diff options
110 files changed, 2258 insertions, 645 deletions
@@ -54,7 +54,7 @@ define ( 'DB_UPDATE_VERSION', 1131 ); define ( 'EOL', '<br>' . "\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); -define ( 'NULL_DATE', '0000-00-00 00:00:00' ); +//define ( 'NULL_DATE', '0000-00-00 00:00:00' ); define ( 'TEMPLATE_BUILD_PATH', 'store/[data]/smarty3' ); define ( 'DIRECTORY_MODE_NORMAL', 0x0000); // This is technically DIRECTORY_MODE_TERTIARY, but it's the default, hence 0x0000 @@ -567,7 +567,9 @@ define ( 'ITEM_VERIFIED', 0x2000); // Signature verification was success define ( 'ITEM_RETAINED', 0x4000); // We looked at this item once to decide whether or not to expire it, and decided not to. define ( 'ITEM_RSS', 0x8000); // Item comes from a feed. Use this to decide whether to link the title // Don't make us evaluate this same item again. - +define ( 'DBTYPE_MYSQL', 0 ); +define ( 'DBTYPE_POSTGRES', 1 ); + /** * * Reverse the effect of magic_quotes_gpc if it is enabled. @@ -1416,7 +1418,7 @@ function fix_system_urls($oldurl,$newurl) { $replace_xchan_url = ((strpos($rr['xchan_url'],$oldurl) !== false) ? true : false); - $x = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_connurl = '%s', xchan_follow = '%s', xchan_connpage = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_date = '%s' where xchan_hash = '%s' limit 1", + $x = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_connurl = '%s', xchan_follow = '%s', xchan_connpage = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_date = '%s' where xchan_hash = '%s'", dbesc($channel_address . '@' . $rhs), dbesc(($replace_xchan_url) ? str_replace($oldurl,$newurl,$rr['xchan_url']) : $rr['xchan_url']), dbesc(str_replace($oldurl,$newurl,$rr['xchan_connurl'])), @@ -1429,7 +1431,7 @@ function fix_system_urls($oldurl,$newurl) { dbesc($rr['xchan_hash']) ); - $y = q("update hubloc set hubloc_addr = '%s', hubloc_url = '%s', hubloc_url_sig = '%s', hubloc_host = '%s', hubloc_callback = '%s' where hubloc_hash = '%s' and hubloc_url = '%s' limit 1", + $y = q("update hubloc set hubloc_addr = '%s', hubloc_url = '%s', hubloc_url_sig = '%s', hubloc_host = '%s', hubloc_callback = '%s' where hubloc_hash = '%s' and hubloc_url = '%s'", dbesc($channel_address . '@' . $rhs), dbesc($newurl), dbesc(base64url_encode(rsa_sign($newurl,$c[0]['channel_prvkey']))), diff --git a/doc/developers.bb b/doc/developers.bb index 18e39c4ea..5365fd77a 100644 --- a/doc/developers.bb +++ b/doc/developers.bb @@ -64,4 +64,7 @@ In the interests of consistency we adopt the following code styling. We may acce [li] Generally speaking, opening braces go on the same line as the thing which opens the brace. They are the last character on the line. Closing braces are on a line by themselves. [/li]
+[b]See Also[/b]
+[zrl=[baseurl]/help/sql_conventions]SQL Conventions[/zrl]
+
#include doc/macros/main_footer.bb;
diff --git a/doc/sql_conventions.bb b/doc/sql_conventions.bb new file mode 100644 index 000000000..88539ae19 --- /dev/null +++ b/doc/sql_conventions.bb @@ -0,0 +1,87 @@ +[h1]SQL Conventions[/h1] +[b]Intro[/b] +The following common SQL conventions appear throughout the code in many places. We use a simple DBA (DataBase Abstraction layer) to handle differences between databases. Please be sure to use only standards-compliant SQL. + +[b]Rule One[/b] +Worth Repeating: Don't use non-standard SQL. This goes for addons as well. If you do use non-standard SQL, and the dba funcs are insufficient, do a if()/switch() or similar for all currently supported databases. Currently nothing red# does requires non-standard SQL. + +[b]Using a format string[/b] +[li]Uses sprintf() +To be written +[code]// Example +$r = q("SELECT * FROM profile WHERE uid = %d", + local_user() +); +[/code][/li] + +[b]Checking bit flags in a where clause[/b] +[li]You must explicitly convert integers to booleans. The easiest way to do this is to compare to 0. +[code]// Example +$r = q("SELECT abook_id, abook_flags, abook_my_perms, abook_their_perms, xchan_hash, xchan_photo_m, xchan_name, xchan_url from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d)>0 ", + intval($uid), + intval(ABOOK_FLAG_SELF) +); +[/code] +[/li] +[li]Turning off a flag +[code]$y = q("update xchan set xchan_flags = (xchan_flags & ~%d) where (xchan_flags & %d)>0 and xchan_hash = '%s'", + intval(XCHAN_FLAGS_ORPHAN), + intval(XCHAN_FLAGS_ORPHAN), + dbesc($rr['hubloc_hash']) +);[/code] +[/li] +[li]Turning on a flag +[code]$y = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s'", + intval(XCHAN_FLAGS_ORPHAN), + dbesc($rr['hubloc_hash']) +);[/code] +[/li] + +[b]Using relative times (INTERVALs)[/b] +[li]Sometimes you want to compare something, like less than x days old. +[code]// Example +$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash + WHERE abook_dob > %s + interval %s and abook_dob < %s + interval %s", + db_utcnow(), db_quoteinterval('7 day'), + db_utcnow(), db_quoteinterval('14 day') +);[/code] +[/li] +[b]Paged results[/b] +[li]To be written +[code]// Example +$r = q("SELECT * FROM mail WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d OFFSET %d", + intval(api_user()), + intval($count), intval($start) +);[/code][/li] + +[b]NULL dates[/b] +[li]To be written +[code]Example[/code][/li] + +[b]Storing binary data[/b] +[li]To be written +[code]// Example +$x = q("update photo set data = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and scale = 0", + dbescbin($ph->imageString()), + intval($height), + intval($width), + dbesc($resource_id), + intval($page_owner_uid) +);[/code][/li] + +[b]Current timestamp[/b] +[li][code]// Example +$randfunc = db_getfunc('rand'); +$r = q("select xchan_url from xchan left join hubloc on hubloc_hash = xchan_hash where hubloc_connected > %s - interval %s order by $randfunc limit 1", + db_utcnow(), db_quoteinterval('30 day') +);[/code][/li] + +[b]SQL Function and Operator Abstraction[/b] +[li]Sometimes the same function or operator has a different name/symbol in each database. You use db_getfunc('funcname') to look them up. The string is [i]not[/i] case-sensitive; do [i]not[/i] include parens. +[code]// Example +$randfunc = db_getfunc('rand'); +$r = q("select xchan_url from xchan left join hubloc on hubloc_hash = xchan_hash where hubloc_connected > %s - interval %s order by $randfunc limit 1", + db_utcnow(), db_quoteinterval('30 day') +);[/code][/li] + +#include doc/macros/main_footer.bb;
\ No newline at end of file diff --git a/include/Contact.php b/include/Contact.php index 20e5e1a1e..f0c7cd737 100644 --- a/include/Contact.php +++ b/include/Contact.php @@ -22,7 +22,7 @@ function rconnect_url($channel_id,$xchan) { if(($r) && ($r[0]['xchan_follow'])) return $r[0]['xchan_follow']; - $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d ) limit 1", + $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d )>0 limit 1", dbesc($xchan), intval(HUBLOC_FLAGS_PRIMARY) ); @@ -35,7 +35,7 @@ function rconnect_url($channel_id,$xchan) { function abook_connections($channel_id, $sql_conditions = '') { $r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d - and not ( abook_flags & %d ) $sql_conditions", + and not ( abook_flags & %d )>0 $sql_conditions", intval($channel_id), intval(ABOOK_FLAG_SELF) ); @@ -44,7 +44,7 @@ function abook_connections($channel_id, $sql_conditions = '') { function abook_self($channel_id) { $r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d - and ( abook_flags & %d ) limit 1", + and ( abook_flags & %d )>0 limit 1", intval($channel_id), intval(ABOOK_FLAG_SELF) ); @@ -52,7 +52,7 @@ function abook_self($channel_id) { } function channelx_by_nick($nick) { - $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and not ( channel_pageflags & %d ) LIMIT 1", + $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and not ( channel_pageflags & %d )>0 LIMIT 1", dbesc($nick), intval(PAGE_REMOVED) ); @@ -60,7 +60,7 @@ function channelx_by_nick($nick) { } function channelx_by_hash($hash) { - $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and not ( channel_pageflags & %d ) LIMIT 1", + $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and not ( channel_pageflags & %d )>0 LIMIT 1", dbesc($hash), intval(PAGE_REMOVED) ); @@ -68,7 +68,7 @@ function channelx_by_hash($hash) { } function channelx_by_n($id) { - $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and not ( channel_pageflags & %d ) LIMIT 1", + $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and not ( channel_pageflags & %d )>0 LIMIT 1", dbesc($id), intval(PAGE_REMOVED) ); @@ -128,7 +128,7 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') { function abook_toggle_flag($abook,$flag) { - $r = q("UPDATE abook set abook_flags = (abook_flags ^ %d) where abook_id = %d and abook_channel = %d limit 1", + $r = q("UPDATE abook set abook_flags = (abook_flags & ~%d) where abook_id = %d and abook_channel = %d", intval($flag), intval($abook['abook_id']), intval($abook['abook_channel']) @@ -138,7 +138,7 @@ function abook_toggle_flag($abook,$flag) { if(($flag === ABOOK_FLAG_ARCHIVED) && ($abook['abook_flags'] & ABOOK_FLAG_ARCHIVED)) { $r = q("update abook set abook_connected = '%s', abook_updated = '%s' - where abook_id = %d and abook_channel = %d limit 1", + where abook_id = %d and abook_channel = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($abook['abook_id']), @@ -173,7 +173,7 @@ function account_remove($account_id,$local = true,$unset_session=true) { // Don't let anybody nuke the only admin account. - $r = q("select account_id from account where (account_roles & %d)", + $r = q("select account_id from account where (account_roles & %d)>0", intval(ACCOUNT_ROLE_ADMIN) ); @@ -201,7 +201,7 @@ function account_remove($account_id,$local = true,$unset_session=true) { } } - $r = q("delete from account where account_id = %d limit 1", + $r = q("delete from account where account_id = %d", intval($account_id) ); @@ -239,7 +239,7 @@ function channel_remove($channel_id, $local = true, $unset_session=true) { channel_r_photos = 0, channel_r_abook = 0, channel_w_stream = 0, channel_w_wall = 0, channel_w_tagwall = 0, channel_w_comment = 0, channel_w_mail = 0, channel_w_photos = 0, channel_w_chat = 0, channel_a_delegate = 0, channel_r_storage = 0, channel_w_storage = 0, channel_r_pages = 0, channel_w_pages = 0, channel_a_republish = 0 - where channel_id = %d limit 1", + where channel_id = %d", dbesc(datetime_convert()), intval(PAGE_REMOVED), intval($channel_id) @@ -275,12 +275,12 @@ function channel_remove($channel_id, $local = true, $unset_session=true) { q("DELETE FROM `spam` WHERE `uid` = %d", intval($channel_id)); - q("delete from abook where abook_xchan = '%s' and (abook_flags & %d) limit 1", + q("delete from abook where abook_xchan = '%s' and (abook_flags & %d)>0", dbesc($channel['channel_hash']), dbesc(ABOOK_FLAG_SELF) ); - $r = q("update channel set channel_deleted = '%s', channel_pageflags = (channel_pageflags | %d) where channel_id = %d limit 1", + $r = q("update channel set channel_deleted = '%s', channel_pageflags = (channel_pageflags | %d) where channel_id = %d", dbesc(datetime_convert()), intval(PAGE_REMOVED), intval($channel_id) @@ -296,7 +296,7 @@ function channel_remove($channel_id, $local = true, $unset_session=true) { $hublocs = 0; - $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d)", + $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d)>0", dbesc($channel['channel_hash']), intval(HUBLOC_FLAGS_DELETED) ); @@ -335,10 +335,11 @@ function mark_orphan_hubsxchans() { if($dirmode == DIRECTORY_MODE_NORMAL) return; - $r = q("update hubloc set hubloc_status = (hubloc_status | %d) where not (hubloc_status & %d) - and hubloc_network = 'zot' and hubloc_connected < utc_timestamp() - interval 36 day", + $r = q("update hubloc set hubloc_status = (hubloc_status | %d) where not (hubloc_status & %d)>0 + and hubloc_network = 'zot' and hubloc_connected < %s - interval %s", intval(HUBLOC_OFFLINE), - intval(HUBLOC_OFFLINE) + intval(HUBLOC_OFFLINE), + db_utcnow(), db_quoteinterval('36 day') ); // $realm = get_directory_realm(); @@ -354,7 +355,7 @@ function mark_orphan_hubsxchans() { // } - $r = q("select hubloc_id, hubloc_hash from hubloc where (hubloc_status & %d) and not (hubloc_flags & %d)", + $r = q("select hubloc_id, hubloc_hash from hubloc where (hubloc_status & %d)>0 and not (hubloc_flags & %d)>0", intval(HUBLOC_OFFLINE), intval(HUBLOC_FLAGS_ORPHANCHECK) ); @@ -364,7 +365,7 @@ function mark_orphan_hubsxchans() { // see if any other hublocs are still alive for this channel - $x = q("select * from hubloc where hubloc_hash = '%s' and not (hubloc_status & %d)", + $x = q("select * from hubloc where hubloc_hash = '%s' and not (hubloc_status & %d)>0", dbesc($rr['hubloc_hash']), intval(HUBLOC_OFFLINE) ); @@ -372,7 +373,7 @@ function mark_orphan_hubsxchans() { // yes - if the xchan was marked as an orphan, undo it - $y = q("update xchan set xchan_flags = (xchan_flags ^ %d) where (xchan_flags & %d) and xchan_hash = '%s' limit 1", + $y = q("update xchan set xchan_flags = (xchan_flags & ~%d) where (xchan_flags & %d)>0 and xchan_hash = '%s'", intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_ORPHAN), dbesc($rr['hubloc_hash']) @@ -383,7 +384,7 @@ function mark_orphan_hubsxchans() { // nope - mark the xchan as an orphan - $y = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s' limit 1", + $y = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s'", intval(XCHAN_FLAGS_ORPHAN), dbesc($rr['hubloc_hash']) ); @@ -391,7 +392,7 @@ function mark_orphan_hubsxchans() { // mark that we've checked this entry so we don't need to do it again - $y = q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d limit 1", + $y = q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d", intval(HUBLOC_FLAGS_ORPHANCHECK), dbesc($rr['hubloc_id']) ); @@ -449,7 +450,7 @@ function remove_all_xchan_resources($xchan, $channel_id = 0) { if($dirmode === false || $dirmode == DIRECTORY_MODE_NORMAL) { - $r = q("delete from xchan where xchan_hash = '%s' limit 1", + $r = q("delete from xchan where xchan_hash = '%s'", dbesc($xchan) ); $r = q("delete from hubloc where hubloc_hash = '%s'", @@ -482,7 +483,7 @@ function contact_remove($channel_id, $abook_id) { $archive = get_pconfig($channel_id, 'system','archive_removed_contacts'); if($archive) { - q("update abook set abook_flags = ( abook_flags | %d ) where abook_id = %d and abook_channel = %d limit 1", + q("update abook set abook_flags = ( abook_flags | %d ) where abook_id = %d and abook_channel = %d", intval(ABOOK_FLAG_ARCHIVED), intval($abook_id), intval($channel_id) @@ -514,7 +515,7 @@ function contact_remove($channel_id, $abook_id) { } } - q("delete from abook where abook_id = %d and abook_channel = %d limit 1", + q("delete from abook where abook_id = %d and abook_channel = %d", intval($abook['abook_id']), intval($channel_id) ); @@ -541,7 +542,10 @@ function contact_remove($channel_id, $abook_id) { function random_profile() { - $r = q("select xchan_url from xchan left join hubloc on hubloc_hash = xchan_hash where hubloc_connected > UTC_TIMESTAMP() - interval 30 day order by rand() limit 1"); + $randfunc = db_getfunc('rand'); + $r = q("select xchan_url from xchan left join hubloc on hubloc_hash = xchan_hash where hubloc_connected > %s - interval %s order by $randfunc limit 1", + db_utcnow(), db_quoteinterval('30 day') + ); if($r) return $r[0]['xchan_url']; return ''; diff --git a/include/RedDAV/RedDirectory.php b/include/RedDAV/RedDirectory.php index a46b77f5f..85af0d57f 100644 --- a/include/RedDAV/RedDirectory.php +++ b/include/RedDAV/RedDirectory.php @@ -159,7 +159,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { list($parent_path, ) = DAV\URLUtil::splitPath($this->red_path); $new_path = $parent_path . '/' . $name; - $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1", + $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND uid = %d", dbesc($name), dbesc($this->folder_hash), intval($this->auth->owner_id) @@ -197,7 +197,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { $mimetype = z_mime_content_type($name); - $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d) LIMIT 1", + $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d)>0 LIMIT 1", intval($this->auth->owner_id), intval(PAGE_REMOVED) ); @@ -246,7 +246,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { $edited = datetime_convert(); // updates entry with filesize and timestamp - $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1", + $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($size), dbesc($edited), dbesc($hash), @@ -254,7 +254,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { ); // update the folder's lastmodified timestamp - $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1", + $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($edited), dbesc($this->folder_hash), intval($c[0]['channel_id']) @@ -293,7 +293,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { throw new DAV\Exception\Forbidden('Permission denied.'); } - $r = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d) LIMIT 1", + $r = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d)>0 LIMIT 1", intval($this->auth->owner_id), intval(PAGE_REMOVED) ); @@ -362,7 +362,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { $channel_name = $path_arr[0]; - $r = q("SELECT channel_id FROM channel WHERE channel_address = '%s' AND NOT ( channel_pageflags & %d ) LIMIT 1", + $r = q("SELECT channel_id FROM channel WHERE channel_address = '%s' AND NOT ( channel_pageflags & %d )>0 LIMIT 1", dbesc($channel_name), intval(PAGE_REMOVED) ); @@ -380,7 +380,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { $os_path = ''; for ($x = 1; $x < count($path_arr); $x++) { - $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)", + $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)>0", dbesc($folder), dbesc($path_arr[$x]), intval($channel_id), @@ -440,7 +440,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { $free = disk_free_space('store'); if ($this->auth->owner_id) { - $c = q("select * from channel where channel_id = %d and not (channel_pageflags & %d) limit 1", + $c = q("select * from channel where channel_id = %d and not (channel_pageflags & %d)>0 limit 1", intval($this->auth->owner_id), intval(PAGE_REMOVED) ); diff --git a/include/RedDAV/RedFile.php b/include/RedDAV/RedFile.php index f96790631..3a5230dc1 100644 --- a/include/RedDAV/RedFile.php +++ b/include/RedDAV/RedFile.php @@ -79,7 +79,7 @@ class RedFile extends DAV\Node implements DAV\IFile { $newName = str_replace('/', '%2F', $newName); - $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND id = %d LIMIT 1", + $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND id = %d", dbesc($this->data['filename']), intval($this->data['id']) ); @@ -96,7 +96,7 @@ class RedFile extends DAV\Node implements DAV\IFile { $size = 0; // @todo only 3 values are needed - $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d) LIMIT 1", + $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d)>0 LIMIT 1", intval($this->auth->owner_id), intval(PAGE_REMOVED) ); @@ -113,7 +113,7 @@ class RedFile extends DAV\Node implements DAV\IFile { $size = @filesize($f); logger('filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG); } else { - $r = q("UPDATE attach SET data = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1", + $r = q("UPDATE attach SET data = '%s' WHERE hash = '%s' AND uid = %d", dbesc(stream_get_contents($data)), dbesc($this->data['hash']), intval($this->data['uid']) @@ -131,7 +131,7 @@ class RedFile extends DAV\Node implements DAV\IFile { // returns now() $edited = datetime_convert(); - $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1", + $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($size), dbesc($edited), dbesc($this->data['hash']), @@ -139,7 +139,7 @@ class RedFile extends DAV\Node implements DAV\IFile { ); // update the folder's lastmodified timestamp - $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1", + $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($edited), dbesc($r[0]['folder']), intval($c[0]['channel_id']) diff --git a/include/account.php b/include/account.php index df484e608..8df44acba 100644 --- a/include/account.php +++ b/include/account.php @@ -202,7 +202,7 @@ function create_account($arr) { // Set the parent record to the current record_id if no parent was provided if(! $parent) { - $r = q("update account set account_parent = %d where account_id = %d limit 1", + $r = q("update account set account_parent = %d where account_id = %d", intval($result['account']['account_id']), intval($result['account']['account_id']) ); @@ -367,16 +367,16 @@ function user_allow($hash) { if(! $account) return $ret; - $r = q("DELETE FROM register WHERE hash = '%s' LIMIT 1", + $r = q("DELETE FROM register WHERE hash = '%s'", dbesc($register[0]['hash']) ); - $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1", + $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_BLOCKED), intval(ACCOUNT_BLOCKED), intval($register[0]['uid']) ); - $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1", + $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_PENDING), intval(ACCOUNT_PENDING), intval($register[0]['uid']) @@ -430,11 +430,11 @@ function user_deny($hash) { if(! $account) return false; - $r = q("DELETE FROM account WHERE account_id = %d LIMIT 1", + $r = q("DELETE FROM account WHERE account_id = %d", intval($register[0]['uid']) ); - $r = q("DELETE FROM `register` WHERE id = %d LIMIT 1", + $r = q("DELETE FROM `register` WHERE id = %d", dbesc($register[0]['id']) ); notice( sprintf(t('Registration revoked for %s'), $account[0]['account_email']) . EOL); @@ -463,21 +463,21 @@ function user_approve($hash) { if(! $account) return $ret; - $r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify' LIMIT 1", + $r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify'", dbesc($register[0]['hash']) ); - $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1", + $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_BLOCKED), intval(ACCOUNT_BLOCKED), intval($register[0]['uid']) ); - $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1", + $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_PENDING), intval(ACCOUNT_PENDING), intval($register[0]['uid']) ); - $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1", + $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_UNVERIFIED), intval(ACCOUNT_UNVERIFIED), intval($register[0]['uid']) @@ -510,11 +510,12 @@ function user_approve($hash) { function downgrade_accounts() { - $r = q("select * from account where not ( account_flags & %d ) + $r = q("select * from account where not ( account_flags & %d )>0 and account_expires != '%s' - and account_expires < UTC_TIMESTAMP() ", + and account_expires < %s ", intval(ACCOUNT_EXPIRED), - dbesc(NULL_DATE) + dbesc(NULL_DATE), + db_getfunc('UTC_TIMESTAMP') ); if(! $r) @@ -527,7 +528,7 @@ function downgrade_accounts() { if(($basic) && ($rr['account_service_class']) && ($rr['account_service_class'] != $basic)) { $x = q("UPDATE account set account_service_class = '%s', account_expires = '%s' - where account_id = %d limit 1", + where account_id = %d", dbesc($basic), dbesc(NULL_DATE), intval($rr['account_id']) @@ -537,7 +538,7 @@ function downgrade_accounts() { logger('downgrade_accounts: Account id ' . $rr['account_id'] . ' downgraded.'); } else { - $x = q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d limit 1", + $x = q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d", intval(ACCOUNT_EXPIRED), intval($rr['account_id']) ); diff --git a/include/acl_selectors.php b/include/acl_selectors.php index 5adafff2c..243e7a549 100644 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -171,7 +171,7 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n"; $r = q("SELECT abook_id, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash - where abook_flags = 0 or not ( abook_flags & %d ) and abook_channel = %d + where abook_flags = 0 or not ( abook_flags & %d )>0 and abook_channel = %d $sql_extra ORDER BY xchan_name ASC ", intval(ABOOK_FLAG_SELF), diff --git a/include/api.php b/include/api.php index 9fe2ef47d..aeee95d3b 100644 --- a/include/api.php +++ b/include/api.php @@ -309,7 +309,7 @@ require_once('include/items.php'); return False; } else { $user = local_user(); - $extra_query = " AND abook_channel = %d AND (abook_flags & " . ABOOK_FLAG_SELF . " ) "; + $extra_query = " AND abook_channel = %d AND (abook_flags & " . ABOOK_FLAG_SELF . " )>0 "; } } @@ -336,7 +336,7 @@ require_once('include/items.php'); // count public wall messages $r = q("SELECT COUNT(`id`) as `count` FROM `item` WHERE `uid` = %d - AND ( item_flags & %d ) and item_restrict = 0 + AND ( item_flags & %d )>0 and item_restrict = 0 AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''", intval($usr[0]['channel_id']), intval(ITEM_WALL) @@ -363,7 +363,7 @@ require_once('include/items.php'); $countfollowers = $r[0]['count']; } - $r = q("SELECT count(`id`) as `count` FROM item where ( item_flags & %d ) and uid = %d and item_restrict = 0", + $r = q("SELECT count(`id`) as `count` FROM item where ( item_flags & %d )>0 and uid = %d and item_restrict = 0", intval($uinfo[0]['channel_id']), intval(ITEM_STARRED) ); @@ -1004,8 +1004,8 @@ require_once('include/items.php'); // at the network timeline just mark everything seen. if (api_user() == $user_info['uid']) { - $r = q("UPDATE `item` SET item_flags = ( item_flags ^ %d ) - WHERE item_flags & %d and uid = %d", + $r = q("UPDATE `item` SET item_flags = ( item_flags & ~%d ) + WHERE (item_flags & %d)>0 and uid = %d", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval($user_info['uid']) @@ -1062,10 +1062,10 @@ require_once('include/items.php'); and uid in ( " . stream_perms_api_uids() . " ) $sql_extra AND id > %d group by mid - order by received desc LIMIT %d, %d ", + order by received desc LIMIT %d OFFSET %d ", intval($since_id), - intval($start), - intval($count) + intval($count), + intval($start) ); xchan_query($r,true); @@ -1706,9 +1706,9 @@ require_once('include/items.php'); // For Red, the closest thing we can do to figure out if you're friends is if both of you are sending each other your streams. // This won't work if either of you send your stream to everybody on the network if($qtype == 'friends') - $sql_extra = sprintf(" AND ( abook_their_perms & %d ) and ( abook_my_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM)); + $sql_extra = sprintf(" AND ( abook_their_perms & %d )>0 and ( abook_my_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM)); if($qtype == 'followers') - $sql_extra = sprintf(" AND ( abook_my_perms & %d ) and not ( abook_their_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM)); + $sql_extra = sprintf(" AND ( abook_my_perms & %d )>0 and not ( abook_their_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM)); $r = q("SELECT abook_id FROM abook where abook_flags = 0 and abook_channel = %d $sql_extra", intval(api_user()) @@ -1822,9 +1822,9 @@ require_once('include/items.php'); // This won't work if either of you send your stream to everybody on the network if($qtype == 'friends') - $sql_extra = sprintf(" AND ( abook_their_perms & %d ) and ( abook_my_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM)); + $sql_extra = sprintf(" AND ( abook_their_perms & %d )>0 and ( abook_my_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM)); if($qtype == 'followers') - $sql_extra = sprintf(" AND ( abook_my_perms & %d ) and not ( abook_their_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM)); + $sql_extra = sprintf(" AND ( abook_my_perms & %d )>0 and not ( abook_their_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM)); $r = q("SELECT abook_id FROM abook where abook_flags = 0 and abook_channel = %d $sql_extra", intval(api_user()) @@ -1940,9 +1940,9 @@ require_once('include/items.php'); $sql_extra = "`from-url`!='".dbesc( $profile_url )."'"; } - $r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d,%d", + $r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d OFFSET %d", intval(api_user()), - intval($start), intval($count) + intval($count), intval($start) ); $ret = Array(); diff --git a/include/apps.php b/include/apps.php index cd0c2984e..9c4fe826a 100644 --- a/include/apps.php +++ b/include/apps.php @@ -267,7 +267,7 @@ function app_install($uid,$app) { function app_destroy($uid,$app) { if($uid && $app['guid']) { - $r = q("delete from app where app_id = '%s' and app_channel = %d limit 1", + $r = q("delete from app where app_id = '%s' and app_channel = %d", dbesc($app['guid']), intval($uid) ); @@ -388,7 +388,7 @@ function app_update($arr) { $darray['app_page'] = ((x($arr,'page')) ? escape_tags($arr['page']) : ''); $darray['app_requires'] = ((x($arr,'requires')) ? escape_tags($arr['requires']) : ''); - $r = q("update app set app_sig = '%s', app_author = '%s', app_name = '%s', app_desc = '%s', app_url = '%s', app_photo = '%s', app_version = '%s', app_addr = '%s', app_price = '%s', app_page = '%s', app_requires = '%s' where app_id = '%s' and app_channel = %d limit 1", + $r = q("update app set app_sig = '%s', app_author = '%s', app_name = '%s', app_desc = '%s', app_url = '%s', app_photo = '%s', app_version = '%s', app_addr = '%s', app_price = '%s', app_page = '%s', app_requires = '%s' where app_id = '%s' and app_channel = %d", dbesc($darray['app_sig']), dbesc($darray['app_author']), dbesc($darray['app_name']), diff --git a/include/attach.php b/include/attach.php index 6bce617cd..87d618afa 100644 --- a/include/attach.php +++ b/include/attach.php @@ -400,7 +400,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { $created = datetime_convert(); if($options === 'replace') { - $r = q("update attach set filename = '%s', filetype = '%s', filesize = %d, data = '%s', edited = '%s' where id = %d and uid = %d limit 1", + $r = q("update attach set filename = '%s', filetype = '%s', filesize = %d, data = '%s', edited = '%s' where id = %d and uid = %d", dbesc($filename), dbesc($mimetype), intval($filesize), @@ -432,7 +432,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { } elseif($options === 'update') { $r = q("update attach set filename = '%s', filetype = '%s', edited = '%s', - allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d limit 1", + allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d", dbesc((array_key_exists('filename',$arr)) ? $arr['filename'] : $x[0]['filename']), dbesc((array_key_exists('filetype',$arr)) ? $arr['filetype'] : $x[0]['filetype']), dbesc($created), @@ -517,7 +517,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') { if(count($paths) > 1) { $curpath = array_shift($paths); - $r = q("select hash, id from attach where uid = %d and filename = '%s' and (flags & %d ) " . permissions_sql($channel_id) . " limit 1", + $r = q("select hash, id from attach where uid = %d and filename = '%s' and (flags & %d )>0 " . permissions_sql($channel_id) . " limit 1", intval($channel_id), dbesc($curpath), intval(ATTACH_FLAG_DIR) @@ -533,7 +533,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') { else $paths = array($pathname); - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and (flags & %d ) " . permissions_sql($channel_id), + $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and (flags & %d )>0 " . permissions_sql($channel_id), intval($channel_id), dbesc($parent_hash), dbesc($paths[0]), @@ -617,7 +617,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $sql_options = permissions_sql($channel['channel_id']); do { - $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d ) + $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )>0 $sql_options limit 1", intval($channel['channel_id']), dbesc($lfile), @@ -669,7 +669,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $ret['data'] = $arr; // update the parent folder's lastmodified timestamp - $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1", + $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($created), dbesc($arr['folder']), intval($channel_id) @@ -722,7 +722,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi } } - $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d limit 1", + $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d", dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), @@ -790,13 +790,13 @@ function attach_delete($channel_id, $resource) { } // delete from database - $z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1", + $z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d", dbesc($resource), intval($channel_id) ); // update the parent folder's lastmodified timestamp - $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1", + $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc(datetime_convert()), dbesc($r[0]['folder']), intval($channel_id) @@ -831,7 +831,7 @@ function get_cloudpath($arr) { $lfile = $arr['folder']; do { - $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d ) + $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )>0 limit 1", intval($arr['uid']), dbesc($lfile), diff --git a/include/auth.php b/include/auth.php index 8f68fc562..94c64e58d 100644 --- a/include/auth.php +++ b/include/auth.php @@ -123,7 +123,7 