;
@@ -120,7 +115,9 @@ function onepoll_run($argv, $argc){
if($fetch_feed) {
$feedurl = str_replace('/poco/','/zotfeed/',$contact['xchan_connurl']);
- $x = z_fetch_url($feedurl . '?f=&mindate=' . urlencode($last_update));
+ $feedurl .= '?f=&mindate=' . urlencode($last_update);
+
+ $x = z_fetch_url($feedurl);
logger('feed_update: ' . print_r($x,true), LOGGER_DATA);
@@ -143,13 +140,14 @@ function onepoll_run($argv, $argc){
}
}
- // fetch some items
- // set last updated timestamp
+
+ // update the poco details for this connection
if($contact['xchan_connurl']) {
$r = q("SELECT xlink_id from xlink
- where xlink_xchan = '%s' and xlink_updated > UTC_TIMESTAMP() - INTERVAL 1 DAY limit 1",
- intval($contact['xchan_hash'])
+ where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s limit 1",
+ intval($contact['xchan_hash']),
+ db_utcnow(), db_quoteinterval('1 DAY')
);
if(! $r) {
poco_load($contact['xchan_hash'],$contact['xchan_connurl']);
diff --git a/include/permissions.php b/include/permissions.php
index 186ba32d8..0ad28b3f1 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -97,7 +97,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
if(! $abook_checked) {
$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
- where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1",
+ where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1",
intval($uid),
dbesc($observer_xchan),
intval(ABOOK_FLAG_SELF)
@@ -269,7 +269,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
return true;
$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
- where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1",
+ where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1",
intval($uid),
dbesc($observer_xchan),
intval(ABOOK_FLAG_SELF)
@@ -549,7 +549,7 @@ function get_role_perms($role) {
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
- $ret['channel_w_stream'] = PERMS_CONTACTS;
+ $ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS;
$ret['channel_w_tagwall'] = PERMS_CONTACTS;
$ret['channel_w_comment'] = PERMS_CONTACTS;
@@ -581,7 +581,7 @@ function get_role_perms($role) {
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
- $ret['channel_w_stream'] = PERMS_CONTACTS;
+ $ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_CONTACTS;
@@ -614,7 +614,7 @@ function get_role_perms($role) {
$ret['channel_r_profile'] = PERMS_CONTACTS;
$ret['channel_r_photos'] = PERMS_CONTACTS;
$ret['channel_r_abook'] = PERMS_CONTACTS;
- $ret['channel_w_stream'] = PERMS_CONTACTS;
+ $ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS;
$ret['channel_w_tagwall'] = 0;
$ret['channel_w_comment'] = PERMS_CONTACTS;
diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php
index 508d82957..e63125671 100644
--- a/include/photo/photo_driver.php
+++ b/include/photo/photo_driver.php
@@ -341,7 +341,7 @@ abstract class photo_driver {
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s'
- where id = %d limit 1",
+ where id = %d",
intval($p['aid']),
intval($p['uid']),
@@ -354,7 +354,7 @@ abstract class photo_driver {
dbesc($p['album']),
intval($this->getHeight()),
intval($this->getWidth()),
- dbesc($this->imageString()),
+ dbescbin($this->imageString()),
intval(strlen($this->imageString())),
intval($p['scale']),
intval($p['profile']),
@@ -383,7 +383,7 @@ abstract class photo_driver {
dbesc($p['album']),
intval($this->getHeight()),
intval($this->getWidth()),
- dbesc($this->imageString()),
+ dbescbin($this->imageString()),
intval(strlen($this->imageString())),
intval($p['scale']),
intval($p['profile']),
@@ -428,7 +428,7 @@ abstract class photo_driver {
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s'
- where id = %d limit 1",
+ where id = %d",
intval($aid),
intval($uid),
@@ -441,7 +441,7 @@ abstract class photo_driver {
dbesc($album),
intval($this->getHeight()),
intval($this->getWidth()),
- dbesc($this->imageString()),
+ dbescbin($this->imageString()),
intval(strlen($this->imageString())),
intval($scale),
intval($profile),
@@ -467,7 +467,7 @@ abstract class photo_driver {
dbesc($album),
intval($this->getHeight()),
intval($this->getWidth()),
- dbesc($this->imageString()),
+ dbescbin($this->imageString()),
intval(strlen($this->imageString())),
intval($scale),
intval($profile),
@@ -562,7 +562,7 @@ function import_profile_photo($photo,$xchan,$thing = false) {
if($thing)
$hash = photo_new_resource();
else {
- $r = q("select resource_id from photo where xchan = '%s' and (photo_flags & %d ) and scale = 4 limit 1",
+ $r = q("select resource_id from photo where xchan = '%s' and (photo_flags & %d )>0 and scale = 4 limit 1",
dbesc($xchan),
intval(PHOTO_XCHAN)
);
diff --git a/include/photos.php b/include/photos.php
index badbbd791..2393153c6 100644
--- a/include/photos.php
+++ b/include/photos.php
@@ -44,9 +44,10 @@ function photo_upload($channel, $observer, $args) {
*
*/
- $r = q("SELECT * FROM photo WHERE album = '%s' AND uid = %d AND created > UTC_TIMESTAMP() - INTERVAL 3 HOUR ",
+ $r = q("SELECT * FROM photo WHERE album = '%s' AND uid = %d AND created > %s - INTERVAL %s ",
dbesc($album),
- intval($channel_id)
+ intval($channel_id),
+ db_utcnow(), db_quoteinterval('3 HOUR')
);
if((! $r) || ($album == t('Profile Photos')))
$visible = 1;
@@ -178,7 +179,7 @@ function photo_upload($channel, $observer, $args) {
if($args['title'])
$p['title'] = $args['title'];
if($args['description'])
- $p['desciprion'] = $args['description'];
+ $p['description'] = $args['description'];
$r1 = $ph->save($p);
@@ -291,7 +292,7 @@ function photos_albums_list($channel,$observer) {
$sql_extra = permissions_sql($channel_id);
- $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and ( photo_flags = %d or photo_flags = %d ) $sql_extra group by album order by created desc",
+ $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and ( photo_flags = %d or photo_flags = %d ) $sql_extra group by album order by max(created) desc",
intval($channel_id),
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE)
@@ -431,7 +432,7 @@ function photos_create_item($channel, $creator_hash, $photo, $visible = false) {
// Create item container
$item_flags = ITEM_WALL|ITEM_ORIGIN|ITEM_THREAD_TOP;
- $item_restrict = (($visible) ? ITEM_HIDDEN : ITEM_VISIBLE);
+ $item_restrict = (($visible) ? ITEM_VISIBLE : ITEM_HIDDEN);
$title = '';
$mid = item_message_id();
diff --git a/include/plugin.php b/include/plugin.php
index 4f9ab71da..e500ccc56 100755
--- a/include/plugin.php
+++ b/include/plugin.php
@@ -102,7 +102,7 @@ function load_plugin($plugin) {
// This way the system won't fall over dead during the update.
if(file_exists('addon/' . $plugin . '/.hidden')) {
- q("update addon set hidden = 1 where name = '%s' limit 1",
+ q("update addon set hidden = 1 where name = '%s'",
dbesc($plugin)
);
}
@@ -158,7 +158,7 @@ function reload_plugins() {
$func = $pl . '_load';
$func();
}
- q("UPDATE `addon` SET `timestamp` = %d WHERE `id` = %d LIMIT 1",
+ q("UPDATE `addon` SET `timestamp` = %d WHERE `id` = %d",
intval($t),
intval($i['id'])
);
@@ -208,7 +208,7 @@ function register_hook($hook, $file, $function, $priority = 0) {
* @return mixed
*/
function unregister_hook($hook, $file, $function) {
- $r = q("DELETE FROM hook WHERE hook = '%s' AND `file` = '%s' AND `function` = '%s' LIMIT 1",
+ $r = q("DELETE FROM hook WHERE hook = '%s' AND `file` = '%s' AND `function` = '%s'",
dbesc($hook),
dbesc($file),
dbesc($function)
diff --git a/include/poller.php b/include/poller.php
index f11618d37..952431926 100644
--- a/include/poller.php
+++ b/include/poller.php
@@ -44,15 +44,17 @@ function poller_run($argv, $argc){
// expire any expired mail
- q("delete from mail where expires != '%s' and expires < UTC_TIMESTAMP() ",
- dbesc(NULL_DATE)
+ q("delete from mail where expires != '%s' and expires < %s ",
+ dbesc(NULL_DATE),
+ db_utcnow()
);
// expire any expired items
- $r = q("select id from item where expires != '%s' and expires < UTC_TIMESTAMP()
- and not ( item_restrict & %d ) ",
+ $r = q("select id from item where expires != '%s' and expires < %s
+ and not ( item_restrict & %d )>0 ",
dbesc(NULL_DATE),
+ db_utcnow(),
intval(ITEM_DELETED)
);
if($r) {
@@ -66,7 +68,9 @@ function poller_run($argv, $argc){
// channels and sites that quietly vanished and prevent the directory from accumulating stale
// or dead entries.
