diff options
Diffstat (limited to 'Zotlabs/Module/Settings/Oauth2.php')
-rw-r--r-- | Zotlabs/Module/Settings/Oauth2.php | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php index 88bbea3b8..985095115 100644 --- a/Zotlabs/Module/Settings/Oauth2.php +++ b/Zotlabs/Module/Settings/Oauth2.php @@ -14,7 +14,8 @@ class Oauth2 { $key = $_POST['remove']; q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), - local_channel()); + intval(local_channel()) + ); goaway(z_root()."/settings/oauth2/"); return; } @@ -43,24 +44,24 @@ class Oauth2 { redirect_uri = '%s', grant_types = '%s', scope = '%s', - user_id = '%s' + user_id = %d WHERE client_id='%s'", dbesc($name), dbesc($secret), dbesc($redirect), dbesc($grant), dbesc($scope), - dbesc(local_channel()), + intval(local_channel()), dbesc($name)); } else { $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id) - VALUES ('%s','%s','%s','%s','%s','%s')", + VALUES ('%s','%s','%s','%s','%s',%d)", dbesc($name), dbesc($secret), dbesc($redirect), dbesc($grant), dbesc($scope), - dbesc(local_channel()) + intval(local_channel()) ); $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", dbesc($name), @@ -93,9 +94,9 @@ class Oauth2 { } if((argc() > 3) && (argv(2) === 'edit')) { - $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= '%s'", + $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= %d", dbesc(argv(3)), - dbesc(local_channel()) + intval(local_channel()) ); if (! $r){ @@ -123,21 +124,21 @@ class Oauth2 { if((argc() > 3) && (argv(2) === 'delete')) { check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't'); - $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = '%s'", + $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = %d", dbesc(argv(3)), - dbesc(local_channel()) + intval(local_channel()) ); goaway(z_root()."/settings/oauth2/"); return; } - $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = '%s') AS my + $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my FROM oauth_clients LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id - WHERE oauth_clients.user_id IN ('%s',0)", - dbesc(local_channel()), - dbesc(local_channel()) + WHERE oauth_clients.user_id IN (%d,0)", + intval(local_channel()), + intval(local_channel()) ); $tpl = get_markup_template("settings_oauth2.tpl"); @@ -157,4 +158,4 @@ class Oauth2 { } -}
\ No newline at end of file +} |