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) && // if our authenticated guest is allowed to take control of the admin channel, make it so. $admins = get_config('system', 'remote_admin'); if($admins && is_array($admins) && in_array($_SESSION['visitor_id'], $admins)) { - $x = q("select * from account where account_email = '%s' and account_email != '' and ( account_flags & %d ) limit 1", + $x = q("select * from account where account_email = '%s' and account_email != '' and ( account_flags & %d )>0 limit 1", dbesc(get_config('system', 'admin_email')), intval(ACCOUNT_ROLE_ADMIN) ); diff --git a/include/cache.php b/include/cache.php index a70650b5e..4a3f453e1 100644 --- a/include/cache.php +++ b/include/cache.php @@ -21,7 +21,7 @@ dbesc($key) ); if($r) { - q("UPDATE cache SET v = '%s', updated = '%s' WHERE k = '%s' limit 1", + q("UPDATE cache SET v = '%s', updated = '%s' WHERE k = '%s'", dbesc($value), dbesc(datetime_convert()), dbesc($key)); diff --git a/include/chat.php b/include/chat.php index 5c3d0c9d9..533c03dde 100644 --- a/include/chat.php +++ b/include/chat.php @@ -77,7 +77,7 @@ function chatroom_destroy($channel,$arr) { return $ret; } - q("delete from chatroom where cr_id = %d limit 1", + q("delete from chatroom where cr_id = %d", intval($r[0]['cr_id']) ); if($r[0]['cr_id']) { @@ -129,8 +129,11 @@ function chatroom_enter($observer_xchan,$room_id,$status,$client) { } if(intval($x[0]['cr_expire'])) { - $sql = "delete from chat where created < UTC_TIMESTAMP() - INTERVAL " . intval($x[0]['cr_expire']) . " MINUTE and chat_room = " . intval($x[0]['cr_id']); - $r = q($sql); + $r = q("delete from chat where created < %s - INTERVAL %s and chat_room = %d", + db_utcnow(), + db_quoteinterval( intval($x[0]['cr_expire']) . ' MINUTE' ), + intval($x[0]['cr_id']) + ); } $r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1", @@ -138,7 +141,7 @@ function chatroom_enter($observer_xchan,$room_id,$status,$client) { intval($room_id) ); if($r) { - q("update chatpresence set cp_last = '%s' where cp_id = %d and cp_client = '%s' limit 1", + q("update chatpresence set cp_last = '%s' where cp_id = %d and cp_client = '%s'", dbesc(datetime_convert()), intval($r[0]['cp_id']), dbesc($client) @@ -169,7 +172,7 @@ function chatroom_leave($observer_xchan,$room_id,$client) { dbesc($client) ); if($r) { - q("delete from chatpresence where cp_id = %d limit 1", + q("delete from chatpresence where cp_id = %d", intval($r[0]['cp_id']) ); } diff --git a/include/cli_startup.php b/include/cli_startup.php index f90a75cd1..027d62953 100644 --- a/include/cli_startup.php +++ b/include/cli_startup.php @@ -19,8 +19,8 @@ function cli_startup() { date_default_timezone_set($a->timezone); require_once('include/dba/dba_driver.php'); - $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data); - unset($db_host, $db_port, $db_user, $db_pass, $db_data); + $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type); + unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type); }; require_once('include/session.php'); diff --git a/include/config.php b/include/config.php index 3292059d1..9eaa6b2e6 100644 --- a/include/config.php +++ b/include/config.php @@ -154,7 +154,7 @@ function set_config($family, $key, $value) { return $ret; } - $ret = q("UPDATE config SET v = '%s' WHERE cat = '%s' AND k = '%s' LIMIT 1", + $ret = q("UPDATE config SET v = '%s' WHERE cat = '%s' AND k = '%s'", dbesc($dbvalue), dbesc($family), dbesc($key) @@ -185,7 +185,7 @@ function del_config($family, $key) { if(array_key_exists($family, $a->config) && array_key_exists($key, $a->config[$family])) unset($a->config[$family][$key]); - $ret = q("DELETE FROM config WHERE cat = '%s' AND k = '%s' LIMIT 1", + $ret = q("DELETE FROM config WHERE cat = '%s' AND k = '%s'", dbesc($family), dbesc($key) ); @@ -318,7 +318,7 @@ function set_pconfig($uid, $family, $key, $value) { return $ret; } - $ret = q("UPDATE pconfig SET v = '%s' WHERE uid = %d and cat = '%s' AND k = '%s' LIMIT 1", + $ret = q("UPDATE pconfig SET v = '%s' WHERE uid = %d and cat = '%s' AND k = '%s'", dbesc($dbvalue), intval($uid), dbesc($family), @@ -362,7 +362,7 @@ function del_pconfig($uid, $family, $key) { if(x($a->config[$uid][$family], $key)) unset($a->config[$uid][$family][$key]); - $ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s' LIMIT 1", + $ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'", intval($uid), dbesc($family), dbesc($key) @@ -483,7 +483,7 @@ function set_xconfig($xchan, $family, $key, $value) { return $ret; } - $ret = q("UPDATE xconfig SET v = '%s' WHERE xchan = '%s' and cat = '%s' AND k = '%s' LIMIT 1", + $ret = q("UPDATE xconfig SET v = '%s' WHERE xchan = '%s' and cat = '%s' AND k = '%s'", dbesc($dbvalue), dbesc($xchan), dbesc($family), @@ -517,7 +517,7 @@ function del_xconfig($xchan, $family, $key) { if(x($a->config[$xchan][$family], $key)) unset($a->config[$xchan][$family][$key]); - $ret = q("DELETE FROM `xconfig` WHERE `xchan` = '%s' AND `cat` = '%s' AND `k` = '%s' LIMIT 1", + $ret = q("DELETE FROM `xconfig` WHERE `xchan` = '%s' AND `cat` = '%s' AND `k` = '%s'", dbesc($xchan), dbesc($family), dbesc($key) diff --git a/include/datetime.php b/include/datetime.php index 47c63e51d..270be5e3d 100644 --- a/include/datetime.php +++ b/include/datetime.php @@ -460,7 +460,10 @@ function update_birthdays() { require_once('include/permissions.php'); $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_dob > utc_timestamp() + interval 7 day and abook_dob < utc_timestamp() + interval 14 day"); + WHERE abook_dob > %s + interval %s and abook_dob < %s + interval %s", + db_utcnow(), db_quoteinterval('7 day'), + db_utcnow(), db_quoteinterval('14 day') + ); if($r) { foreach($r as $rr) { @@ -482,7 +485,7 @@ function update_birthdays() { $z = event_store_event($ev); if($z) { $item_id = event_store_item($ev,$z); - q("update abook set abook_dob = '%s' where abook_id = %d limit 1", + q("update abook set abook_dob = '%s' where abook_id = %d", dbesc(intval($rr['abook_dob']) + 1 . substr($rr['abook_dob'],4)), intval($rr['abook_id']) ); diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index 31b7890f1..ddff80d7c 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -17,23 +17,30 @@ * @param string $user DB username * @param string $pass DB password * @param string $db database name + * @param string $dbtype 0 for mysql, 1 for postgres * @param bool $install Defaults to false * @return null|dba_driver A database driver object (dba_mysql|dba_mysqli) or null if no driver found. */ -function dba_factory($server, $port, $user, $pass, $db, $install = false) { +function dba_factory($server, $port,$user,$pass,$db,$dbtype,$install = false) { $dba = null; - if (class_exists('mysqli')) { - if (is_null($port)) $port = ini_get("mysqli.default_port"); - require_once('include/dba/dba_mysqli.php'); - $dba = new dba_mysqli($server, $port, $user, $pass, $db, $install); - } - else { - if (is_null($port)) $port = "3306"; - require_once('include/dba/dba_mysql.php'); - $dba = new dba_mysql($server, $port, $user, $pass, $db, $install); + if($dbtype == 1) { + require_once('include/dba/dba_postgres.php'); + if(is_null($port)) $port = 5432; + $dba = new dba_postgres($server, $port, $user, $pass, $db, $install); + } else { + if(class_exists('mysqli')) { + if (is_null($port)) $port = ini_get("mysqli.default_port"); + require_once('include/dba/dba_mysqli.php'); + $dba = new dba_mysqli($server, $port,$user,$pass,$db,$install); + } else { + if (is_null($port)) $port = "3306"; + require_once('include/dba/dba_mysql.php'); + $dba = new dba_mysql($server, $port,$user,$pass,$db,$install); + } } - + define('NULL_DATE', $dba->get_null_date()); + define('ACTIVE_DBTYPE', $dbtype); return $dba; } @@ -44,7 +51,11 @@ function dba_factory($server, $port, $user, $pass, $db, $install = false) { * dba_mysqli. */ abstract class dba_driver { - + // legacy behavior + const INSTALL_SCRIPT='install/schema_mysql.sql'; + const NULL_DATE = '0000-00-00 00:00:00'; + const UTC_NOW = 'UTC_TIMESTAMP()'; + protected $debug = 0; protected $db; public $connected = false; @@ -97,7 +108,19 @@ abstract class dba_driver { $this->connect($server, $port, $user, $pass, $db); } - function install($server, $user, $pass, $db) { + function get_null_date() { + return static::NULL_DATE; + } + + function get_install_script() { + return static::INSTALL_SCRIPT; + } + + function utcnow() { + return static::UTC_NOW; + } + + function install($server,$user,$pass,$db) { if (!(strlen($server) && strlen($user))){ $this->connected = false; $this->db = null; @@ -130,6 +153,25 @@ abstract class dba_driver { } } + function quote_interval($txt) { + return $txt; + } + + function optimize_table($table) { + q('OPTIMIZE TABLE '.$table); + } + + function concat($fld, $sep) { + return 'GROUP_CONCAT(DISTINCT '.$fld.' SEPARATOR \''.$sep.'\')'; + } + + function escapebin($str) { + return $this->escape($str); + } + + function unescapebin($str) { + return $str; + } } // end abstract dba_driver class @@ -174,6 +216,55 @@ function dbesc($str) { else return(str_replace("'", "\\'", $str)); } +function dbescbin($str) { + global $db; + return $db->escapebin($str); +} + +function dbunescbin($str) { + global $db; + return $db->unescapebin($str); +} + +function dbescdate($date) { + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES && $date == '0000-00-00 00:00:00') { + $date = NULL_DATE; + } else if(ACTIVE_DBTYPE != DBTYPE_POSTGRES && $date == '0001-01-01 00:00:00') { + $date = NULL_DATE; + } + return $date; +} + +function db_quoteinterval($txt) { + global $db; + return $db->quote_interval($txt); +} + +function dbesc_identifier($str) { + global $db; + return $db->escape_identifier($txt); +} + +function db_utcnow() { + global $db; + return $db->utcnow(); +} + +function db_optimizetable($table) { + global $db; + $db->optimize_table($table); +} + +function db_concat($fld, $sep) { + global $db; + return $db->concat($fld, $sep); +} + +// Function: q($sql,$args); +// Description: execute SQL query with printf style args. +// Example: $r = q("SELECT * FROM `%s` WHERE `uid` = %d", +// 'user', 1); + /** * @brief Execute a SQL query with printf style args. @@ -243,8 +334,11 @@ function dbq($sql) { // cast to int to avoid trouble. function dbesc_array_cb(&$item, $key) { - if(is_string($item)) + if(is_string($item)) { + if($item == '0000-00-00 00:00:00' && ACTIVE_DBTYPE == DBTYPE_POSTGRES) + $item = '0001-01-01 00:00:00'; $item = dbesc($item); + } } @@ -253,3 +347,27 @@ function dbesc_array(&$arr) { array_walk($arr,'dbesc_array_cb'); } } + +function db_getfunc($f) { + $lookup = array( + 'rand'=>array( + DBTYPE_MYSQL=>'RAND()', + DBTYPE_POSTGRES=>'RANDOM()' + ), + 'utc_timestamp'=>array( + DBTYPE_MYSQL=>'UTC_TIMESTAMP()', + DBTYPE_POSTGRES=>"now() at time zone 'UTC'" + ), + 'regexp'=>array( + DBTYPE_MYSQL=>'REGEXP', + DBTYPE_POSTGRES=>'~' + ) + ); + $f = strtolower($f); + if(isset($lookup[$f]) && isset($lookup[$f][ACTIVE_DBTYPE])) + return $lookup[$f][ACTIVE_DBTYPE]; + + logger('Unable to abstract DB function "'. $f . '"', LOG_DEBUG); + return $f; +} + diff --git a/include/dba/dba_postgres.php b/include/dba/dba_postgres.php new file mode 100644 index 000000000..a390292a5 --- /dev/null +++ b/include/dba/dba_postgres.php @@ -0,0 +1,112 @@ +<?php + +require_once('include/dba/dba_driver.php'); + + +class dba_postgres extends dba_driver { + const INSTALL_SCRIPT='install/schema_postgres.sql'; + const NULL_DATE = '0001-01-01 00:00:00'; + const UTC_NOW = "now() at time zone 'UTC'"; + + function connect($server,$port,$user,$pass,$db) { + if(!$port) $port = 5432; + $connstr = 'host=' . $server . ' port='.$port . ' user=' . $user . ' password=' . $pass . ' dbname='. $db; + $this->db = pg_connect($connstr); + if($this->db !== false) { + $this->connected = true; + } else { + $this->connected = false; + } + $this->q("SET standard_conforming_strings = 'off'; SET backslash_quote = 'on';"); // emulate mysql string escaping to prevent massive code-clobber + return $this->connected; + } + + function q($sql) { + if((! $this->db) || (! $this->connected)) + return false; + + if(!strpos($sql, ';')) + $sql .= ';'; + + if(strpos($sql, '`')) // this is a hack. quoted identifiers should be replaced everywhere in the code with dbesc_identifier(), remove this once it is + $sql = str_replace('`', '"', $sql); + + $this->error = ''; + $result = @pg_query($this->db, $sql); + if(file_exists('db-allqueries.out')) { + $bt = debug_backtrace(); + $trace = array(); + foreach($bt as $frame) { + if(!empty($frame['file']) && @strstr($frame['file'], $_SERVER['DOCUMENT_ROOT'])) + $frame['file'] = substr($frame['file'], strlen($_SERVER['DOCUMENT_ROOT'])+1); + + $trace[] = $frame['file'] . ':' . $frame['function'] . '():' . $frame['line'] ; + } + $compact = join(', ', $trace); + file_put_contents('db-allqueries.out', datetime_convert() . ": " . $sql . ' is_resource: '.var_export(is_resource($result), true).', backtrace: '.$compact."\n\n", FILE_APPEND); + } + + if($result === false) + $this->error = pg_last_error($this->db); + + if($result === false || $this->error) { + //logger('dba_postgres: ' . printable($sql) . ' returned false.' . "\n" . $this->error); + if(file_exists('dbfail.out')) + file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND); + } + + if(($result === true) || ($result === false)) + return $result; + + if(pg_result_status($result) == PGSQL_COMMAND_OK) + return true; + + $r = array(); + if(pg_num_rows($result)) { + while($x = pg_fetch_array($result, null, PGSQL_ASSOC)) + $r[] = $x; + pg_free_result($result); + if($this->debug) + logger('dba_postgres: ' . printable(print_r($r,true))); + } + return $r; + } + + function escape($str) { + if($this->db && $this->connected) { + $x = @pg_escape_string($this->db, $str); + return $x; + } + } + + function escapebin($str) { + return pg_escape_bytea($str); + } + + function unescapebin($str) { + return pg_unescape_bytea($str); + } + + function close() { + if($this->db) + pg_close($this->db); + $this->connected = false; + } + + function quote_interval($txt) { + return "'$txt'"; + } + + function escape_identifier($str) { + return pg_escape_identifier($this->db, $str); + } + + function optimize_table($table) { + // perhaps do some equivalent thing here, vacuum, etc? I think this is the DBA's domain anyway. Applications should not need to muss with this. + // for now do nothing without a compelling reason. function overrides default legacy mysql. + } + + function concat($fld, $sep) { + return 'string_agg(' . $fld . ',\'' . $sep . '\')'; + } +}
\ No newline at end of file diff --git a/include/deliver.php b/include/deliver.php index 729018448..47d8562df 100644 --- a/include/deliver.php +++ b/include/deliver.php @@ -24,13 +24,13 @@ function deliver_run($argv, $argc) { $result = z_post_url($r[0]['outq_posturl'],$r[0]['outq_msg']); if($result['success'] && $result['return_code'] < 300) { logger('deliver: queue post success to ' . $r[0]['outq_posturl'], LOGGER_DEBUG); - $y = q("delete from outq where outq_hash = '%s' limit 1", + $y = q("delete from outq where outq_hash = '%s'", dbesc($argv[$x]) ); } else { logger('deliver: queue post returned ' . $result['return_code'] . ' from ' . $r[0]['outq_posturl'],LOGGER_DEBUG); - $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1", + $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'", dbesc(datetime_convert()), dbesc($argv[$x]) ); @@ -65,7 +65,7 @@ function deliver_run($argv, $argc) { $msg = array('body' => json_encode(array('pickup' => array(array('notify' => $notify,'message' => $m))))); zot_import($msg,z_root()); } - $r = q("delete from outq where outq_hash = '%s' limit 1", + $r = q("delete from outq where outq_hash = '%s'", dbesc($argv[$x]) ); } @@ -77,7 +77,7 @@ function deliver_run($argv, $argc) { zot_process_response($r[0]['outq_posturl'],$result, $r[0]); } else { - $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1", + $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'", dbesc(datetime_convert()), dbesc($argv[$x]) ); diff --git a/include/diaspora.php b/include/diaspora.php index 7858fa203..09521b82b 100755 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -657,7 +657,7 @@ function diaspora_request($importer,$xml) { $newperms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK|PERMS_W_STREAM|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT|PERMS_R_STORAGE|PERMS_R_PAGES; - $r = q("update abook set abook_their_perms = %d where abook_id = %d and abook_channel = %d limit 1", + $r = q("update abook set abook_their_perms = %d where abook_id = %d and abook_channel = %d", intval($newperms), intval($contact['abook_id']), intval($importer['channel_id']) diff --git a/include/dir_fns.php b/include/dir_fns.php index f58e7c307..8f27fb85d 100644 --- a/include/dir_fns.php +++ b/include/dir_fns.php @@ -38,7 +38,7 @@ function check_upstream_directory() { */ $directory = get_config('system','directory_server'); if ($directory) { - $r = q("select * from site where site_url = '%s' and (site_flags & %d) ", + $r = q("select * from site where site_url = '%s' and (site_flags & %d)>0 ", dbesc($directory), intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY|DIRECTORY_MODE_STANDALONE) ); @@ -86,14 +86,14 @@ function sync_directories($dirmode) { $realm = get_directory_realm(); if($realm == DIRECTORY_REALM) { - $r = q("select * from site where (site_flags & %d) and site_url != '%s' and ( site_realm = '%s' or site_realm = '') ", + $r = q("select * from site where (site_flags & %d)>0 and site_url != '%s' and ( site_realm = '%s' or site_realm = '') ", intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY), dbesc(z_root()), dbesc($realm) ); } else { - $r = q("select * from site where (site_flags & %d) and site_url != '%s' and site_realm like '%s' ", + $r = q("select * from site where (site_flags & %d)>0 and site_url != '%s' and site_realm like '%s' ", intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY), dbesc(z_root()), dbesc(protect_sprintf('%' . $realm . '%')) @@ -120,7 +120,7 @@ function sync_directories($dirmode) { dbesc($r[0]['site_realm']) ); - $r = q("select * from site where (site_flags & %d) and site_url != '%s'", + $r = q("select * from site where (site_flags & %d)>0 and site_url != '%s'", intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY), dbesc(z_root()) ); @@ -146,7 +146,7 @@ function sync_directories($dirmode) { if((! $j['transactions']) || (! is_array($j['transactions']))) continue; - q("update site set site_sync = '%s' where site_url = '%s' limit 1", + q("update site set site_sync = '%s' where site_url = '%s'", dbesc(datetime_convert()), dbesc($rr['site_url']) ); @@ -267,7 +267,7 @@ function local_dir_update($uid,$force) { if($new_flags != $r[0]['xchan_flags']) { - $r = q("update xchan set xchan_flags = %d where xchan_hash = '%s' limit 1", + $r = q("update xchan set xchan_flags = %d where xchan_hash = '%s'", intval($new_flags), dbesc($p[0]['channel_hash']) ); @@ -281,10 +281,10 @@ function local_dir_update($uid,$force) { } else { // they may have made it private - $r = q("delete from xprof where xprof_hash = '%s' limit 1", + $r = q("delete from xprof where xprof_hash = '%s'", dbesc($hash) ); - $r = q("delete from xtag where xtag_hash = '%s' limit 1", + $r = q("delete from xtag where xtag_hash = '%s'", dbesc($hash) ); } diff --git a/include/directory.php b/include/directory.php index 60070f7ec..a7324a99a 100644 --- a/include/directory.php +++ b/include/directory.php @@ -42,7 +42,7 @@ function directory_run($argv, $argc){ local_dir_update($argv[1],$force); - q("update channel set channel_dirdate = '%s' where channel_id = %d limit 1", + q("update channel set channel_dirdate = '%s' where channel_id = %d", dbesc(datetime_convert()), intval($channel['channel_id']) ); @@ -85,7 +85,7 @@ function directory_run($argv, $argc){ ); } else { - q("update channel set channel_dirdate = '%s' where channel_id = %d limit 1", + q("update channel set channel_dirdate = '%s' where channel_id = %d", dbesc(datetime_convert()), intval($channel['channel_id']) ); diff --git a/include/enotify.php b/include/enotify.php index 2503f9ab0..f3eb80117 100644 --- a/include/enotify.php +++ b/include/enotify.php @@ -18,7 +18,7 @@ function notification($params) { } if($params['to_xchan']) { $y = q("select channel.*, account.* from channel left join account on channel_account_id = account_id - where channel_hash = '%s' and not (channel_pageflags & %d) limit 1", + where channel_hash = '%s' and not (channel_pageflags & %d)>0 limit 1", dbesc($params['to_xchan']), intval(PAGE_REMOVED) ); @@ -394,7 +394,7 @@ function notification($params) { if(($a->language === 'en' || (! $a->language)) && strpos($msg,', ')) $msg = substr($msg,strpos($msg,', ')+1); - $r = q("update notify set msg = '%s' where id = %d and uid = %d limit 1", + $r = q("update notify set msg = '%s' where id = %d and uid = %d", dbesc($msg), intval($notify_id), intval($datarray['uid']) diff --git a/include/event.php b/include/event.php index 03ecaa0a7..d95e8b401 100644 --- a/include/event.php +++ b/include/event.php @@ -183,7 +183,7 @@ function event_store_event($arr) { `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' - WHERE `id` = %d AND `uid` = %d LIMIT 1", + WHERE `id` = %d AND `uid` = %d", dbesc($arr['edited']), dbesc($arr['start']), @@ -284,7 +284,7 @@ function event_addtocal($item_id, $uid) { $event = event_store_event($ev); if($event) { - $r = q("update item set resource_id = '%s', resource_type = 'event' where id = %d and uid = %d limit 1", + $r = q("update item set resource_id = '%s', resource_type = 'event' where id = %d and uid = %d", dbesc($event['event_hash']), intval($item['id']), intval($channel['channel_id']) @@ -359,7 +359,7 @@ function event_store_item($arr,$event) { $private = (($arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid']) ? 1 : 0); - q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d, item_private = %d WHERE id = %d AND uid = %d LIMIT 1", + q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d, item_private = %d WHERE id = %d AND uid = %d", dbesc($arr['summary']), dbesc($prefix . format_event_bbcode($arr)), dbesc($object), diff --git a/include/expire.php b/include/expire.php index 442914a39..a229bd4ac 100644 --- a/include/expire.php +++ b/include/expire.php @@ -7,9 +7,10 @@ function expire_run($argv, $argc){ cli_startup(); - $r = q("select id from item where (item_restrict & %d) and not (item_restrict & %d) and changed < UTC_TIMESTAMP() - INTERVAL 10 DAY", + $r = q("select id from item where (item_restrict & %d)>0 and not (item_restrict & %d)>0 and changed < %s - INTERVAL %s", intval(ITEM_DELETED), - intval(ITEM_PENDING_REMOVE) + intval(ITEM_PENDING_REMOVE), + db_utcnow(), db_quoteinterval('10 DAY') ); if($r) { foreach($r as $rr) { @@ -19,8 +20,9 @@ function expire_run($argv, $argc){ // physically remove anything that has been deleted for more than two months - $r = q("delete from item where ( item_restrict & %d ) and changed < UTC_TIMESTAMP() - INTERVAL 36 DAY", - intval(ITEM_PENDING_REMOVE) + $r = q("delete from item where ( item_restrict & %d )>0 and changed < %s - INTERVAL %s", + intval(ITEM_PENDING_REMOVE), + db_utcnow(), db_quoteinterval('36 DAY') ); // make this optional as it could have a performance impact on large sites diff --git a/include/externals.php b/include/externals.php index 280daf4a4..0be5d0fde 100644 --- a/include/externals.php +++ b/include/externals.php @@ -25,7 +25,8 @@ function externals_run($argv, $argc){ $url = $arr['url']; } else { - $r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d order by rand() limit 1", + $randfunc = db_getfunc('RAND'); + $r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d order by $randfunc limit 1", dbesc(z_root()), intval(DIRECTORY_MODE_STANDALONE) ); @@ -76,7 +77,7 @@ function externals_run($argv, $argc){ $x = z_fetch_url($feedurl); if(($x) && ($x['success'])) { - q("update site set site_pull = '%s' where site_url = '%s' limit 1", + q("update site set site_pull = '%s' where site_url = '%s'", dbesc(datetime_convert()), dbesc($url) ); @@ -99,12 +100,12 @@ $z = null; $flag_bits = ITEM_WALL|ITEM_ORIGIN|ITEM_UPLINK; // preserve the source - $r = q("update item set source_xchan = owner_xchan where id = %d limit 1", + $r = q("update item set source_xchan = owner_xchan where id = %d", intval($z[0]['id']) ); $r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s' - where id = %d limit 1", + where id = %d", intval($flag_bits), dbesc($sys['xchan_hash']), intval($z[0]['id']) diff --git a/include/follow.php b/include/follow.php index 421bdd083..1abd0e3b9 100644 --- a/include/follow.php +++ b/include/follow.php @@ -37,7 +37,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) // check service class limits - $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d) ", + $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ", intval($uid), intval(ABOOK_FLAG_SELF) ); @@ -203,7 +203,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) return $result; } - $r = q("select count(*) as total from abook where abook_account = %d and ( abook_flags & %d )", + $r = q("select count(*) as total from abook where abook_account = %d and ( abook_flags & %d )>0", intval($aid), intval(ABOOK_FLAG_FEED) ); @@ -226,7 +226,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) intval($uid) ); if($r) { - $x = q("update abook set abook_their_perms = %d where abook_id = %d limit 1", + $x = q("update abook set abook_their_perms = %d where abook_id = %d", intval($their_perms), intval($r[0]['abook_id']) ); diff --git a/include/group.php b/include/group.php index d4f08108f..28cf5d80d 100644 --- a/include/group.php +++ b/include/group.php @@ -18,10 +18,11 @@ function group_add($uid,$name,$public = 0) { intval($r) ); if(count($z) && $z[0]['deleted']) { - $r = q("UPDATE `groups` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1", + /*$r = q("UPDATE `groups` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1", intval($uid), dbesc($name) - ); + );*/ + q('UPDATE groups SET deleted = 0 WHERE id = %d', intval($z[0]['id'])); notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL); } return true; @@ -107,7 +108,7 @@ function group_rmv($uid,$name) { ); // remove group - $r = q("UPDATE `groups` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s' LIMIT 1", + $r = q("UPDATE `groups` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s'", intval($uid), dbesc($name) ); @@ -152,7 +153,7 @@ function group_rmv_member($uid,$name,$member) { return false; if(! ( $uid && $gid && $member)) return false; - $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND xchan = '%s' LIMIT 1 ", + $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND xchan = '%s' ", intval($uid), intval($gid), dbesc($member) @@ -199,7 +200,7 @@ function group_get_members($gid) { if(intval($gid)) { $r = q("SELECT * FROM `group_member` LEFT JOIN abook ON abook_xchan = `group_member`.`xchan` left join xchan on xchan_hash = abook_xchan - WHERE `gid` = %d AND abook_channel = %d and `group_member`.`uid` = %d and not ( xchan_flags & %d ) and not ( abook_flags & %d ) and not ( abook_flags & %d ) ORDER BY xchan_name ASC ", + WHERE `gid` = %d AND abook_channel = %d and `group_member`.`uid` = %d and not ( xchan_flags & %d )>0 and not ( abook_flags & %d )>0 and not ( abook_flags & %d )>0 ORDER BY xchan_name ASC ", intval($gid), intval(local_user()), intval(local_user()), diff --git a/include/hubloc.php b/include/hubloc.php index 0a1b51331..43187fcee 100644 --- a/include/hubloc.php +++ b/include/hubloc.php @@ -96,7 +96,7 @@ function remove_obsolete_hublocs() { ? intval(get_config('system','delivery_interval')) : 2 ); foreach($r as $rr) { - q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d limit 1", + q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d", intval(HUBLOC_FLAGS_DELETED), intval($rr['hubloc_id']) ); @@ -134,7 +134,7 @@ function hubloc_change_primary($hubloc) { dbesc($hubloc['hubloc_hash']) ); if(($r) && (! $r[0]['channel_primary'])) { - q("update channel set channel_primary = 1 where channel_id = %d limit 1", + q("update channel set channel_primary = 1 where channel_id = %d", intval($r[0]['channel_id']) ); } @@ -156,7 +156,7 @@ function hubloc_change_primary($hubloc) { $url = $hubloc['hubloc_url']; $lwebbie = substr($hubloc['hubloc_addr'],0,strpos($hubloc['hubloc_addr'],'@')); - $r = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_follow = '%s', xchan_connurl = '%s' where xchan_hash = '%s' limit 1", + $r = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_follow = '%s', xchan_connurl = '%s' where xchan_hash = '%s'", dbesc($hubloc['hubloc_addr']), dbesc($url . '/channel/' . $lwebbie), dbesc($url . '/follow?f=&url=%s'), @@ -214,7 +214,7 @@ function xchan_store($arr) { return $r; $photos = import_profile_photo($arr['photo'],$arr['hash']); - $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' limit 1", + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($photos[0]), dbesc($photos[1]), diff --git a/include/identity.php b/include/identity.php index c8b5a3679..a238959a5 100644 --- a/include/identity.php +++ b/include/identity.php @@ -22,7 +22,7 @@ require_once('include/crypto.php'); function identity_check_service_class($account_id) { $ret = array('success' => false, $message => ''); - $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d ) ", + $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d )>0 ", intval($account_id), intval(PAGE_REMOVED) ); @@ -104,7 +104,7 @@ function create_sys_channel() { } function get_sys_channel() { - $r = q("select * from channel left join xchan on channel_hash = xchan_hash where (channel_pageflags & %d) limit 1", + $r = q("select * from channel left join xchan on channel_hash = xchan_hash where (channel_pageflags & %d)>0 limit 1", intval(PAGE_SYSTEM) ); if($r) @@ -132,7 +132,7 @@ function is_sys_channel($channel_id) { */ function channel_total() { - $r = q("select channel_id from channel where not ( channel_pageflags & %d )", + $r = q("select channel_id from channel where not ( channel_pageflags & %d )>0", intval(PAGE_REMOVED) ); @@ -395,7 +395,7 @@ function create_identity($arr) { dbesc( t('Friends') ) ); if($r) { - q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d limit 1", + q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval($newuid) @@ -451,7 +451,7 @@ function set_default_login_identity($account_id,$channel_id,$force = true) { ); if($r) { if((intval($r[0]['account_default_channel']) == 0) || ($force)) { - $r = q("update account set account_default_channel = %d where account_id = %d limit 1", + $r = q("update account set account_default_channel = %d where account_id = %d", intval($channel_id), intval($account_id) ); @@ -589,7 +589,7 @@ function identity_basic_export($channel_id, $items = false) { // warning: this may run into memory limits on smaller systems - $r = q("select * from item where (item_flags & %d) and not (item_restrict & %d) and uid = %d", + $r = q("select * from item where (item_flags & %d)>0 and not (item_restrict & %d)>0 and uid = %d", intval(ITEM_WALL), intval(ITEM_DELETED), intval($channel_id) @@ -678,7 +678,7 @@ function profile_load(&$a, $nickname, $profile = '') { if(! $p) { $p = q("SELECT profile.uid AS profile_uid, profile.*, channel.* FROM profile LEFT JOIN channel ON profile.uid = channel.channel_id - WHERE channel.channel_address = '%s' and not ( channel_pageflags & %d ) + WHERE channel.channel_address = '%s' and not ( channel_pageflags & %d )>0 AND profile.is_default = 1 LIMIT 1", dbesc($nickname), intval(PAGE_REMOVED) @@ -1473,7 +1473,7 @@ function get_channel_by_nick($nick) { function identity_selector() { if(local_user()) { - $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and not ( channel_pageflags & %d ) order by channel_name ", + $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and not ( channel_pageflags & %d )>0 order by channel_name ", intval(get_account_id()), intval(PAGE_REMOVED) ); @@ -1553,7 +1553,7 @@ function notifications_off($channel_id) { $r = q("select channel_notifyflags from channel where channel_id = %d limit 1", intval($channel_id) ); - $x = q("update channel set channel_notifyflags = 0 where channel_id = %d limit 1", + $x = q("update channel set channel_notifyflags = 0 where channel_id = %d", intval($channel_id) ); @@ -1563,7 +1563,7 @@ function notifications_off($channel_id) { function notifications_on($channel_id,$value) { - $x = q("update channel set channel_notifyflags = %d where channel_id = %d limit 1", + $x = q("update channel set channel_notifyflags = %d where channel_id = %d", intval($value), intval($channel_id) ); diff --git a/include/items.php b/include/items.php index 7e2bb4f18..6447de4e7 100755 --- a/include/items.php +++ b/include/items.php @@ -30,7 +30,7 @@ function collect_recipients($item,&$private_envelope) { // as that would allow the denied person to see the post by logging out. if((! $item['allow_cid']) && (! $item['allow_gid'])) { - $r = q("select * from abook where abook_channel = %d and not (abook_flags & %d) ", + $r = q("select * from abook where abook_channel = %d and not (abook_flags & %d)>0 ", intval($item['uid']), intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED) ); @@ -68,7 +68,7 @@ function collect_recipients($item,&$private_envelope) { $private_envelope = false; if(array_key_exists('public_policy',$item) && $item['public_policy'] !