- $r = q("select channel_id from channel where channel_dirdate < UTC_TIMESTAMP() - INTERVAL 30 DAY");
+ $r = q("select channel_id from channel where channel_dirdate < %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('30 DAY')
+ );
if($r) {
foreach($r as $rr) {
proc_run('php','include/directory.php',$rr['channel_id'],'force');
@@ -78,12 +82,13 @@ function poller_run($argv, $argc){
// publish any applicable items that were set to be published in the future
// (time travel posts)
- $r = q("select id from item where ( item_restrict & %d ) and created <= UTC_TIMESTAMP() ",
- intval(ITEM_DELAYED_PUBLISH)
+ $r = q("select id from item where ( item_restrict & %d )>0 and created <= %s ",
+ intval(ITEM_DELAYED_PUBLISH),
+ db_utcnow()
);
if($r) {
foreach($r as $rr) {
- $x = q("update item set item_restrict = ( item_restrict ^ %d ) where id = %d limit 1",
+ $x = q("update item set item_restrict = ( item_restrict & ~%d ) where id = %d",
intval(ITEM_DELAYED_PUBLISH),
intval($rr['id'])
);
@@ -123,8 +128,8 @@ function poller_run($argv, $argc){
if(($d2 != $d1) && ($h1 == $h2)) {
- require_once('include/dir_fns.php');
- check_upstream_directory();
+ require_once('include/dir_fns.php');
+ check_upstream_directory();
call_hooks('cron_daily',datetime_convert());
@@ -167,7 +172,9 @@ function poller_run($argv, $argc){
// expire any read notifications over a month old
- q("delete from notify where seen = 1 and date < UTC_TIMESTAMP() - INTERVAL 30 DAY");
+ q("delete from notify where seen = 1 and date < %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('30 DAY')
+ );
// expire any expired accounts
downgrade_accounts();
@@ -199,13 +206,15 @@ function poller_run($argv, $argc){
// This should be rare
$r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = ''
- and xchan_photo_date < UTC_TIMESTAMP() - INTERVAL 1 DAY");
+ and xchan_photo_date < %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('1 DAY')
+ );
if($r) {
require_once('include/photo/photo_driver.php');
foreach($r as $rr) {
$photos = import_profile_photo($rr['xchan_photo_l'],$rr['xchan_hash']);
$x = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
- where xchan_hash = '%s' limit 1",
+ where xchan_hash = '%s'",
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
@@ -258,16 +267,17 @@ function poller_run($argv, $argc){
// Only poll from those with suitable relationships
$abandon_sql = (($abandon_days)
- ? sprintf(" AND account_lastlog > UTC_TIMESTAMP() - INTERVAL %d DAY ", intval($abandon_days))
+ ? sprintf(" AND account_lastlog > %s - INTERVAL %s ", db_utcnow(), db_quoteinterval(intval($abandon_days).' DAY'))
: ''
);
-
+ $randfunc = (ACTIVE_DBTYPE == DBTYPE_POSTGRES) ? 'RANDOM()' : 'RAND()';
+
$contacts = q("SELECT abook_id, abook_flags, abook_updated, abook_connected, abook_closeness, abook_xchan, abook_channel
- FROM abook LEFT JOIN account on abook_account = account_id where 1
+ FROM abook LEFT JOIN account on abook_account = account_id
$sql_extra
- AND (( abook_flags & %d ) OR ( abook_flags = %d ))
- AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY RAND()",
+ AND (( abook_flags & %d )>0 OR ( abook_flags = %d ))
+ AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY $randfunc",
intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_UNCONNECTED|ABOOK_FLAG_FEED),
intval(0),
intval(ACCOUNT_OK),
@@ -305,10 +315,11 @@ function poller_run($argv, $argc){
$update = true;
}
else {
+
// if we've never connected with them, start the mark for death countdown from now
if($c == NULL_DATE) {
- $r = q("update abook set abook_connected = '%s' where abook_id = %d limit 1",
+ $r = q("update abook set abook_connected = '%s' where abook_id = %d",
dbesc(datetime_convert()),
intval($contact['abook_id'])
);
@@ -323,7 +334,7 @@ function poller_run($argv, $argc){
dbesc($contact['abook_xchan'])
);
if($n && $n[0]['xchan_network'] == 'zot') {
- $r = q("update abook set abook_flags = (abook_flags | %d) where abook_id = %d limit 1",
+ $r = q("update abook set abook_flags = (abook_flags | %d) where abook_id = %d",
intval(ABOOK_FLAG_ARCHIVED),
intval($contact['abook_id'])
);
@@ -351,7 +362,6 @@ function poller_run($argv, $argc){
$update = true;
}
-
}
if((! $update) && (! $force))
@@ -365,9 +375,10 @@ function poller_run($argv, $argc){
}
if($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
- $r = q("select distinct ud_addr, updates.* from updates where not ( ud_flags & %d ) and ud_addr != '' and ( ud_last = '%s' OR ud_last > UTC_TIMESTAMP() - INTERVAL 7 DAY ) group by ud_addr ",
+ $r = q("select distinct ud_addr, updates.* from updates where not ( ud_flags & %d )>0 and ud_addr != '' and ( ud_last = '%s' OR ud_last > %s - INTERVAL %s ) group by ud_addr ",
intval(UPDATE_FLAGS_UPDATED),
- dbesc(NULL_DATE)
+ dbesc(NULL_DATE),
+ db_utcnow(), db_quoteinterval('7 DAY')
);
if($r) {
foreach($r as $rr) {
diff --git a/include/queue.php b/include/queue.php
index 222ebada4..b6a540ef9 100644
--- a/include/queue.php
+++ b/include/queue.php
@@ -22,7 +22,9 @@ function queue_run($argv, $argc){
logger('queue: start');
- $r = q("DELETE FROM outq WHERE outq_created < UTC_TIMESTAMP() - INTERVAL 3 DAY");
+ $r = q("DELETE FROM outq WHERE outq_created < %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('3 DAY')
+ );
if($queue_id) {
$r = q("SELECT * FROM outq WHERE outq_hash = '%s' LIMIT 1",
@@ -37,8 +39,18 @@ function queue_run($argv, $argc){
// so that we don't start off a thousand deliveries for a couple of dead hubs.
// The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made).
// Other drivers will have to do something different here and may need their own query.
-
- $r = q("SELECT * FROM outq WHERE outq_delivered = 0 and (( outq_created > UTC_TIMESTAMP() - INTERVAL 12 HOUR and outq_updated < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ) OR ( outq_updated < UTC_TIMESTAMP() - INTERVAL 1 HOUR )) group by outq_posturl");
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $prefix = 'DISTINCT ON (outq_posturl)';
+ $suffix = 'ORDER BY outq_posturl';
+ } else {
+ $prefix = '';
+ $suffix = 'GROUP BY outq_posturl';
+ }
+ $r = q("SELECT $prefix * FROM outq WHERE outq_delivered = 0 and (( outq_created > %s - INTERVAL %s and outq_updated < %s - INTERVAL %s ) OR ( outq_updated < %s - INTERVAL %s )) $suffix",
+ db_utcnow(), db_quoteinterval('12 HOUR'),
+ db_utcnow(), db_quoteinterval('15 MINUTE'),
+ db_utcnow(), db_quoteinterval('1 HOUR')
+ );
}
if(! $r)
return;
@@ -51,13 +63,13 @@ function queue_run($argv, $argc){
$result = z_post_url($rr['outq_posturl'],$rr['outq_msg']);
if($result['success'] && $result['return_code'] < 300) {
logger('queue: queue post success to ' . $rr['outq_posturl'], LOGGER_DEBUG);
- $y = q("delete from outq where outq_hash = '%s' limit 1",
+ $y = q("delete from outq where outq_hash = '%s'",
dbesc($rr['ouq_hash'])
);
}
else {
logger('queue: queue post returned ' . $result['return_code'] . ' from ' . $rr['outq_posturl'],LOGGER_DEBUG);
- $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1",
+ $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'",
dbesc(datetime_convert()),
dbesc($rr['outq_hash'])
);
@@ -70,7 +82,7 @@ function queue_run($argv, $argc){
}
else {
$deadguys[] = $rr['outq_posturl'];
- $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1",
+ $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'",
dbesc(datetime_convert()),
dbesc($rr['outq_hash'])
);
diff --git a/include/queue_fn.php b/include/queue_fn.php
index 512edb531..22580bc48 100644
--- a/include/queue_fn.php
+++ b/include/queue_fn.php
@@ -2,7 +2,7 @@
function update_queue_time($id) {
logger('queue: requeue item ' . $id);
- q("UPDATE outq SET outq_updated = '%s' WHERE outq_hash = '%s' LIMIT 1",
+ q("UPDATE outq SET outq_updated = '%s' WHERE outq_hash = '%s'",
dbesc(datetime_convert()),
dbesc($id)
);
@@ -10,7 +10,7 @@ function update_queue_time($id) {
function remove_queue_item($id) {
logger('queue: remove queue item ' . $id);
- q("DELETE FROM outq WHERE hash = '%s' LIMIT 1",
+ q("DELETE FROM outq WHERE hash = '%s'",
dbesc($id)
);
}
diff --git a/include/reddav.php b/include/reddav.php
index c16e08e27..750ca1b24 100644
--- a/include/reddav.php
+++ b/include/reddav.php
@@ -42,7 +42,7 @@ require_once('include/RedDAV/RedBasicAuth.php');
function RedChannelList(&$auth) {
$ret = array();
- $r = q("SELECT channel_id, channel_address FROM channel WHERE NOT (channel_pageflags & %d) AND NOT (channel_pageflags & %d)",
+ $r = q("SELECT channel_id, channel_address FROM channel WHERE NOT (channel_pageflags & %d)>0 AND NOT (channel_pageflags & %d)>0",
intval(PAGE_REMOVED),
intval(PAGE_HIDDEN)
);
@@ -115,7 +115,7 @@ function RedCollectionData($file, &$auth) {
$permission_error = false;
for ($x = 1; $x < count($path_arr); $x++) {
- $r = q("SELECT id, hash, filename, flags FROM attach WHERE folder = '%s' AND filename = '%s' AND uid = %d AND (flags & %d) $perms LIMIT 1",
+ $r = q("SELECT id, hash, filename, flags FROM attach WHERE folder = '%s' AND filename = '%s' AND uid = %d AND (flags & %d)>0 $perms LIMIT 1",
dbesc($folder),
dbesc($path_arr[$x]),
intval($channel_id),
@@ -124,7 +124,7 @@ function RedCollectionData($file, &$auth) {
if (! $r) {
// path wasn't found. Try without permissions to see if it was the result of permissions.