== 'self') { - $r = q("select abook_xchan, xchan_network from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d) ", + $r = q("select abook_xchan, xchan_network from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d)>0 ", intval($item['uid']), intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED) ); @@ -258,7 +258,7 @@ function add_source_route($iid,$hash) { ); if($r) { $new_route = (($r[0]['route']) ? $r[0]['route'] . ',' : '') . $hash; - q("update item set route = '%s' where id = %d limit 1", + q("update item set route = '%s' where id = %d", (dbesc($new_route)), intval($iid) ); @@ -969,7 +969,7 @@ function import_author_rss($x) { $photos = import_profile_photo($x['photo']['src'],$x['url']); if($photos) { - $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'rss' limit 1", + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'rss'", dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])), dbesc($photos[0]), dbesc($photos[1]), @@ -1014,7 +1014,7 @@ function import_author_unknown($x) { $photos = import_profile_photo($x['photo']['src'],$x['url']); if($photos) { - $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'unknown' limit 1", + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'unknown'", dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])), dbesc($photos[0]), dbesc($photos[1]), @@ -2213,7 +2213,7 @@ function item_store($arr,$allow_exec = false) { $r = q("UPDATE item SET parent = %d, allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', public_policy = '%s', item_private = %d, comments_closed = '%s' - WHERE id = %d LIMIT 1", + WHERE id = %d", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), @@ -2258,13 +2258,13 @@ function item_store($arr,$allow_exec = false) { // update the commented timestamp on the parent - $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and not ( item_restrict & %d ) ", + $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and not ( item_restrict & %d )>0 ", dbesc($arr['parent_mid']), intval($arr['uid']), intval(ITEM_DELAYED_PUBLISH) ); - q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d LIMIT 1", + q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d", dbesc(($z) ? $z[0]['commented'] : (datetime_convert())), dbesc(datetime_convert()), intval($parent_id) @@ -2476,7 +2476,7 @@ function item_store_update($arr,$allow_exec = false) { $str .= " `" . $k . "` = '" . $v . "' "; } - $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id . " limit 1"); + $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id ); if($r) logger('item_store_update: updated item ' . $orig_post_id, LOGGER_DEBUG); @@ -2553,7 +2553,7 @@ function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id, $key = get_config('system','pubkey'); $y = crypto_encapsulate(json_encode($x),$key); - $r = q("update item set diaspora_meta = '%s' where id = %d limit 1", + $r = q("update item set diaspora_meta = '%s' where id = %d", dbesc(json_encode($y)), intval($post_id) ); @@ -2749,7 +2749,7 @@ function tag_deliver($uid,$item_id) { $taglink = get_rel_link($j_obj['link'],'alternate'); store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_HASHTAG,$j_obj['title'],$j_obj['id']); - $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d limit 1", + $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -2815,7 +2815,7 @@ function tag_deliver($uid,$item_id) { if($mention) { logger('tag_deliver: mention found for ' . $u[0]['channel_name']); - $r = q("update item set item_flags = ( item_flags | %d ) where id = %d limit 1", + $r = q("update item set item_flags = ( item_flags | %d ) where id = %d", intval(ITEM_MENTIONSME), intval($item_id) ); @@ -2930,7 +2930,7 @@ function tgroup_check($uid,$item) { // or is a followup and we have already accepted the top level post as an uplink if($item['mid'] != $item['parent_mid']) { - $r = q("select id from item where mid = '%s' and uid = %d and ( item_flags & %d ) limit 1", + $r = q("select id from item where mid = '%s' and uid = %d and ( item_flags & %d )>0 limit 1", dbesc($item['parent_mid']), intval($uid), intval(ITEM_UPLINK) @@ -3028,14 +3028,14 @@ function start_delivery_chain($channel,$item,$item_id,$parent) { // when we created the delivery fork if($parent) { - $r = q("update item set source_xchan = '%s' where id = %d limit 1", + $r = q("update item set source_xchan = '%s' where id = %d", dbesc($parent['source_xchan']), intval($item_id) ); } else { $flag_bits = $flag_bits | ITEM_UPLINK; - $r = q("update item set source_xchan = owner_xchan where id = %d limit 1", + $r = q("update item set source_xchan = owner_xchan where id = %d", intval($item_id) ); } @@ -3065,7 +3065,7 @@ function start_delivery_chain($channel,$item,$item_id,$parent) { } $r = q("update item set item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', - deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s' where id = %d limit 1", + deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s' where id = %d", intval($flag_bits), dbesc($channel['channel_hash']), dbesc($channel['channel_allow_cid']), @@ -3105,7 +3105,7 @@ function start_delivery_chain($channel,$item,$item_id,$parent) { function check_item_source($uid,$item) { - $r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' || src_xchan = '*' ) limit 1", + $r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' or src_xchan = '*' ) limit 1", intval($uid), dbesc(($item['source_xchan']) ? $item['source_xchan'] : $item['owner_xchan']) ); @@ -3845,17 +3845,17 @@ function item_expire($uid,$days) { $expire_network_only = 1; - $sql_extra = ((intval($expire_network_only)) ? " AND not (item_flags & " . intval(ITEM_WALL) . ") " : ""); + $sql_extra = ((intval($expire_network_only)) ? " AND not (item_flags & " . intval(ITEM_WALL) . ")>0 " : ""); $r = q("SELECT * FROM `item` WHERE `uid` = %d - AND `created` < UTC_TIMESTAMP() - INTERVAL %d DAY + AND `created` < %s - INTERVAL %s AND `id` = `parent` $sql_extra - AND NOT ( item_flags & %d ) + AND NOT ( item_flags & %d )>0 AND (item_restrict = 0 ) ", intval($uid), - intval($days), + db_utcnow(), db_quoteinterval(intval($days).' DAY'), intval(ITEM_RETAINED) ); @@ -3893,7 +3893,7 @@ function item_expire($uid,$days) { } function retain_item($id) { - $r = q("update item set item_flags = (item_flags | %d ) where id = %d limit 1", + $r = q("update item set item_flags = (item_flags | %d ) where id = %d", intval(ITEM_RETAINED), intval($id) ); @@ -3969,7 +3969,7 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { // set the deleted flag immediately on this item just in case the // hook calls a remote process which loops. We'll delete it properly in a second. - $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ) WHERE id = %d LIMIT 1", + $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ) WHERE id = %d", intval(ITEM_DELETED), intval($item['id']) ); @@ -4026,7 +4026,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { switch($stage) { case DROPITEM_PHASE2: $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '', - changed = '%s', edited = '%s' WHERE id = %d LIMIT 1", + changed = '%s', edited = '%s' WHERE id = %d", intval(ITEM_PENDING_REMOVE), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -4036,7 +4036,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { case DROPITEM_PHASE1: $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), - changed = '%s', edited = '%s' WHERE id = %d LIMIT 1", + changed = '%s', edited = '%s' WHERE id = %d", intval(ITEM_DELETED), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -4047,7 +4047,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { case DROPITEM_NORMAL: default: $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '', - changed = '%s', edited = '%s' WHERE id = %d LIMIT 1", + changed = '%s', edited = '%s' WHERE id = %d", intval(ITEM_DELETED), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -4059,7 +4059,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { // immediately remove any undesired profile likes. - q("delete from likes where iid = %d and channel_id = %d limit 1", + q("delete from likes where iid = %d and channel_id = %d", intval($item['id']), intval($item['uid']) ); @@ -4070,7 +4070,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { if(strlen($item['resource_id'])) { if($item['resource_type'] === 'event') { - q("delete from event where event_hash = '%s' and uid = %d limit 1", + q("delete from event where event_hash = '%s' and uid = %d", dbesc($item['resource_id']), intval($item['uid']) ); @@ -4090,12 +4090,12 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { if($stage == DROPITEM_PHASE1) return true; - $r = q("delete from term where otype = %d and oid = %d limit 1", + $r = q("delete from term where otype = %d and oid = %d", intval(TERM_OBJ_POST), intval($item['id']) ); - q("delete from item_id where iid = %d and uid = %d limit 1", + q("delete from item_id where iid = %d and uid = %d", intval($item['id']), intval($item['uid']) ); @@ -4114,7 +4114,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { function first_post_date($uid,$wall = false) { - $wall_sql = (($wall) ? sprintf(" and item_flags & %d ", ITEM_WALL) : "" ); + $wall_sql = (($wall) ? sprintf(" and (item_flags & %d)>0 ", ITEM_WALL) : "" ); $r = q("select id, created from item where item_restrict = %d and uid = %d and id = parent $wall_sql @@ -4308,19 +4308,19 @@ function zot_feed($uid,$observer_xchan,$arr) { if(is_sys_channel($uid)) { require_once('include/security.php'); - $r = q("SELECT distinct parent from item + $r = q("SELECT distinct parent, created from item WHERE uid != %d and uid in (" . stream_perms_api_uids(PERMS_PUBLIC) . ") AND item_restrict = 0 - AND (item_flags & %d) + AND (item_flags & %d)>0 and item_private = 0 $sql_extra ORDER BY created ASC $limit", intval($uid), intval(ITEM_WALL) ); } else { - $r = q("SELECT distinct parent from item + $r = q("SELECT distinct parent, created from item WHERE uid = %d AND item_restrict = 0 - AND (item_flags & %d) + AND (item_flags & %d)>0 $sql_extra ORDER BY created ASC $limit", intval($uid), intval(ITEM_WALL) @@ -4383,12 +4383,12 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } if($arr['star']) - $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ") "; + $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ")>0 "; if($arr['wall']) - $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ") "; + $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ")>0 "; - $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") $sql_options ) "; + $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ")>0 $sql_options ) "; if($arr['since_id']) $sql_extra .= " and item.id > " . $since_id . " "; @@ -4426,7 +4426,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } elseif($arr['cid'] && $uid) { - $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ") limit 1", + $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ")>0 limit 1", intval($arr['cid']), intval(local_user()) ); @@ -4466,7 +4466,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } if($arr['conv'] && $channel) { - $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d ))) ", + $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d )>0)) ", dbesc(protect_sprintf($uidhash)), intval(ITEM_MENTIONSME) ); @@ -4482,11 +4482,11 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C else { $itemspage = (($channel) ? get_pconfig($uid,'system','itemspage') : 20); $a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20)); - $pager_sql = sprintf(" LIMIT %d, %d ",intval(get_app()->pager['start']), intval(get_app()->pager['itemspage'])); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(get_app()->pager['itemspage']), intval(get_app()->pager['start'])); } if(isset($arr['start']) && isset($arr['records'])) - $pager_sql = sprintf(" LIMIT %d, %d ",intval($arr['start']), intval($arr['records'])); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($arr['records']), intval($arr['start'])); if(array_key_exists('cmin',$arr) || array_key_exists('cmax',$arr)) { if(($arr['cmin'] != 0) || ($arr['cmax'] != 99)) { @@ -4508,7 +4508,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } } - $simple_update = (($client_mode & CLIENT_MODE_UPDATE) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : ''); + $simple_update = (($client_mode & CLIENT_MODE_UPDATE) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " )>0 " : ''); if($client_mode & CLIENT_MODE_LOAD) $simple_update = ''; @@ -4552,7 +4552,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C // Fetch a page full of parent items for this page - $r = q("SELECT distinct item.id AS item_id FROM item + $r = q("SELECT distinct item.id AS item_id, item.$ordering FROM item left join abook on item.author_xchan = abook.abook_xchan WHERE $item_uids $item_restrict AND item.parent = item.id @@ -4650,7 +4650,7 @@ function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remo dbesc($page_type) ); if($r) { - q("update item_id set sid = '%s' where id = %d limit 1", + q("update item_id set sid = '%s' where id = %d", dbesc(($pagetitle) ? $pagetitle : substr($mid,0,16)), intval($r[0]['id']) ); @@ -4681,7 +4681,7 @@ function item_add_cid($xchan_hash,$mid,$uid) { dbesc('<' . $xchan_hash . '>') ); if(! $r) { - $r = q("update item set allow_cid = concat(allow_cid,'%s') where mid = '%s' and uid = %d limit 1", + $r = q("update item set allow_cid = concat(allow_cid,'%s') where mid = '%s' and uid = %d", dbesc('<' . $xchan_hash . '>'), dbesc($mid), intval($uid) @@ -4696,7 +4696,7 @@ function item_remove_cid($xchan_hash,$mid,$uid) { dbesc('<' . $xchan_hash . '>') ); if($r) { - $x = q("update item set allow_cid = '%s' where mid = '%s' and uid = %d limit 1", + $x = q("update item set allow_cid = '%s' where mid = '%s' and uid = %d", dbesc(str_replace('<' . $xchan_hash . '>','',$r[0]['allow_cid'])), dbesc($mid), intval($uid) diff --git a/include/menu.php b/include/menu.php index 8997d2e39..9dc236605 100644 --- a/include/menu.php +++ b/include/menu.php @@ -176,7 +176,7 @@ function menu_edit($arr) { } return q("update menu set menu_name = '%s', menu_desc = '%s', menu_flags = %d - where menu_id = %d and menu_channel_id = %d limit 1", + where menu_id = %d and menu_channel_id = %d", dbesc($menu_name), dbesc($menu_desc), intval($menu_flags), @@ -303,7 +303,7 @@ function menu_edit_item($menu_id, $uid, $arr) { } - $r = q("update menu_item set mitem_link = '%s', mitem_desc = '%s', mitem_flags = %d, allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', mitem_order = %d where mitem_channel_id = %d and mitem_menu_id = %d and mitem_id = %d limit 1", + $r = q("update menu_item set mitem_link = '%s', mitem_desc = '%s', mitem_flags = %d, allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', mitem_order = %d where mitem_channel_id = %d and mitem_menu_id = %d and mitem_id = %d", dbesc($mitem_link), dbesc($mitem_desc), intval($mitem_flags), @@ -323,7 +323,7 @@ function menu_edit_item($menu_id, $uid, $arr) { function menu_del_item($menu_id,$uid,$item_id) { - $r = q("delete from menu_item where mitem_menu_id = %d and mitem_channel_id = %d and mitem_id = %d limit 1", + $r = q("delete from menu_item where mitem_menu_id = %d and mitem_channel_id = %d and mitem_id = %d", intval($menu_id), intval($uid), intval($item_id) diff --git a/include/message.php b/include/message.php index b063530d6..49278f273 100644 --- a/include/message.php +++ b/include/message.php @@ -243,7 +243,7 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) { $limit = ''; if($numitems) - $limit = " LIMIT " . intval($start) . ", " . intval($numitems); + $limit = " LIMIT " . intval($numitems) . " OFFSET " . intval($start); if($mailbox !== '') { $x = q("select channel_hash from channel where channel_id = %d limit 1", @@ -332,7 +332,7 @@ function private_messages_fetch_message($channel_id, $messageitem_id, $updatesee } if($updateseen) { - $r = q("UPDATE `mail` SET mail_flags = (mail_flags ^ %d) where not (mail_flags & %d) and id = %d AND channel_id = %d", + $r = q("UPDATE `mail` SET mail_flags = (mail_flags | %d) where not (mail_flags & %d)>0 and id = %d AND channel_id = %d", intval(MAIL_SEEN), intval(MAIL_SEEN), dbesc($messageitem_id), @@ -363,7 +363,7 @@ function private_messages_drop($channel_id, $messageitem_id, $drop_conversation } } else { - $r = q("DELETE FROM mail WHERE id = %d AND channel_id = %d LIMIT 1", + $r = q("DELETE FROM mail WHERE id = %d AND channel_id = %d", intval($messageitem_id), intval($channel_id) ); @@ -421,7 +421,7 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda if($updateseen) { - $r = q("UPDATE `mail` SET mail_flags = (mail_flags ^ %d) where not (mail_flags & %d) and parent_mid = '%s' AND channel_id = %d", + $r = q("UPDATE `mail` SET mail_flags = (mail_flags | %d) where not (mail_flags & %d)>0 and parent_mid = '%s' AND channel_id = %d", intval(MAIL_SEEN), intval(MAIL_SEEN), dbesc($r[0]['parent_mid']), diff --git a/include/nav.php b/include/nav.php index 4c3da2195..b4aa0f14a 100644 --- a/include/nav.php +++ b/include/nav.php @@ -38,7 +38,7 @@ EOT; intval($channel['channel_id']) ); - $chans = q("select channel_name, channel_id from channel where channel_account_id = %d and not ( channel_pageflags & %d ) order by channel_name ", + $chans = q("select channel_name, channel_id from channel where channel_account_id = %d and not ( channel_pageflags & %d )>0 order by channel_name ", intval(get_account_id()), intval(PAGE_REMOVED) ); diff --git a/include/network.php b/include/network.php index 25ed615c6..ee2a6a59b 100644 --- a/include/network.php +++ b/include/network.php @@ -991,7 +991,7 @@ function discover_by_url($url,$arr = null) { ); $photos = import_profile_photo($photo,$guid); - $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' limit 1", + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($photos[0]), dbesc($photos[1]), @@ -1104,7 +1104,7 @@ function discover_by_webbie($webbie) { dbesc($vcard['fn']), dbesc($network), dbesc(z_root()), - dbesc(datetime_convert()) + dbescdate(datetime_convert()) ); $r = q("select * from hubloc where hubloc_hash = '%s' limit 1", @@ -1119,13 +1119,13 @@ function discover_by_webbie($webbie) { dbesc(trim($diaspora_base,'/')), dbesc($hostname), dbesc($notify), - dbesc(datetime_convert()), + dbescdate(datetime_convert()), intval(HUBLOC_FLAGS_PRIMARY) ); } $photos = import_profile_photo($vcard['photo'],$addr); - $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' limit 1", - dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])), + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", + dbescdate(datetime_convert('UTC','UTC',$arr['photo_updated'])), dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), diff --git a/include/notifier.php b/include/notifier.php index c193db116..cb97fcdf8 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -99,7 +99,7 @@ function notifier_run($argv, $argc){ // Get the recipient $r = q("select abook.*, hubloc.* from abook left join hubloc on hubloc_hash = abook_xchan - where abook_id = %d and not ( abook_flags & %d ) limit 1", + where abook_id = %d and not ( abook_flags & %d )>0 limit 1", intval($item_id), intval(ABOOK_FLAG_SELF) ); @@ -205,11 +205,12 @@ function notifier_run($argv, $argc){ $normal_mode = false; $expire = true; - $items = q("SELECT * FROM item WHERE uid = %d AND ( item_flags & %d ) - AND ( item_restrict & %d ) AND `changed` > UTC_TIMESTAMP() - INTERVAL 10 MINUTE", + $items = q("SELECT * FROM item WHERE uid = %d AND ( item_flags & %d )>0 + AND ( item_restrict & %d )>0 AND `changed` > %s - INTERVAL %s", intval($item_id), intval(ITEM_WALL), - intval(ITEM_DELETED) + intval(ITEM_DELETED), + db_utcnow(), db_quoteinterval('10 MINUTE') ); $uid = $item_id; $item_id = 0; @@ -495,13 +496,19 @@ function notifier_run($argv, $argc){ where hubloc_hash in (" . implode(',',$recipients) . ") group by hubloc_sitekey order by hubloc_connected desc limit 1"); } else { - + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $r = q("select distinct on (hubloc_sitekey) hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host from hubloc + where hubloc_hash in (" . implode(',',$recipients) . ") and not (hubloc_flags & %d)>0 and not (hubloc_status & %d)>0", + intval(HUBLOC_FLAGS_DELETED), + intval(HUBLOC_OFFLINE) + ); + } else { $r = q("select hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host from hubloc - where hubloc_hash in (" . implode(',',$recipients) . ") and not (hubloc_flags & %d) and not (hubloc_status & %d) group by hubloc_sitekey", + where hubloc_hash in (" . implode(',',$recipients) . ") and not (hubloc_flags & %d)>0 and not (hubloc_status & %d)>0 group by hubloc_sitekey", intval(HUBLOC_FLAGS_DELETED), intval(HUBLOC_OFFLINE) ); - + } } if(! $r) { diff --git a/include/onedirsync.php b/include/onedirsync.php index 8ae1df5e5..09c4c9d9a 100644 --- a/include/onedirsync.php +++ b/include/onedirsync.php @@ -35,13 +35,13 @@ function onedirsync_run($argv, $argc){ // (where we received this update from) ? // If we have, we don't need to do anything except mark any older entries updated - $x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d ) order by ud_date desc limit 1", + $x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d )>0 order by ud_date desc limit 1", dbesc($r[0]['ud_addr']), dbesc($r[0]['ud_date']), intval(UPDATE_FLAGS_UPDATED) ); if($x) { - $y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not ( ud_flags & %d ) and ud_date < '%s' ", + $y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not ( ud_flags & %d )>0 and ud_date < '%s' ", intval(UPDATE_FLAGS_UPDATED), dbesc($r[0]['ud_addr']), intval(UPDATE_FLAGS_UPDATED), diff --git a/include/onepoll.php b/include/onepoll.php index 7a81282b3..095edd095 100644 --- a/include/onepoll.php +++ b/include/onepoll.php @@ -28,8 +28,8 @@ function onepoll_run($argv, $argc){ $contacts = q("SELECT abook.*, xchan.*, account.* FROM abook LEFT JOIN account on abook_account = account_id left join xchan on xchan_hash = abook_xchan where abook_id = %d - AND (( abook_flags & %d ) OR ( abook_flags = %d )) - AND NOT ( abook_flags & %d ) + AND (( abook_flags & %d )>0 OR ( abook_flags = %d )) + AND NOT ( abook_flags & %d )>0 AND (( account_flags = %d ) OR ( account_flags = %d )) limit 1", intval($contact_id), intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_UNCONNECTED|ABOOK_FLAG_FEED), @@ -69,7 +69,7 @@ function onepoll_run($argv, $argc){ if($contact['xchan_network'] === 'rss') { logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG); handle_feed($importer['channel_id'],$contact_id,$contact['xchan_hash']); - q("update abook set abook_connected = '%s' where abook_id = %d limit 1", + q("update abook set abook_connected = '%s' where abook_id = %d", dbesc(datetime_convert()), intval($contact['abook_id']) ); @@ -88,13 +88,13 @@ function onepoll_run($argv, $argc){ $connected = datetime_convert(); if(! $x) { // mark for death by not updating abook_connected, this is caught in include/poller.php - q("update abook set abook_updated = '%s' where abook_id = %d limit 1", + q("update abook set abook_updated = '%s' where abook_id = %d", dbesc($updated), intval($contact['abook_id']) ); } else { - q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d limit 1", + q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d", dbesc($updated), dbesc($connected), intval($contact['abook_id']) @@ -145,8 +145,9 @@ function onepoll_run($argv, $argc){ if($contact['xchan_connurl']) { $r = q("SELECT xlink_id from xlink - where xlink_xchan = '%s' and xlink_updated > UTC_TIMESTAMP() - INTERVAL 1 DAY limit 1", - intval($contact['xchan_hash']) + where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s limit 1", + intval($contact['xchan_hash']), + db_utcnow(), db_quoteinterval('1 DAY') ); if(! $r) { poco_load($contact['xchan_hash'],$contact['xchan_connurl']); diff --git a/include/permissions.php b/include/permissions.php index 119ecc865..0ad28b3f1 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -97,7 +97,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) { if(! $abook_checked) { $x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash - where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1", + where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1", intval($uid), dbesc($observer_xchan), intval(ABOOK_FLAG_SELF) @@ -269,7 +269,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) { return true; $x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash - where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1", + where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1", intval($uid), dbesc($observer_xchan), intval(ABOOK_FLAG_SELF) diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index 508d82957..e63125671 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -341,7 +341,7 @@ abstract class photo_driver { `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' - where id = %d limit 1", + where id = %d", intval($p['aid']), intval($p['uid']), @@ -354,7 +354,7 @@ abstract class photo_driver { dbesc($p['album']), intval($this->getHeight()), intval($this->getWidth()), - dbesc($this->imageString()), + dbescbin($this->imageString()), intval(strlen($this->imageString())), intval($p['scale']), intval($p['profile']), @@ -383,7 +383,7 @@ abstract class photo_driver { dbesc($p['album']), intval($this->getHeight()), intval($this->getWidth()), - dbesc($this->imageString()), + dbescbin($this->imageString()), intval(strlen($this->imageString())), intval($p['scale']), intval($p['profile']), @@ -428,7 +428,7 @@ abstract class photo_driver { `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' - where id = %d limit 1", + where id = %d", intval($aid), intval($uid), @@ -441,7 +441,7 @@ abstract class photo_driver { dbesc($album), intval($this->getHeight()), intval($this->getWidth()), - dbesc($this->imageString()), + dbescbin($this->imageString()), intval(strlen($this->imageString())), intval($scale), intval($profile), @@ -467,7 +467,7 @@ abstract class photo_driver { dbesc($album), intval($this->getHeight()), intval($this->getWidth()), - dbesc($this->imageString()), + dbescbin($this->imageString()), intval(strlen($this->imageString())), intval($scale), intval($profile), @@ -562,7 +562,7 @@ function import_profile_photo($photo,$xchan,$thing = false) { if($thing) $hash = photo_new_resource(); else { - $r = q("select resource_id from photo where xchan = '%s' and (photo_flags & %d ) and scale = 4 limit 1", + $r = q("select resource_id from photo where xchan = '%s' and (photo_flags & %d )>0 and scale = 4 limit 1", dbesc($xchan), intval(PHOTO_XCHAN) ); diff --git a/include/photos.php b/include/photos.php index 23c1ea826..2393153c6 100644 --- a/include/photos.php +++ b/include/photos.php @@ -44,9 +44,10 @@ function photo_upload($channel, $observer, $args) { * */ - $r = q("SELECT * FROM photo WHERE album = '%s' AND uid = %d AND created > UTC_TIMESTAMP() - INTERVAL 3 HOUR ", + $r = q("SELECT * FROM photo WHERE album = '%s' AND uid = %d AND created > %s - INTERVAL %s ", dbesc($album), - intval($channel_id) + intval($channel_id), + db_utcnow(), db_quoteinterval('3 HOUR') ); if((! $r) || ($album == t('Profile Photos'))) $visible = 1; @@ -291,7 +292,7 @@ function photos_albums_list($channel,$observer) { $sql_extra = permissions_sql($channel_id); - $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and ( photo_flags = %d or photo_flags = %d ) $sql_extra group by album order by created desc", + $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and ( photo_flags = %d or photo_flags = %d ) $sql_extra group by album order by max(created) desc", intval($channel_id), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE) diff --git a/include/plugin.php b/include/plugin.php index 4f9ab71da..e500ccc56 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -102,7 +102,7 @@ function load_plugin($plugin) { // This way the system won't fall over dead during the update. if(file_exists('addon/' . $plugin . '/.hidden')) { - q("update addon set hidden = 1 where name = '%s' limit 1", + q("update addon set hidden = 1 where name = '%s'", dbesc($plugin) ); } @@ -158,7 +158,7 @@ function reload_plugins() { $func = $pl . '_load'; $func(); } - q("UPDATE `addon` SET `timestamp` = %d WHERE `id` = %d LIMIT 1", + q("UPDATE `addon` SET `timestamp` = %d WHERE `id` = %d", intval($t), intval($i['id']) ); @@ -208,7 +208,7 @@ function register_hook($hook, $file, $function, $priority = 0) { * @return mixed */ function unregister_hook($hook, $file, $function) { - $r = q("DELETE FROM hook WHERE hook = '%s' AND `file` = '%s' AND `function` = '%s' LIMIT 1", + $r = q("DELETE FROM hook WHERE hook = '%s' AND `file` = '%s' AND `function` = '%s'", dbesc($hook), dbesc($file), dbesc($function) diff --git a/include/poller.php b/include/poller.php index 026d84c62..952431926 100644 --- a/include/poller.php +++ b/include/poller.php @@ -44,15 +44,17 @@ function poller_run($argv, $argc){ // expire any expired mail - q("delete from mail where expires != '%s' and expires < UTC_TIMESTAMP() ", - dbesc(NULL_DATE) + q("delete from mail where expires != '%s' and expires < %s ", + dbesc(NULL_DATE), + db_utcnow() ); // expire any expired items - $r = q("select id from item where expires != '%s' and expires < UTC_TIMESTAMP() - and not ( item_restrict & %d ) ", + $r = q("select id from item where expires != '%s' and expires < %s + and not ( item_restrict & %d )>0 ", dbesc(NULL_DATE), + db_utcnow(), intval(ITEM_DELETED) ); if($r) { @@ -66,7 +68,9 @@ function poller_run($argv, $argc){ // channels and sites that quietly vanished and prevent the directory from accumulating stale // or dead entries. - $r = q("select channel_id from channel where channel_dirdate < UTC_TIMESTAMP() - INTERVAL 30 DAY"); + $r = q("select channel_id from channel where channel_dirdate < %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('30 DAY') + ); if($r) { foreach($r as $rr) { proc_run('php','include/directory.php',$rr['channel_id'],'force'); @@ -78,12 +82,13 @@ function poller_run($argv, $argc){ // publish any applicable items that were set to be published in the future // (time travel posts) - $r = q("select id from item where ( item_restrict & %d ) and created <= UTC_TIMESTAMP() ", - intval(ITEM_DELAYED_PUBLISH) + $r = q("select id from item where ( item_restrict & %d )>0 and created <= %s ", + intval(ITEM_DELAYED_PUBLISH), + db_utcnow() ); if($r) { foreach($r as $rr) { - $x = q("update item set item_restrict = ( item_restrict ^ %d ) where id = %d limit 1", + $x = q("update item set item_restrict = ( item_restrict & ~%d ) where id = %d", intval(ITEM_DELAYED_PUBLISH), intval($rr['id']) ); @@ -167,7 +172,9 @@ function poller_run($argv, $argc){ // expire any read notifications over a month old - q("delete from notify where seen = 1 and date < UTC_TIMESTAMP() - INTERVAL 30 DAY"); + q("delete from notify where seen = 1 and date < %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('30 DAY') + ); // expire any expired accounts downgrade_accounts(); @@ -199,13 +206,15 @@ function poller_run($argv, $argc){ // This should be rare $r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = '' - and xchan_photo_date < UTC_TIMESTAMP() - INTERVAL 1 DAY"); + and xchan_photo_date < %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('1 DAY') + ); if($r) { require_once('include/photo/photo_driver.php'); foreach($r as $rr) { $photos = import_profile_photo($rr['xchan_photo_l'],$rr['xchan_hash']); $x = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' - where xchan_hash = '%s' limit 1", + where xchan_hash = '%s'", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), @@ -258,16 +267,17 @@ function poller_run($argv, $argc){ // Only poll from those with suitable relationships $abandon_sql = (($abandon_days) - ? sprintf(" AND account_lastlog > UTC_TIMESTAMP() - INTERVAL %d DAY ", intval($abandon_days)) + ? sprintf(" AND account_lastlog > %s - INTERVAL %s ", db_utcnow(), db_quoteinterval(intval($abandon_days).' DAY')) : '' ); - + $randfunc = (ACTIVE_DBTYPE == DBTYPE_POSTGRES) ? 'RANDOM()' : 'RAND()'; + $contacts = q("SELECT abook_id, abook_flags, abook_updated, abook_connected, abook_closeness, abook_xchan, abook_channel - FROM abook LEFT JOIN account on abook_account = account_id where 1 + FROM abook LEFT JOIN account on abook_account = account_id $sql_extra - AND (( abook_flags & %d ) OR ( abook_flags = %d )) - AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY RAND()", + AND (( abook_flags & %d )>0 OR ( abook_flags = %d )) + AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY $randfunc", intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_UNCONNECTED|ABOOK_FLAG_FEED), intval(0), intval(ACCOUNT_OK), @@ -309,7 +319,7 @@ function poller_run($argv, $argc){ // if we've never connected with them, start the mark for death countdown from now if($c == NULL_DATE) { - $r = q("update abook set abook_connected = '%s' where abook_id = %d limit 1", + $r = q("update abook set abook_connected = '%s' where abook_id = %d", dbesc(datetime_convert()), intval($contact['abook_id']) ); @@ -324,7 +334,7 @@ function poller_run($argv, $argc){ dbesc($contact['abook_xchan']) ); if($n && $n[0]['xchan_network'] == 'zot') { - $r = q("update abook set abook_flags = (abook_flags | %d) where abook_id = %d limit 1", + $r = q("update abook set abook_flags = (abook_flags | %d) where abook_id = %d", intval(ABOOK_FLAG_ARCHIVED), intval($contact['abook_id']) ); @@ -365,9 +375,10 @@ function poller_run($argv, $argc){ } if($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) { - $r = q("select distinct ud_addr, updates.* from updates where not ( ud_flags & %d ) and ud_addr != '' and ( ud_last = '%s' OR ud_last > UTC_TIMESTAMP() - INTERVAL 7 DAY ) group by ud_addr ", + $r = q("select distinct ud_addr, updates.* from updates where not ( ud_flags & %d )>0 and ud_addr != '' and ( ud_last = '%s' OR ud_last > %s - INTERVAL %s ) group by ud_addr ", intval(UPDATE_FLAGS_UPDATED), - dbesc(NULL_DATE) + dbesc(NULL_DATE), + db_utcnow(), db_quoteinterval('7 DAY') ); if($r) { foreach($r as $rr) { diff --git a/include/queue.php b/include/queue.php index 222ebada4..b6a540ef9 100644 --- a/include/queue.php +++ b/include/queue.php @@ -22,7 +22,9 @@ function queue_run($argv, $argc){ logger('queue: start'); - $r = q("DELETE FROM outq WHERE outq_created < UTC_TIMESTAMP() - INTERVAL 3 DAY"); + $r = q("DELETE FROM outq WHERE outq_created < %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('3 DAY') + ); if($queue_id) { $r = q("SELECT * FROM outq WHERE outq_hash = '%s' LIMIT 1", @@ -37,8 +39,18 @@ function queue_run($argv, $argc){ // so that we don't start off a thousand deliveries for a couple of dead hubs. // The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made). // Other drivers will have to do something different here and may need their own query. - - $r = q("SELECT * FROM outq WHERE outq_delivered = 0 and (( outq_created > UTC_TIMESTAMP() - INTERVAL 12 HOUR and outq_updated < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ) OR ( outq_updated < UTC_TIMESTAMP() - INTERVAL 1 HOUR )) group by outq_posturl"); + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $prefix = 'DISTINCT ON (outq_posturl)'; + $suffix = 'ORDER BY outq_posturl'; + } else { + $prefix = ''; + $suffix = 'GROUP BY outq_posturl'; + } + $r = q("SELECT $prefix * FROM outq WHERE outq_delivered = 0 and (( outq_created > %s - INTERVAL %s and outq_updated < %s - INTERVAL %s ) OR ( outq_updated < %s - INTERVAL %s )) $suffix", + db_utcnow(), db_quoteinterval('12 HOUR'), + db_utcnow(), db_quoteinterval('15 MINUTE'), + db_utcnow(), db_quoteinterval('1 HOUR') + ); } if(! $r) return; @@ -51,13 +63,13 @@ function queue_run($argv, $argc){ $result = z_post_url($rr['outq_posturl'],$rr['outq_msg']); if($result['success'] && $result['return_code'] < 300) { logger('queue: queue post success to ' . $rr['outq_posturl'], LOGGER_DEBUG); - $y = q("delete from outq where outq_hash = '%s' limit 1", + $y = q("delete from outq where outq_hash = '%s'", dbesc($rr['ouq_hash']) ); } else { logger('queue: queue post returned ' . $result['return_code'] . ' from ' . $rr['outq_posturl'],LOGGER_DEBUG); - $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1", + $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'", dbesc(datetime_convert()), dbesc($rr['outq_hash']) ); @@ -70,7 +82,7 @@ function queue_run($argv, $argc){ } else { $deadguys[] = $rr['outq_posturl']; - $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1", + $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'", dbesc(datetime_convert()), dbesc($rr['outq_hash']) ); diff --git a/include/queue_fn.php b/include/queue_fn.php index 512edb531..22580bc48 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -2,7 +2,7 @@ function update_queue_time($id) { logger('queue: requeue item ' . $id); - q("UPDATE outq SET outq_updated = '%s' WHERE outq_hash = '%s' LIMIT 1", + q("UPDATE outq SET outq_updated = '%s' WHERE outq_hash = '%s'", dbesc(datetime_convert()), dbesc($id) ); @@ -10,7 +10,7 @@ function update_queue_time($id) { function remove_queue_item($id) { logger('queue: remove queue item ' . $id); - q("DELETE FROM outq WHERE hash = '%s' LIMIT 1", + q("DELETE FROM outq WHERE hash = '%s'", dbesc($id) ); } diff --git a/include/reddav.php b/include/reddav.php index c16e08e27..750ca1b24 100644 --- a/include/reddav.php +++ b/include/reddav.php @@ -42,7 +42,7 @@ require_once('include/RedDAV/RedBasicAuth.php'); function RedChannelList(&$auth) { $ret = array(); - $r = q("SELECT channel_id, channel_address FROM channel WHERE NOT (channel_pageflags & %d) AND NOT (channel_pageflags & %d)", + $r = q("SELECT channel_id, channel_address FROM channel WHERE NOT (channel_pageflags & %d)>0 AND NOT (channel_pageflags & %d)>0", intval(PAGE_REMOVED), intval(PAGE_HIDDEN) ); @@ -115,7 +115,7 @@ function RedCollectionData($file, &$auth) { $permission_error = false; for ($x = 1; $x < count($path_arr); $x++) { - $r = q("SELECT id, hash, filename, flags FROM attach WHERE folder = '%s' AND filename = '%s' AND uid = %d AND (flags & %d) $perms LIMIT 1", + $r = q("SELECT id, hash, filename, flags FROM attach WHERE folder = '%s' AND filename = '%s' AND uid = %d AND (flags & %d)>0 $perms LIMIT 1", dbesc($folder), dbesc($path_arr[$x]), intval($channel_id), @@ -124,7 +124,7 @@ function RedCollectionData($file, &$auth) { if (! $r) { // path wasn't found. Try without permissions to see if it was the result of permissions. $errors = true; - $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d) limit 1", + $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)>0 limit 1", dbesc($folder), basename($path_arr[$x]), intval($channel_id), @@ -155,8 +155,14 @@ function RedCollectionData($file, &$auth) { logger("Path mismatch: $path !== /$file"); return NULL; } - - $r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach where folder = '%s' and uid = %d $perms group by filename", + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $prefix = 'DISTINCT ON (filename)'; + $suffix = 'ORDER BY filename'; + } else { + $prefix = ''; + $suffix = 'GROUP BY filename'; + } + $r = q("select $prefix id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach where folder = '%s' and uid = %d $perms $suffix", dbesc($folder), intval($channel_id) ); @@ -231,7 +237,7 @@ function RedFileData($file, &$auth, $test = false) { $errors = false; for ($x = 1; $x < count($path_arr); $x++) { - $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d) $perms", + $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)>0 $perms", dbesc($folder), dbesc($path_arr[$x]), intval($channel_id), @@ -244,7 +250,7 @@ function RedFileData($file, &$auth, $test = false) { } if (! $r) { $r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach - where folder = '%s' and filename = '%s' and uid = %d $perms group by filename limit 1", + where folder = '%s' and filename = '%s' and uid = %d $perms order by filename limit 1", dbesc($folder), dbesc(basename($file)), intval($channel_id) @@ -253,7 +259,7 @@ function RedFileData($file, &$auth, $test = false) { if (! $r) { $errors = true; $r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach - where folder = '%s' and filename = '%s' and uid = %d group by filename limit 1", + where folder = '%s' and filename = '%s' and uid = %d order by filename limit 1", dbesc($folder), dbesc(basename($file)), intval($channel_id) diff --git a/include/security.php b/include/security.php index e83cc7061..8066a76f6 100644 --- a/include/security.php +++ b/include/security.php @@ -12,7 +12,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive $_SESSION['authenticated'] = 1; if($login_initial || $update_lastlog) { - q("update account set account_lastlog = '%s' where account_id = %d limit 1", + q("update account set account_lastlog = '%s' where account_id = %d", dbesc(datetime_convert()), intval($_SESSION['account_id']) ); @@ -59,7 +59,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive /* This account has never created a channel. Send them to new_channel by default */ if($a->module === 'login') { - $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d)", + $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d)>0", intval($a->account['account_id']), intval(PAGE_REMOVED) ); @@ -76,7 +76,7 @@ function change_channel($change_channel) { $ret = false; if($change_channel) { - $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_account_id = %d and not ( channel_pageflags & %d) limit 1", + $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_account_id = %d and not ( channel_pageflags & %d)>0 limit 1", intval($change_channel), intval(get_account_id()), intval(PAGE_REMOVED) @@ -86,7 +86,7 @@ function change_channel($change_channel) { if (is_developer()) { if (! $r) { if (is_site_admin()) { - $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d ) limit 1", + $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1", intval($change_channel), intval(PAGE_SYSTEM), intval(PAGE_REMOVED) @@ -174,9 +174,10 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { foreach($groups as $g) $gs .= '|<' . $g . '>'; } + $regexop = db_getfunc('REGEXP'); $sql = sprintf( - " AND ( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s') - AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') ) + " AND ( NOT (deny_cid like '%s' OR deny_gid $regexop '%s') + AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') ) ) ", dbesc(protect_sprintf( '%<' . $observer . '>%')), @@ -204,7 +205,7 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) * default permissions - anonymous user */ - $sql = " AND not item_private "; + $sql = " AND item_private=0 "; /** @@ -235,10 +236,11 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) if(is_array($groups) && count($groups)) { foreach($groups as $g) $gs .= '|<' . $g . '>'; - } + } + $regexop = db_getfunc('REGEXP'); $sql = sprintf( - " AND ( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s') - AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') ) + " AND ( NOT (deny_cid like '%s' OR deny_gid $regexop '%s') + AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') ) ) ", dbesc(protect_sprintf( '%<' . $observer . '>%')), @@ -264,9 +266,10 @@ function public_permissions_sql($observer_hash) { } $sql = ''; if($observer_hash) { + $regexop = db_getfunc('REGEXP'); $sql = sprintf( - " OR (( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s') - AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') ) + " OR (( NOT (deny_cid like '%s' OR deny_gid $regexop '%s') + AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') ) )) ", dbesc(protect_sprintf( '%<' . $observer_hash . '>%')), @@ -375,7 +378,7 @@ function stream_perms_api_uids($perms = NULL ) { $ret = array(); if(local_user()) $ret[] = local_user(); - $r = q("select channel_id from channel where channel_r_stream > 0 and (channel_r_stream & %d) and not (channel_pageflags & %d)", + $r = q("select channel_id from channel where channel_r_stream > 0 and (channel_r_stream & %d)>0 and not (channel_pageflags & %d)>0", intval($perms), intval(PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED) ); @@ -402,7 +405,7 @@ function stream_perms_xchans($perms = NULL ) { if(local_user()) $ret[] = get_observer_hash(); - $r = q("select channel_hash from channel where channel_r_stream > 0 and (channel_r_stream & %d) and not (channel_pageflags & %d)", + $r = q("select channel_hash from channel where channel_r_stream > 0 and (channel_r_stream & %d)>0 and not (channel_pageflags & %d)>0", intval($perms), intval(PAGE_CENSORED|PAGE_SYETEM|PAGE_REMOVED) ); diff --git a/include/session.php b/include/session.php index 8500e2cd3..ed4dfdd16 100644 --- a/include/session.php +++ b/include/session.php @@ -60,11 +60,11 @@ function ref_session_write ($id,$data) { if($session_exists) $r = q("UPDATE `session` SET `data` = '%s', `expire` = '%s' - WHERE `sid` = '%s' LIMIT 1", + WHERE `sid` = '%s'", dbesc($data), dbesc($expire), dbesc($id)); else - $r = q("INSERT INTO `session` - SET `sid` = '%s', `expire` = '%s', `data` = '%s'", + $r = q("INSERT INTO `session` (sid, expire, data) values ('%s', '%s', '%s')", + //SET `sid` = '%s', `expire` = '%s', `data` = '%s'", dbesc($id), dbesc($default_expire), dbesc($data)); return true; @@ -85,7 +85,7 @@ function ref_session_destroy ($id) { function ref_session_gc($expire) { q("DELETE FROM session WHERE expire < %d", dbesc(time())); if (! get_config('system','innodb')) - q("OPTIMIZE TABLE session"); + db_optimizetable('session'); return true; } diff --git a/include/socgraph.php b/include/socgraph.php index 504a6b2c0..740886b1c 100644 --- a/include/socgraph.php +++ b/include/socgraph.php @@ -77,7 +77,7 @@ function poco_load($xchan = '',$url = null) { dbesc($xchan) ); if($r) { - q("update xchat set xchat_edited = '%s' where xchat_id = %d limit 1", + q("update xchat set xchat_edited = '%s' where xchat_id = %d", dbesc(datetime_convert()), intval($r[0]['xchat_id']) ); @@ -93,7 +93,8 @@ function poco_load($xchan = '',$url = null) { } } } - q("delete from xchat where xchat_edited < UTC_TIMESTAMP() - INTERVAL 7 DAY and xchat_xchan = '%s' ", + q("delete from xchat where xchat_edited < %s - INTERVAL %s and xchat_xchan = '%s' ", + db_utcnow(), db_quoteinterval('7 DAY'), dbesc($xchan) ); } @@ -195,7 +196,7 @@ function poco_load($xchan = '',$url = null) { ); } else { - q("update xlink set xlink_updated = '%s', xlink_rating = %d where xlink_id = %d limit 1", + q("update xlink set xlink_updated = '%s', xlink_rating = %d where xlink_id = %d", dbesc(datetime_convert()), intval($rating), intval($r[0]['xlink_id']) @@ -204,8 +205,9 @@ function poco_load($xchan = '',$url = null) { } logger("poco_load: loaded $total entries",LOGGER_DEBUG); - q("delete from xlink where xlink_xchan = '%s' and xlink_updated < UTC_TIMESTAMP() - INTERVAL 2 DAY", - dbesc($xchan) + q("delete from xlink where xlink_xchan = '%s' and xlink_updated < %s - INTERVAL %s", + dbesc($xchan), + db_utcnow(), db_quoteinterval('2 DAY') ); } @@ -227,18 +229,19 @@ function count_common_friends($uid,$xchan) { function common_friends($uid,$xchan,$start = 0,$limit=100000000,$shuffle = false) { + $rand = db_getfunc('rand'); if($shuffle) - $sql_extra = " order by rand() "; + $sql_extra = " order by $rand "; else $sql_extra = " order by xchan_name asc "; $r = q("SELECT * from xchan left join xlink on xlink_link = xchan_hash where xlink_xchan = '%s' and xlink_link in - (select abook_xchan from abook where abook_xchan != '%s' and abook_channel = %d and abook_flags = 0 ) $sql_extra limit %d, %d", + (select abook_xchan from abook where abook_xchan != '%s' and abook_channel = %d and abook_flags = 0 ) $sql_extra limit %d offset %d", dbesc($xchan), dbesc($xchan), intval($uid), - intval($start), - intval($limit) + intval($limit), + intval($start) ); return $r; @@ -273,11 +276,11 @@ function common_friends_zcid($uid,$zcid,$start = 0, $limit = 9999,$shuffle = fal FROM `glink` left join `gcontact` on `glink`.`gcid` = `gcontact`.`id` where `glink`.`zcid` = %d and `gcontact`.`nurl` in (select nurl from contact where uid = %d and self = 0 and blocked = 0 and hidden = 0 ) - $sql_extra limit %d, %d", + $sql_extra limit %d offset %d", intval($zcid), intval($uid), - intval($start), - intval($limit) + intval($limit), + intval($start) ); return $r; @@ -306,11 +309,11 @@ function all_friends($uid,$cid,$start = 0, $limit = 80) { $r = q("SELECT `gcontact`.* FROM `glink` left join `gcontact` on `glink`.`gcid` = `gcontact`.`id` where `glink`.`cid` = %d and `glink`.`uid` = %d - order by `gcontact`.`name` asc LIMIT %d, %d ", + order by `gcontact`.`name` asc LIMIT %d OFFSET %d ", intval($cid), intval($uid), - intval($start), - intval($limit) + intval($limit), + intval($start) ); return $r; @@ -329,16 +332,16 @@ function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) { and not xlink_link in ( select abook_xchan from abook where abook_channel = %d ) and not xlink_link in ( select xchan from xign where uid = %d ) and xlink_xchan != '' - and not ( xchan_flags & %d ) - and not ( xchan_flags & %d ) - group by xchan_hash order by total desc limit %d, %d ", + and not ( xchan_flags & %d )>0 + and not ( xchan_flags & %d )>0 + group by xchan_hash order by total desc limit %d offset %d ", intval($uid), intval($uid), intval($uid), intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_DELETED), - intval($start), - intval($limit) + intval($limit), + intval($start) ); if($r && count($r) >= ($limit -1)) @@ -349,15 +352,15 @@ function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) { where xlink_xchan = '' and not xlink_link in ( select abook_xchan from abook where abook_channel = %d ) and not xlink_link in ( select xchan from xign where uid = %d ) - and not ( xchan_flags & %d ) - and not ( xchan_flags & %d ) - group by xchan_hash order by total desc limit %d, %d ", + and not ( xchan_flags & %d )>0 + and not ( xchan_flags & %d )>0 + group by xchan_hash order by total desc limit %d offset %d ", intval($uid), intval($uid), intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_DELETED), - intval($start), - intval($limit) + intval($limit), + intval($start) ); if(is_array($r) && is_array($r2)) @@ -394,7 +397,9 @@ function update_suggestions() { // the targets may have changed their preferences and don't want to be suggested - and they // may have simply gone away. - $r = q("delete from xlink where xlink_xchan = '' and xlink_updated < UTC_TIMESTAMP() - INTERVAL 7 DAY"); + $r = q("delete from xlink where xlink_xchan = '' and xlink_updated < %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('7 DAY') + ); $j = json_decode($ret['body'],true); diff --git a/include/statistics_fns.php b/include/statistics_fns.php index 4f72e6615..288925a2c 100644 --- a/include/statistics_fns.php +++ b/include/statistics_fns.php @@ -13,7 +13,9 @@ function update_channels_total_stat() { function update_channels_active_halfyear_stat() { $r = q("select channel_id from channel left join account on account_id = channel_account_id - where account_flags = 0 and account_lastlog > UTC_TIMESTAMP - INTERVAL 6 MONTH"); + where account_flags = 0 and account_lastlog > %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('6 MONTH') + ); if($r) { $s = ''; foreach($r as $rr) { @@ -21,8 +23,9 @@ function update_channels_active_halfyear_stat() { $s .= ','; $s .= intval($rr['channel_id']); } - $x = q("select uid from item where uid in ( $s ) and (item_flags & %d) and created > UTC_TIMESTAMP - INTERVAL 6 MONTH group by uid", - intval(ITEM_WALL) + $x = q("select uid from item where uid in ( $s ) and (item_flags & %d)>0 and created > %s - INTERVAL %s group by uid", + intval(ITEM_WALL), + db_utcnow(), db_quoteinterval('6 MONTH') ); if($x) { $channels_active_halfyear_stat = count($x); @@ -37,7 +40,9 @@ function update_channels_active_halfyear_stat() { function update_channels_active_monthly_stat() { $r = q("select channel_id from channel left join account on account_id = channel_account_id - where account_flags = 0 and account_lastlog > UTC_TIMESTAMP - INTERVAL 1 MONTH"); + where account_flags = 0 and account_lastlog > %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('1 MONTH') + ); if($r) { $s = ''; foreach($r as $rr) { @@ -45,8 +50,9 @@ function update_channels_active_monthly_stat() { $s .= ','; $s .= intval($rr['channel_id']); } - $x = q("select uid from item where uid in ( $s ) and ( item_flags & %d ) and created > UTC_TIMESTAMP - INTERVAL 1 MONTH group by uid", - intval(ITEM_WALL) + $x = q("select uid from item where uid in ( $s ) and ( item_flags & %d )>0 and created > %s - INTERVAL %s group by uid", + intval(ITEM_WALL), + db_utcnow(), db_quoteinterval('1 MONTH') ); if($x) { $channels_active_monthly_stat = count($x); @@ -60,7 +66,7 @@ function update_channels_active_monthly_stat() { } function update_local_posts_stat() { - $posts = q("SELECT COUNT(*) AS local_posts FROM `item` WHERE (item_flags & %d) ", + $posts = q("SELECT COUNT(*) AS local_posts FROM `item` WHERE (item_flags & %d)>0 ", intval(ITEM_WALL) ); if (is_array($posts)) { $local_posts_stat = intval($posts[0]["local_posts"]); diff --git a/include/text.php b/include/text.php index d816fdb0a..22a1a78c4 100644 --- a/include/text.php +++ b/include/text.php @@ -724,7 +724,7 @@ function contact_block() { if((! is_array($a->profile)) || ($a->profile['hide_friends'])) return $o; - $r = q("SELECT COUNT(abook_id) AS total FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and not ( abook_flags & %d ) and not (xchan_flags & %d)", + $r = q("SELECT COUNT(abook_id) AS total FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and not ( abook_flags & %d )>0 and not (xchan_flags & %d)>0", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags) @@ -737,8 +737,12 @@ function contact_block() { $micropro = Null; } else { - - $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash WHERE abook_channel = %d AND not ( abook_flags & %d) and not (xchan_flags & %d ) ORDER BY RAND() LIMIT %d", + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $randfunc = 'RANDOM()'; + } else { + $randfunc = 'RAND()'; + } + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash WHERE abook_channel = %d AND not ( abook_flags & %d)>0 and not (xchan_flags & %d )>0 ORDER BY $randfunc LIMIT %d", intval($a->profile['uid']), intval($abook_flags|ABOOK_FLAG_ARCHIVED), intval($xchan_flags), @@ -1534,7 +1538,7 @@ function unamp($s) { } function layout_select($channel_id, $current = '') { - $r = q("select mid,sid from item left join item_id on iid = item.id where service = 'PDL' and item.uid = item_id.uid and item_id.uid = %d and (item_restrict & %d)", + $r = q("select mid,sid from item left join item_id on iid = item.id where service = 'PDL' and item.uid = item_id.uid and item_id.uid = %d and (item_restrict & %d)>0", intval($channel_id), intval(ITEM_PDL) ); @@ -1874,13 +1878,13 @@ function xchan_query(&$items,$abook = true,$effective_uid = 0) { if(count($arr)) { if($abook) { $chans = q("select * from xchan left join hubloc on hubloc_hash = xchan_hash left join abook on abook_xchan = xchan_hash and abook_channel = %d - where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )", + where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0", intval($item['uid']) ); } else { $chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash - where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )"); + where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0"); } $xchans = q("select * from xchan where xchan_hash in (" . implode(',',$arr) . ") and xchan_network in ('rss','unknown')"); if(! $chans) @@ -1909,7 +1913,7 @@ function xchan_mail_query(&$item) { if(count($arr)) { $chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash - where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )"); + where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0"); } if($chans) { $item['from'] = find_xchan_in_array($item['from_xchan'],$chans); diff --git a/include/widgets.php b/include/widgets.php index cb5dc6846..74bdb5d74 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -155,7 +155,7 @@ function widget_follow($args) { return ''; $a = get_app(); $uid =$a->channel['channel_id']; - $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d) ", + $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ", intval($uid), intval(ABOOK_FLAG_SELF) ); @@ -220,7 +220,7 @@ function widget_savedsearch($arr) { } if(x($_GET,'searchremove') && $search) { - q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1", + q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s'", intval(local_user()), intval(TERM_SAVEDSEARCH), dbesc($search) @@ -456,7 +456,7 @@ function widget_settings_menu($arr) { $role = get_pconfig(local_user(),'system','permissions_role'); - $abk = q("select abook_id from abook where abook_channel = %d and ( abook_flags & %d ) limit 1", + $abk = q("select abook_id from abook where abook_channel = %d and ( abook_flags & %d )>0 limit 1", intval(local_user()), intval(ABOOK_FLAG_SELF) ); diff --git a/include/zot.php b/include/zot.php index 2954408b9..2fd950acc 100644 --- a/include/zot.php +++ b/include/zot.php @@ -79,7 +79,7 @@ function zot_get_hublocs($hash) { /** Only search for active hublocs - e.g. those that haven't been marked deleted */ - $ret = q("select * from hubloc where hubloc_hash = '%s' and not ( hubloc_flags & %d ) group by hubloc_url ", + $ret = q("select * from hubloc where hubloc_hash = '%s' and not ( hubloc_flags & %d )>0 order by hubloc_url ", dbesc($hash), intval(HUBLOC_FLAGS_DELETED) ); @@ -194,14 +194,15 @@ function zot_finger($webbie,$channel,$autofallback = true) { logger('zot_finger: no address :' . $webbie); return array('success' => false); } - + logger('using xchan_addr: ' . $xchan_addr, LOGGER_DATA); + // potential issue here; the xchan_addr points to the primary hub. // The webbie we were called with may not, so it might not be found // unless we query for hubloc_addr instead of xchan_addr $r = q("select xchan.*, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash - where xchan_addr = '%s' and (hubloc_flags & %d) limit 1", + where xchan_addr = '%s' and (hubloc_flags & %d)>0 limit 1", dbesc($xchan_addr), intval(HUBLOC_FLAGS_PRIMARY) ); @@ -211,6 +212,7 @@ function zot_finger($webbie,$channel,$autofallback = true) { if($r[0]['hubloc_network'] && $r[0]['hubloc_network'] !== 'zot') { logger('zot_finger: alternate network: ' . $webbie); + logger('url: '.$url.', net: '.var_export($r[0]['hubloc_network'],true), LOGGER_DATA); return array('success' => false); } } @@ -299,7 +301,7 @@ function zot_refresh($them,$channel = null, $force = false) { if($them['hubloc_url']) $url = $them['hubloc_url']; else { - $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d ) limit 1", + $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d )>0 limit 1", dbesc($them['xchan_hash']), intval(HUBLOC_FLAGS_PRIMARY) ); @@ -381,7 +383,7 @@ function zot_refresh($them,$channel = null, $force = false) { } } - $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) limit 1", + $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d)>0 limit 1", dbesc($x['hash']), intval($channel['channel_id']), intval(ABOOK_FLAG_SELF) @@ -407,7 +409,7 @@ function zot_refresh($them,$channel = null, $force = false) { $y = q("update abook set abook_their_perms = %d, abook_dob = '%s' where abook_xchan = '%s' and abook_channel = %d - and not (abook_flags & %d) limit 1", + and not (abook_flags & %d)>0 ", intval($their_perms), dbesc($next_birthday), dbesc($x['hash']), @@ -469,7 +471,7 @@ function zot_refresh($them,$channel = null, $force = false) { $new_perms = get_all_perms($channel['channel_id'],$x['hash']); if($new_perms != $previous_perms) { // Send back a permissions update if permissions have changed - $z = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) limit 1", + $z = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d)>0 limit 1", dbesc($x['hash']), intval($channel['channel_id']), intval(ABOOK_FLAG_SELF) @@ -735,7 +737,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { || ($r[0]['xchan_url'] != $arr['url'])) { $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s', xchan_connurl = '%s', xchan_follow = '%s', xchan_connpage = '%s', xchan_flags = %d, - xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s' limit 1", + xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s'", dbesc(($arr['name']) ? $arr['name'] : '-'), dbesc($arr['name_updated']), dbesc($arr['connections_url']), @@ -788,8 +790,8 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { dbesc($arr['connect_url']), dbesc(($arr['name']) ? $arr['name'] : '-'), dbesc('zot'), - dbesc($arr['photo_updated']), - dbesc($arr['name_updated']), + dbescdate($arr['photo_updated']), + dbescdate($arr['name_updated']), intval($new_flags) ); @@ -830,7 +832,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { // importing the photo failed somehow. Leave the photo_date alone so we can try again at a later date. // This often happens when somebody joins the matrix with a bad cert. $r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' - where xchan_hash = '%s' limit 1", + where xchan_hash = '%s'", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), @@ -840,8 +842,8 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { } else { $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' - where xchan_hash = '%s' limit 1", - dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])), + where xchan_hash = '%s'", + dbescdate(datetime_convert('UTC','UTC',$arr['photo_updated'])), dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), @@ -901,10 +903,10 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { else { logger('import_xchan: profile not available - hiding'); // they may have made it private - $r = q("delete from xprof where xprof_hash = '%s' limit 1", + $r = q("delete from xprof where xprof_hash = '%s'", dbesc($xchan_hash) ); - $r = q("delete from xtag where xtag_hash = '%s' limit 1", + $r = q("delete from xtag where xtag_hash = '%s'", dbesc($xchan_hash) ); } @@ -926,7 +928,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { } elseif(! $ud_flags) { // nothing changed but we still need to update the updates record - q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d) ", + q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d)>0 ", intval(UPDATE_FLAGS_UPDATED), dbesc($address), intval(UPDATE_FLAGS_UPDATED) @@ -976,14 +978,14 @@ function zot_process_response($hub,$arr,$outq) { // async messages remain in the queue until processed. if(intval($outq['outq_async'])) { - $r = q("update outq set outq_delivered = 1, outq_updated = '%s' where outq_hash = '%s' and outq_channel = %d limit 1", + $r = q("update outq set outq_delivered = 1, outq_updated = '%s' where outq_hash = '%s' and outq_channel = %d", dbesc(datetime_convert()), dbesc($outq['outq_hash']), intval($outq['outq_channel']) ); } else { - $r = q("delete from outq where outq_hash = '%s' and outq_channel = %d limit 1", + $r = q("delete from outq where outq_hash = '%s' and outq_channel = %d", dbesc($outq['outq_hash']), intval($outq['outq_channel']) ); @@ -1101,7 +1103,7 @@ function zot_import($arr, $sender_url) { } stringify_array_elms($recip_arr); $recips = implode(',',$recip_arr); - $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) and not ( channel_pageflags & %d ) ", + $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) and not ( channel_pageflags & %d )>0 ", intval(PAGE_REMOVED) ); if(! $r) { @@ -1283,9 +1285,9 @@ function public_recips($msg) { if($msg['notify']['sender']['url'] === z_root()) - $sql = " where (( " . $col . " & " . PERMS_NETWORK . " ) or ( " . $col . " & " . PERMS_SITE . " ) or ( " . $col . " & " . PERMS_PUBLIC . ")) "; + $sql = " where (( " . $col . " & " . PERMS_NETWORK . " )>0 or ( " . $col . " & " . PERMS_SITE . " )>0 or ( " . $col . " & " . PERMS_PUBLIC . ")>0) "; else - $sql = " where (( " . $col . " & " . PERMS_NETWORK . " ) or ( " . $col . " & " . PERMS_PUBLIC . ")) "; + $sql = " where (( " . $col . " & " . PERMS_NETWORK . " )>0 or ( " . $col . " & " . PERMS_PUBLIC . ")>0) "; $r = q("select channel_hash as hash from channel $sql or channel_hash = '%s' ", @@ -1295,7 +1297,7 @@ function public_recips($msg) { if(! $r) $r = array(); - $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & " . PAGE_REMOVED . " ) and (( " . $col . " & " . PERMS_SPECIFIC . " ) and ( abook_my_perms & " . $field . " )) OR ( " . $col . " & " . PERMS_PENDING . " ) OR (( " . $col . " & " . PERMS_CONTACTS . " ) and not ( abook_flags & " . ABOOK_FLAG_PENDING . " )) ", + $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & " . PAGE_REMOVED . " )>0 and (( " . $col . " & " . PERMS_SPECIFIC . " )>0 and ( abook_my_perms & " . $field . " )>0) OR ( " . $col . " & " . PERMS_PENDING . " )>0 OR (( " . $col . " & " . PERMS_CONTACTS . " )>0 and not ( abook_flags & " . ABOOK_FLAG_PENDING . " )>0) ", dbesc($msg['notify']['sender']['hash']) ); @@ -1371,7 +1373,7 @@ function allowed_public_recips($msg) { $condensed_recips[] = $rr['hash']; $results = array(); - $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & %d ) ", + $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & %d )>0 ", dbesc($hash), intval(PAGE_REMOVED) ); @@ -1615,7 +1617,7 @@ function remove_community_tag($sender,$arr,$uid) { return; } - $x = q("delete from term where uid = %d and oid = %d and otype = %d and type = %d and term = '%s' and url = '%s' limit 1", + $x = q("delete from term where uid = %d and oid = %d and otype = %d and type = %d and term = '%s' and url = '%s'", intval($uid), intval($r[0]['id']), intval(TERM_OBJ_POST), @@ -1709,7 +1711,7 @@ function process_mail_delivery($sender,$arr,$deliveries) { ); if($r) { if($arr['mail_flags'] & MAIL_RECALLED) { - $x = q("delete from mail where id = %d and channel_id = %d limit 1", + $x = q("delete from mail where id = %d and channel_id = %d", intval($r[0]['id']), intval($channel['channel_id']) ); @@ -1835,7 +1837,7 @@ function sync_locations($sender,$arr,$absolute = false) { // This only happens when called from import_xchan if(array_key_exists('site',$arr) && $location['url'] == $arr['site']['url']) { - q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d limit 1", + q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($r[0]['hubloc_id']) @@ -1847,17 +1849,17 @@ function sync_locations($sender,$arr,$absolute = false) { // the directory server if the site is alive. if($r[0]['hubloc_status'] & HUBLOC_OFFLINE) { - q("update hubloc set hubloc_status = (hubloc_status ^ %d) where hubloc_id = %d limit 1", + q("update hubloc set hubloc_status = (hubloc_status & ~%d) where hubloc_id = %d", intval(HUBLOC_OFFLINE), intval($r[0]['hubloc_id']) ); if($r[0]['hubloc_flags'] & HUBLOC_FLAGS_ORPHANCHECK) { - q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where hubloc_id = %d limit 1", + q("update hubloc set hubloc_flags = (hubloc_flags & ~%d) where hubloc_id = %d", intval(HUBLOC_FLAGS_ORPHANCHECK), intval($r[0]['hubloc_id']) ); } - q("update xchan set xchan_flags = (xchan_flags ^ %d) where (xchan_flags & %d) and xchan_hash = '%s' limit 1", + q("update xchan set xchan_flags = (xchan_flags & ~%d) where (xchan_flags & %d)>0 and xchan_hash = '%s'", intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_ORPHAN), dbesc($sender['hash']) @@ -1867,7 +1869,7 @@ function sync_locations($sender,$arr,$absolute = false) { // Remove pure duplicates if(count($r) > 1) { for($h = 1; $h < count($r); $h ++) { - q("delete from hubloc where hubloc_id = %d limit 1", + q("delete from hubloc where hubloc_id = %d", intval($r[$h]['hubloc_id']) ); $what .