$errors = true;
- $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d) limit 1",
+ $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)>0 limit 1",
dbesc($folder),
basename($path_arr[$x]),
intval($channel_id),
@@ -155,8 +155,14 @@ function RedCollectionData($file, &$auth) {
logger("Path mismatch: $path !== /$file");
return NULL;
}
-
- $r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach where folder = '%s' and uid = %d $perms group by filename",
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $prefix = 'DISTINCT ON (filename)';
+ $suffix = 'ORDER BY filename';
+ } else {
+ $prefix = '';
+ $suffix = 'GROUP BY filename';
+ }
+ $r = q("select $prefix id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach where folder = '%s' and uid = %d $perms $suffix",
dbesc($folder),
intval($channel_id)
);
@@ -231,7 +237,7 @@ function RedFileData($file, &$auth, $test = false) {
$errors = false;
for ($x = 1; $x < count($path_arr); $x++) {
- $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d) $perms",
+ $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)>0 $perms",
dbesc($folder),
dbesc($path_arr[$x]),
intval($channel_id),
@@ -244,7 +250,7 @@ function RedFileData($file, &$auth, $test = false) {
}
if (! $r) {
$r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach
- where folder = '%s' and filename = '%s' and uid = %d $perms group by filename limit 1",
+ where folder = '%s' and filename = '%s' and uid = %d $perms order by filename limit 1",
dbesc($folder),
dbesc(basename($file)),
intval($channel_id)
@@ -253,7 +259,7 @@ function RedFileData($file, &$auth, $test = false) {
if (! $r) {
$errors = true;
$r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach
- where folder = '%s' and filename = '%s' and uid = %d group by filename limit 1",
+ where folder = '%s' and filename = '%s' and uid = %d order by filename limit 1",
dbesc($folder),
dbesc(basename($file)),
intval($channel_id)
diff --git a/include/security.php b/include/security.php
index e83cc7061..8066a76f6 100644
--- a/include/security.php
+++ b/include/security.php
@@ -12,7 +12,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
$_SESSION['authenticated'] = 1;
if($login_initial || $update_lastlog) {
- q("update account set account_lastlog = '%s' where account_id = %d limit 1",
+ q("update account set account_lastlog = '%s' where account_id = %d",
dbesc(datetime_convert()),
intval($_SESSION['account_id'])
);
@@ -59,7 +59,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
/* This account has never created a channel. Send them to new_channel by default */
if($a->module === 'login') {
- $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d)",
+ $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d)>0",
intval($a->account['account_id']),
intval(PAGE_REMOVED)
);
@@ -76,7 +76,7 @@ function change_channel($change_channel) {
$ret = false;
if($change_channel) {
- $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_account_id = %d and not ( channel_pageflags & %d) limit 1",
+ $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_account_id = %d and not ( channel_pageflags & %d)>0 limit 1",
intval($change_channel),
intval(get_account_id()),
intval(PAGE_REMOVED)
@@ -86,7 +86,7 @@ function change_channel($change_channel) {
if (is_developer()) {
if (! $r) {
if (is_site_admin()) {
- $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d ) limit 1",
+ $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1",
intval($change_channel),
intval(PAGE_SYSTEM),
intval(PAGE_REMOVED)
@@ -174,9 +174,10 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
foreach($groups as $g)
$gs .= '|<' . $g . '>';
}
+ $regexop = db_getfunc('REGEXP');
$sql = sprintf(
- " AND ( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s')
- AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ " AND ( NOT (deny_cid like '%s' OR deny_gid $regexop '%s')
+ AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') )
)
",
dbesc(protect_sprintf( '%<' . $observer . '>%')),
@@ -204,7 +205,7 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* default permissions - anonymous user
*/
- $sql = " AND not item_private ";
+ $sql = " AND item_private=0 ";
/**
@@ -235,10 +236,11 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
if(is_array($groups) && count($groups)) {
foreach($groups as $g)
$gs .= '|<' . $g . '>';
- }
+ }
+ $regexop = db_getfunc('REGEXP');
$sql = sprintf(
- " AND ( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s')
- AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ " AND ( NOT (deny_cid like '%s' OR deny_gid $regexop '%s')
+ AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') )
)
",
dbesc(protect_sprintf( '%<' . $observer . '>%')),
@@ -264,9 +266,10 @@ function public_permissions_sql($observer_hash) {
}
$sql = '';
if($observer_hash) {
+ $regexop = db_getfunc('REGEXP');
$sql = sprintf(
- " OR (( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s')
- AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ " OR (( NOT (deny_cid like '%s' OR deny_gid $regexop '%s')
+ AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') )
))
",
dbesc(protect_sprintf( '%<' . $observer_hash . '>%')),
@@ -375,7 +378,7 @@ function stream_perms_api_uids($perms = NULL ) {
$ret = array();
if(local_user())
$ret[] = local_user();
- $r = q("select channel_id from channel where channel_r_stream > 0 and (channel_r_stream & %d) and not (channel_pageflags & %d)",
+ $r = q("select channel_id from channel where channel_r_stream > 0 and (channel_r_stream & %d)>0 and not (channel_pageflags & %d)>0",
intval($perms),
intval(PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED)
);
@@ -402,7 +405,7 @@ function stream_perms_xchans($perms = NULL ) {
if(local_user())
$ret[] = get_observer_hash();
- $r = q("select channel_hash from channel where channel_r_stream > 0 and (channel_r_stream & %d) and not (channel_pageflags & %d)",
+ $r = q("select channel_hash from channel where channel_r_stream > 0 and (channel_r_stream & %d)>0 and not (channel_pageflags & %d)>0",
intval($perms),
intval(PAGE_CENSORED|PAGE_SYETEM|PAGE_REMOVED)
);
diff --git a/include/session.php b/include/session.php
index b531688e2..ed4dfdd16 100644
--- a/include/session.php
+++ b/include/session.php
@@ -60,11 +60,11 @@ function ref_session_write ($id,$data) {
if($session_exists)
$r = q("UPDATE `session`
SET `data` = '%s', `expire` = '%s'
- WHERE `sid` = '%s' LIMIT 1",
+ WHERE `sid` = '%s'",
dbesc($data), dbesc($expire), dbesc($id));
else
- $r = q("INSERT INTO `session`
- SET `sid` = '%s', `expire` = '%s', `data` = '%s'",
+ $r = q("INSERT INTO `session` (sid, expire, data) values ('%s', '%s', '%s')",
+ //SET `sid` = '%s', `expire` = '%s', `data` = '%s'",
dbesc($id), dbesc($default_expire), dbesc($data));
return true;
@@ -84,8 +84,9 @@ function ref_session_destroy ($id) {
function ref_session_gc($expire) {
q("DELETE FROM session WHERE expire < %d", dbesc(time()));
- q("OPTIMIZE TABLE session");
- return true;
+ if (! get_config('system','innodb'))
+ db_optimizetable('session');
+ return true;
}
$gc_probability = 50;
diff --git a/include/socgraph.php b/include/socgraph.php
index 504a6b2c0..740886b1c 100644
--- a/include/socgraph.php
+++ b/include/socgraph.php
@@ -77,7 +77,7 @@ function poco_load($xchan = '',$url = null) {
dbesc($xchan)
);
if($r) {
- q("update xchat set xchat_edited = '%s' where xchat_id = %d limit 1",
+ q("update xchat set xchat_edited = '%s' where xchat_id = %d",
dbesc(datetime_convert()),
intval($r[0]['xchat_id'])
);
@@ -93,7 +93,8 @@ function poco_load($xchan = '',$url = null) {
}
}
}
- q("delete from xchat where xchat_edited < UTC_TIMESTAMP() - INTERVAL 7 DAY and xchat_xchan = '%s' ",
+ q("delete from xchat where xchat_edited < %s - INTERVAL %s and xchat_xchan = '%s' ",
+ db_utcnow(), db_quoteinterval('7 DAY'),
dbesc($xchan)
);
}
@@ -195,7 +196,7 @@ function poco_load($xchan = '',$url = null) {
);
}
else {
- q("update xlink set xlink_updated = '%s', xlink_rating = %d where xlink_id = %d limit 1",
+ q("update xlink set xlink_updated = '%s', xlink_rating = %d where xlink_id = %d",
dbesc(datetime_convert()),
intval($rating),
intval($r[0]['xlink_id'])
@@ -204,8 +205,9 @@ function poco_load($xchan = '',$url = null) {
}
logger("poco_load: loaded $total entries",LOGGER_DEBUG);
- q("delete from xlink where xlink_xchan = '%s' and xlink_updated < UTC_TIMESTAMP() - INTERVAL 2 DAY",
- dbesc($xchan)
+ q("delete from xlink where xlink_xchan = '%s' and xlink_updated < %s - INTERVAL %s",
+ dbesc($xchan),
+ db_utcnow(), db_quoteinterval('2 DAY')
);
}
@@ -227,18 +229,19 @@ function count_common_friends($uid,$xchan) {
function common_friends($uid,$xchan,$start = 0,$limit=100000000,$shuffle = false) {
+ $rand = db_getfunc('rand');
if($shuffle)
- $sql_extra = " order by rand() ";
+ $sql_extra = " order by $rand ";
else
$sql_extra = " order by xchan_name asc ";
$r = q("SELECT * from xchan left join xlink on xlink_link = xchan_hash where xlink_xchan = '%s' and xlink_link in
- (select abook_xchan from abook where abook_xchan != '%s' and abook_channel = %d and abook_flags = 0 ) $sql_extra limit %d, %d",
+ (select abook_xchan from abook where abook_xchan != '%s' and abook_channel = %d and abook_flags = 0 ) $sql_extra limit %d offset %d",
dbesc($xchan),
dbesc($xchan),
intval($uid),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
return $r;
@@ -273,11 +276,11 @@ function common_friends_zcid($uid,$zcid,$start = 0, $limit = 9999,$shuffle = fal
FROM `glink` left join `gcontact` on `glink`.`gcid` = `gcontact`.`id`
where `glink`.`zcid` = %d
and `gcontact`.`nurl` in (select nurl from contact where uid = %d and self = 0 and blocked = 0 and hidden = 0 )
- $sql_extra limit %d, %d",