= 'duplicate_hubloc_removed '; @@ -1877,7 +1879,7 @@ function sync_locations($sender,$arr,$absolute = false) { if((($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY) && (! $location['primary'])) || ((! ($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY)) && ($location['primary']))) { - $m = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_id = %d limit 1", + $m = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_id = %d", intval(HUBLOC_FLAGS_PRIMARY), dbesc(datetime_convert()), intval($r[0]['hubloc_id']) @@ -1898,7 +1900,7 @@ function sync_locations($sender,$arr,$absolute = false) { } if((($r[0]['hubloc_flags'] & HUBLOC_FLAGS_DELETED) && (! $location['deleted'])) || ((! ($r[0]['hubloc_flags'] & HUBLOC_FLAGS_DELETED)) && ($location['deleted']))) { - $n = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_id = %d limit 1", + $n = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_id = %d", intval(HUBLOC_FLAGS_DELETED), dbesc(datetime_convert()), intval($r[0]['hubloc_id']) @@ -1913,7 +1915,7 @@ function sync_locations($sender,$arr,$absolute = false) { // New hub claiming to be primary. Make it so by removing any existing primaries. if(intval($location['primary'])) { - $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_hash = '%s' and (hubloc_flags & %d )", + $r = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_hash = '%s' and (hubloc_flags & %d )>0", intval(HUBLOC_FLAGS_PRIMARY), dbesc(datetime_convert()), dbesc($sender['hash']), @@ -1956,7 +1958,7 @@ function sync_locations($sender,$arr,$absolute = false) { foreach($xisting as $x) { if(! array_key_exists('updated',$x)) { logger('sync_locations: deleting unreferenced hub location ' . $x['hubloc_url']); - $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_id = %d limit 1", + $r = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_id = %d", intval(HUBLOC_FLAGS_DELETED), dbesc(datetime_convert()), intval($x['hubloc_id']) @@ -2050,7 +2052,7 @@ function import_directory_profile($hash,$profile,$addr,$ud_flags = UPDATE_FLAGS_ if(in_arrayi('nsfw',$clean) || in_arrayi('adult',$clean)) { - q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s' limit 1", + q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s'", intval(XCHAN_FLAGS_SELFCENSORED), dbesc($hash) ); @@ -2085,7 +2087,7 @@ function import_directory_profile($hash,$profile,$addr,$ud_flags = UPDATE_FLAGS_ xprof_homepage = '%s', xprof_hometown = '%s', xprof_keywords = '%s' - where xprof_hash = '%s' limit 1", + where xprof_hash = '%s'", dbesc($arr['xprof_desc']), dbesc($arr['xprof_dob']), intval($arr['xprof_age']), @@ -2155,7 +2157,7 @@ function import_directory_keywords($hash,$keywords) { foreach($existing as $x) { if(! in_array($x,$clean)) - $r = q("delete from xtag where xtag_hash = '%s' and xtag_term = '%s' limit 1", + $r = q("delete from xtag where xtag_hash = '%s' and xtag_term = '%s'", dbesc($hash), dbesc($x) ); @@ -2187,7 +2189,7 @@ function update_modtime($hash,$guid,$addr,$flags = 0) { ); } else { - q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d) ", + q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d)>0 ", intval(UPDATE_FLAGS_UPDATED), dbesc($addr), intval(UPDATE_FLAGS_UPDATED) @@ -2278,7 +2280,7 @@ function import_site($arr,$pubkey) { // logger('import_site: stored: ' . print_r($siterecord,true)); $r = q("update site set site_location = '%s', site_flags = %d, site_access = %d, site_directory = '%s', site_register = %d, site_update = '%s', site_sellpage = '%s', site_realm = '%s' - where site_url = '%s' limit 1", + where site_url = '%s'", dbesc($site_location), intval($site_directory), intval($access_policy), @@ -2494,7 +2496,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { if(count($clean)) { foreach($clean as $k => $v) { $r = dbq("UPDATE channel set " . dbesc($k) . " = '" . dbesc($v) - . "' where channel_id = " . intval($channel['channel_id']) . " limit 1"); + . "' where channel_id = " . intval($channel['channel_id']) ); } } } @@ -2525,7 +2527,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { logger('process_channel_sync_delivery: removing abook entry for ' . $abook['abook_xchan']); require_once('include/Contact.php'); - $r = q("select abook_id, abook_flags from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d ) limit 1", + $r = q("select abook_id, abook_flags from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d )>0 limit 1", dbesc($abook['abook_xchan']), intval($channel['channel_id']), intval(ABOOK_FLAG_SELF) @@ -2603,8 +2605,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { if(count($clean)) { foreach($clean as $k => $v) { $r = dbq("UPDATE abook set " . dbesc($k) . " = '" . dbesc($v) - . "' where abook_xchan = '" . dbesc($clean['abook_xchan']) . "' and abook_channel = " . intval($channel['channel_id']) - . " limit 1"); + . "' where abook_xchan = '" . dbesc($clean['abook_xchan']) . "' and abook_channel = " . intval($channel['channel_id'])); } } } @@ -2629,7 +2630,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { if(($y['name'] != $cl['name']) || ($y['visible'] != $cl['visible']) || ($y['deleted'] != $cl['deleted'])) { - q("update groups set name = '%s', visible = %d, deleted = %d where hash = '%s' and uid = %d limit 1", + q("update groups set name = '%s', visible = %d, deleted = %d where hash = '%s' and uid = %d", dbesc($cl['name']), intval($cl['visible']), intval($cl['deleted']), @@ -2672,7 +2673,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { q("delete from group_member where gid = %d", intval($y['id']) ); - q("update groups set deleted = 1 where id = %d and uid = %d limit 1", + q("update groups set deleted = 1 where id = %d and uid = %d", intval($y['id']), intval($channel['channel_id']) ); @@ -2735,7 +2736,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { foreach($m as $mm) { // if the local existing member isn't in the list we just received - remove them if(! in_array($mm['xchan'],$members[$y['hash']])) { - q("delete from group_member where xchan = '%s' and gid = %d and uid = %d limit 1", + q("delete from group_member where xchan = '%s' and gid = %d and uid = %d", dbesc($mm['xchan']), intval($y['id']), intval($channel['channel_id']) @@ -2781,8 +2782,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { if(count($clean)) { foreach($clean as $k => $v) { $r = dbq("UPDATE profile set " . dbesc($k) . " = '" . dbesc($v) - . "' where profile_guid = '" . dbesc($profile['profile_guid']) . "' and uid = " . intval($channel['channel_id']) - . " limit 1"); + . "' where profile_guid = '" . dbesc($profile['profile_guid']) . "' and uid = " . intval($channel['channel_id'])); } } } @@ -2807,7 +2807,7 @@ function get_rpost_path($observer) { function import_author_zot($x) { $hash = make_xchan_hash($x['guid'],$x['guid_sig']); - $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and (hubloc_flags & %d) limit 1", + $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and (hubloc_flags & %d)>0 limit 1", dbesc($x['guid']), dbesc($x['guid_sig']), intval(HUBLOC_FLAGS_PRIMARY) @@ -2879,8 +2879,8 @@ function zot_process_message_request($data) { $env_recips = null; $r = q("select hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host - from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d) - and not (hubloc_status & %d) group by hubloc_sitekey", + from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d)>0 + and not (hubloc_status & %d)>0 group by hubloc_sitekey", dbesc($sender_hash), intval(HUBLOC_FLAGS_DELETED), intval(HUBLOC_OFFLINE) @@ -40,8 +40,8 @@ date_default_timezone_set($a->timezone); require_once("include/dba/dba_driver.php"); if(! $a->install) { - $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $a->install); - unset($db_host, $db_port, $db_user, $db_pass, $db_data); + $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type, $a->install); + unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type); /** * Load configs from db. Overwrite configs from .htconfig.php diff --git a/install/database.sql b/install/schema_mysql.sql index ce3f07a89..ce3f07a89 100644 --- a/install/database.sql +++ b/install/schema_mysql.sql diff --git a/install/schema_postgres.sql b/install/schema_postgres.sql new file mode 100644 index 000000000..85eb802d2 --- /dev/null +++ b/install/schema_postgres.sql @@ -0,0 +1,1190 @@ +CREATE TABLE "abook" ( + "abook_id" serial NOT NULL, + "abook_account" bigint NOT NULL, + "abook_channel" bigint NOT NULL, + "abook_xchan" text NOT NULL DEFAULT '', + "abook_my_perms" bigint NOT NULL DEFAULT '0', + "abook_their_perms" bigint NOT NULL DEFAULT '0', + "abook_closeness" numeric(3) NOT NULL DEFAULT '99', + "abook_rating" bigint NOT NULL DEFAULT '0', + "abook_created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "abook_updated" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "abook_connected" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "abook_dob" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "abook_flags" bigint NOT NULL DEFAULT '0', + "abook_profile" char(64) NOT NULL DEFAULT '', + PRIMARY KEY ("abook_id") +); + create index "abook_account" on abook ("abook_account"); + create index "abook_channel" on abook ("abook_channel"); + create index "abook_xchan" on abook ("abook_xchan"); + create index "abook_my_perms" on abook ("abook_my_perms"); + create index "abook_their_perms" on abook ("abook_their_perms"); + create index "abook_closeness" on abook ("abook_closeness"); + create index "abook_created" on abook ("abook_created"); + create index "abook_updated" on abook ("abook_updated"); + create index "abook_flags" on abook ("abook_flags"); + create index "abook_profile" on abook ("abook_profile"); + create index "abook_dob" on abook ("abook_dob"); + create index "abook_connected" on abook ("abook_connected"); + create index "abook_rating" on abook ("abook_rating"); + +CREATE TABLE "account" ( + "account_id" serial NOT NULL, + "account_parent" bigint NOT NULL DEFAULT '0', + "account_default_channel" bigint NOT NULL DEFAULT '0', + "account_salt" char(32) NOT NULL DEFAULT '', + "account_password" text NOT NULL DEFAULT '', + "account_email" text NOT NULL DEFAULT '', + "account_external" text NOT NULL DEFAULT '', + "account_language" varchar(16) NOT NULL DEFAULT 'en', + "account_created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "account_lastlog" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "account_flags" bigint NOT NULL DEFAULT '0', + "account_roles" bigint NOT NULL DEFAULT '0', + "account_reset" text NOT NULL DEFAULT '', + "account_expires" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "account_expire_notified" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "account_service_class" varchar(32) NOT NULL DEFAULT '', + "account_level" bigint NOT NULL DEFAULT '0', + "account_password_changed" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("account_id") +); +create index "account_email" on account ("account_email"); +create index "account_service_class" on account ("account_service_class"); +create index "account_parent" on account ("account_parent"); +create index "account_flags" on account ("account_flags"); +create index "account_roles" on account ("account_roles"); +create index "account_lastlog" on account ("account_lastlog"); +create index "account_expires" on account ("account_expires"); +create index "account_default_channel" on account ("account_default_channel"); +create index "account_external" on account ("account_external"); +create index "account_level" on account ("account_level"); +create index "account_password_changed" on account ("account_password_changed"); +CREATE TABLE "addon" ( + "id" serial NOT NULL, + "name" text NOT NULL, + "version" text NOT NULL DEFAULT '0', + "installed" numeric(1) NOT NULL DEFAULT '0', + "hidden" numeric(1) NOT NULL DEFAULT '0', + "timestamp" numeric(20) NOT NULL DEFAULT '0', + "plugin_admin" numeric(1) NOT NULL DEFAULT '0', + PRIMARY KEY ("id") +); +create index "addon_hidden_idx" on addon ("hidden"); +create index "addon_name_idx" on addon ("name"); +create index "addon_installed_idx" on addon ("installed"); +CREATE TABLE "app" ( + "id" serial NOT NULL, + "app_id" text NOT NULL DEFAULT '', + "app_sig" text NOT NULL DEFAULT '', + "app_author" text NOT NULL DEFAULT '', + "app_name" text NOT NULL DEFAULT '', + "app_desc" text NOT NULL, + "app_url" text NOT NULL DEFAULT '', + "app_photo" text NOT NULL DEFAULT '', + "app_version" text NOT NULL DEFAULT '', + "app_channel" bigint NOT NULL DEFAULT '0', + "app_addr" text NOT NULL DEFAULT '', + "app_price" text NOT NULL DEFAULT '', + "app_page" text NOT NULL DEFAULT '', + "app_requires" text NOT NULL DEFAULT '', + PRIMARY KEY ("id") +); +create index "app_id" on app ("app_id"); +create index "app_name" on app ("app_name"); +create index "app_url" on app ("app_url"); +create index "app_photo" on app ("app_photo"); +create index "app_version" on app ("app_version"); +create index "app_channel" on app ("app_channel"); +create index "app_price" on app ("app_price"); +CREATE TABLE "attach" ( + "id" serial NOT NULL, + "aid" bigint NOT NULL DEFAULT '0', + "uid" bigint NOT NULL DEFAULT '0', + "hash" varchar(64) NOT NULL DEFAULT '', + "creator" varchar(128) NOT NULL DEFAULT '', + "filename" text NOT NULL DEFAULT '', + "filetype" varchar(64) NOT NULL DEFAULT '', + "filesize" bigint NOT NULL DEFAULT '0', + "revision" bigint NOT NULL DEFAULT '0', + "folder" varchar(64) NOT NULL DEFAULT '', + "flags" bigint NOT NULL DEFAULT '0', + "data" bytea NOT NULL, + "created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "edited" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "allow_cid" text NOT NULL, + "allow_gid" text NOT NULL, + "deny_cid" text NOT NULL, + "deny_gid" text NOT NULL, + PRIMARY KEY ("id") + +); +create index "attach_aid_idx" on attach ("aid"); +create index "attach_uid_idx" on attach ("uid"); +create index "attach_hash_idx" on attach ("hash"); +create index "attach_filename_idx" on attach ("filename"); +create index "attach_filetype_idx" on attach ("filetype"); +create index "attach_filesize_idx" on attach ("filesize"); +create index "attach_created_idx" on attach ("created"); +create index "attach_edited_idx" on attach ("edited"); +create index "attach_revision_idx" on attach ("revision"); +create index "attach_folder_idx" on attach ("folder"); +create index "attach_flags_idx" on attach ("flags"); +create index "attach_creator_idx" on attach ("creator"); +CREATE TABLE "auth_codes" ( + "id" varchar(40) NOT NULL, + "client_id" varchar(20) NOT NULL, + "redirect_uri" varchar(200) NOT NULL, + "expires" bigint NOT NULL, + "scope" varchar(250) NOT NULL, + PRIMARY KEY ("id") +); +CREATE TABLE "cache" ( + "k" text NOT NULL, + "v" text NOT NULL, + "updated" timestamp NOT NULL, + PRIMARY KEY ("k") +); +CREATE TABLE "channel" ( + "channel_id" serial NOT NULL, + "channel_account_id" bigint NOT NULL DEFAULT '0', + "channel_primary" numeric(1) NOT NULL DEFAULT '0', + "channel_name" text NOT NULL DEFAULT '', + "channel_address" text NOT NULL DEFAULT '', + "channel_guid" text NOT NULL DEFAULT '', + "channel_guid_sig" text NOT NULL, + "channel_hash" text NOT NULL DEFAULT '', + "channel_timezone" varchar(128) NOT NULL DEFAULT 'UTC', + "channel_location" text NOT NULL DEFAULT '', + "channel_theme" text NOT NULL DEFAULT '', + "channel_startpage" text NOT NULL DEFAULT '', + "channel_pubkey" text NOT NULL, + "channel_prvkey" text NOT NULL, + "channel_notifyflags" bigint NOT NULL DEFAULT '65535', + "channel_pageflags" bigint NOT NULL DEFAULT '0', + "channel_dirdate" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "channel_deleted" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "channel_max_anon_mail" bigint NOT NULL DEFAULT '10', + "channel_max_friend_req" bigint NOT NULL DEFAULT '10', + "channel_expire_days" bigint NOT NULL DEFAULT '0', + "channel_passwd_reset" text NOT NULL DEFAULT '', + "channel_default_group" text NOT NULL DEFAULT '', + "channel_allow_cid" text , + "channel_allow_gid" text , + "channel_deny_cid" text , + "channel_deny_gid" text , + "channel_r_stream" bigint NOT NULL DEFAULT '128', + "channel_r_profile" bigint NOT NULL DEFAULT '128', + "channel_r_photos" bigint NOT NULL DEFAULT '128', + "channel_r_abook" bigint NOT NULL DEFAULT '128', + "channel_w_stream" bigint NOT NULL DEFAULT '128', + "channel_w_wall" bigint NOT NULL DEFAULT '128', + "channel_w_tagwall" bigint NOT NULL DEFAULT '128', + "channel_w_comment" bigint NOT NULL DEFAULT '128', + "channel_w_mail" bigint NOT NULL DEFAULT '128', + "channel_w_photos" bigint NOT NULL DEFAULT '128', + "channel_w_chat" bigint NOT NULL DEFAULT '128', + "channel_a_delegate" bigint NOT NULL DEFAULT '0', + "channel_r_storage" bigint NOT NULL DEFAULT '128', + "channel_w_storage" bigint NOT NULL DEFAULT '128', + "channel_r_pages" bigint NOT NULL DEFAULT '128', + "channel_w_pages" bigint NOT NULL DEFAULT '128', + "channel_a_republish" bigint NOT NULL DEFAULT '128', + "channel_w_like" bigint NOT NULL DEFAULT '128', + PRIMARY KEY ("channel_id"), + UNIQUE ("channel_address") +); +create index "channel_account_id" on channel ("channel_account_id"); +create index "channel_primary" on channel ("channel_primary"); +create index "channel_name" on channel ("channel_name"); +create index "channel_timezone" on channel ("channel_timezone"); +create index "channel_location" on channel ("channel_location"); +create index "channel_theme" on channel ("channel_theme"); +create index "channel_notifyflags" on channel ("channel_notifyflags"); +create index "channel_pageflags" on channel ("channel_pageflags"); +create index "channel_max_anon_mail" on channel ("channel_max_anon_mail"); +create index "channel_max_friend_req" on channel ("channel_max_friend_req"); +create index "channel_default_gid" on channel ("channel_default_group"); +create index "channel_r_stream" on channel ("channel_r_stream"); +create index "channel_r_profile" on channel ("channel_r_profile"); +create index "channel_r_photos" on channel ("channel_r_photos"); +create index "channel_r_abook" on channel ("channel_r_abook"); +create index "channel_w_stream" on channel ("channel_w_stream"); +create index "channel_w_wall" on channel ("channel_w_wall"); +create index "channel_w_tagwall" on channel ("channel_w_tagwall"); +create index "channel_w_comment" on channel ("channel_w_comment"); +create index "channel_w_mail" on channel ("channel_w_mail"); +create index "channel_w_photos" on channel ("channel_w_photos"); +create index "channel_w_chat" on channel ("channel_w_chat"); +create index "channel_guid" on channel ("channel_guid"); +create index "channel_hash" on channel ("channel_hash"); +create index "channel_expire_days" on channel ("channel_expire_days"); +create index "channel_a_delegate" on channel ("channel_a_delegate"); +create index "channel_r_storage" on channel ("channel_r_storage"); +create index "channel_w_storage" on channel ("channel_w_storage"); +create index "channel_r_pages" on channel ("channel_r_pages"); +create index "channel_w_pages" on channel ("channel_w_pages"); +create index "channel_deleted" on channel ("channel_deleted"); +create index "channel_a_republish" on channel ("channel_a_republish"); +create index "channel_w_like" on channel ("channel_w_like"); +create index "channel_dirdate" on channel ("channel_dirdate"); +CREATE TABLE "chat" ( + "chat_id" serial NOT NULL, + "chat_room" bigint NOT NULL DEFAULT '0', + "chat_xchan" text NOT NULL DEFAULT '', + "chat_text" text NOT NULL, + "created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("chat_id") +); +create index "chat_room_idx" on chat ("chat_room"); +create index "chat_xchan_idx" on chat ("chat_xchan"); +create index "chat_created_idx" on chat ("created"); +CREATE TABLE "chatpresence" ( + "cp_id" serial NOT NULL, + "cp_room" bigint NOT NULL DEFAULT '0', + "cp_xchan" text NOT NULL DEFAULT '', + "cp_last" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "cp_status" text NOT NULL, + "cp_client" char(128) NOT NULL DEFAULT '', + PRIMARY KEY ("cp_id") +); +create index "cp_room" on chatpresence ("cp_room"); +create index "cp_xchan" on chatpresence ("cp_xchan"); +create index "cp_last" on chatpresence ("cp_last"); +create index "cp_status" on chatpresence ("cp_status"); + +CREATE TABLE "chatroom" ( + "cr_id" serial NOT NULL, + "cr_aid" bigint NOT NULL DEFAULT '0', + "cr_uid" bigint NOT NULL DEFAULT '0', + "cr_name" text NOT NULL DEFAULT '', + "cr_created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "cr_edited" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "cr_expire" bigint NOT NULL DEFAULT '0', + "allow_cid" text NOT NULL, + "allow_gid" text NOT NULL, + "deny_cid" text NOT NULL, + "deny_gid" text NOT NULL, + PRIMARY KEY ("cr_id") +); +create index "cr_aid" on chatroom ("cr_aid"); +create index "cr_uid" on chatroom ("cr_uid"); +create index "cr_name" on chatroom ("cr_name"); +create index "cr_created" on chatroom ("cr_created"); +create index "cr_edited" on chatroom ("cr_edited"); +create index "cr_expire" on chatroom ("cr_expire"); +CREATE TABLE "clients" ( + "client_id" varchar(20) NOT NULL, + "pw" varchar(20) NOT NULL, + "redirect_uri" varchar(200) NOT NULL, + "name" text, + "icon" text, + "uid" bigint NOT NULL DEFAULT '0', + PRIMARY KEY ("client_id") +); +CREATE TABLE "config" ( + "id" serial NOT NULL, + "cat" text NOT NULL, + "k" text NOT NULL, + "v" text NOT NULL, + PRIMARY KEY ("id"), + UNIQUE ("cat","k") +); +CREATE TABLE "conv" ( + "id" serial NOT NULL, + "guid" text NOT NULL, + "recips" text NOT NULL, + "uid" bigint NOT NULL, + "creator" text NOT NULL, + "created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "updated" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "subject" text NOT NULL, + PRIMARY KEY ("id") +); +create index "conv_created_idx" on conv ("created"); +create index "conv_updated_idx" on conv ("updated"); + +CREATE TABLE "event" ( + "id" serial NOT NULL, + "aid" bigint NOT NULL DEFAULT '0', + "uid" bigint NOT NULL, + "event_xchan" text NOT NULL DEFAULT '', + "event_hash" text NOT NULL DEFAULT '', + "created" timestamp NOT NULL, + "edited" timestamp NOT NULL, + "start" timestamp NOT NULL, + "finish" timestamp NOT NULL, + "summary" text NOT NULL, + "description" text NOT NULL, + "location" text NOT NULL, + "type" text NOT NULL, + "nofinish" numeric(1) NOT NULL DEFAULT '0', + "adjust" numeric(1) NOT NULL DEFAULT '1', + "ignore" numeric(1) NOT NULL DEFAULT '0', + "allow_cid" text NOT NULL, + "allow_gid" text NOT NULL, + "deny_cid" text NOT NULL, + "deny_gid" text NOT NULL, + PRIMARY KEY ("id") +); +create index "event_uid_idx" on event ("uid"); +create index "event_type_idx" on event ("type"); +create index "event_start_idx" on event ("start"); +create index "event_finish_idx" on event ("finish"); +create index "event_adjust_idx" on event ("adjust"); +create index "event_nofinish_idx" on event ("nofinish"); +create index "event_ignore_idx" on event ("ignore"); +create index "event_aid_idx" on event ("aid"); +create index "event_hash_idx" on event ("event_hash"); +create index "event_xchan_idx" on event ("event_xchan"); + + +CREATE TABLE "fcontact" ( + "id" serial NOT NULL, + "url" text NOT NULL, + "name" text NOT NULL, + "photo" text NOT NULL, + "request" text NOT NULL, + "nick" text NOT NULL, + "addr" text NOT NULL, + "batch" text NOT NULL, + "notify" text NOT NULL, + "poll" text NOT NULL, + "confirm" text NOT NULL, + "priority" numeric(1) NOT NULL, + "network" varchar(32) NOT NULL DEFAULT '', + "alias" text NOT NULL, + "pubkey" text NOT NULL, + "updated" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("id") +); +create index "fcontact_addr_idx" on fcontact ("addr"); +create index "fcontact_network_idx" on fcontact ("network"); + +CREATE TABLE "ffinder" ( + "id" serial NOT NULL, + "uid" bigint NOT NULL, + "cid" bigint NOT NULL, + "fid" bigint NOT NULL, + PRIMARY KEY ("id") +); +create index "ffinder_uid_idx" on ffinder ("uid"); +create index "ffinder_cid_idx" on ffinder ("cid"); +create index "ffinder_fid_idx" on ffinder ("fid"); + +CREATE TABLE "fserver" ( + "id" serial NOT NULL, + "server" text NOT NULL, + "posturl" text NOT NULL, + "key" text NOT NULL, + PRIMARY KEY ("id") +); +create index "fserver_server_idx" on fserver ("server"); +create index "fserver_posturl_idx" on fserver ("posturl"); + +CREATE TABLE "fsuggest" ( + "id" serial NOT NULL, + "uid" bigint NOT NULL, + "cid" bigint NOT NULL, + "name" text NOT NULL, + "url" text NOT NULL, + "request" text NOT NULL, + "photo" text NOT NULL, + "note" text NOT NULL, + "created" timestamp NOT NULL, + PRIMARY KEY ("id") +); +CREATE TABLE "group_member" ( + "id" serial NOT NULL, + "uid" bigint NOT NULL, + "gid" bigint NOT NULL, + "xchan" text NOT NULL DEFAULT '', + PRIMARY KEY ("id") +); +create index "groupmember_uid" on group_member ("uid"); +create index "groupmember_gid" on group_member ("gid"); +create index "groupmember_xchan" on group_member ("xchan"); + +CREATE TABLE "groups" ( + "id" serial NOT NULL, + "hash" text NOT NULL DEFAULT '', + "uid" bigint NOT NULL, + "visible" numeric(1) NOT NULL DEFAULT '0', + "deleted" numeric(1) NOT NULL DEFAULT '0', + "name" text NOT NULL, + PRIMARY KEY ("id") + +); +create index "groups_uid_idx" on groups ("uid"); +create index "groups_visible_idx" on groups ("visible"); +create index "groups_deleted_idx" on groups ("deleted"); +create index "groups_hash_idx" on groups ("hash"); + +CREATE TABLE "hook" ( + "id" serial NOT NULL, + "hook" text NOT NULL, + "file" text NOT NULL, + "function" text NOT NULL, + "priority" bigint NOT NULL DEFAULT '0', + PRIMARY KEY ("id") + +); +create index "hook_idx" on hook ("hook"); +CREATE TABLE "hubloc" ( + "hubloc_id" serial NOT NULL, + "hubloc_guid" text NOT NULL DEFAULT '', + "hubloc_guid_sig" text NOT NULL DEFAULT '', + "hubloc_hash" text NOT NULL, + "hubloc_addr" text NOT NULL DEFAULT '', + "hubloc_network" text NOT NULL DEFAULT '', + "hubloc_flags" bigint NOT NULL DEFAULT '0', + "hubloc_status" bigint NOT NULL DEFAULT '0', + "hubloc_url" text NOT NULL DEFAULT '', + "hubloc_url_sig" text NOT NULL DEFAULT '', + "hubloc_host" text NOT NULL DEFAULT '', + "hubloc_callback" text NOT NULL DEFAULT '', + "hubloc_connect" text NOT NULL DEFAULT '', + "hubloc_sitekey" text NOT NULL DEFAULT '', + "hubloc_updated" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "hubloc_connected" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("hubloc_id") +); +create index "hubloc_url" on hubloc ("hubloc_url"); +create index "hubloc_guid" on hubloc ("hubloc_guid"); +create index "hubloc_flags" on hubloc ("hubloc_flags"); +create index "hubloc_connect" on hubloc ("hubloc_connect"); +create index "hubloc_host" on hubloc ("hubloc_host"); +create index "hubloc_addr" on hubloc ("hubloc_addr"); +create index "hubloc_network" on hubloc ("hubloc_network"); +create index "hubloc_updated" on hubloc ("hubloc_updated"); +create index "hubloc_connected" on hubloc ("hubloc_connected"); +create index "hubloc_status" on hubloc ("hubloc_status"); +CREATE TABLE "issue" ( + "issue_id" serial NOT NULL, + "issue_created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "issue_updated" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "issue_assigned" text NOT NULL, + "issue_priority" bigint NOT NULL, + "issue_status" bigint NOT NULL, + "issue_component" text NOT NULL, + PRIMARY KEY ("issue_id") +); +create index "issue_created" on issue ("issue_created"); +create index "issue_updated" on issue ("issue_updated"); +create index "issue_assigned" on issue ("issue_assigned"); +create index "issue_priority" on issue ("issue_priority"); +create index "issue_status" on issue ("issue_status"); +create index "issue_component" on issue ("issue_component"); + +CREATE TABLE "item" ( + "id" serial NOT NULL, + "mid" text NOT NULL DEFAULT '', + "aid" bigint NOT NULL DEFAULT '0', + "uid" bigint NOT NULL DEFAULT '0', + "parent" bigint NOT NULL DEFAULT '0', + "parent_mid" text NOT NULL DEFAULT '', + "thr_parent" text NOT NULL DEFAULT '', + "created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "edited" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "expires" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "commented" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "received" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "changed" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "comments_closed" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "owner_xchan" text NOT NULL DEFAULT '', + "author_xchan" text NOT NULL DEFAULT '', + "source_xchan" text NOT NULL DEFAULT '', + "mimetype" text NOT NULL DEFAULT '', + "title" text NOT NULL, + "body" text NOT NULL, + "app" text NOT NULL DEFAULT '', + "lang" varchar(64) NOT NULL DEFAULT '', + "revision" bigint NOT NULL DEFAULT '0', + "verb" text NOT NULL DEFAULT '', + "obj_type" text NOT NULL DEFAULT '', + "object" text NOT NULL, + "tgt_type" text NOT NULL DEFAULT '', + "target" text NOT NULL, + "layout_mid" text NOT NULL DEFAULT '', + "postopts" text NOT NULL DEFAULT '', + "route" text NOT NULL DEFAULT '', + "llink" text NOT NULL DEFAULT '', + "plink" text NOT NULL DEFAULT '', + "resource_id" text NOT NULL DEFAULT '', + "resource_type" varchar(16) NOT NULL DEFAULT '', + "attach" text NOT NULL, + "sig" text NOT NULL DEFAULT '', + "diaspora_meta" text NOT NULL DEFAULT '', + "location" text NOT NULL DEFAULT '', + "coord" text NOT NULL DEFAULT '', + "public_policy" text NOT NULL DEFAULT '', + "comment_policy" text NOT NULL DEFAULT '', + "allow_cid" text NOT NULL, + "allow_gid" text NOT NULL, + "deny_cid" text NOT NULL, + "deny_gid" text NOT NULL, + "item_restrict" bigint NOT NULL DEFAULT '0', + "item_flags" bigint NOT NULL DEFAULT '0', + "item_private" numeric(4) NOT NULL DEFAULT '0', + "item_search_vector" tsvector, + PRIMARY KEY ("id") +); +create index "item_uid" on item ("uid"); +create index "item_parent" on item ("parent"); +create index "item_created" on item ("created"); +create index "item_edited" on item ("edited"); +create index "item_received" on item ("received"); +create index "item_uid_commented" on item ("uid","commented"); +create index "item_uid_created" on item ("uid","created"); +create index "item_changed" on item ("changed"); +create index "item_comments_closed" on item ("comments_closed"); +create index "item_aid" on item ("aid"); +create index "item_owner_xchan" on item ("owner_xchan"); +create index "item_author_xchan" on item ("author_xchan"); +create index "item_resource_type" on item ("resource_type"); +create index "item_restrict" on item ("item_restrict"); +create index "item_flags" on item ("item_flags"); +create index "item_commented" on item ("commented"); +create index "item_verb" on item ("verb"); +create index "item_private" on item ("item_private"); +create index "item_llink" on item ("llink"); +create index "item_expires" on item ("expires"); +create index "item_revision" on item ("revision"); +create index "item_mimetype" on item ("mimetype"); +create index "item_mid" on item ("mid"); +create index "item_parent_mid" on item ("parent_mid"); +create index "item_uid_mid" on item ("mid","uid"); +create index "item_public_policy" on item ("public_policy"); +create index "item_comment_policy" on item ("comment_policy"); +create index "item_layout_mid" on item ("layout_mid"); + +-- fulltext indexes +create index "item_search_idx" on item USING gist("item_search_vector"); +create index "item_allow_cid" on item ("allow_cid"); +create index "item_allow_gid" on item ("allow_gid"); +create index "item_deny_cid" on item ("deny_cid"); +create index "item_deny_gid" on item ("deny_gid"); + +CREATE TABLE "item_id" ( + "id" serial NOT NULL, + "iid" bigint NOT NULL, + "uid" bigint NOT NULL, + "sid" text NOT NULL, + "service" text NOT NULL, + PRIMARY KEY ("id") + +); +create index "itemid_uid" on item_id ("uid"); +create index "itemid_sid" on item_id ("sid"); +create index "itemid_service" on item_id ("service"); +create index "itemid_iid" on item_id ("iid"); +CREATE TABLE "likes" ( + "id" serial NOT NULL, + "channel_id" bigint NOT NULL DEFAULT '0', + "liker" char(128) NOT NULL DEFAULT '', + "likee" char(128) NOT NULL DEFAULT '', + "iid" bigint NOT NULL DEFAULT '0', + "verb" text NOT NULL DEFAULT '', + "target_type" text NOT NULL DEFAULT '', + "target_id" char(128) NOT NULL DEFAULT '', + "target" text NOT NULL, + PRIMARY KEY ("id") +); +create index "likes_channel_id" on likes ("channel_id"); +create index "likes_liker" on likes ("liker"); +create index "likes_likee" on likes ("likee"); +create index "likes_iid" on likes ("iid"); +create index "likes_verb" on likes ("verb"); +create index "likes_target_type" on likes ("target_type"); +create index "likes_target_id" on likes ("target_id"); +CREATE TABLE "mail" ( + "id" serial NOT NULL, + "convid" bigint NOT NULL DEFAULT '0', + "mail_flags" bigint NOT NULL DEFAULT '0', + "from_xchan" text NOT NULL DEFAULT '', + "to_xchan" text NOT NULL DEFAULT '', + "account_id" bigint NOT NULL DEFAULT '0', + "channel_id" bigint NOT NULL, + "title" text NOT NULL, + "body" text NOT NULL, + "attach" text NOT NULL DEFAULT '', + "mid" text NOT NULL, + "parent_mid" text NOT NULL, + "created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "expires" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("id") +); +create index "mail_convid" on mail ("convid"); +create index "mail_created" on mail ("created"); +create index "mail_flags" on mail ("mail_flags"); +create index "mail_account_id" on mail ("account_id"); +create index "mail_channel_id" on mail ("channel_id"); +create index "mail_from_xchan" on mail ("from_xchan"); +create index "mail_to_xchan" on mail ("to_xchan"); +create index "mail_mid" on mail ("mid"); +create index "mail_parent_mid" on mail ("parent_mid"); +create index "mail_expires" on mail ("expires"); +CREATE TABLE "manage" ( + "id" serial NOT NULL, + "uid" bigint NOT NULL, + "xchan" text NOT NULL DEFAULT '', + PRIMARY KEY ("id") + +); +create index "manage_uid" on manage ("uid"); +create index "manage_xchan" on manage ("xchan"); +CREATE TABLE "menu" ( + "menu_id" serial NOT NULL, + "menu_channel_id" bigint NOT NULL DEFAULT '0', + "menu_name" text NOT NULL DEFAULT '', + "menu_desc" text NOT NULL DEFAULT '', + "menu_flags" bigint NOT NULL DEFAULT '0', + PRIMARY KEY ("menu_id") +); +create index "menu_channel_id" on menu ("menu_channel_id"); +create index "menu_name" on menu ("menu_name"); +create index "menu_flags" on menu ("menu_flags"); +CREATE TABLE "menu_item" ( + "mitem_id" serial NOT NULL, + "mitem_link" text NOT NULL DEFAULT '', + "mitem_desc" text NOT NULL DEFAULT '', + "mitem_flags" bigint NOT NULL DEFAULT '0', + "allow_cid" text NOT NULL, + "allow_gid" text NOT NULL, + "deny_cid" text NOT NULL, + "deny_gid" text NOT NULL, + "mitem_channel_id" bigint NOT NULL, + "mitem_menu_id" bigint NOT NULL DEFAULT '0', + "mitem_order" bigint NOT NULL DEFAULT '0', + PRIMARY KEY ("mitem_id") + +); +create index "mitem_channel_id" on menu_item ("mitem_channel_id"); +create index "mitem_menu_id" on menu_item ("mitem_menu_id"); +create index "mitem_flags" on menu_item ("mitem_flags"); +CREATE TABLE "notify" ( + "id" serial NOT NULL, + "hash" char(64) NOT NULL, + "name" text NOT NULL, + "url" text NOT NULL, + "photo" text NOT NULL, + "date" timestamp NOT NULL, + "msg" text NOT NULL DEFAULT '', + "aid" bigint NOT NULL, + "uid" bigint NOT NULL, + "link" text NOT NULL, + "parent" text NOT NULL DEFAULT '', + "seen" numeric(1) NOT NULL DEFAULT '0', + "type" bigint NOT NULL, + "verb" text NOT NULL, + "otype" varchar(16) NOT NULL, + PRIMARY KEY ("id") +); +create index "notify_type" on notify ("type"); +create index "notify_seen" on notify ("seen"); +create index "notify_uid" on notify ("uid"); +create index "notify_date" on notify ("date"); +create index "notify_hash" on notify ("hash"); +create index "notify_parent" on notify ("parent"); +create index "notify_link" on notify ("link"); +create index "notify_otype" on notify ("otype"); +create index "notify_aid" on notify ("aid"); +CREATE TABLE "obj" ( + "obj_id" serial NOT NULL, + "obj_page" char(64) NOT NULL DEFAULT '', + "obj_verb" text NOT NULL DEFAULT '', + "obj_type" bigint NOT NULL DEFAULT '0', + "obj_obj" text NOT NULL DEFAULT '', + "obj_channel" bigint NOT NULL DEFAULT '0', + "allow_cid" text NOT NULL, + "allow_gid" text NOT NULL, + "deny_cid" text NOT NULL, + "deny_gid" text NOT NULL, + PRIMARY KEY ("obj_id") + +); +create index "obj_verb" on obj ("obj_verb"); +create index "obj_page" on obj ("obj_page"); +create index "obj_type" on obj ("obj_type"); +create index "obj_channel" on obj ("obj_channel"); +create index "obj_obj" on obj ("obj_obj"); + +CREATE TABLE "outq" ( + "outq_hash" text NOT NULL, + "outq_account" bigint NOT NULL DEFAULT '0', + "outq_channel" bigint NOT NULL DEFAULT '0', + "outq_driver" varchar(32) NOT NULL DEFAULT '', + "outq_posturl" text NOT NULL DEFAULT '', + "outq_async" numeric(1) NOT NULL DEFAULT '0', + "outq_delivered" numeric(1) NOT NULL DEFAULT '0', + "outq_created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "outq_updated" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "outq_notify" text NOT NULL, + "outq_msg" text NOT NULL, + PRIMARY KEY ("outq_hash") +); +create index "outq_account" on outq ("outq_account"); +create index "outq_channel" on outq ("outq_channel"); +create index "outq_hub" on outq ("outq_posturl"); +create index "outq_created" on outq ("outq_created"); +create index "outq_updated" on outq ("outq_updated"); +create index "outq_async" on outq ("outq_async"); +create index "outq_delivered" on outq ("outq_delivered"); + +CREATE TABLE "pconfig" ( + "id" serial NOT NULL, + "uid" bigint NOT NULL DEFAULT '0', + "cat" text NOT NULL, + "k" text NOT NULL, + "v" text NOT NULL, + PRIMARY KEY ("id"), + UNIQUE ("uid","cat","k") +); +CREATE TABLE "photo" ( + "id" serial NOT NULL, + "aid" bigint NOT NULL DEFAULT '0', + "uid" bigint NOT NULL, + "xchan" text NOT NULL DEFAULT '', + "resource_id" text NOT NULL, + "created" timestamp NOT NULL, + "edited" timestamp NOT NULL, + "title" text NOT NULL, + "description" text NOT NULL, + "album" text NOT NULL, + "filename" text NOT NULL, + "type" varchar(128) NOT NULL DEFAULT 'image/jpeg', + "height" numeric(6) NOT NULL, + "width" numeric(6) NOT NULL, + "size" bigint NOT NULL DEFAULT '0', + "data" bytea NOT NULL, + "scale" numeric(3) NOT NULL, + "profile" numeric(1) NOT NULL DEFAULT '0', + "photo_flags" bigint NOT NULL DEFAULT '0', + "allow_cid" text NOT NULL, + "allow_gid" text NOT NULL, + "deny_cid" text NOT NULL, + "deny_gid" text NOT NULL, + PRIMARY KEY ("id") +); +create index "photo_uid" on photo ("uid"); +create index "photo_album" on photo ("album"); +create index "photo_scale" on photo ("scale"); +create index "photo_profile" on photo ("profile"); +create index "photo_flags" on photo ("photo_flags"); +create index "photo_type" on photo ("type"); +create index "photo_aid" on photo ("aid"); +create index "photo_xchan" on photo ("xchan"); +create index "photo_size" on photo ("size"); +create index "photo_resource_id" on photo ("resource_id"); + +CREATE TABLE "poll" ( + "poll_id" serial NOT NULL, + "poll_channel" bigint NOT NULL DEFAULT '0', + "poll_desc" text NOT NULL, + "poll_flags" bigint NOT NULL DEFAULT '0', + "poll_votes" bigint NOT NULL DEFAULT '0', + PRIMARY KEY ("poll_id") + +); +create index "poll_channel" on poll ("poll_channel"); +create index "poll_flags" on poll ("poll_flags"); +create index "poll_votes" on poll ("poll_votes"); +CREATE TABLE "poll_elm" ( + "pelm_id" serial NOT NULL, + "pelm_poll" bigint NOT NULL DEFAULT '0', + "pelm_desc" text NOT NULL, + "pelm_flags" bigint NOT NULL DEFAULT '0', + "pelm_result" float NOT NULL DEFAULT '0', + PRIMARY KEY ("pelm_id") +); +create index "pelm_poll" on poll_elm ("pelm_poll"); +create index "pelm_result" on poll_elm ("pelm_result"); + +CREATE TABLE "profdef" ( + "id" serial NOT NULL, + "field_name" text NOT NULL DEFAULT '', + "field_type" varchar(16) NOT NULL DEFAULT '', + "field_desc" text NOT NULL DEFAULT '', + "field_help" text NOT NULL DEFAULT '', + "field_inputs" text NOT NULL, + PRIMARY KEY ("id") +); +create index "profdef_field_name" on profdef ("field_name"); +CREATE TABLE "profext" ( + "id" serial NOT NULL, + "channel_id" bigint NOT NULL DEFAULT '0', + "hash" text NOT NULL DEFAULT '', + "k" text NOT NULL DEFAULT '', + "v" text NOT NULL, + PRIMARY KEY ("id") +); +create index "profext_channel_id" on profext ("channel_id"); +create index "profext_hash" on profext ("hash"); +create index "profext_k" on profext ("k"); + +CREATE TABLE "profile" ( + "id" serial NOT NULL, + "profile_guid" char(64) NOT NULL DEFAULT '', + "aid" bigint NOT NULL DEFAULT '0', + "uid" bigint NOT NULL, + "profile_name" text NOT NULL, + "is_default" numeric(1) NOT NULL DEFAULT '0', + "hide_friends" numeric(1) NOT NULL DEFAULT '0', + "name" text NOT NULL, + "pdesc" text NOT NULL DEFAULT '', + "chandesc" text NOT NULL DEFAULT '', + "dob" varchar(32) NOT NULL DEFAULT '', + "dob_tz" text NOT NULL DEFAULT 'UTC', + "address" text NOT NULL DEFAULT '', + "locality" text NOT NULL DEFAULT '', + "region" text NOT NULL DEFAULT '', + "postal_code" varchar(32) NOT NULL DEFAULT '', + "country_name" text NOT NULL DEFAULT '', + "hometown" text NOT NULL DEFAULT '', + "gender" varchar(32) NOT NULL DEFAULT '', + "marital" text NOT NULL DEFAULT '', + "with" text NOT NULL DEFAULT '', + "howlong" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "sexual" text NOT NULL DEFAULT '', + "politic" text NOT NULL DEFAULT '', + "religion" text NOT NULL DEFAULT '', + "keywords" text NOT NULL DEFAULT '', + "likes" text NOT NULL DEFAULT '', + "dislikes" text NOT NULL DEFAULT '', + "about" text NOT NULL DEFAULT '', + "summary" text NOT NULL DEFAULT '', + "music" text NOT NULL DEFAULT '', + "book" text NOT NULL DEFAULT '', + "tv" text NOT NULL DEFAULT '', + "film" text NOT NULL DEFAULT '', + "interest" text NOT NULL DEFAULT '', + "romance" text NOT NULL DEFAULT '', + "work" text NOT NULL DEFAULT '', + "education" text NOT NULL DEFAULT '', + "contact" text NOT NULL DEFAULT '', + "channels" text NOT NULL DEFAULT '', + "homepage" text NOT NULL DEFAULT '', + "photo" text NOT NULL, + "thumb" text NOT NULL, + "publish" numeric(1) NOT NULL DEFAULT '0', + PRIMARY KEY ("id"), + UNIQUE ("profile_guid","uid") + +); +create index "profile_uid" on profile ("uid"); +create index "profile_locality" on profile ("locality"); +create index "profile_hometown" on profile ("hometown"); +create index "profile_gender" on profile ("gender"); +create index "profile_marital" on profile ("marital"); +create index "profile_sexual" on profile ("sexual"); +create index "profile_publish" on profile ("publish"); +create index "profile_aid" on profile ("aid"); +create index "profile_is_default" on profile ("is_default"); +create index "profile_hide_friends" on profile ("hide_friends"); +create index "profile_postal_code" on profile ("postal_code"); +create index "profile_country_name" on profile ("country_name"); +create index "profile_guid" on profile ("profile_guid"); +CREATE TABLE "profile_check" ( + "id" serial NOT NULL, + "uid" bigint NOT NULL, + "cid" bigint NOT NULL DEFAULT '0', + "dfrn_id" text NOT NULL, + "sec" text NOT NULL, + "expire" bigint NOT NULL, + PRIMARY KEY ("id") +); +create index "pc_uid" on profile_check ("uid"); +create index "pc_cid" on profile_check ("cid"); +create index "pc_dfrn_id" on profile_check ("dfrn_id"); +create index "pc_sec" on profile_check ("sec"); +create index "pc_expire" on profile_check ("expire"); + +CREATE TABLE "register" ( + "id" serial NOT NULL, + "hash" text NOT NULL, + "created" timestamp NOT NULL, + "uid" bigint NOT NULL, + "password" text NOT NULL, + "language" varchar(16) NOT NULL, + PRIMARY KEY ("id") +); +create index "reg_hash" on register ("hash"); +create index "reg_created" on register ("created"); +create index "reg_uid" on register ("uid"); +CREATE TABLE "session" ( + "id" serial, + "sid" text NOT NULL, + "data" text NOT NULL, + "expire" numeric(20) NOT NULL, + PRIMARY KEY ("id") +); +create index "session_sid" on session ("sid"); +create index "session_expire" on session ("expire"); +CREATE TABLE "shares" ( + "share_id" serial NOT NULL, + "share_type" bigint NOT NULL DEFAULT '0', + "share_target" bigint NOT NULL DEFAULT '0', + "share_xchan" text NOT NULL DEFAULT '', + PRIMARY KEY ("share_id") +); +create index "share_type" on shares ("share_type"); +create index "share_target" on shares ("share_target"); +create index "share_xchan" on shares ("share_xchan"); + +CREATE TABLE "sign" ( + "id" serial NOT NULL, + "iid" bigint NOT NULL DEFAULT '0', + "retract_iid" bigint NOT NULL DEFAULT '0', + "signed_text" text NOT NULL, + "signature" text NOT NULL, + "signer" text NOT NULL, + PRIMARY KEY ("id") +); +create index "sign_iid" on "sign" ("iid"); +create index "sign_retract_iid" on "sign" ("retract_iid"); + +CREATE TABLE "site" ( + "site_url" text NOT NULL, + "site_access" bigint NOT NULL DEFAULT '0', + "site_flags" bigint NOT NULL DEFAULT '0', + "site_update" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "site_pull" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "site_sync" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "site_directory" text NOT NULL DEFAULT '', + "site_register" bigint NOT NULL DEFAULT '0', + "site_sellpage" text NOT NULL DEFAULT '', + "site_location" text NOT NULL DEFAULT '', + "site_realm" text NOT NULL DEFAULT '', + PRIMARY KEY ("site_url") +); +create index "site_flags" on site ("site_flags"); +create index "site_update" on site ("site_update"); +create index "site_directory" on site ("site_directory"); +create index "site_register" on site ("site_register"); +create index "site_access" on site ("site_access"); +create index "site_sellpage" on site ("site_sellpage"); +create index "site_realm" on site ("site_realm"); + +CREATE TABLE "source" ( + "src_id" serial NOT NULL, + "src_channel_id" bigint NOT NULL DEFAULT '0', + "src_channel_xchan" text NOT NULL DEFAULT '', + "src_xchan" text NOT NULL DEFAULT '', + "src_patt" text NOT NULL, + PRIMARY KEY ("src_id") +); +create index "src_channel_id" on "source" ("src_channel_id"); +create index "src_channel_xchan" on "source" ("src_channel_xchan"); +create index "src_xchan" on "source" ("src_xchan"); +CREATE TABLE "spam" ( + "id" serial NOT NULL, + "uid" bigint NOT NULL, + "spam" bigint NOT NULL DEFAULT '0', + "ham" bigint NOT NULL DEFAULT '0', + "term" text NOT NULL, + "date" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("id") +); +create index "spam_uid" on spam ("uid"); +create index "spam_spam" on spam ("spam"); +create index "spam_ham" on spam ("ham"); +create index "spam_term" on spam ("term"); +CREATE TABLE "sys_perms" ( + "id" serial NOT NULL, + "cat" text NOT NULL, + "k" text NOT NULL, + "v" text NOT NULL, + "public_perm" numeric(1) NOT NULL, + PRIMARY KEY ("id") +); +CREATE TABLE "term" ( + "tid" serial NOT NULL, + "aid" bigint NOT NULL DEFAULT '0', + "uid" bigint NOT NULL DEFAULT '0', + "oid" bigint NOT NULL, + "otype" numeric(3) NOT NULL, + "type" numeric(3) NOT NULL, + "term" text NOT NULL, + "url" text NOT NULL, + "imgurl" text NOT NULL DEFAULT '', + "term_hash" text NOT NULL DEFAULT '', + "parent_hash" text NOT NULL DEFAULT '', + PRIMARY KEY ("tid") +); +create index "term_oid" on term ("oid"); +create index "term_otype" on term ("otype"); +create index "term_type" on term ("type"); +create index "term_term" on term ("term"); +create index "term_uid" on term ("uid"); +create index "term_aid" on term ("aid"); +create index "term_imgurl" on term ("imgurl"); +create index "term_hash" on term ("term_hash"); +create index "term_parent_hash" on term ("parent_hash"); +CREATE TABLE "tokens" ( + "id" varchar(40) NOT NULL, + "secret" text NOT NULL, + "client_id" varchar(20) NOT NULL, + "expires" numeric(20) NOT NULL, + "scope" varchar(200) NOT NULL, + "uid" bigint NOT NULL, + PRIMARY KEY ("id") +); +create index "tokens_client_id" on tokens ("client_id"); +create index "tokens_expires" on tokens ("expires"); +create index "tokens_uid" on tokens ("uid"); + +CREATE TABLE "updates" ( + "ud_id" serial NOT NULL, + "ud_hash" char(128) NOT NULL, + "ud_guid" text NOT NULL DEFAULT '', + "ud_date" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "ud_last" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "ud_flags" bigint NOT NULL DEFAULT '0', + "ud_addr" text NOT NULL DEFAULT '', + PRIMARY KEY ("ud_id") +); +create index "ud_date" on updates ("ud_date"); +create index "ud_guid" on updates ("ud_guid"); +create index "ud_hash" on updates ("ud_hash"); +create index "ud_flags" on updates ("ud_flags"); +create index "ud_addr" on updates ("ud_addr"); +create index "ud_last" on updates ("ud_last"); +CREATE TABLE "verify" ( + "id" serial NOT NULL, + "channel" bigint NOT NULL DEFAULT '0', + "type" varchar(32) NOT NULL DEFAULT '', + "token" text NOT NULL DEFAULT '', + "meta" text NOT NULL DEFAULT '', + "created" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("id") +); +create index "verify_channel" on verify ("channel"); +create index "verify_type" on verify ("type"); +create index "verify_token" on verify ("token"); +create index "verify_meta" on verify ("meta"); +create index "verify_created" on verify ("created"); +CREATE TABLE "vote" ( + "vote_id" serial NOT NULL, + "vote_poll" bigint NOT NULL DEFAULT '0', + "vote_element" bigint NOT NULL DEFAULT '0', + "vote_result" text NOT NULL, + "vote_xchan" text NOT NULL DEFAULT '', + PRIMARY KEY ("vote_id"), + UNIQUE ("vote_poll","vote_element","vote_xchan") +); +create index "vote_poll" on vote ("vote_poll"); +create index "vote_element" on vote ("vote_element"); +CREATE TABLE "xchan" ( + "xchan_hash" text NOT NULL, + "xchan_guid" text NOT NULL DEFAULT '', + "xchan_guid_sig" text NOT NULL DEFAULT '', + "xchan_pubkey" text NOT NULL DEFAULT '', + "xchan_photo_mimetype" text NOT NULL DEFAULT 'image/jpeg', + "xchan_photo_l" text NOT NULL DEFAULT '', + "xchan_photo_m" text NOT NULL DEFAULT '', + "xchan_photo_s" text NOT NULL DEFAULT '', + "xchan_addr" text NOT NULL DEFAULT '', + "xchan_url" text NOT NULL DEFAULT '', + "xchan_connurl" text NOT NULL DEFAULT '', + "xchan_follow" text NOT NULL DEFAULT '', + "xchan_connpage" text NOT NULL DEFAULT '', + "xchan_name" text NOT NULL DEFAULT '', + "xchan_network" text NOT NULL DEFAULT '', + "xchan_instance_url" text NOT NULL DEFAULT '', + "xchan_flags" bigint NOT NULL DEFAULT '0', + "xchan_photo_date" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + "xchan_name_date" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("xchan_hash") +); +create index "xchan_guid" on xchan ("xchan_guid"); +create index "xchan_addr" on xchan ("xchan_addr"); +create index "xchan_name" on xchan ("xchan_name"); +create index "xchan_network" on xchan ("xchan_network"); +create index "xchan_url" on xchan ("xchan_url"); +create index "xchan_flags" on xchan ("xchan_flags"); +create index "xchan_connurl" on xchan ("xchan_connurl"); +create index "xchan_instance_url" on xchan ("xchan_instance_url"); +create index "xchan_follow" on xchan ("xchan_follow"); +CREATE TABLE "xchat" ( + "xchat_id" serial NOT NULL, + "xchat_url" text NOT NULL DEFAULT '', + "xchat_desc" text NOT NULL DEFAULT '', + "xchat_xchan" text NOT NULL DEFAULT '', + "xchat_edited" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("xchat_id") +); +create index "xchat_url" on xchat ("xchat_url"); +create index "xchat_desc" on xchat ("xchat_desc"); +create index "xchat_xchan" on xchat ("xchat_xchan"); +create index "xchat_edited" on xchat ("xchat_edited"); +CREATE TABLE "xconfig" ( + "id" serial NOT NULL, + "xchan" text NOT NULL, + "cat" text NOT NULL, + "k" text NOT NULL, + "v" text NOT NULL, + PRIMARY KEY ("id") +); +create index "xconfig_xchan" on xconfig ("xchan"); +create index "xconfig_cat" on xconfig ("cat"); +create index "xconfig_k" on xconfig ("k"); +CREATE TABLE "xign" ( + "id" serial NOT NULL, + "uid" bigint NOT NULL DEFAULT '0', + "xchan" text NOT NULL DEFAULT '', + PRIMARY KEY ("id") +); +create index "xign_uid" on xign ("uid"); +create index "xign_xchan" on xign ("xchan"); +CREATE TABLE "xlink" ( + "xlink_id" serial NOT NULL, + "xlink_xchan" text NOT NULL DEFAULT '', + "xlink_link" text NOT NULL DEFAULT '', + "xlink_rating" bigint NOT NULL DEFAULT '0', + "xlink_updated" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', + PRIMARY KEY ("xlink_id") +); +create index "xlink_xchan" on xlink ("xlink_xchan"); +create index "xlink_link" on xlink ("xlink_link"); +create index "xlink_updated" on xlink ("xlink_updated"); +create index "xlink_rating" on xlink ("xlink_rating"); +CREATE TABLE "xprof" ( + "xprof_hash" text NOT NULL, + "xprof_age" numeric(3) NOT NULL DEFAULT '0', + "xprof_desc" text NOT NULL DEFAULT '', + "xprof_dob" varchar(12) NOT NULL DEFAULT '', + "xprof_gender" text NOT NULL DEFAULT '', + "xprof_marital" text NOT NULL DEFAULT '', + "xprof_sexual" text NOT NULL DEFAULT '', + "xprof_locale" text NOT NULL DEFAULT '', + "xprof_region" text NOT NULL DEFAULT '', + "xprof_postcode" varchar(32) NOT NULL DEFAULT '', + "xprof_country" text NOT NULL DEFAULT '', + "xprof_keywords" text NOT NULL, + "xprof_about" text NOT NULL, + "xprof_homepage" text NOT NULL DEFAULT '', + "xprof_hometown" text NOT NULL DEFAULT '', + PRIMARY KEY ("xprof_hash") +); +create index "xprof_desc" on xprof ("xprof_desc"); +create index "xprof_dob" on xprof ("xprof_dob"); +create index "xprof_gender" on xprof ("xprof_gender"); +create index "xprof_marital" on xprof ("xprof_marital"); +create index "xprof_sexual" on xprof ("xprof_sexual"); +create index "xprof_locale" on xprof ("xprof_locale"); +create index "xprof_region" on xprof ("xprof_region"); +create index "xprof_postcode" on xprof ("xprof_postcode"); +create index "xprof_country" on xprof ("xprof_country"); +create index "xprof_age" on xprof ("xprof_age"); +create index "xprof_hometown" on xprof ("xprof_hometown"); +CREATE TABLE "xtag" ( + "xtag_id" serial NOT NULL, + "xtag_hash" text NOT NULL, + "xtag_term" text NOT NULL DEFAULT '', + "xtag_flags" bigint NOT NULL DEFAULT '0', + PRIMARY KEY ("xtag_id") +); +create index "xtag_term" on xtag ("xtag_term"); +create index "xtag_hash" on xtag ("xtag_hash"); +create index "xtag_flags" on xtag ("xtag_flags"); diff --git a/mod/acl.php b/mod/acl.php index 01f5103f1..797a3633b 100644 --- a/mod/acl.php +++ b/mod/acl.php @@ -49,7 +49,7 @@ function acl_init(&$a){ if ($type=='' || $type=='c'){ $r = q("SELECT COUNT(abook_id) AS c FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d AND not ( abook_flags & %d ) and not (xchan_flags & %d ) $sql_extra2" , + WHERE abook_channel = %d AND not ( abook_flags & %d )>0 and not (xchan_flags & %d )>0 $sql_extra2" , intval(local_user()), intval(ABOOK_FLAG_BLOCKED|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED), intval(XCHAN_FLAGS_DELETED) @@ -59,7 +59,7 @@ function acl_init(&$a){ if(intval(get_config('system','taganyone')) || intval(get_pconfig(local_user(),'system','taganyone'))) { if(((! $r) || (! $r[0]['total'])) && $type == 'c') { $r = q("SELECT COUNT(xchan_hash) AS c FROM xchan - WHERE not (xchan_flags & %d ) $sql_extra2" , + WHERE not (xchan_flags & %d )>0 $sql_extra2" , intval(XCHAN_FLAGS_DELETED) ); $contact_count = (int)$r[0]['c']; @@ -75,8 +75,8 @@ function acl_init(&$a){ $r = q("SELECT count(xchan_hash) as c FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )) - and not ( xchan_flags & %d ) + WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0) + and not ( xchan_flags & %d )>0 $sql_extra2 ", intval(local_user()), intval(PERMS_W_MAIL), @@ -92,7 +92,7 @@ function acl_init(&$a){ // autocomplete for Contacts $r = q("SELECT COUNT(abook_id) AS c FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d and not ( xchan_flags & %d ) $sql_extra2" , + WHERE abook_channel = %d and not ( xchan_flags & %d )>0 $sql_extra2" , intval(local_user()), intval(XCHAN_FLAGS_DELETED) ); @@ -110,17 +110,18 @@ function acl_init(&$a){ if ($type=='' || $type=='g'){ $r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`name`, - GROUP_CONCAT(DISTINCT `group_member`.`xchan` SEPARATOR ',') as uids + %s as uids FROM `groups`,`group_member` WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d AND `group_member`.`gid`=`groups`.`id` $sql_extra GROUP BY `groups`.`id` ORDER BY `groups`.`name` - LIMIT %d,%d", + LIMIT %d OFFSET %d", + db_concat('group_member.xchan', ','), intval(local_user()), - intval($start), - intval($count) + intval($count), + intval($start) ); foreach($r as $g){ @@ -140,7 +141,7 @@ function acl_init(&$a){ if ($type=='' || $type=='c') { $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d AND not ( abook_flags & %d ) and not (xchan_flags & %d ) $sql_extra2 order by xchan_name asc" , + WHERE abook_channel = %d AND not ( abook_flags & %d )>0 and not (xchan_flags & %d )>0 $sql_extra2 order by xchan_name asc" , intval(local_user()), intval(ABOOK_FLAG_BLOCKED|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED), intval(XCHAN_FLAGS_DELETED) @@ -149,7 +150,7 @@ function acl_init(&$a){ if((! $r) && $type == 'c') { $r = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags FROM xchan - WHERE not (xchan_flags & %d ) $sql_extra2 order by xchan_name asc" , + WHERE not (xchan_flags & %d )>0 $sql_extra2 order by xchan_name asc" , intval(XCHAN_FLAGS_DELETED) ); } @@ -159,8 +160,8 @@ function acl_init(&$a){ $r = q("SELECT xchan_hash as id, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )) - and not (xchan_flags & %d) + WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0) + and not (xchan_flags & %d)>0 $sql_extra3 ORDER BY `xchan_name` ASC ", intval(local_user()), @@ -171,7 +172,7 @@ function acl_init(&$a){ elseif(($type == 'a') || ($type == 'p')) { $r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d - and not (xchan_flags & %d) + and not (xchan_flags & %d)>0 $sql_extra3 ORDER BY xchan_name ASC ", intval(local_user()), diff --git a/mod/admin.php b/mod/admin.php index da76337d8..0e580960a 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -591,7 +591,7 @@ function admin_page_users_post(&$a){ if (x($_POST,'page_users_block')){ foreach($users as $uid){ - q("UPDATE account SET account_flags = (account_flags & %d) where account_id = %d limit 1", + q("UPDATE account SET account_flags = (account_flags & %d) where account_id = %d", intval(ACCOUNT_BLOCKED), intval( $uid ) ); @@ -647,7 +647,7 @@ function admin_page_users(&$a){ }; break; case "block":{ check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); - q("UPDATE account SET account_flags = ( account_flags ^ %d ) where account_id = %d", + q("UPDATE account SET account_flags = ( account_flags & ~%d ) where account_id = %d", intval(ACCOUNT_BLOCKED), intval( $uid ) ); @@ -661,13 +661,13 @@ function admin_page_users(&$a){ } /* get pending */ - $pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d ) ", + $pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d )>0 ", intval(ACCOUNT_PENDING) ); /* get users */ - $total = q("SELECT count(*) as total FROM account where 1"); + $total = q("SELECT count(*) as total FROM account"); if(count($total)) { $a->set_pager_total($total[0]['total']); $a->set_pager_itemspage(100); @@ -687,14 +687,15 @@ function admin_page_users(&$a){ if($_REQUEST['order'] === 'created') $order = " order by account_created desc "; - $users =q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . "`account_service_class`, ( account_flags & %d ) > 0 as `blocked`, " . - "(SELECT GROUP_CONCAT( ch.channel_address SEPARATOR ' ') FROM channel as ch " . - "WHERE ch.channel_account_id = ac.account_id and not (ch.channel_pageflags & %d )) as `channels` " . - "FROM account as ac where true $serviceclass $order limit %d , %d ", + $users =q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . "`account_service_class`, ( account_flags & %d )>0 as `blocked`, " . + "(SELECT %s FROM channel as ch " . + "WHERE ch.channel_account_id = ac.account_id and not (ch.channel_pageflags & %d )>0) as `channels` " . + "FROM account as ac where true $serviceclass $order limit %d offset %d ", intval(ACCOUNT_BLOCKED), + db_concat('ch.channel_address', ' '), intval(PAGE_REMOVED), - intval($a->pager['start']), - intval($a->pager['itemspage']) + intval($a->pager['itemspage']), + intval($a->pager['start']) ); // function _setup_users($e){ @@ -761,7 +762,7 @@ function admin_page_channels_post(&$a){ if (x($_POST,'page_channels_block')){ foreach($channels as $uid){ - q("UPDATE channel SET channel_pageflags = ( channel_pageflags ^ %d ) where channel_id = %d", + q("UPDATE channel SET channel_pageflags = ( channel_pageflags & ~%d ) where channel_id = %d", intval(PAGE_CENSORED), intval( $uid ) ); @@ -809,7 +810,7 @@ function admin_page_channels(&$a){ case "block":{ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - q("UPDATE channel SET channel_pageflags = ( channel_pageflags ^ %d ) where channel_id = %d", + q("UPDATE channel SET channel_pageflags = ( channel_pageflags & ~%d ) where channel_id = %d", intval(PAGE_CENSORED), intval( $uid ) ); @@ -825,7 +826,7 @@ function admin_page_channels(&$a){ /* get channels */ - $total = q("SELECT count(*) as total FROM channel where not (channel_pageflags & %d)", + $total = q("SELECT count(*) as total FROM channel where not (channel_pageflags & %d)>0", intval(PAGE_REMOVED) ); if($total) { @@ -835,10 +836,10 @@ function admin_page_channels(&$a){ $order = " order by channel_name asc "; - $channels = q("SELECT * from channel where not ( channel_pageflags & %d ) $order limit %d , %d ", + $channels = q("SELECT * from channel where not ( channel_pageflags & %d )>0 $order limit %d offset %d ", intval(PAGE_REMOVED), - intval($a->pager['start']), - intval($a->pager['itemspage']) + intval($a->pager['itemspage']), + intval($a->pager['start']) ); if($channels) { @@ -1292,7 +1293,7 @@ readable."); function admin_page_profs_post(&$a) { if($_REQUEST['id']) { - $r = q("update profdef set field_name = '%s', field_type = '%s', field_desc = '%s' field_help = '%s', field_inputs = '%s' where id = %d limit 1", + $r = q("update profdef set field_name = '%s', field_type = '%s', field_desc = '%s' field_help = '%s', field_inputs = '%s' where id = %d", dbesc($_REQUEST['field_name']), dbesc($_REQUEST['field_type']), dbesc($_REQUEST['field_desc']), @@ -1320,7 +1321,7 @@ function admin_page_profs_post(&$a) { function admin_page_profs(&$a) { if((argc() > 3) && argv(2) == 'drop' && intval(argv(3))) { - $r = q("delete from profdef where id = %d limit 1", + $r = q("delete from profdef where id = %d", intval(argv(3)) ); // remove from allowed fields diff --git a/mod/channel.php b/mod/channel.php index e4a7173c0..8d6b2a169 100644 --- a/mod/channel.php +++ b/mod/channel.php @@ -141,17 +141,17 @@ function channel_content(&$a, $update = 0, $load = false) { if(($update) && (! $load)) { if ($mid) { $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d AND item_restrict = 0 - AND (item_flags & %d) AND (item_flags & %d) $sql_extra limit 1", + AND (item_flags & %d)>0 AND (item_flags & %d)>0 $sql_extra limit 1", dbesc($mid), intval($a->profile['profile_uid']), intval(ITEM_WALL), intval(ITEM_UNSEEN) ); } else { - $r = q("SELECT distinct parent AS `item_id` from item + $r = q("SELECT distinct parent AS `item_id`, created from item left join abook on item.author_xchan = abook.abook_xchan WHERE uid = %d AND item_restrict = 0 - AND (item_flags & %d) AND ( item_flags & %d ) + AND (item_flags & %d)>0 AND ( item_flags & %d )>0 AND ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $sql_extra ORDER BY created DESC", @@ -179,12 +179,12 @@ function channel_content(&$a, $update = 0, $load = false) { $itemspage = get_pconfig(local_user(),'system','itemspage'); $a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20)); - $pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage'])); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($a->pager['itemspage']), intval($a->pager['start'])); if($load || ($_COOKIE['jsAvailable'] != 1)) { if ($mid) { $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d AND item_restrict = 0 - AND (item_flags & %d) $sql_extra limit 1", + AND (item_flags & %d)>0 $sql_extra limit 1", dbesc($mid), intval($a->profile['profile_uid']), intval(ITEM_WALL) @@ -194,10 +194,10 @@ function channel_content(&$a, $update = 0, $load = false) { } } else { - $r = q("SELECT distinct id AS item_id FROM item + $r = q("SELECT distinct id AS item_id, created FROM item left join abook on item.author_xchan = abook.abook_xchan WHERE uid = %d AND item_restrict = 0 - AND (item_flags & %d) and (item_flags & %d) + AND (item_flags & %d)>0 and (item_flags & %d)>0 AND ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $sql_extra $sql_extra2 ORDER BY created DESC $pager_sql ", @@ -283,8 +283,8 @@ function channel_content(&$a, $update = 0, $load = false) { if($is_owner) { - $r = q("UPDATE item SET item_flags = (item_flags ^ %d) - WHERE (item_flags & %d) AND (item_flags & %d) AND uid = %d ", + $r = q("UPDATE item SET item_flags = (item_flags & ~%d) + WHERE (item_flags & %d)>0 AND (item_flags & %d)>0 AND uid = %d ", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(ITEM_WALL), diff --git a/mod/chatsvc.php b/mod/chatsvc.php index 43aa3d3c0..44225e6dd 100644 --- a/mod/chatsvc.php +++ b/mod/chatsvc.php @@ -73,7 +73,7 @@ function chatsvc_content(&$a) { intval($a->data['chat']['uid']) ); - $r = q("update chatpresence set cp_status = '%s', cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s' limit 1", + $r = q("update chatpresence set cp_status = '%s', cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'", dbesc($status), dbesc(datetime_convert()), intval($room_id), @@ -141,7 +141,7 @@ function chatsvc_content(&$a) { } } - $r = q("update chatpresence set cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s' limit 1", + $r = q("update chatpresence set cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'", dbesc(datetime_convert()), intval($a->data['chat']['room_id']), dbesc(get_observer_hash()), diff --git a/mod/connect.php b/mod/connect.php index f7748bcaf..5b1f258ad 100644 --- a/mod/connect.php +++ b/mod/connect.php @@ -38,7 +38,7 @@ function connect_post(&$a) { $text = escape_tags($_POST['text']); if($has_premium != $premium) { - $r = q("update channel set channel_pageflags = ( channel_pageflags ^ %d ) where channel_id = %d limit 1", + $r = q("update channel set channel_pageflags = ( channel_pageflags & ~%d ) where channel_id = %d", intval(PAGE_PREMIUM), intval(local_user()) ); diff --git a/mod/connections.php b/mod/connections.php index 0dfcfebf1..70e28913a 100644 --- a/mod/connections.php +++ b/mod/connections.php @@ -81,7 +81,7 @@ function connections_post(&$a) { } $r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_flags = %d - where abook_id = %d AND abook_channel = %d LIMIT 1", + where abook_id = %d AND abook_channel = %d", dbesc($profile_id), intval($abook_my_perms), intval($closeness), @@ -213,7 +213,7 @@ function connections_content(&$a) { nav_set_selected('intros'); break; case 'ifpending': - $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d) and not ((abook_flags & %d) or (xchan_flags & %d))", + $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d)>0 and not ((abook_flags & %d)>0 or (xchan_flags & %d)>0)", intval(local_user()), intval(ABOOK_FLAG_PENDING), intval(ABOOK_FLAG_SELF|ABOOK_FLAG_IGNORED), @@ -250,13 +250,13 @@ function connections_content(&$a) { } - $sql_extra = (($search_flags) ? " and ( abook_flags & " . $search_flags . " ) " : ""); + $sql_extra = (($search_flags) ? " and ( abook_flags & " . $search_flags . " )>0 " : ""); if(argv(1) === 'pending') - $sql_extra .