+ $sql_extra limit %d offset %d",
intval($zcid),
intval($uid),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
return $r;
@@ -306,11 +309,11 @@ function all_friends($uid,$cid,$start = 0, $limit = 80) {
$r = q("SELECT `gcontact`.*
FROM `glink` left join `gcontact` on `glink`.`gcid` = `gcontact`.`id`
where `glink`.`cid` = %d and `glink`.`uid` = %d
- order by `gcontact`.`name` asc LIMIT %d, %d ",
+ order by `gcontact`.`name` asc LIMIT %d OFFSET %d ",
intval($cid),
intval($uid),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
return $r;
@@ -329,16 +332,16 @@ function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) {
and not xlink_link in ( select abook_xchan from abook where abook_channel = %d )
and not xlink_link in ( select xchan from xign where uid = %d )
and xlink_xchan != ''
- and not ( xchan_flags & %d )
- and not ( xchan_flags & %d )
- group by xchan_hash order by total desc limit %d, %d ",
+ and not ( xchan_flags & %d )>0
+ and not ( xchan_flags & %d )>0
+ group by xchan_hash order by total desc limit %d offset %d ",
intval($uid),
intval($uid),
intval($uid),
intval(XCHAN_FLAGS_HIDDEN),
intval(XCHAN_FLAGS_DELETED),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
if($r && count($r) >= ($limit -1))
@@ -349,15 +352,15 @@ function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) {
where xlink_xchan = ''
and not xlink_link in ( select abook_xchan from abook where abook_channel = %d )
and not xlink_link in ( select xchan from xign where uid = %d )
- and not ( xchan_flags & %d )
- and not ( xchan_flags & %d )
- group by xchan_hash order by total desc limit %d, %d ",
+ and not ( xchan_flags & %d )>0
+ and not ( xchan_flags & %d )>0
+ group by xchan_hash order by total desc limit %d offset %d ",
intval($uid),
intval($uid),
intval(XCHAN_FLAGS_HIDDEN),
intval(XCHAN_FLAGS_DELETED),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
if(is_array($r) && is_array($r2))
@@ -394,7 +397,9 @@ function update_suggestions() {
// the targets may have changed their preferences and don't want to be suggested - and they
// may have simply gone away.
- $r = q("delete from xlink where xlink_xchan = '' and xlink_updated < UTC_TIMESTAMP() - INTERVAL 7 DAY");
+ $r = q("delete from xlink where xlink_xchan = '' and xlink_updated < %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('7 DAY')
+ );
$j = json_decode($ret['body'],true);
diff --git a/include/statistics_fns.php b/include/statistics_fns.php
index 4f72e6615..288925a2c 100644
--- a/include/statistics_fns.php
+++ b/include/statistics_fns.php
@@ -13,7 +13,9 @@ function update_channels_total_stat() {
function update_channels_active_halfyear_stat() {
$r = q("select channel_id from channel left join account on account_id = channel_account_id
- where account_flags = 0 and account_lastlog > UTC_TIMESTAMP - INTERVAL 6 MONTH");
+ where account_flags = 0 and account_lastlog > %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('6 MONTH')
+ );
if($r) {
$s = '';
foreach($r as $rr) {
@@ -21,8 +23,9 @@ function update_channels_active_halfyear_stat() {
$s .= ',';
$s .= intval($rr['channel_id']);
}
- $x = q("select uid from item where uid in ( $s ) and (item_flags & %d) and created > UTC_TIMESTAMP - INTERVAL 6 MONTH group by uid",
- intval(ITEM_WALL)
+ $x = q("select uid from item where uid in ( $s ) and (item_flags & %d)>0 and created > %s - INTERVAL %s group by uid",
+ intval(ITEM_WALL),
+ db_utcnow(), db_quoteinterval('6 MONTH')
);
if($x) {
$channels_active_halfyear_stat = count($x);
@@ -37,7 +40,9 @@ function update_channels_active_halfyear_stat() {
function update_channels_active_monthly_stat() {
$r = q("select channel_id from channel left join account on account_id = channel_account_id
- where account_flags = 0 and account_lastlog > UTC_TIMESTAMP - INTERVAL 1 MONTH");
+ where account_flags = 0 and account_lastlog > %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('1 MONTH')
+ );
if($r) {
$s = '';
foreach($r as $rr) {
@@ -45,8 +50,9 @@ function update_channels_active_monthly_stat() {
$s .= ',';
$s .= intval($rr['channel_id']);
}
- $x = q("select uid from item where uid in ( $s ) and ( item_flags & %d ) and created > UTC_TIMESTAMP - INTERVAL 1 MONTH group by uid",
- intval(ITEM_WALL)
+ $x = q("select uid from item where uid in ( $s ) and ( item_flags & %d )>0 and created > %s - INTERVAL %s group by uid",
+ intval(ITEM_WALL),
+ db_utcnow(), db_quoteinterval('1 MONTH')
);
if($x) {
$channels_active_monthly_stat = count($x);
@@ -60,7 +66,7 @@ function update_channels_active_monthly_stat() {
}
function update_local_posts_stat() {
- $posts = q("SELECT COUNT(*) AS local_posts FROM `item` WHERE (item_flags & %d) ",
+ $posts = q("SELECT COUNT(*) AS local_posts FROM `item` WHERE (item_flags & %d)>0 ",
intval(ITEM_WALL) );
if (is_array($posts)) {
$local_posts_stat = intval($posts[0]["local_posts"]);
diff --git a/include/taxonomy.php b/include/taxonomy.php
index 35605da22..fab31c73d 100644
--- a/include/taxonomy.php
+++ b/include/taxonomy.php
@@ -209,13 +209,35 @@ function tagblock($link,$uid,$count = 0,$authors = '',$flags = 0,$restrict = 0,$
if($r) {
$o = '<div class="tagblock widget"><h3>' . t('Tags') . '</h3><div class="tags" align="center">';
foreach($r as $rr) {
- $o .= '<a href="'.$link .'/' . '?f=&tag=' . urlencode($rr[0]).'" class="tag'.$rr[2].'">'.$rr[0].'</a> ' . "\r\n";
+ $o .= '<span class="tag'.$rr[2].'">#</span><a href="'.$link .'/' . '?f=&tag=' . urlencode($rr[0]).'" class="tag'.$rr[2].'">'.$rr[0].'</a> ' . "\r\n";
}
$o .= '</div></div>';
}
return $o;
}
+function catblock($uid,$count = 0,$authors = '',$flags = 0,$restrict = 0,$type = TERM_CATEGORY) {
+ $o = '';
+ $tab = 0;
+
+ $r = tagadelic($uid,$count,$authors,$flags,$restrict,$type);
+
+ if($r) {
+ $c = q("select channel_address from channel where channel_id = %d limit 1",
+ intval($uid)
+ );
+
+ $o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">';
+ foreach($r as $rr) {
+ $o .= '<a href="channel/' . $c[0]['channel_address']. '?f=&cat=' . urlencode($rr[0]).'" class="tag'.$rr[2].'">'.$rr[0].'</a> ' . "\r\n";
+ }
+ $o .= '</div></div>';
+ }
+ return $o;
+}
+
+
+
function dir_tagblock($link,$r) {
$o = '';
$tab = 0;
diff --git a/include/text.php b/include/text.php
index fca23ca22..22a1a78c4 100644
--- a/include/text.php
+++ b/include/text.php
@@ -724,7 +724,7 @@ function contact_block() {
if((! is_array($a->profile)) || ($a->profile['hide_friends']))
return $o;
- $r = q("SELECT COUNT(abook_id) AS total FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and not ( abook_flags & %d ) and not (xchan_flags & %d)",
+ $r = q("SELECT COUNT(abook_id) AS total FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and not ( abook_flags & %d )>0 and not (xchan_flags & %d)>0",
intval($a->profile['uid']),
intval($abook_flags),
intval($xchan_flags)
@@ -737,8 +737,12 @@ function contact_block() {
$micropro = Null;
} else {
-
- $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash WHERE abook_channel = %d AND not ( abook_flags & %d) and not (xchan_flags & %d ) ORDER BY RAND() LIMIT %d",
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $randfunc = 'RANDOM()';
+ } else {
+ $randfunc = 'RAND()';
+ }
+ $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash WHERE abook_channel = %d AND not ( abook_flags & %d)>0 and not (xchan_flags & %d )>0 ORDER BY $randfunc LIMIT %d",
intval($a->profile['uid']),
intval($abook_flags|ABOOK_FLAG_ARCHIVED),
intval($xchan_flags),
@@ -1534,7 +1538,7 @@ function unamp($s) {
}
function layout_select($channel_id, $current = '') {
- $r = q("select mid,sid from item left join item_id on iid = item.id where service = 'PDL' and item.uid = item_id.uid and item_id.uid = %d and (item_restrict & %d)",
+ $r = q("select mid,sid from item left join item_id on iid = item.id where service = 'PDL' and item.uid = item_id.uid and item_id.uid = %d and (item_restrict & %d)>0",
intval($channel_id),
intval(ITEM_PDL)
);
@@ -1874,13 +1878,13 @@ function xchan_query(&$items,$abook = true,$effective_uid = 0) {
if(count($arr)) {
if($abook) {
$chans = q("select * from xchan left join hubloc on hubloc_hash = xchan_hash left join abook on abook_xchan = xchan_hash and abook_channel = %d
- where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )",
+ where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0",
intval($item['uid'])
);
}
else {
$chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash
- where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )");
+ where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0");
}
$xchans = q("select * from xchan where xchan_hash in (" . implode(',',$arr) . ") and xchan_network in ('rss','unknown')");
if(! $chans)
@@ -1909,7 +1913,7 @@ function xchan_mail_query(&$item) {
if(count($arr)) {
$chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash
- where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )");
+ where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0");
}
if($chans) {
$item['from'] = find_xchan_in_array($item['from_xchan'],$chans);
@@ -2021,12 +2025,22 @@ function json_decode_plus($s) {
function design_tools() {
+
$channel = get_app()->get_channel();
+ $sys = false;
+
+ if(get_app()->is_sys && is_site_admin()) {
+ require_once('include/identity.php');
+ $channel = get_sys_channel();
+ $sys = true;
+ }
+
$who = $channel['channel_address'];
return replace_macros(get_markup_template('design_tools.tpl'), array(
'$title' => t('Design'),
'$who' => $who,
+ '$sys' => $sys,
'$blocks' => t('Blocks'),
'$menus' => t('Menus'),
'$layout' => t('Layouts'),
@@ -2046,7 +2060,7 @@ function normalise_openid($s) {
// used in ajax endless scroll request to find out all the args that the master page was viewing.