= " and not ( abook_flags & " . ABOOK_FLAG_IGNORED . " ) "; + $sql_extra .= " and not ( abook_flags & " . ABOOK_FLAG_IGNORED . " )>0 "; } else { - $sql_extra = " and not ( abook_flags & " . ABOOK_FLAG_BLOCKED . " ) "; + $sql_extra = " and not ( abook_flags & " . ABOOK_FLAG_BLOCKED . " )>0 "; $unblocked = true; } @@ -342,7 +342,7 @@ function connections_content(&$a) { } $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash - where abook_channel = %d and not (abook_flags & %d) and not (xchan_flags & %d ) $sql_extra $sql_extra2 ", + where abook_channel = %d and not (abook_flags & %d)>0 and not (xchan_flags & %d )>0 $sql_extra $sql_extra2 ", intval(local_user()), intval(ABOOK_FLAG_SELF), intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN) @@ -353,12 +353,12 @@ function connections_content(&$a) { } $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash - WHERE abook_channel = %d and not (abook_flags & %d) and not ( xchan_flags & %d) $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d , %d ", + WHERE abook_channel = %d and not (abook_flags & %d)>0 and not ( xchan_flags & %d)>0 $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d OFFSET %d ", intval(local_user()), intval(ABOOK_FLAG_SELF), intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN), - intval($a->pager['start']), - intval($a->pager['itemspage']) + intval($a->pager['itemspage']), + intval($a->pager['start']) ); $contacts = array(); diff --git a/mod/connedit.php b/mod/connedit.php index 60f284797..917e2c73b 100644 --- a/mod/connedit.php +++ b/mod/connedit.php @@ -117,7 +117,7 @@ function connedit_post(&$a) { } $r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_flags = %d - where abook_id = %d AND abook_channel = %d LIMIT 1", + where abook_id = %d AND abook_channel = %d", dbesc($profile_id), intval($abook_my_perms), intval($closeness), @@ -300,7 +300,7 @@ function connedit_content(&$a) { $cmd = argv(2); $orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_id = %d AND abook_channel = %d AND NOT ( abook_flags & %d ) LIMIT 1", + WHERE abook_id = %d AND abook_channel = %d AND NOT ( abook_flags & %d )>0 LIMIT 1", intval($contact_id), intval(local_user()), intval(ABOOK_FLAG_SELF) diff --git a/mod/contactgroup.php b/mod/contactgroup.php index cac02a65d..4515c4c4c 100644 --- a/mod/contactgroup.php +++ b/mod/contactgroup.php @@ -9,7 +9,7 @@ function contactgroup_content(&$a) { } if((argc() > 2) && (intval(argv(1))) && (argv(2))) { - $r = q("SELECT abook_xchan from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d ) limit 1", + $r = q("SELECT abook_xchan from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d )>0 limit 1", dbesc(base64url_decode(argv(2))), intval(local_user()), intval(ABOOK_FLAG_SELF) diff --git a/mod/delegate.php b/mod/delegate.php index e582b9387..c78898b7f 100644 --- a/mod/delegate.php +++ b/mod/delegate.php @@ -42,7 +42,7 @@ function delegate_content(&$a) { if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) goaway($a->get_baseurl() . '/delegate'); - q("delete from manage where uid = %d and mid = %d limit 1", + q("delete from manage where uid = %d and mid = %d", intval($a->argv[2]), intval(local_user()) ); diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 516b5cc73..dea34c566 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -151,16 +151,16 @@ function dirsearch_content(&$a) { } - $safesql = (($safe > 0) ? " and not ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " ) " : ''); + $safesql = (($safe > 0) ? " and not ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 " : ''); if($safe < 0) - $safesql = " and ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " ) "; + $safesql = " and ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 "; if($limit) $qlimit = " LIMIT $limit "; else { $qlimit = " LIMIT " . intval($startrec) . " , " . intval($perpage); if($return_total) { - $r = q("SELECT COUNT(xchan_hash) AS `total` FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and not ( xchan_flags & %d) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql ", + $r = q("SELECT COUNT(xchan_hash) AS `total` FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and not ( xchan_flags & %d)>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $safesql ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) @@ -205,7 +205,7 @@ function dirsearch_content(&$a) { json_return_and_die($spkt); } else { - $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql $order $qlimit ", + $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $safesql $order $qlimit ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) diff --git a/mod/display.php b/mod/display.php index be06c1e82..ece406543 100644 --- a/mod/display.php +++ b/mod/display.php @@ -149,7 +149,7 @@ function display_content(&$a, $update = 0, $load = false) { $updateable = false; - $pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage'])); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($a->pager['itemspage']),intval($a->pager['start'])); if($load || ($_COOKIE['jsAvailable'] != 1)) { $r = null; @@ -189,7 +189,7 @@ function display_content(&$a, $update = 0, $load = false) { and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) OR owner_xchan = '%s') $sql_extra ) - group by mid limit 1", + limit 1", dbesc($target_item['parent_mid']), dbesc($sys['xchan_hash']) ); @@ -228,8 +228,8 @@ function display_content(&$a, $update = 0, $load = false) { } if($updateable) { - $x = q("UPDATE item SET item_flags = ( item_flags ^ %d ) - WHERE (item_flags & %d) AND uid = %d and parent = %d ", + $x = q("UPDATE item SET item_flags = ( item_flags & ~%d ) + WHERE (item_flags & %d)>0 AND uid = %d and parent = %d ", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(local_user()), diff --git a/mod/events.php b/mod/events.php index 513899308..009afbcb8 100755 --- a/mod/events.php +++ b/mod/events.php @@ -199,14 +199,14 @@ function events_content(&$a) { nav_set_selected('all_events'); if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { - $r = q("update event set ignore = 1 where id = %d and uid = %d limit 1", + $r = q("update event set ignore = 1 where id = %d and uid = %d", intval(argv(2)), intval(local_user()) ); } if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) { - $r = q("update event set ignore = 0 where id = %d and uid = %d limit 1", + $r = q("update event set ignore = 0 where id = %d and uid = %d", intval(argv(2)), intval(local_user()) ); @@ -330,8 +330,8 @@ function events_content(&$a) { $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan from event left join item on event_hash = resource_id where resource_type = 'event' and event.uid = %d and event.ignore = %d - AND (( `adjust` = 0 AND ( `finish` >= '%s' or nofinish ) AND `start` <= '%s' ) - OR ( `adjust` = 1 AND ( `finish` >= '%s' or nofinish ) AND `start` <= '%s' )) ", + AND (( `adjust` = 0 AND ( `finish` >= '%s' or nofinish = 1 ) AND `start` <= '%s' ) + OR ( `adjust` = 1 AND ( `finish` >= '%s' or nofinish = 1 ) AND `start` <= '%s' )) ", intval(local_user()), intval($ignored), dbesc($start), diff --git a/mod/filer.php b/mod/filer.php index 3340fc999..9a409177c 100644 --- a/mod/filer.php +++ b/mod/filer.php @@ -27,7 +27,7 @@ function filer_content(&$a) { intval(local_user()) ); if($r) { - $x = q("update item set item_flags = ( item_flags | %d ) where id = %d and uid = %d limit 1", + $x = q("update item set item_flags = ( item_flags | %d ) where id = %d and uid = %d", intval(ITEM_RETAINED), intval($r[0]['parent']), intval(local_user()) diff --git a/mod/filerm.php b/mod/filerm.php index a37e80b31..900cfe60b 100644 --- a/mod/filerm.php +++ b/mod/filerm.php @@ -18,7 +18,7 @@ function filerm_content(&$a) { logger('filerm: tag ' . $term . ' item ' . $item_id); if($item_id && strlen($term)) { - $r = q("delete from term where uid = %d and type = %d and oid = %d and term = '%s' limit 1", + $r = q("delete from term where uid = %d and type = %d and oid = %d and term = '%s'", intval(local_user()), intval(($category) ? TERM_CATEGORY : TERM_FILE), intval($item_id), diff --git a/mod/fsuggest.php b/mod/fsuggest.php index 8b6f077d3..2f4f9606b 100644 --- a/mod/fsuggest.php +++ b/mod/fsuggest.php @@ -52,7 +52,7 @@ function fsuggest_post(&$a) { ); if(count($r)) { $fsuggest_id = $r[0]['id']; - q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", + q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($note), intval($fsuggest_id), intval(local_user()) diff --git a/mod/group.php b/mod/group.php index 9b90b1a1a..f67623a83 100644 --- a/mod/group.php +++ b/mod/group.php @@ -44,7 +44,7 @@ function group_post(&$a) { $public = intval($_POST['public']); if((strlen($groupname)) && (($groupname != $group['name']) || ($public != $group['visible']))) { - $r = q("UPDATE `groups` SET `name` = '%s', visible = %d WHERE `uid` = %d AND `id` = %d LIMIT 1", + $r = q("UPDATE `groups` SET `name` = '%s', visible = %d WHERE `uid` = %d AND `id` = %d", dbesc($groupname), intval($public), intval(local_user()), @@ -117,7 +117,7 @@ function group_content(&$a) { check_form_security_token_ForbiddenOnErr('group_member_change', 't'); - $r = q("SELECT abook_xchan from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and not (xchan_flags & %d) and not (abook_flags & %d) and not (abook_flags & %d) limit 1", + $r = q("SELECT abook_xchan from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and not (xchan_flags & %d)>0 and not (abook_flags & %d)>0 and not (abook_flags & %d)>0 limit 1", dbesc(base64url_decode(argv(2))), intval(local_user()), intval(XCHAN_FLAGS_DELETED), @@ -211,7 +211,7 @@ function group_content(&$a) { group_rmv_member(local_user(),$group['name'],$member['xchan_hash']); } - $r = q("SELECT abook.*, xchan.* FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE `abook_channel` = %d AND not (abook_flags & %d) and not (xchan_flags & %d) and not (abook_flags & %d) order by xchan_name asc", + $r = q("SELECT abook.*, xchan.* FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE `abook_channel` = %d AND not (abook_flags & %d)>0 and not (xchan_flags & %d)>0 and not (abook_flags & %d)>0 order by xchan_name asc", intval(local_user()), intval(ABOOK_FLAG_BLOCKED), intval(XCHAN_FLAGS_DELETED), diff --git a/mod/import.php b/mod/import.php index 44dfcc38d..6cb3767a6 100644 --- a/mod/import.php +++ b/mod/import.php @@ -215,7 +215,7 @@ function import_post(&$a) { // reset the original primary hubloc if it is being seized if($seize) - $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where (hubloc_flags & %d) and hubloc_hash = '%s' and hubloc_url != '%s' ", + $r = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d) where (hubloc_flags & %d)>0 and hubloc_hash = '%s' and hubloc_url != '%s' ", intval(HUBLOC_FLAGS_PRIMARY), intval(HUBLOC_FLAGS_PRIMARY), dbesc($channel['channel_hash']), @@ -228,7 +228,7 @@ function import_post(&$a) { // replace our existing xchan if we're seizing control - $r = q("delete from xchan where xchan_hash = '%s' limit 1", + $r = q("delete from xchan where xchan_hash = '%s'", dbesc($channel['channel_hash']) ); @@ -278,7 +278,7 @@ function import_post(&$a) { $photodate = $xchan['xchan_photo_date']; $r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s', xchan_photo_date = '%s' - where xchan_hash = '%s' limit 1", + where xchan_hash = '%s'", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), diff --git a/mod/item.php b/mod/item.php index fdfc43bf2..94ff32750 100644 --- a/mod/item.php +++ b/mod/item.php @@ -887,7 +887,7 @@ function item_post(&$a) { // They will show up as people comment on them. if($parent_item['item_restrict'] & ITEM_HIDDEN) { - $r = q("UPDATE `item` SET `item_restrict` = %d WHERE `id` = %d LIMIT 1", + $r = q("UPDATE `item` SET `item_restrict` = %d WHERE `id` = %d", intval($parent_item['item_restrict'] - ITEM_HIDDEN), intval($parent_item['id']) ); @@ -1301,7 +1301,7 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body, $private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); $r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d - WHERE id = %d AND uid = %d limit 1", + WHERE id = %d AND uid = %d", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), @@ -1351,7 +1351,7 @@ function item_check_service_class($channel_id,$iswebpage) { if ($iswebpage) { $r = q("select count(i.id) as total from item i right join channel c on (i.author_xchan=c.channel_hash and i.uid=c.channel_id ) - and i.parent=i.id and (i.item_restrict & %d) and not (i.item_restrict & %d) and i.uid= %d ", + and i.parent=i.id and (i.item_restrict & %d)>0 and not (i.item_restrict & %d)>0 and i.uid= %d ", intval(ITEM_WEBPAGE), intval(ITEM_DELETED), intval($channel_id) diff --git a/mod/like.php b/mod/like.php index f4fd33787..b56611197 100755 --- a/mod/like.php +++ b/mod/like.php @@ -276,7 +276,7 @@ function like_content(&$a) { // Already liked/disliked it, delete it - $r = q("UPDATE item SET item_restrict = ( item_restrict ^ %d ), changed = '%s' WHERE id = %d LIMIT 1", + $r = q("UPDATE item SET item_restrict = ( item_restrict & ~%d ), changed = '%s' WHERE id = %d", intval(ITEM_DELETED), dbesc(datetime_convert()), intval($like_item['id']) @@ -332,7 +332,7 @@ function like_content(&$a) { // if this was a linked photo and was hidden, unhide it. if($item['item_restrict'] & ITEM_HIDDEN) { - $r = q("update item set item_restrict = (item_restrict ^ %d) where id = %d limit 1", + $r = q("update item set item_restrict = (item_restrict ^ %d) where id = %d", intval(ITEM_HIDDEN), intval($item['id']) ); diff --git a/mod/locs.php b/mod/locs.php index b707f6bd9..b1169fcca 100644 --- a/mod/locs.php +++ b/mod/locs.php @@ -19,12 +19,12 @@ function locs_post(&$a) { notice( t('Location not found.') . EOL); return; } - $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where (hubloc_flags & %d) and hubloc_hash = '%s' ", + $r = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d) where (hubloc_flags & %d)>0 and hubloc_hash = '%s' ", intval(HUBLOC_FLAGS_PRIMARY), intval(HUBLOC_FLAGS_PRIMARY), dbesc($channel['channel_hash']) ); - $r = q("update hubloc set hubloc_flags = (hubloc_flags & %d) where hubloc_id = %d and hubloc_hash = '%s' limit 1", + $r = q("update hubloc set hubloc_flags = (hubloc_flags & %d) where hubloc_id = %d and hubloc_hash = '%s'", intval(HUBLOC_FLAGS_PRIMARY), intval($hubloc_id), dbesc($channel['channel_hash']) @@ -50,7 +50,7 @@ function locs_post(&$a) { notice( t('Primary location cannot be removed.') . EOL); return; } - $r = q("update hubloc set hubloc_flags = (hubloc_flags & %d) where hubloc_id = %d and hubloc_hash = '%s' limit 1", + $r = q("update hubloc set hubloc_flags = (hubloc_flags & %d) where hubloc_id = %d and hubloc_hash = '%s'", intval(HUBLOC_FLAGS_DELETED), intval($hubloc_id), dbesc($channel['channel_hash']) diff --git a/mod/lostpass.php b/mod/lostpass.php index dd7c7a7d5..3269128f1 100644 --- a/mod/lostpass.php +++ b/mod/lostpass.php @@ -21,7 +21,7 @@ function lostpass_post(&$a) { $hash = random_string(); - $r = q("UPDATE account SET account_reset = '%s' WHERE account_id = %d LIMIT 1", + $r = q("UPDATE account SET account_reset = '%s' WHERE account_id = %d", dbesc($hash), intval($aid) ); @@ -73,7 +73,7 @@ function lostpass_content(&$a) { $salt = random_string(32); $password_encoded = hash('whirlpool', $salt . $new_password); - $r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '' where account_id = %d limit 1", + $r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '' where account_id = %d", dbesc($salt), dbesc($password_encoded), intval($aid) diff --git a/mod/mail.php b/mod/mail.php index f4897149a..dacb181c5 100644 --- a/mod/mail.php +++ b/mod/mail.php @@ -141,7 +141,7 @@ function mail_content(&$a) { if(! intval(argv(2))) return; $cmd = argv(1); - $r = q("update mail set mail_flags = mail_flags | %d where id = %d and channel_id = %d limit 1", + $r = q("update mail set mail_flags = mail_flags | %d where id = %d and channel_id = %d", intval(MAIL_RECALLED), intval(argv(2)), intval(local_user()) diff --git a/mod/manage.php b/mod/manage.php index 1920967e6..00c6db7f0 100644 --- a/mod/manage.php +++ b/mod/manage.php @@ -17,7 +17,7 @@ function manage_content(&$a) { intval(get_account_id()) ); if($r) { - q("update account set account_default_channel = %d where account_id = %d limit 1", + q("update account set account_default_channel = %d where account_id = %d", intval($change_channel), intval(get_account_id()) ); @@ -36,7 +36,7 @@ function manage_content(&$a) { $channels = null; if(local_user()) { - $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and not ( channel_pageflags & %d ) order by channel_name ", + $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and not ( channel_pageflags & %d )>0 order by channel_name ", intval(get_account_id()), intval(PAGE_REMOVED) ); @@ -55,7 +55,7 @@ function manage_content(&$a) { $c = q("SELECT id, item_restrict, item_flags FROM item - WHERE (item_restrict = %d) and ( item_flags & %d ) and uid = %d", + WHERE (item_restrict = %d) and ( item_flags & %d )>0 and uid = %d", intval(ITEM_VISIBLE), intval(ITEM_UNSEEN), intval($channels[$x]['channel_id']) @@ -71,7 +71,7 @@ function manage_content(&$a) { } - $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d) and not ((abook_flags & %d) or (xchan_flags & %d))", + $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d)>0 and not ((abook_flags & %d)>0 or (xchan_flags & %d)>0)", intval($channels[$x]['channel_id']), intval(ABOOK_FLAG_PENDING), intval(ABOOK_FLAG_SELF|ABOOK_FLAG_IGNORED), @@ -82,7 +82,7 @@ function manage_content(&$a) { $channels[$x]['intros'] = intval($intr[0]['total']); - $mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND not (mail_flags & %d) and from_xchan != '%s' ", + $mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND not (mail_flags & %d)>0 and from_xchan != '%s' ", intval($channels[$x]['channel_id']), intval(MAIL_SEEN), dbesc($channels[$x]['channel_hash']) @@ -127,7 +127,7 @@ function manage_content(&$a) { } } - $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d )", + $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d )>0", intval(get_account_id()), intval(PAGE_REMOVED) ); diff --git a/mod/network.php b/mod/network.php index 0bad366d4..da020c389 100644 --- a/mod/network.php +++ b/mod/network.php @@ -150,12 +150,12 @@ function network_content(&$a, $update = 0, $load = false) { $sql_options = (($star) - ? " and (item_flags & " . intval(ITEM_STARRED) . ")" + ? " and (item_flags & " . intval(ITEM_STARRED) . ")>0" : ''); $sql_nets = ''; - $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") $sql_options ) "; + $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ")>0 $sql_options ) "; if($group) { $contact_str = ''; @@ -184,7 +184,7 @@ function network_content(&$a, $update = 0, $load = false) { elseif($cid) { - $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ") limit 1", + $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ")>0 limit 1", intval($cid), intval(local_user()) ); @@ -264,7 +264,7 @@ function network_content(&$a, $update = 0, $load = false) { } if($conv) { - $sql_extra .= sprintf(" AND parent IN (SELECT distinct(parent) from item where ( author_xchan like '%s' or ( item_flags & %d ))) ", + $sql_extra .= sprintf(" AND parent IN (SELECT distinct(parent) from item where ( author_xchan like '%s' or ( item_flags & %d )>0)) ", dbesc(protect_sprintf($channel['channel_hash'])), intval(ITEM_MENTIONSME) ); @@ -279,7 +279,7 @@ function network_content(&$a, $update = 0, $load = false) { else { $itemspage = get_pconfig(local_user(),'system','itemspage'); $a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20)); - $pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage'])); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($a->pager['itemspage']), intval($a->pager['start'])); } @@ -314,7 +314,7 @@ function network_content(&$a, $update = 0, $load = false) { $uids = " and item.uid = " . local_user() . " "; } - $simple_update = (($update) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : ''); + $simple_update = (($update) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " )>0 " : ''); // This fixes a very subtle bug so I'd better explain it. You wake up in the morning or return after a day // or three and look at your matrix page - after opening up your browser. The first page loads just as it @@ -336,7 +336,7 @@ function network_content(&$a, $update = 0, $load = false) { if($nouveau && $load) { // "New Item View" - show all items unthreaded in reverse created date order - $items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item` + $items = q("SELECT `item`.*, `item`.`id` AS `item_id`, received FROM `item` WHERE true $uids AND item_restrict = 0 $simple_update $sql_extra $sql_nets @@ -364,13 +364,13 @@ function network_content(&$a, $update = 0, $load = false) { // Fetch a page full of parent items for this page - $r = q("SELECT distinct item.id AS item_id FROM item + $r = q("SELECT distinct item.id AS item_id, $ordering FROM item left join abook on item.author_xchan = abook.abook_xchan WHERE true $uids AND item.item_restrict = 0 AND item.parent = item.id and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $sql_extra3 $sql_extra $sql_nets - ORDER BY item.$ordering DESC $pager_sql ", + ORDER BY $ordering DESC $pager_sql ", intval(ABOOK_FLAG_BLOCKED) ); @@ -417,8 +417,8 @@ function network_content(&$a, $update = 0, $load = false) { } if(($update_unseen) && (! $firehose)) - $r = q("UPDATE `item` SET item_flags = ( item_flags ^ %d) - WHERE (item_flags & %d) AND `uid` = %d $update_unseen ", + $r = q("UPDATE `item` SET item_flags = ( item_flags & ~%d) + WHERE (item_flags & %d)>0 AND `uid` = %d $update_unseen ", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(local_user()) diff --git a/mod/notifications.php b/mod/notifications.php index 09f89e88a..5507ee7e2 100644 --- a/mod/notifications.php +++ b/mod/notifications.php @@ -33,7 +33,7 @@ function notifications_post(&$a) { $fid = $r[0]['fid']; if($_POST['submit'] == t('Discard')) { - $r = q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", + $r = q("DELETE FROM `intro` WHERE `id` = %d", intval($intro_id) ); if(! $fid) { @@ -41,7 +41,7 @@ function notifications_post(&$a) { // The check for blocked and pending is in case the friendship was already approved // and we just want to get rid of the now pointless notification - $r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1 LIMIT 1", + $r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1", intval($contact_id), intval(local_user()) ); @@ -49,7 +49,7 @@ function notifications_post(&$a) { goaway($a->get_baseurl(true) . '/notifications/intros'); } if($_POST['submit'] == t('Ignore')) { - $r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d LIMIT 1", + $r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d", intval($intro_id)); goaway($a->get_baseurl(true) . '/notifications/intros'); } diff --git a/mod/openid.php b/mod/openid.php index ce7fe22ba..9752db440 100644 --- a/mod/openid.php +++ b/mod/openid.php @@ -159,7 +159,7 @@ function openid_content(&$a) { $photos = import_profile_photo($pphoto,$url); if($photos) { $z = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', - xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' limit 1", + xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($photos[0]), dbesc($photos[1]), @@ -11,7 +11,7 @@ function p_init(&$a) { $mid = str_replace('.xml','',argv(1)); - $r = q("select * from item where mid = '%s' and (item_flags & %d) and item_private = 0 limit 1", + $r = q("select * from item where mid = '%s' and (item_flags & %d)>0 and item_private = 0 limit 1", dbesc($mid), intval(ITEM_WALL) ); diff --git a/mod/photo.php b/mod/photo.php index 0329fe0a8..8cb82e8ff 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -66,7 +66,7 @@ function photo_init(&$a) { intval($uid) ); if(count($r)) { - $data = $r[0]['data']; + $data = dbunescbin($r[0]['data']); $mimetype = $r[0]['type']; } if(! isset($data)) { @@ -140,7 +140,7 @@ function photo_init(&$a) { ); if($r && $allowed) { - $data = $r[0]['data']; + $data = dbunescbin($r[0]['data']); $mimetype = $r[0]['type']; } else { diff --git a/mod/photos.php b/mod/photos.php index 2367067a7..95fa162c9 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -227,7 +227,7 @@ function photos_post(&$a) { intval($page_owner_uid) ); if(count($r)) { - $ph = photo_factory($r[0]['data'], $r[0]['type']); + $ph = photo_factory(dbunescbin($r[0]['data']), $r[0]['type']); if($ph->is_valid()) { $rotate_deg = ( (intval($_POST['rotate']) == 1) ? 270 : 90 ); $ph->rotate($rotate_deg); @@ -235,8 +235,8 @@ function photos_post(&$a) { $width = $ph->getWidth(); $height = $ph->getHeight(); - $x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 0 limit 1", - dbesc($ph->imageString()), + $x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 0", + dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), @@ -248,8 +248,8 @@ function photos_post(&$a) { $width = $ph->getWidth(); $height = $ph->getHeight(); - $x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 1 limit 1", - dbesc($ph->imageString()), + $x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 1", + dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), @@ -262,8 +262,8 @@ function photos_post(&$a) { $width = $ph->getWidth(); $height = $ph->getHeight(); - $x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 2 limit 1", - dbesc($ph->imageString()), + $x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 2", + dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), @@ -330,7 +330,7 @@ function photos_post(&$a) { // make sure the linked item has the same permissions as the photo regardless of any other changes $x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d - where id = %d limit 1", + where id = %d", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), @@ -636,14 +636,17 @@ function photos_content(&$a) { else $order = 'DESC'; - $r = q("SELECT `resource_id`, `id`, `filename`, type, max(`scale`) AS `scale`, `description` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - AND `scale` <= 4 and ((photo_flags = %d) or (photo_flags & %d )) $sql_extra GROUP BY `resource_id` ORDER BY `created` $order LIMIT %d , %d", + + $r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.scale, p.description, p.created FROM photo p INNER JOIN + (SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND (photo_flags = %d or photo_flags = %d ) $sql_extra GROUP BY resource_id) ph + ON (p.resource_id = ph.resource_id AND p.scale = ph.scale) + ORDER BY created $order LIMIT %d OFFSET %d", intval($owner_uid), dbesc($album), intvaL(PHOTO_NORMAL), intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE), - intval($a->pager['start']), - intval($a->pager['itemspage']) + intval($a->pager['itemspage']), + intval($a->pager['start']) ); //edit album name @@ -906,7 +909,7 @@ function photos_content(&$a) { } if((local_user()) && (local_user() == $link_item['uid'])) { - q("UPDATE `item` SET item_flags = (item_flags ^ %d) WHERE parent = %d and uid = %d and (item_flags & %d)", + q("UPDATE `item` SET item_flags = (item_flags & ~%d) WHERE parent = %d and uid = %d and (item_flags & %d)>0", intval(ITEM_UNSEEN), intval($link_item['parent']), intval(local_user()), @@ -1168,18 +1171,19 @@ function photos_content(&$a) { $a->set_pager_total(count($r)); $a->set_pager_itemspage(60); } - - $r = q("SELECT `resource_id`, `id`, `filename`, type, `album`, max(`scale`) AS `scale` FROM `photo` - WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' - and ( (photo_flags = %d) or (photo_flags & %d )) - $sql_extra GROUP BY `resource_id` ORDER BY `created` DESC LIMIT %d , %d", + + $r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.album, p.scale, p.created FROM photo p INNER JOIN + (SELECT resource_id, max(scale) scale FROM photo + WHERE uid=%d AND album != '%s' AND album != '%s' + AND (photo_flags = %d or photo_flags = %d ) group by resource_id) ph + ON (p.resource_id = ph.resource_id and p.scale = ph.scale) ORDER by p.created DESC LIMIT %d OFFSET %d", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc( t('Contact Photos')), intval(PHOTO_NORMAL), intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE), - intval($a->pager['start']), - intval($a->pager['itemspage']) + intval($a->pager['itemspage']), + intval($a->pager['start']) ); diff --git a/mod/ping.php b/mod/ping.php index e52c162ec..d7b9e3d2e 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -107,7 +107,7 @@ function ping_init(&$a) { $basic_presence = false; if($r) { $basic_presence = true; - q("update chatpresence set cp_last = '%s' where cp_id = %d limit 1", + q("update chatpresence set cp_last = '%s' where cp_id = %d", dbesc(datetime_convert()), intval($r[0]['cp_id']) ); @@ -128,7 +128,9 @@ function ping_init(&$a) { * and shouldn't count as online anymore. We allow an expection for bots. */ - q("delete from chatpresence where cp_last < UTC_TIMESTAMP() - INTERVAL 3 MINUTE and cp_client != 'auto' "); + q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ", + db_utcnow(), db_quoteinterval('3 MINUTE') + ); if((! local_user()) || ($result['invalid'])) { echo json_encode($result); @@ -148,14 +150,14 @@ function ping_init(&$a) { if(x($_REQUEST, 'markRead') && local_user()) { switch($_REQUEST['markRead']) { case 'network': - $r = q("update item set item_flags = ( item_flags ^ %d ) where (item_flags & %d) and uid = %d", + $r = q("update item set item_flags = ( item_flags & ~%d ) where (item_flags & %d)>0 and uid = %d", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(local_user()) ); break; case 'home': - $r = q("update item set item_flags = ( item_flags ^ %d ) where (item_flags & %d) and (item_flags & %d) and uid = %d", + $r = q("update item set item_flags = ( item_flags & ~%d ) where (item_flags & %d)>0 and (item_flags & %d) and uid = %d", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(ITEM_WALL), @@ -163,7 +165,7 @@ function ping_init(&$a) { ); break; case 'messages': - $r = q("update mail set mail_flags = ( mail_flags ^ %d ) where channel_id = %d and not (mail_flags & %d)", + $r = q("update mail set mail_flags = ( mail_flags | %d ) where channel_id = %d and not (mail_flags & %d)>0", intval(MAIL_SEEN), intval(local_user()), intval(MAIL_SEEN) @@ -197,17 +199,17 @@ function ping_init(&$a) { ); if($t && intval($t[0]['total']) > 49) { $z = q("select * from notify where uid = %d - and seen = 0 order by date desc limit 0, 50", + and seen = 0 order by date desc limit 50", intval(local_user()) ); } else { $z1 = q("select * from notify where uid = %d - and seen = 0 order by date desc limit 0, 50", + and seen = 0 order by date desc limit 50", intval(local_user()) ); $z2 = q("select * from notify where uid = %d - and seen = 1 order by date desc limit 0, %d", + and seen = 1 order by date desc limit %d", intval(local_user()), intval(50 - intval($t[0]['total'])) ); @@ -235,8 +237,8 @@ function ping_init(&$a) { if(argc() > 1 && argv(1) === 'messages') { $channel = $a->get_channel(); $t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan - where channel_id = %d and not ( mail_flags & %d ) and not (mail_flags & %d ) - and from_xchan != '%s' order by created desc limit 0,50", + where channel_id = %d and not ( mail_flags & %d )>0 and not (mail_flags & %d )>0 + and from_xchan != '%s' order by created desc limit 50", intval(local_user()), intval(MAIL_SEEN), intval(MAIL_DELETED), @@ -265,7 +267,7 @@ function ping_init(&$a) { $result = array(); $r = q("SELECT * FROM item - WHERE item_restrict = %d and ( item_flags & %d ) and uid = %d", + WHERE item_restrict = %d and ( item_flags & %d )>0 and uid = %d", intval(ITEM_VISIBLE), intval(ITEM_UNSEEN), intval(local_user()) @@ -287,7 +289,7 @@ function ping_init(&$a) { if(argc() > 1 && (argv(1) === 'intros')) { $result = array(); - $r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d) and not ((abook_flags & %d) or (xchan_flags & %d))", + $r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d)>0 and not ((abook_flags & %d)>0 or (xchan_flags & %d)>0)", intval(local_user()), intval(ABOOK_FLAG_PENDING), intval(ABOOK_FLAG_SELF|ABOOK_FLAG_IGNORED), @@ -371,7 +373,7 @@ function ping_init(&$a) { if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) { $r = q("SELECT id, item_restrict, item_flags FROM item - WHERE (item_restrict = %d) and ( item_flags & %d ) and uid = %d", + WHERE (item_restrict = %d) and ( item_flags & %d )>0 and uid = %d", intval(ITEM_VISIBLE), intval(ITEM_UNSEEN), intval(local_user()) @@ -398,7 +400,7 @@ function ping_init(&$a) { $t2 = dba_timer(); if($vnotify & VNOTIFY_INTRO) { - $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d) and not ((abook_flags & %d) or (xchan_flags & %d))", + $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d)>0 and not ((abook_flags & %d)>0 or (xchan_flags & %d)>0)", intval(local_user()), intval(ABOOK_FLAG_PENDING), intval(ABOOK_FLAG_SELF|ABOOK_FLAG_IGNORED), @@ -416,7 +418,7 @@ function ping_init(&$a) { if($vnotify & VNOTIFY_MAIL) { $mails = q("SELECT count(id) as total from mail - WHERE channel_id = %d AND not (mail_flags & %d) and from_xchan != '%s' ", + WHERE channel_id = %d AND not (mail_flags & %d)>0 and from_xchan != '%s' ", intval(local_user()), intval(MAIL_SEEN), dbesc($channel['channel_hash']) @@ -427,7 +429,7 @@ function ping_init(&$a) { if($vnotify & VNOTIFY_REGISTER) { if ($a->config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) { - $regs = q("SELECT count(account_id) as total from account where (account_flags & %d)", + $regs = q("SELECT count(account_id) as total from account where (account_flags & %d)>0", intval(ACCOUNT_PENDING) ); if($regs) diff --git a/mod/poco.php b/mod/poco.php index c1696e4cd..fc01fc565 100644 --- a/mod/poco.php +++ b/mod/poco.php @@ -15,7 +15,7 @@ function poco_init(&$a) { $user = notags(trim(argv(1))); } if(! x($user)) { - $c = q("select * from pconfig where cat = 'system' and k = 'suggestme' and v = 1"); + $c = q("select * from pconfig where cat = 'system' and k = 'suggestme' and v = '1'"); if(! $c) { logger('mod_poco: system mode. No candidates.', LOGGER_DEBUG); http_status_exit(404); @@ -60,7 +60,7 @@ function poco_init(&$a) { } if($justme) - $sql_extra = " and ( abook_flags & " . ABOOK_FLAG_SELF . " ) "; + $sql_extra = " and ( abook_flags & " . ABOOK_FLAG_SELF . " )>0 "; else $sql_extra = " and abook_flags = 0 "; @@ -69,14 +69,14 @@ function poco_init(&$a) { if($system_mode) { $r = q("SELECT count(*) as `total` from abook where ( abook_flags & " . ABOOK_FLAG_SELF . - " ) and abook_channel in (select uid from pconfig where cat = 'system' and k = 'suggestme' and v = 1) "); + " )>0 and abook_channel in (select uid from pconfig where cat = 'system' and k = 'suggestme' and v = 1) "); } else { $r = q("SELECT count(*) as `total` from abook where abook_channel = %d $sql_extra ", intval($channel_id) ); - $c = q("select * from menu_item where ( mitem_flags & " . intval(MENU_ITEM_CHATROOM) . " ) and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = '' and mitem_channel_id = %d", + $c = q("select * from menu_item where ( mitem_flags & " . intval(MENU_ITEM_CHATROOM) . " )>0 and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = '' and mitem_channel_id = %d", intval($channel_id) ); } @@ -93,17 +93,17 @@ function poco_init(&$a) { if($system_mode) { $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where ( abook_flags & " . ABOOK_FLAG_SELF . - " ) and abook_channel in (select uid from pconfig where cat = 'system' and k = 'suggestme' and v = 1) limit %d, %d ", - intval($startIndex), - intval($itemsPerPage) + " )>0 and abook_channel in (select uid from pconfig where cat = 'system' and k = 'suggestme' and v = 1) limit %d offset %d ", + intval($itemsPerPage), + intval($startIndex) ); } else { $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d - $sql_extra LIMIT %d, %d", + $sql_extra LIMIT %d OFFSET %d", intval($channel_id), - intval($startIndex), - intval($itemsPerPage) + intval($itemsPerPage), + intval($startIndex) ); } diff --git a/mod/post.php b/mod/post.php index c21af83e4..47e460f1e 100644 --- a/mod/post.php +++ b/mod/post.php @@ -98,7 +98,7 @@ function post_init(&$a) { // Any channel will do, providing it's currently active. We just need to have an // identity to attach to the packet we send back. So find one. - $c = q("select * from channel where not ( channel_pageflags & %d ) limit 1", + $c = q("select * from channel where not ( channel_pageflags & %d )>0 limit 1", intval(PAGE_REMOVED) ); @@ -612,7 +612,7 @@ function post_post(&$a) { else $ret['pickup'][] = array('notify' => json_decode($rr['outq_notify'],true),'message' => $x); - $x = q("delete from outq where outq_hash = '%s' limit 1", + $x = q("delete from outq where outq_hash = '%s'", dbesc($rr['outq_hash']) ); } @@ -659,7 +659,7 @@ function post_post(&$a) { // Update our DB to show when we last communicated successfully with this hub // This will allow us to prune dead hubs from using up resources - $r = q("update hubloc set hubloc_connected = '%s' where hubloc_id = %d limit 1", + $r = q("update hubloc set hubloc_connected = '%s' where hubloc_id = %d", dbesc(datetime_convert()), intval($hub['hubloc_id']) ); @@ -667,17 +667,17 @@ function post_post(&$a) { // a dead hub came back to life - reset any tombstones we might have if($hub['hubloc_status'] & HUBLOC_OFFLINE) { - q("update hubloc set hubloc_status = (hubloc_status ^ %d) where hubloc_id = %d limit 1", + q("update hubloc set hubloc_status = (hubloc_status & ~%d) where hubloc_id = %d", intval(HUBLOC_OFFLINE), intval($hub['hubloc_id']) ); if($r[0]['hubloc_flags'] & HUBLOC_FLAGS_ORPHANCHECK) { - q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where hubloc_id = %d limit 1", + q("update hubloc set hubloc_flags = (hubloc_flags & ~%d) where hubloc_id = %d", intval(HUBLOC_FLAGS_ORPHANCHECK), intval($hub['hubloc_id']) ); } - q("update xchan set xchan_flags = (xchan_flags ^ %d) where (xchan_flags & %d) and xchan_hash = '%s' limit 1", + q("update xchan set xchan_flags = (xchan_flags & ~%d) where (xchan_flags & %d)>0 and xchan_hash = '%s'", intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_ORPHAN), dbesc($hub['hubloc_hash']) @@ -732,7 +732,9 @@ function post_post(&$a) { $sender_hash = make_xchan_hash($arr['guid'],$arr['guid_sig']); // garbage collect any old unused notifications - q("delete from verify where type = 'auth' and created < UTC_TIMESTAMP() - INTERVAL 10 MINUTE"); + q("delete from verify where type = 'auth' and created < %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('10 MINUTE') + ); $y = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1", dbesc($sender_hash) @@ -781,7 +783,7 @@ function post_post(&$a) { $ret['message'] .= 'verification key not found' . EOL; json_return_and_die($ret); } - $r = q("delete from verify where id = %d limit 1", + $r = q("delete from verify where id = %d", intval($z[0]['id']) ); diff --git a/mod/profile_photo.php b/mod/profile_photo.php index aad9c9d16..24439d404 100644 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -173,7 +173,7 @@ function profile_photo_post(&$a) { dbesc($base_image['resource_id']), intval(local_user()) ); - $r = q("UPDATE photo SET photo_flags = ( photo_flags ^ %d ) WHERE ( photo_flags & %d ) + $r = q("UPDATE photo SET photo_flags = ( photo_flags & ~%d ) WHERE ( photo_flags & %d )>0 AND resource_id != '%s' AND `uid` = %d", intval(PHOTO_PROFILE), intval(PHOTO_PROFILE), @@ -182,7 +182,7 @@ function profile_photo_post(&$a) { ); } else { - $r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d limit 1", + $r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc($a->get_baseurl() . '/photo/' . $base_image['resource_id'] . '-4'), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource_id'] . '-5'), intval($_REQUEST['profile']), @@ -196,7 +196,7 @@ function profile_photo_post(&$a) { $channel = $a->get_channel(); $r = q("UPDATE xchan set xchan_photo_mimetype = '%s', xchan_photo_date = '%s' - where xchan_hash = '%s' limit 1", + where xchan_hash = '%s'", dbesc($im->getType()), dbesc(datetime_convert()), dbesc($channel['xchan_hash']) @@ -302,7 +302,7 @@ function profile_photo_content(&$a) { // unset any existing profile photos $r = q("UPDATE photo SET profile = 0 WHERE profile = 1 AND uid = %d", intval(local_user())); - $r = q("UPDATE photo SET photo_flags = (photo_flags ^ %d ) WHERE (photo_flags & %d ) AND uid = %d", + $r = q("UPDATE photo SET photo_flags = (photo_flags & ~%d ) WHERE (photo_flags & %d )>0 AND uid = %d", intval(PHOTO_PROFILE), intval(PHOTO_PROFILE), intval(local_user())); @@ -320,7 +320,7 @@ function profile_photo_content(&$a) { ); $r = q("UPDATE xchan set xchan_photo_date = '%s' - where xchan_hash = '%s' limit 1", + where xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($channel['xchan_hash']) ); diff --git a/mod/profiles.php b/mod/profiles.php index bea006384..910c48743 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -30,7 +30,7 @@ function profiles_init(&$a) { dbesc($profile_guid), intval(local_user()) ); - $r = q("DELETE FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("DELETE FROM `profile` WHERE `id` = %d AND `uid` = %d", intval(argv(2)), intval(local_user()) ); @@ -354,7 +354,7 @@ function profiles_post(&$a) { dbesc($zz['field_name']) ); if($w) { - q("update profext set v = '%s' where id = %d limit 1", + q("update profext set v = '%s' where id = %d", dbesc(escape_tags(trim($_POST[$zz['field_name']]))), intval($w[0]['id']) ); @@ -469,7 +469,7 @@ function profiles_post(&$a) { `work` = '%s', `education` = '%s', `hide_friends` = %d - WHERE `id` = %d AND `uid` = %d LIMIT 1", + WHERE `id` = %d AND `uid` = %d", dbesc($profile_name), dbesc($name), dbesc($pdesc), @@ -522,7 +522,7 @@ function profiles_post(&$a) { $channel = $a->get_channel(); if($namechanged && $is_default) { - $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_hash = '%s' limit 1", + $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_hash = '%s'", dbesc($name), dbesc(datetime_convert()), dbesc($channel['xchan_hash']) diff --git a/mod/profperm.php b/mod/profperm.php index 197062936..55dc8cc77 100644 --- a/mod/profperm.php +++ b/mod/profperm.php @@ -75,13 +75,13 @@ function profperm_content(&$a) { if($change) { if(in_array($change,$ingroup)) { - q("UPDATE abook SET abook_profile = '' WHERE abook_id = %d AND abook_channel = %d LIMIT 1", + q("UPDATE abook SET abook_profile = '' WHERE abook_id = %d AND abook_channel = %d", intval($change), intval(local_user()) ); } else { - q("UPDATE abook SET abook_profile = '%s' WHERE abook_id = %d AND abook_channel = %d LIMIT 1", + q("UPDATE abook SET abook_profile = '%s' WHERE abook_id = %d AND abook_channel = %d", dbesc($profile['profile_guid']), intval($change), intval(local_user()) diff --git a/mod/receive.php b/mod/receive.php index 4071b169b..b7d27d40f 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -31,7 +31,7 @@ function receive_post(&$a) { // Diaspora sites *may* provide a truncated guid. - $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_guid like '%s' AND NOT (channel_pageflags & %d ) LIMIT 1", + $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_guid like '%s' AND NOT (channel_pageflags & %d )>0 LIMIT 1", dbesc($guid . '%'), intval(PAGE_REMOVED) ); diff --git a/mod/register.php b/mod/register.php index 0cf1364b5..70bdcf350 100644 --- a/mod/register.php +++ b/mod/register.php @@ -37,7 +37,9 @@ function register_post(&$a) { $max_dailies = intval(get_config('system','max_daily_registrations')); if($max_dailies) { - $r = q("select count(account_id) as total from account where account_created > UTC_TIMESTAMP() - INTERVAL 1 day"); + $r = q("select count(account_id) as total from account where account_created > %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('1 day') + ); if($r && $r[0]['total'] >= $max_dailies) { notice( t('Maximum daily site registrations exceeded. Please try again tomorrow.') . EOL); return; @@ -100,7 +102,7 @@ function register_post(&$a) { $invite_code = ((x($_POST,'invite_code')) ? notags(trim($_POST['invite_code'])) : ''); if($using_invites && $invite_code) { - q("delete * from register where hash = '%s' limit 1", dbesc($invite_code)); + q("delete * from register where hash = '%s'", dbesc($invite_code)); set_pconfig($result['account']['account_id'],'system','invites_remaining',$num_invites); } @@ -164,7 +166,9 @@ function register_content(&$a) { $max_dailies = intval(get_config('system','max_daily_registrations')); if($max_dailies) { - $r = q("select count(account_id) as total from account where account_created > UTC_TIMESTAMP() - INTERVAL 1 day"); + $r = q("select count(account_id) as total from account where account_created > %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('1 day') + ); if($r && $r[0]['total'] >= $max_dailies) { logger('max daily registrations exceeded.'); notice( t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.') . EOL); diff --git a/mod/search.php b/mod/search.php index 15ac71376..612ceb4bc 100644 --- a/mod/search.php +++ b/mod/search.php @@ -68,7 +68,8 @@ function search_content(&$a,$update = 0, $load = false) { ); } else { - $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search)))); + $regstr = db_getfunc('REGEXP'); + $sql_extra = sprintf(" AND `item`.`body` $regstr '%s' ", dbesc(protect_sprintf(preg_quote($search)))); } // Here is the way permissions work in the search module... @@ -123,7 +124,7 @@ function search_content(&$a,$update = 0, $load = false) { if(($update) && ($load)) { $itemspage = get_pconfig(local_user(),'system','itemspage'); $a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20)); - $pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage'])); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($a->pager['itemspage']), intval($a->pager['start'])); // in case somebody turned off public access to sys channel content with permissions @@ -132,29 +133,36 @@ function search_content(&$a,$update = 0, $load = false) { if($load) { $r = null; - + + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $prefix = 'distinct on (created, mid)'; + $suffix = 'ORDER BY created DESC, mid'; + } else { + $prefix = 'distinct'; + $suffix = 'group by mid ORDER BY created DESC'; + } if(local_user()) { - $r = q("SELECT distinct mid, item.id as item_id, item.* from item + $r = q("SELECT $prefix mid, item.id as item_id, item.* from item WHERE item_restrict = 0 AND ((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND item_private = 0 ) OR ( `item`.`uid` = %d )) OR item.owner_xchan = '%s' ) $sql_extra - group by mid ORDER BY created DESC $pager_sql ", + $suffix $pager_sql ", intval(local_user()), dbesc($sys['xchan_hash']) ); } if($r === null) { - $r = q("SELECT distinct mid, item.id as item_id, item.* from item - WHERE item_restrict = 0 - AND (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' - AND `item`.`deny_gid` = '' AND item_private = 0 ) - and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) - $pub_sql ) OR owner_xchan = '%s') - $sql_extra - group by mid ORDER BY created DESC $pager_sql", + $r = q("SELECT $prefix mid, item.id as item_id, item.* from item + WHERE item_restrict = 0 + AND (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' + AND `item`.`deny_gid` = '' AND item_private = 0 ) + and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) + $pub_sql ) OR owner_xchan = '%s') + $sql_extra + $suffix $pager_sql", dbesc($sys['xchan_hash']) - ); + ); } } else { diff --git a/mod/settings.php b/mod/settings.php index 309be0797..396bb2972 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -168,7 +168,7 @@ function settings_post(&$a) { } } - $r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d LIMIT 1", + $r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d", dbesc($theme), intval(local_user()) ); @@ -205,7 +205,7 @@ function settings_post(&$a) { $salt = random_string(32); $password_encoded = hash('whirlpool', $salt . $newpass); $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' - where account_id = %d limit 1", + where account_id = %d", dbesc($salt), dbesc($password_encoded), dbesc(datetime_convert()), @@ -235,7 +235,7 @@ function settings_post(&$a) { $email = $a->user['email']; } if(! $errs) { - $r = q("update account set account_email = '%s' where account_id = %d limit 1", + $r = q("update account set account_email = '%s' where account_id = %d", dbesc($email), intval($account['account_id']) ); @@ -267,7 +267,7 @@ function settings_post(&$a) { $hide_presence = (((x($_POST,'hide_presence')) && (intval($_POST['hide_presence']) == 1)) ? 1: 0); $publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0); $def_group = ((x($_POST,'group-selection')) ? notags(trim($_POST['group-selection'])) : ''); - $r = q("update channel set channel_default_group = '%s' where channel_id = %d limit 1", + $r = q("update channel set channel_default_group = '%s' where channel_id = %d", dbesc($def_group), intval(local_user()) ); @@ -283,7 +283,7 @@ function settings_post(&$a) { $str_group_deny = perms2str($_POST['group_deny']); $str_contact_deny = perms2str($_POST['contact_deny']); $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', channel_deny_cid = '%s', channel_deny_gid = '%s' - where channel_id = %d limit 1", + where channel_id = %d", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), @@ -313,7 +313,7 @@ function settings_post(&$a) { ); } if($r) { - q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d limit 1", + q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval(local_user()) @@ -327,12 +327,12 @@ function settings_post(&$a) { // no default collection else { q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', - channel_deny_cid = '' where channel_id = %d limit 1", + channel_deny_cid = '' where channel_id = %d", intval(local_user()) ); } - $r = q("update abook set abook_my_perms = %d where abook_channel = %d and (abook_flags & %d) limit 1", + $r = q("update abook set abook_my_perms = %d where abook_channel = %d and (abook_flags & %d)>0", intval(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0), intval(local_user()), intval(ABOOK_FLAG_SELF) @@ -464,7 +464,7 @@ function settings_post(&$a) { set_pconfig(local_user(),'system','vnotify',$vnotify); set_pconfig(local_user(),'system','evdays',$evdays); - $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d $set_perms where channel_id = %d limit 1", + $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d $set_perms where channel_id = %d", dbesc($username), intval($pageflags), dbesc($timezone), @@ -479,14 +479,14 @@ function settings_post(&$a) { info( t('Settings updated.') . EOL); if(! is_null($publish)) { - $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d LIMIT 1", + $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", intval($publish), intval(local_user()) ); } if($name_change) { - $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s' limit 1", + $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", dbesc($username), dbesc(datetime_convert()), dbesc($channel['channel_hash']) diff --git a/mod/setup.php b/mod/setup.php index a8f3a1f47..044def15a 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -50,16 +50,18 @@ function setup_post(&$a) { $dbuser = trim($_POST['dbuser']); $dbpass = trim($_POST['dbpass']); $dbdata = trim($_POST['dbdata']); + $dbtype = intval(trim($_POST['dbtype'])); $phpath = trim($_POST['phpath']); $adminmail = trim($_POST['adminmail']); $siteurl = trim($_POST['siteurl']); require_once('include/dba/dba_driver.php'); unset($db); - $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, true); + $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); if(! $db->connected) { echo "Database Connect failed: " . $db->error; killme(); + $a->data['db_conn_failed']=true; } /*if(get_db_errno()) { unset($db); @@ -80,9 +82,9 @@ function setup_post(&$a) { return; } }*/ - if(get_db_errno()) { - $a->data['db_conn_failed']=true; - } + //if(get_db_errno()) { + + //} return; break; @@ -93,6 +95,7 @@ function setup_post(&$a) { $dbuser = notags(trim($_POST['dbuser'])); $dbpass = notags(trim($_POST['dbpass'])); $dbdata = notags(trim($_POST['dbdata'])); + $dbtype = intval(notags(trim($_POST['dbtype']))); $phpath = notags(trim($_POST['phpath'])); $timezone = notags(trim($_POST['timezone'])); $adminmail = notags(trim($_POST['adminmail'])); @@ -109,7 +112,7 @@ function setup_post(&$a) { } // connect to db - $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, true); + $db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); if(! $db->connected) { echo 'CRITICAL: DB not connected.'; @@ -123,6 +126,7 @@ function setup_post(&$a) { '$dbuser' => $dbuser, '$dbpass' => $dbpass, '$dbdata' => $dbdata, + '$dbtype' => $dbtype, '$timezone' => $timezone, '$siteurl' => $siteurl, '$site_id' => random_string(), @@ -187,7 +191,7 @@ function setup_content(&$a) { } if(x($a->data,'db_failed')) { - $txt = t('You may need to import the file "install/database.sql" manually using phpmyadmin or mysql.') . EOL; + $txt = t('You may need to import the file "install/schema_xxx.sql" manually using a database client.') . EOL; $txt .= t('Please see the file "install/INSTALL.txt".') . EOL ."<hr>" ; $txt .= "<pre>".$a->data['db_failed'] . "</pre>". EOL ; $db_return_text .= $txt; @@ -273,6 +277,7 @@ function setup_content(&$a) { $dbport = intval(notags(trim($_POST['dbport']))); $dbpass = notags(trim($_POST['dbpass'])); $dbdata = notags(trim($_POST['dbdata'])); + $dbtype = intval(notags(trim($_POST['dbtype']))); $phpath = notags(trim($_POST['phpath'])); $adminmail = notags(trim($_POST['adminmail'])); $siteurl = notags(trim($_POST['siteurl'])); @@ -293,6 +298,7 @@ function setup_content(&$a) { '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''), '$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''), '$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''), + '$dbtype' => array('dbtype', t('Database Type'), $dbtype, '', array( 0=>'MySQL', 1=>'PostgreSQL' )), '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), @@ -316,6 +322,7 @@ function setup_content(&$a) { $dbuser = notags(trim($_POST['dbuser'])); $dbpass = notags(trim($_POST['dbpass'])); $dbdata = notags(trim($_POST['dbdata'])); + $dbtype = intval(notags(trim($_POST['dbtype']))); $phpath = notags(trim($_POST['phpath'])); $adminmail = notags(trim($_POST['adminmail'])); @@ -335,6 +342,7 @@ function setup_content(&$a) { '$dbpass' => $dbpass, '$dbdata' => $dbdata, '$phpath' => $phpath, + '$dbtype' => $dbtype, '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), @@ -440,7 +448,7 @@ function check_funcs(&$checks) { check_add($ck_funcs, t('libCurl PHP module'), true, true, ""); check_add($ck_funcs, t('GD graphics PHP module'), true, true, ""); check_add($ck_funcs, t('OpenSSL PHP module'), true, true, ""); - check_add($ck_funcs, t('mysqli PHP module'), true, true, ""); + check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true, ""); check_add($ck_funcs, t('mb_string PHP module'), true, true, ""); check_add($ck_funcs, t('mcrypt PHP module'), true, true, ""); @@ -471,9 +479,9 @@ function check_funcs(&$checks) { $ck_funcs[2]['status']= false; $ck_funcs[2]['help']= t('Error: openssl PHP module required but not installed.'); } - if(! function_exists('mysqli_connect')){ + if(! function_exists('mysqli_connect') && !function_exists('pg_connect')){ $ck_funcs[3]['status']= false; - $ck_funcs[3]['help']= t('Error: mysqli PHP module required but not installed.'); + $ck_funcs[3]['help']= t('Error: mysqli or postgres PHP module required but neither are installed.'); } if(! function_exists('mb_strlen')){ $ck_funcs[4]['status']= false; @@ -579,7 +587,7 @@ function check_htaccess(&$checks) { if ((! $test['success']) || ($test['body'] != "ok")) { $status = false; - $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'); + $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true)); } check_add($checks, t('Url rewrite is working'), $status, true, $help); } else { @@ -607,8 +615,8 @@ function load_database_rem($v, $i){ function load_database($db) { - - $str = file_get_contents('install/database.sql'); + file_put_contents('debug-foo.log', 'Loading schema: '.$db->get_install_script()); + $str = file_get_contents($db->get_install_script()); $arr = explode(';',$str); $errors = false; foreach($arr as $a) { diff --git a/mod/siteinfo.php b/mod/siteinfo.php index a58f17c53..12598cc12 100644 --- a/mod/siteinfo.php +++ b/mod/siteinfo.php @@ -8,7 +8,7 @@ function siteinfo_init(&$a) { $sql_extra = ''; - $r = q("select * from channel left join account on account_id = channel_account_id where ( account_roles & 4096 ) and account_default_channel = channel_id"); + $r = q("select * from channel left join account on account_id = channel_account_id where ( account_roles & 4096 )>0 and account_default_channel = channel_id"); if($r) { diff --git a/mod/sources.php b/mod/sources.php index f4b36508f..73d78bbbf 100644 --- a/mod/sources.php +++ b/mod/sources.php @@ -47,7 +47,7 @@ function sources_post(&$a) { goaway(z_root() . '/sources'); } else { - $r = q("update source set src_xchan = '%s', src_patt = '%s' where src_channel_id = %d and src_id = %d limit 1", + $r = q("update source set src_xchan = '%s', src_patt = '%s' where src_channel_id = %d and src_id = %d", dbesc($xchan), dbesc($words), intval(local_user()), @@ -150,7 +150,7 @@ function sources_content(&$a) { notice( t('Source not found.') . EOL); return ''; } - $r = q("delete from source where src_id = %d and src_channel_id = %d limit 1", + $r = q("delete from source where src_id = %d and src_channel_id = %d", intval(argv(1)), intval(local_user()) ); diff --git a/mod/starred.php b/mod/starred.php index ca7621b0f..05b45bea3 100644 --- a/mod/starred.php +++ b/mod/starred.php @@ -21,7 +21,7 @@ function starred_init(&$a) { $item_flags = ( $r[0]['item_flags'] ^ ITEM_STARRED ); - $r = q("UPDATE item SET item_flags = %d WHERE uid = %d and id = %d LIMIT 1", + $r = q("UPDATE item SET item_flags = %d WHERE uid = %d and id = %d", intval($item_flags), intval(local_user()), intval($message_id) diff --git a/mod/subthread.php b/mod/subthread.php index 5ef0615b1..f0f54f4a6 100755 --- a/mod/subthread.php +++ b/mod/subthread.php @@ -228,7 +228,7 @@ EOT; $post_id = $post['item_id']; if(! $item['visible']) { - $r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d", intval($item['id']), intval($owner_uid) ); diff --git a/mod/thing.php b/mod/thing.php index c12976f22..f53a6ab7b 100644 --- a/mod/thing.php +++ b/mod/thing.php @@ -85,7 +85,7 @@ function thing_init(&$a) { else $local_photo = $orig_record['imgurl']; - $r = q("update term set term = '%s', url = '%s', imgurl = '%s' where term_hash = '%s' and uid = %d limit 1", + $r = q("update term set term = '%s', url = '%s', imgurl = '%s' where term_hash = '%s' and uid = %d", dbesc($name), dbesc(($url) ? $url : z_root() . '/thing/' . $term_hash), dbesc($local_photo), @@ -301,12 +301,12 @@ function thing_content(&$a) { } - $x = q("delete from obj where obj_obj = '%s' and obj_type = %d and obj_channel = %d limit 1", + $x = q("delete from obj where obj_obj = '%s' and obj_type = %d and obj_channel = %d", dbesc($thing_hash), intval(TERM_OBJ_THING), intval(local_user()) ); - $x = q("delete from term where term_hash = '%s' and uid = %d limit 1", + $x = q("delete from term where term_hash = '%s' and uid = %d", dbesc($thing_hash), intval(local_user()) ); diff --git a/mod/viewconnections.php b/mod/viewconnections.php index 40ce28efe..40d26c823 100644 --- a/mod/viewconnections.php +++ b/mod/viewconnections.php @@ -37,7 +37,7 @@ function viewconnections_content(&$a) { $xchan_flags = $xchan_flags | XCHAN_FLAGS_HIDDEN; } - $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d ) and not ( xchan_flags & %d ) ", + $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d )>0 and not ( xchan_flags & %d )>0 ", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags) @@ -46,12 +46,12 @@ function viewconnections_content(&$a) { $a->set_pager_total($r[0]['total']); } - $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not ( abook_flags & %d ) and not ( xchan_flags & %d ) order by xchan_name LIMIT %d , %d ", + $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not ( abook_flags & %d )>0 and not ( xchan_flags & %d )>0 order by xchan_name LIMIT %d OFFSET %d ", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags), - intval($a->pager['start']), - intval($a->pager['itemspage']) + intval($a->pager['itemspage']), + intval($a->pager['start']) ); if(! $r) { diff --git a/mod/zfinger.php b/mod/zfinger.php index c2aebc675..a1a62dd3f 100644 --- a/mod/zfinger.php +++ b/mod/zfinger.php @@ -74,12 +74,12 @@ function zfinger_init(&$a) { */ $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash - where ( channel_pageflags & %d ) order by channel_id limit 1", + where ( channel_pageflags & %d )>0 order by channel_id limit 1", intval(PAGE_SYSTEM) ); if(! $r) { $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash - where not ( channel_pageflags & %d ) order by channel_id limit 1", + where not ( channel_pageflags & %d )>0 order by channel_id limit 1", intval(PAGE_REMOVED) ); } diff --git a/mod/zotfeed.php b/mod/zotfeed.php index c730e4162..9ad93c1d4 100644 --- a/mod/zotfeed.php +++ b/mod/zotfeed.php @@ -21,7 +21,7 @@ function zotfeed_init(&$a) { $channel_address = ((argc() > 1) ? argv(1) : ''); if($channel_address) { - $r = q("select channel_id, channel_name from channel where channel_address = '%s' and not (channel_pageflags & %d) limit 1", + $r = q("select channel_id, channel_name from channel where channel_address = '%s' and not (channel_pageflags & %d)>0 limit 1", dbesc(argv(1)), intval(PAGE_REMOVED) ); diff --git a/vendor/bin/sabredav b/vendor/bin/sabredav deleted file mode 120000 index 3b5e4511d..000000000 --- a/vendor/bin/sabredav +++ /dev/null @@ -1 +0,0 @@ -../sabre/dav/bin/sabredav
\ No newline at end of file diff --git a/vendor/bin/vobjectvalidate.php b/vendor/bin/vobjectvalidate.php deleted file mode 120000 index 4121667bf..000000000 --- a/vendor/bin/vobjectvalidate.php +++ /dev/null @@ -1 +0,0 @@ -../sabre/vobject/bin/vobjectvalidate.php
\ No newline at end of file diff --git a/view/en/htconfig.tpl b/view/en/htconfig.tpl index 550b018fe..d06e5da49 100644 --- a/view/en/htconfig.tpl +++ b/view/en/htconfig.tpl @@ -1,6 +1,6 @@ <?php -// Set the following for your MySQL installation +// Set the following for your database installation // Copy or rename this file to .htconfig.php $db_host = '{{$dbhost}}'; @@ -8,6 +8,7 @@ $db_port = '{{$dbport}}'; $db_user = '{{$dbuser}}'; $db_pass = '{{$dbpass}}'; $db_data = '{{$dbdata}}'; +$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres /* * Notice: Many of the following settings will be available in the admin panel diff --git a/view/tpl/install_db.tpl b/view/tpl/install_db.tpl index 3968d2a54..1a58de129 100755 --- a/view/tpl/install_db.tpl +++ b/view/tpl/install_db.tpl @@ -22,7 +22,7 @@ {{include file="field_input.tpl" field=$dbuser}} {{include file="field_password.tpl" field=$dbpass}} {{include file="field_input.tpl" field=$dbdata}} - +{{include file="field_select.tpl" field=$dbtype}} <input id="install-submit" type="submit" name="submit" value="{{$submit}}" /> diff --git a/view/tpl/install_settings.tpl b/view/tpl/install_settings.tpl index d6fc66c87..f4fd82fdb 100755 --- a/view/tpl/install_settings.tpl +++ b/view/tpl/install_settings.tpl @@ -14,6 +14,7 @@ <input type="hidden" name="dbuser" value="{{$dbuser}}" /> <input type="hidden" name="dbpass" value="{{$dbpass}}" /> <input type="hidden" name="dbdata" value="{{$dbdata}}" /> +<input type="hidden" name="dbtype" value="{{$dbtype}}" /> <input type="hidden" name="pass" value="4" /> {{include file="field_input.tpl" field=$adminmail}} |