// This was using $_REQUEST, but $_REQUEST also contains all your cookies. So we're restricting it
-// to $_GET. If this is used in a post handler, that decision may need to be considered.
+// to $_GET and $_POST.
function extra_query_args() {
$s = '';
@@ -2054,7 +2068,15 @@ function extra_query_args() {
foreach($_GET as $k => $v) {
// these are request vars we don't want to duplicate
if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) {
- $s .= '&' . $k . '=' . $v;
+ $s .= '&' . $k . '=' . urlencode($v);
+ }
+ }
+ }
+ if(count($_POST)) {
+ foreach($_POST as $k => $v) {
+ // these are request vars we don't want to duplicate
+ if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) {
+ $s .= '&' . $k . '=' . urlencode($v);
}
}
}
diff --git a/include/widgets.php b/include/widgets.php
index 2e406aa77..74bdb5d74 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -155,7 +155,7 @@ function widget_follow($args) {
return '';
$a = get_app();
$uid =$a->channel['channel_id'];
- $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d) ",
+ $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
intval($uid),
intval(ABOOK_FLAG_SELF)
);
@@ -220,7 +220,7 @@ function widget_savedsearch($arr) {
}
if(x($_GET,'searchremove') && $search) {
- q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
+ q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s'",
intval(local_user()),
intval(TERM_SAVEDSEARCH),
dbesc($search)
@@ -330,19 +330,32 @@ function widget_archive($arr) {
$wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0);
$style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select');
+ $showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false);
+ $mindate = get_pconfig($uid,'system','archive_mindate');
+ $visible_years = get_pconfig($uid,'system','archive_visible_years');
+ if(! $visible_years)
+ $visible_years = 5;
+
+
$url = z_root() . '/' . $a->cmd;
- $ret = list_post_dates($uid,$wall);
+ $ret = list_post_dates($uid,$wall,$mindate);
if(! count($ret))
return '';
+ $cutoff_year = intval(datetime_convert('',date_default_timezone_get(),'now','Y')) - $visible_years;
+ $cutoff = ((array_key_exists($cutoff_year,$ret))? true : false);
+
$o = replace_macros(get_markup_template('posted_date_widget.tpl'),array(
'$title' => t('Archives'),
- '$size' => ((count($ret) > 6) ? 6 : count($ret)),
+ '$size' => $visible_years,
+ '$cutoff_year' => $cutoff_year,
+ '$cutoff' => $cutoff,
'$url' => $url,
'$style' => $style,
+ '$showend' => $showend,
'$dates' => $ret
));
return $o;
@@ -387,6 +400,17 @@ function widget_tagcloud_wall($arr) {
return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
return '';
}
+function widget_catcloud_wall($arr) {
+ $a = get_app();
+ if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
+ return '';
+ if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
+ return '';
+
+ $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
+ return catblock($a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
+ return '';
+}
function widget_affinity($arr) {
@@ -432,7 +456,7 @@ function widget_settings_menu($arr) {
$role = get_pconfig(local_user(),'system','permissions_role');
- $abk = q("select abook_id from abook where abook_channel = %d and ( abook_flags & %d ) limit 1",
+ $abk = q("select abook_id from abook where abook_channel = %d and ( abook_flags & %d )>0 limit 1",
intval(local_user()),
intval(ABOOK_FLAG_SELF)
);
@@ -493,7 +517,7 @@ function widget_settings_menu($arr) {
if($role === false || $role === 'custom') {
$tabs[] = array(
- 'label' => t('Automatic Permissions (Advanced)'),
+ 'label' => t('Connection Default Permissions'),
'url' => $a->get_baseurl(true) . '/connedit/' . $abook_self_id,
'selected' => ''
);
@@ -561,7 +585,7 @@ function widget_design_tools($arr) {
// otherwise local_user() is sufficient for permissions.
if($a->profile['profile_uid'])
- if($a->profile['profile_uid'] != local_user())
+ if(($a->profile['profile_uid'] != local_user()) && (! $a->is_sys))
return '';
if(! local_user())
diff --git a/include/zot.php b/include/zot.php
index e96eae10d..2fd950acc 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -5,7 +5,7 @@ require_once('include/items.php');
require_once('include/hubloc.php');
/**
- * Red implementation of zot protocol.
+ * Red implementation of zot protocol.
*
* https://github.com/friendica/red/wiki/zot
* https://github.com/friendica/red/wiki/Zot---A-High-Level-Overview
@@ -20,8 +20,8 @@ require_once('include/hubloc.php');
* Generates a unique string for use as a zot guid using our DNS-based url, the channel nickname and some entropy.
* The entropy ensures uniqueness against re-installs where the same URL and nickname are chosen.
* NOTE: zot doesn't require this to be unique. Internally we use a whirlpool hash of this guid and the signature
- * of this guid signed with the channel private key. This can be verified and should make the probability of
- * collision of the verified result negligible within the constraints of our immediate universe.
+ * of this guid signed with the channel private key. This can be verified and should make the probability of
+ * collision of the verified result negligible within the constraints of our immediate universe.
*
* @param string channel_nickname = unique nickname of controlling entity
*
@@ -51,7 +51,7 @@ function make_xchan_hash($guid,$guid_sig) {
/**
* @function zot_get_hublocs($hash)
- * Given a zot hash, return all distinct hubs.
+ * Given a zot hash, return all distinct hubs.
* This function is used in building the zot discovery packet
* and therefore should only be used by channels which are defined
* on this hub
@@ -71,7 +71,7 @@ function make_xchan_hash($guid,$guid_sig) {
* hubloc_connect char(255)
* hubloc_sitekey text
* hubloc_updated datetime
- * hubloc_connected datetime
+ * hubloc_connected datetime
*
*/
@@ -79,32 +79,32 @@ function zot_get_hublocs($hash) {
/** Only search for active hublocs - e.g. those that haven't been marked deleted */
- $ret = q("select * from hubloc where hubloc_hash = '%s' and not ( hubloc_flags & %d ) group by hubloc_url ",
+ $ret = q("select * from hubloc where hubloc_hash = '%s' and not ( hubloc_flags & %d )>0 order by hubloc_url ",
dbesc($hash),
intval(HUBLOC_FLAGS_DELETED)
);
return $ret;
}
-
+
/**
*
* @function zot_build_packet($channel,$type = 'notify',$recipients = null, $remote_key = null, $secret = null)
* builds a zot notification packet that you can either
- * store in the queue with a message array or call zot_zot to immediately
+ * store in the queue with a message array or call zot_zot to immediately
* zot it to the other side
*
* @param array $channel => sender channel structure
* @param string $type => packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'force_refresh', 'notify', 'auth_check'
* @param array $recipients => envelope information, array ( 'guid' => string, 'guid_sig' => string ); empty for public posts
* @param string $remote_key => optional public site key of target hub used to encrypt entire packet
- * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others
+ * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others
* @param string $secret => random string, required for packets which require verification/callback
- * e.g. 'pickup', 'purge', 'notify', 'auth_check'. Packet types 'ping', 'force_refresh', and 'refresh' do not require verification
+ * e.g. 'pickup', 'purge', 'notify', 'auth_check'. Packet types 'ping', 'force_refresh', and 'refresh' do not require verification
*
* @returns string json encoded zot packet
*/
-function zot_build_packet($channel,$type = 'notify',$recipients = null, $remote_key = null, $secret = null) {
+function zot_build_packet($channel,$type = 'notify',$recipients = null, $remote_key = null, $secret = null, $extra = null) {
$data = array(
'type' => $type,
@@ -129,6 +129,12 @@ function zot_build_packet($channel,$type = 'notify',$recipients = null, $remote_
$data['secret_sig'] = base64url_encode(rsa_sign($secret,$channel['channel_prvkey']));
}
+ if($extra) {
+ foreach($extra as $k => $v)
+ $data[$k] = $v;
+ }
+
+
logger('zot_build_packet: ' . print_r($data,true), LOGGER_DATA);
// Hush-hush ultra top-secret mode
@@ -188,14 +194,15 @@ function zot_finger($webbie,$channel,$autofallback = true) {
logger('zot_finger: no address :' . $webbie);
return array('success' => false);
}
-
+ logger('using xchan_addr: ' . $xchan_addr, LOGGER_DATA);
+
// potential issue here; the xchan_addr points to the primary hub.
// The webbie we were called with may not, so it might not be found
// unless we query for hubloc_addr instead of xchan_addr
$r = q("select xchan.*, hubloc.* from xchan
left join hubloc on xchan_hash = hubloc_hash
- where xchan_addr = '%s' and (hubloc_flags & %d) limit 1",
+ where xchan_addr = '%s' and (hubloc_flags & %d)>0 limit 1",
dbesc($xchan_addr),
intval(HUBLOC_FLAGS_PRIMARY)
);
@@ -205,6 +212,7 @@ function zot_finger($webbie,$channel,$autofallback = true) {
if($r[0]['hubloc_network'] && $r[0]['hubloc_network'] !== 'zot') {
logger('zot_finger: alternate network: ' . $webbie);
+ logger('url: '.$url.', net: '.var_export($r[0]['hubloc_network'],true), LOGGER_DATA);
return array('success' => false);
}
}
@@ -293,7 +301,7 @@ function zot_refresh($them,$channel = null, $force = false) {
if($them['hubloc_url'])
$url = $them['hubloc_url'];
else {
- $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d ) limit 1",
+ $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d )>0 limit 1",
dbesc($them['xchan_hash']),
intval(HUBLOC_FLAGS_PRIMARY)
);
@@ -375,7 +383,7 @@ function zot_refresh($them,$channel = null, $force = false) {
}
}
- $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) limit 1",
+ $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d)>0 limit 1",
dbesc($x['hash']),
intval($channel['channel_id']),
intval(ABOOK_FLAG_SELF)
@@ -401,7 +409,7 @@ function zot_refresh($them,$channel = null, $force = false) {
$y = q("update abook set abook_their_perms = %d, abook_dob = '%s'
where abook_xchan = '%s' and abook_channel = %d
- and not (abook_flags & %d) limit 1",
+ and not (abook_flags & %d)>0 ",
intval($their_perms),
dbesc($next_birthday),
dbesc($x['hash']),
@@ -433,15 +441,15 @@ function zot_refresh($them,$channel = null, $force = false) {
}
}
else {
- $default_perms = 0;
- // look for default permissions to apply in return - e.g. auto-friend
- $z = q("select * from abook where abook_channel = %d and (abook_flags & %d) limit 1",
- intval($channel['channel_id']),
- intval(ABOOK_FLAG_SELF)
- );
-
- if($z)
- $default_perms = intval($z[0]['abook_my_perms']);
+ $role = get_pconfig($channel['channel_id'],'system','permissions_role');
+ if($role) {
+ $xx = get_role_perms($role);
+ if($xx['perms_auto'])
+ $default_perms = $xx['perms_accept'];
+ }
+ if(! $default_perms)
+ $default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms'));
+
// Keep original perms to check if we need to notify them
$previous_perms = get_all_perms($channel['channel_id'],$x['hash']);
@@ -463,7 +471,7 @@ function zot_refresh($them,$channel = null, $force = false) {
$new_perms = get_all_perms($channel['channel_id'],$x['hash']);
if($new_perms != $previous_perms) {
// Send back a permissions update if permissions have changed
- $z = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) limit 1",
+ $z = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d)>0 limit 1",
dbesc($x['hash']),
intval($channel['channel_id']),
intval(ABOOK_FLAG_SELF)
@@ -693,10 +701,10 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
$dirmode = get_config('system','directory_mode');
- if((($arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE))
-&& ($arr['site']['url'] != z_root()))
+ if((($arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE)) && ($arr['site']['url'] != z_root()))
$arr['searchable'] = false;
+
$hidden = (1 - intval($arr['searchable']));
// Be careful - XCHAN_FLAGS_HIDDEN should evaluate to 1
@@ -715,6 +723,11 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
if($deleted_changed)
$new_flags = $new_flags ^ XCHAN_FLAGS_DELETED;
+ $public_forum = (($r[0]['xchan_flags'] & XCHAN_FLAGS_PUBFORUM) ? true : false);
+ $pubforum_changed = ((intval($public_forum) != intval($arr['public_forum'])) ? true : false);
+ if($pubforum_changed)
+ $new_flags = $r[0]['xchan_flags'] ^ XCHAN_FLAGS_PUBFORUM;
+
if(($r[0]['xchan_name_date'] != $arr['name_updated'])
|| ($r[0]['xchan_connurl'] != $arr['connections_url'])
|| ($r[0]['xchan_flags'] != $new_flags)
@@ -724,7 +737,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
|| ($r[0]['xchan_url'] != $arr['url'])) {
$r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s', xchan_connurl = '%s', xchan_follow = '%s',
xchan_connpage = '%s', xchan_flags = %d,
- xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s' limit 1",
+ xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s'",
dbesc(($arr['name']) ? $arr['name'] : '-'),
dbesc($arr['name_updated']),
dbesc($arr['connections_url']),
@@ -777,8 +790,8 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
dbesc($arr['connect_url']),
dbesc(($arr['name']) ? $arr['name'] : '-'),
dbesc('zot'),
- dbesc($arr['photo_updated']),
- dbesc($arr['name_updated']),
+ dbescdate($arr['photo_updated']),
+ dbescdate($arr['name_updated']),
intval($new_flags)
);
@@ -819,7 +832,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
// importing the photo failed somehow. Leave the photo_date alone so we can try again at a later date.
// This often happens when somebody joins the matrix with a bad cert.
$r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
- where xchan_hash = '%s' limit 1",
+ where xchan_hash = '%s'",
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
@@ -829,8 +842,8 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
}
else {
$r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
- where xchan_hash = '%s' limit 1",
- dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])),
+ where xchan_hash = '%s'",
+ dbescdate(datetime_convert('UTC','UTC',$arr['photo_updated'])),
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
@@ -890,10 +903,10 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
else {
logger('import_xchan: profile not available - hiding');
// they may have made it private
- $r = q("delete from xprof where xprof_hash = '%s' limit 1",
+ $r = q("delete from xprof where xprof_hash = '%s'",
dbesc($xchan_hash)
);
- $r = q("delete from xtag where xtag_hash = '%s' limit 1",
+ $r = q("delete from xtag where xtag_hash = '%s'",
dbesc($xchan_hash)
);
}
@@ -915,7 +928,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
}
elseif(! $ud_flags) {
// nothing changed but we still need to update the updates record
- q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d) ",
+ q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d)>0 ",
intval(UPDATE_FLAGS_UPDATED),
dbesc($address),
intval(UPDATE_FLAGS_UPDATED)
@@ -965,14 +978,14 @@ function zot_process_response($hub,$arr,$outq) {
// async messages remain in the queue until processed.
if(intval($outq['outq_async'])) {
- $r = q("update outq set outq_delivered = 1, outq_updated = '%s' where outq_hash = '%s' and outq_channel = %d limit 1",
+ $r = q("update outq set outq_delivered = 1, outq_updated = '%s' where outq_hash = '%s' and outq_channel = %d",
dbesc(datetime_convert()),
dbesc($outq['outq_hash']),
intval($outq['outq_channel'])
);
}
else {
- $r = q("delete from outq where outq_hash = '%s' and outq_channel = %d limit 1",
+ $r = q("delete from outq where outq_hash = '%s' and outq_channel = %d",
dbesc($outq['outq_hash']),
intval($outq['outq_channel'])
);
@@ -1065,7 +1078,7 @@ function zot_import($arr, $sender_url) {
if(array_key_exists('iv',$i['notify'])) {
$i['notify'] = json_decode(crypto_unencapsulate($i['notify'],get_config('system','prvkey')),true);
- }
+ }
logger('zot_import: notify: ' . print_r($i['notify'],true), LOGGER_DATA);
@@ -1075,6 +1088,9 @@ function zot_import($arr, $sender_url) {
continue;
}
+ $message_request = ((array_key_exists('message_id',$i['notify'])) ? true : false);
+ if($message_request)
+ logger('processing message request');
$i['notify']['sender']['hash'] = make_xchan_hash($i['notify']['sender']['guid'],$i['notify']['sender']['guid_sig']);
$deliveries = null;
@@ -1087,7 +1103,7 @@ function zot_import($arr, $sender_url) {
}
stringify_array_elms($recip_arr);
$recips = implode(',',$recip_arr);
- $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) and not ( channel_pageflags & %d ) ",
+ $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) and not ( channel_pageflags & %d )>0 ",
intval(PAGE_REMOVED)
);
if(! $r) {
@@ -1098,7 +1114,7 @@ function zot_import($arr, $sender_url) {
// It's a specifically targetted post. If we were sent a public_scope hint (likely),
// get rid of it so that it doesn't get stored and cause trouble.
- if(array_key_exists('message',$i) && array_key_exists('public_scope',$i['message']))
+ if(($i) && is_array($i) && array_key_exists('message',$i) && is_array($i['message']) && array_key_exists('public_scope',$i['message']))
unset($i['message']['public_scope']);
$deliveries = $r;
@@ -1176,7 +1192,7 @@ function zot_import($arr, $sender_url) {
logger('Activity recipients: ' . print_r($deliveries,true), LOGGER_DATA);
$relay = ((array_key_exists('flags',$i['message']) && in_array('relay',$i['message']['flags'])) ? true : false);
- $result = process_delivery($i['notify']['sender'],$arr,$deliveries,$relay);
+ $result = process_delivery($i['notify']['sender'],$arr,$deliveries,$relay,false,$message_request);
}
elseif($i['message']['type'] === 'mail') {
@@ -1269,9 +1285,9 @@ function public_recips($msg) {
if($msg['notify']['sender']['url'] === z_root())
- $sql = " where (( " . $col . " & " . PERMS_NETWORK . " ) or ( " . $col . " & " . PERMS_SITE . " ) or ( " . $col . " & " . PERMS_PUBLIC . ")) ";
+ $sql = " where (( " . $col . " & " . PERMS_NETWORK . " )>0 or ( " . $col . " & " . PERMS_SITE . " )>0 or ( " . $col . " & " . PERMS_PUBLIC . ")>0) ";
else
- $sql = " where (( " . $col . " & " . PERMS_NETWORK . " ) or ( " . $col . " & " . PERMS_PUBLIC . ")) ";
+ $sql = " where (( " . $col . " & " . PERMS_NETWORK . " )>0 or ( " . $col . " & " . PERMS_PUBLIC . ")>0) ";
$r = q("select channel_hash as hash from channel $sql or channel_hash = '%s' ",
@@ -1281,7 +1297,7 @@ function public_recips($msg) {
if(! $r)
$r = array();
- $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & " . PAGE_REMOVED . " ) and (( " . $col . " & " . PERMS_SPECIFIC . " ) and ( abook_my_perms & " . $field . " )) OR ( " . $col . " & " . PERMS_PENDING . " ) OR (( " . $col . " & " . PERMS_CONTACTS . " ) and not ( abook_flags & " . ABOOK_FLAG_PENDING . " )) ",
+ $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & " . PAGE_REMOVED . " )>0 and (( " . $col . " & " . PERMS_SPECIFIC . " )>0 and ( abook_my_perms & " . $field . " )>0) OR ( " . $col . " & " . PERMS_PENDING . " )>0 OR (( " . $col . " & " . PERMS_CONTACTS . " )>0 and not ( abook_flags & " . ABOOK_FLAG_PENDING . " )>0) ",
dbesc($msg['notify']['sender']['hash'])
);
@@ -1357,7 +1373,7 @@ function allowed_public_recips($msg) {
$condensed_recips[] = $rr['hash'];
$results = array();
- $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & %d ) ",
+ $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & %d )>0 ",
dbesc($hash),
intval(PAGE_REMOVED)
);
@@ -1373,7 +1389,7 @@ function allowed_public_recips($msg) {
}
-function process_delivery($sender,$arr,$deliveries,$relay,$public = false) {
+function process_delivery($sender,$arr,$deliveries,$relay,$public = false,$request = false) {
$result = array();
@@ -1436,6 +1452,25 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) {
);
if(! $r) {
$result[] = array($d['hash'],'comment parent not found',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']);
+
+ // We don't seem to have a copy of this conversation or at least the parent
+ // - so request a copy of the entire conversation to date.
+ // Don't do this if it's a relay post as we're the ones who are supposed to
+ // have the copy and we don't want the request to loop.
+ // Also don't do this if this comment came from a conversation request packet.
+ // It's possible that comments are allowed but posting isn't and that could
+ // cause a conversation fetch loop. We can detect these packets since they are
+ // delivered via a 'notify' packet type that has a message_id element in the
+ // initial zot packet (just like the corresponding 'request' packet type which
+ // makes the request).
+ // We'll also check the send_stream permission - because if it isn't allowed,
+ // the top level post is unlikely to be imported and
+ // this is just an exercise in futility.
+
+ if((! $relay) && (! $request) && (! $public)
+ && perm_is_allowed($channel['channel_id'],$sender['hash'],'send_stream')) {
+ proc_run('php', 'include/notifier.php', 'request', $channel['channel_id'], $sender['hash'], $arr['parent_mid']);
+ }
continue;
}
if($relay) {
@@ -1582,7 +1617,7 @@ function remove_community_tag($sender,$arr,$uid) {
return;
}
- $x = q("delete from term where uid = %d and oid = %d and otype = %d and type = %d and term = '%s' and url = '%s' limit 1",
+ $x = q("delete from term where uid = %d and oid = %d and otype = %d and type = %d and term = '%s' and url = '%s'",
intval($uid),
intval($r[0]['id']),
intval(TERM_OBJ_POST),
@@ -1676,7 +1711,7 @@ function process_mail_delivery($sender,$arr,$deliveries) {
);
if($r) {
if($arr['mail_flags'] & MAIL_RECALLED) {
- $x = q("delete from mail where id = %d and channel_id = %d limit 1",
+ $x = q("delete from mail where id = %d and channel_id = %d",
intval($r[0]['id']),
intval($channel['channel_id'])
);
@@ -1802,7 +1837,7 @@ function sync_locations($sender,$arr,$absolute = false) {
// This only happens when called from import_xchan
if(array_key_exists('site',$arr) && $location['url'] == $arr['site']['url']) {
- q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d limit 1",
+ q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d",
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($r[0]['hubloc_id'])
@@ -1814,17 +1849,17 @@ function sync_locations($sender,$arr,$absolute = false) {
// the directory server if the site is alive.
if($r[0]['hubloc_status'] & HUBLOC_OFFLINE) {
- q("update hubloc set hubloc_status = (hubloc_status ^ %d) where hubloc_id = %d limit 1",
+ q("update hubloc set hubloc_status = (hubloc_status & ~%d) where hubloc_id = %d",
intval(HUBLOC_OFFLINE),
intval($r[0]['hubloc_id'])
);
if($r[0]['hubloc_flags'] & HUBLOC_FLAGS_ORPHANCHECK) {
- q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where hubloc_id = %d limit 1",
+ q("update hubloc set hubloc_flags = (hubloc_flags & ~%d) where hubloc_id = %d",
intval(HUBLOC_FLAGS_ORPHANCHECK),
intval($r[0]['hubloc_id'])
);
}
- q("update xchan set xchan_flags = (xchan_flags ^ %d) where (xchan_flags & %d) and xchan_hash = '%s' limit 1",
+ q("update xchan set xchan_flags = (xchan_flags & ~%d) where (xchan_flags & %d)>0 and xchan_hash = '%s'",
intval(XCHAN_FLAGS_ORPHAN),
intval(XCHAN_FLAGS_ORPHAN),
dbesc($sender['hash'])
@@ -1834,7 +1869,7 @@ function sync_locations($sender,$arr,$absolute = false) {
// Remove pure duplicates
if(count($r) > 1) {
for($h = 1; $h < count($r); $h ++) {
- q("delete from hubloc where hubloc_id = %d limit 1",
+ q("delete from hubloc where hubloc_id = %d",
intval($r[$h]['hubloc_id'])
);
$what .= 'duplicate_hubloc_removed ';
@@ -1844,7 +1879,7 @@ function sync_locations($sender,$arr,$absolute = false) {
if((($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY) && (! $location['primary']))
|| ((! ($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY)) && ($location['primary']))) {
- $m = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_id = %d limit 1",
+ $m = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_id = %d",
intval(HUBLOC_FLAGS_PRIMARY),
dbesc(datetime_convert()),
intval($r[0]['hubloc_id'])
@@ -1865,7 +1900,7 @@ function sync_locations($sender,$arr,$absolute = false) {
}
if((($r[0]['hubloc_flags'] & HUBLOC_FLAGS_DELETED) && (! $location['deleted']))
|| ((! ($r[0]['hubloc_flags'] & HUBLOC_FLAGS_DELETED)) && ($location['deleted']))) {
- $n = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_id = %d limit 1",
+ $n = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_id = %d",
intval(HUBLOC_FLAGS_DELETED),
dbesc(datetime_convert()),
intval($r[0]['hubloc_id'])
@@ -1880,7 +1915,7 @@ function sync_locations($sender,$arr,$absolute = false) {
// New hub claiming to be primary. Make it so by removing any existing primaries.
if(intval($location['primary'])) {
- $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_hash = '%s' and (hubloc_flags & %d )",
+ $r = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_hash = '%s' and (hubloc_flags & %d )>0",
intval(HUBLOC_FLAGS_PRIMARY),
dbesc(datetime_convert()),
dbesc($sender['hash']),
@@ -1923,7 +1958,7 @@ function sync_locations($sender,$arr,$absolute = false) {
foreach($xisting as $x) {
if(! array_key_exists('updated',$x)) {
logger('sync_locations: deleting unreferenced hub location ' . $x['hubloc_url']);
- $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_id = %d limit 1",
+ $r = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_id = %d",
intval(HUBLOC_FLAGS_DELETED),
dbesc(datetime_convert()),
intval($x['hubloc_id'])
@@ -2017,7 +2052,7 @@ function import_directory_profile($hash,$profile,$addr,$ud_flags = UPDATE_FLAGS_
if(in_arrayi('nsfw',$clean) || in_arrayi('adult',$clean)) {
- q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s' limit 1",
+ q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s'",
intval(XCHAN_FLAGS_SELFCENSORED),
dbesc($hash)
);
@@ -2052,7 +2087,7 @@ function import_directory_profile($hash,$profile,$addr,$ud_flags = UPDATE_FLAGS_
xprof_homepage = '%s',
xprof_hometown = '%s',
xprof_keywords = '%s'
- where xprof_hash = '%s' limit 1",
+ where xprof_hash = '%s'",
dbesc($arr['xprof_desc']),
dbesc($arr['xprof_dob']),
intval($arr['xprof_age']),
@@ -2122,7 +2157,7 @@ function import_directory_keywords($hash,$keywords) {
foreach($existing as $x) {
if(! in_array($x,$clean))
- $r = q("delete from xtag where xtag_hash = '%s' and xtag_term = '%s' limit 1",
+ $r = q("delete from xtag where xtag_hash = '%s' and xtag_term = '%s'",
dbesc($hash),
dbesc($x)
);
@@ -2154,7 +2189,7 @@ function update_modtime($hash,$guid,$addr,$flags = 0) {
);
}
else {
- q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d) ",
+ q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d)>0 ",
intval(UPDATE_FLAGS_UPDATED),
dbesc($addr),
intval(UPDATE_FLAGS_UPDATED)
@@ -2245,7 +2280,7 @@ function import_site($arr,$pubkey) {
// logger('import_site: stored: ' . print_r($siterecord,true));
$r = q("update site set site_location = '%s', site_flags = %d, site_access = %d, site_directory = '%s', site_register = %d, site_update = '%s', site_sellpage = '%s', site_realm = '%s'
- where site_url = '%s' limit 1",
+ where site_url = '%s'",
dbesc($site_location),
intval($site_directory),
intval($access_policy),
@@ -2432,8 +2467,8 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
$channel = $r[0];
- $max_friends = service_class_fetch($channel['channel_id'],'total_channels');
- $max_feeds = account_service_class_fetch($channel['channel_account_id'],'total_feeds');
+ $max_friends = service_class_fetch($channel['channel_id'],'total_channels');
+ $max_feeds = account_service_class_fetch($channel['channel_account_id'],'total_feeds');
if($channel['channel_hash'] != $sender['hash']) {
@@ -2461,7 +2496,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
if(count($clean)) {
foreach($clean as $k => $v) {
$r = dbq("UPDATE channel set " . dbesc($k) . " = '" . dbesc($v)
- . "' where channel_id = " . intval($channel['channel_id']) . " limit 1");
+ . "' where channel_id = " . intval($channel['channel_id']) );
}
}
}
@@ -2492,7 +2527,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
logger('process_channel_sync_delivery: removing abook entry for ' . $abook['abook_xchan']);
require_once('include/Contact.php');
- $r = q("select abook_id, abook_flags from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d ) limit 1",
+ $r = q("select abook_id, abook_flags from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d )>0 limit 1",
dbesc($abook['abook_xchan']),
intval($channel['channel_id']),
intval(ABOOK_FLAG_SELF)
@@ -2519,7 +2554,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
continue;
}
$j = json_decode($f['body'],true);
- if(! ($j['success'] && $j['guid'])) {
+ if(! ($j['success'] && $j['guid'])) {
logger('process_channel_sync_delivery: probe failed.');
continue;
}
@@ -2570,8 +2605,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
if(count($clean)) {
foreach($clean as $k => $v) {
$r = dbq("UPDATE abook set " . dbesc($k) . " = '" . dbesc($v)
- . "' where abook_xchan = '" . dbesc($clean['abook_xchan']) . "' and abook_channel = " . intval($channel['channel_id'])
- . " limit 1");
+ . "' where abook_xchan = '" . dbesc($clean['abook_xchan']) . "' and abook_channel = " . intval($channel['channel_id']));
}
}
}
@@ -2596,7 +2630,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
if(($y['name'] != $cl['name'])
|| ($y['visible'] != $cl['visible'])
|| ($y['deleted'] != $cl['deleted'])) {
- q("update groups set name = '%s', visible = %d, deleted = %d where hash = '%s' and uid = %d limit 1",
+ q("update groups set name = '%s', visible = %d, deleted = %d where hash = '%s' and uid = %d",
dbesc($cl['name']),
intval($cl['visible']),
intval($cl['deleted']),
@@ -2618,8 +2652,8 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
intval($channel['channel_id']),
intval($cl['visible']),
intval($cl['deleted']),
- dbesc($cl['name'])
- );
+ dbesc($cl['name'])
+ );
}
// now look for any collections locally which weren't in the list we just received.
@@ -2639,7 +2673,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
q("delete from group_member where gid = %d",
intval($y['id'])
);
- q("update groups set deleted = 1 where id = %d and uid = %d limit 1",
+ q("update groups set deleted = 1 where id = %d and uid = %d",
intval($y['id']),
intval($channel['channel_id'])
);
@@ -2702,7 +2736,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
foreach($m as $mm) {
// if the local existing member isn't in the list we just received - remove them
if(! in_array($mm['xchan'],$members[$y['hash']])) {
- q("delete from group_member where xchan = '%s' and gid = %d and uid = %d limit 1",
+ q("delete from group_member where xchan = '%s' and gid = %d and uid = %d",
dbesc($mm['xchan']),
intval($y['id']),
intval($channel['channel_id'])
@@ -2748,8 +2782,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
if(count($clean)) {
foreach($clean as $k => $v) {
$r = dbq("UPDATE profile set " . dbesc($k) . " = '" . dbesc($v)
- . "' where profile_guid = '" . dbesc($profile['profile_guid']) . "' and uid = " . intval($channel['channel_id'])
- . " limit 1");
+ . "' where profile_guid = '" . dbesc($profile['profile_guid']) . "' and uid = " . intval($channel['channel_id']));
}
}
}
@@ -2774,7 +2807,7 @@ function get_rpost_path($observer) {
function import_author_zot($x) {
$hash = make_xchan_hash($x['guid'],$x['guid_sig']);
- $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and (hubloc_flags & %d) limit 1",
+ $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and (hubloc_flags & %d)>0 limit 1",
dbesc($x['guid']),
dbesc($x['guid_sig']),
intval(HUBLOC_FLAGS_PRIMARY)
@@ -2793,3 +2826,110 @@ function import_author_zot($x) {
return false;
}
+
+/**
+ * @function zot_process_message_request($data)
+ * If a site receives a comment to a post but finds they have no parent to attach it with, they
+ * may send a 'request' packet containing the message_id of the missing parent. This is the handler
+ * for that packet. We will create a message_list array of the entire conversation starting with
+ * the missing parent and invoke delivery to the sender of the packet.
+ *
+ * include/deliver.php (for local delivery) and mod/post.php (for web delivery) detect the existence of
+ * this 'message_list' at the destination and split it into individual messages which are
+ * processed/delivered in order.
+ *
+ * Called from mod/post.php
+ */
+
+
+function zot_process_message_request($data) {
+ $ret = array('success' => false);
+
+ if(! $data['message_id']) {
+ $ret['message'] = 'no message_id';
+ logger('no message_id');
+ return $ret;
+ }
+
+ $sender = $data['sender'];
+ $sender_hash = make_xchan_hash($sender['guid'],$sender['guid_sig']);
+
+ /*
+ * Find the local channel in charge of this post (the first and only recipient of the request packet)
+ */
+
+ $arr = $data['recipients'][0];
+ $recip_hash = make_xchan_hash($arr['guid'],$arr['guid_sig']);
+ $c = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_hash = '%s' limit 1",
+ dbesc($recip_hash)
+ );
+ if(! $c) {
+ logger('recipient channel not found.');
+ $ret['message'] .= 'recipient not found.' . EOL;
+ return $ret;
+ }
+
+ /*
+ * fetch the requested conversation
+ */
+
+ $messages = zot_feed($c[0]['channel_id'],$sender_hash,array('message_id' => $data['message_id']));
+
+ if($messages) {
+ $env_recips = null;
+
+ $r = q("select hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host
+ from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d)>0
+ and not (hubloc_status & %d)>0 group by hubloc_sitekey",
+ dbesc($sender_hash),
+ intval(HUBLOC_FLAGS_DELETED),
+ intval(HUBLOC_OFFLINE)
+ );
+ if(! $r) {
+ logger('no hubs');
+ return $ret;
+ }
+ $hubs = $r;
+ $hublist = array();
+ $keys = array();
+
+ $private = ((array_key_exists('flags',$messages[0]) && in_array('private',$messages[0]['flags'])) ? true : false);
+ if($private)
+ $env_recips = array('guid' => $sender['guid'],'guid_sig' => $sender['guid_sig'],'hash' => $sender_hash);
+
+ $data_packet = json_encode(array('message_list' => $messages));
+
+ foreach($hubs as $hub) {
+ $hash = random_string();
+
+ /*
+ * create a notify packet and drop the actual message packet in the queue for pickup
+ */
+
+ $n = zot_build_packet($c[0],'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null),$hash,array('message_id' => $data['message_id']));
+ q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async,
+ outq_created, outq_updated, outq_notify, outq_msg )
+ values ( '%s', %d, %d, '%s', '%s', %d, '%s', '%s', '%s', '%s' )",
+ dbesc($hash),
+ intval($c[0]['channel_account_id']),
+ intval($c[0]['channel_id']),
+ dbesc('zot'),
+ dbesc($hub['hubloc_callback']),
+ intval(1),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($n),
+ dbesc($data_packet)
+ );
+
+ /*
+ * invoke delivery to send out the notify packet
+ */
+
+ proc_run('php','include/deliver.php',$hash);
+ }
+
+ }
+ $ret['success'] = true;
+ return $ret;
+}