diff options
Diffstat (limited to 'Zotlabs')
| -rw-r--r-- | Zotlabs/Module/Pconfig.php | 5 | ||||
| -rw-r--r-- | Zotlabs/Module/Photos.php | 29 | ||||
| -rw-r--r-- | Zotlabs/Update/_1228.php | 5 |
3 files changed, 26 insertions, 13 deletions
diff --git a/Zotlabs/Module/Pconfig.php b/Zotlabs/Module/Pconfig.php index 44fe5d9a9..f31d5fdf6 100644 --- a/Zotlabs/Module/Pconfig.php +++ b/Zotlabs/Module/Pconfig.php @@ -22,6 +22,11 @@ class Pconfig extends \Zotlabs\Web\Controller { $k = trim(escape_tags($_POST['k'])); $v = trim($_POST['v']); $aj = intval($_POST['aj']); + + // Do not store "serialized" data received in the $_POST + if (preg_match('|^a:[0-9]+:{.*}$|s',$v) || preg_match('O:8:"stdClass":[0-9]+:{.*}$|s',$v)) { + return; + } if(in_array(argv(2),$this->disallowed_pconfig())) { notice( t('This setting requires special processing and editing has been blocked.') . EOL); diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 03fd8a53d..21f6293ef 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -264,7 +264,7 @@ class Photos extends \Zotlabs\Web\Controller { } $x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 0", - dbesc(datetime_convert()), + dbesc(datetime_convert()), dbescbin($data), intval($fsize), intval($height), @@ -278,10 +278,13 @@ class Photos extends \Zotlabs\Web\Controller { $width = $ph->getWidth(); $height = $ph->getHeight(); + $data = $ph->imageString(); + $fsize = strlen($data); - $x = q("update photo set edited = '%s', content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 1", - dbesc(datetime_convert()), - dbescbin($ph->imageString()), + $x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 1", + dbesc(datetime_convert()), + dbescbin($data), + intval($fsize), intval($height), intval($width), dbesc($resource_id), @@ -294,10 +297,13 @@ class Photos extends \Zotlabs\Web\Controller { $width = $ph->getWidth(); $height = $ph->getHeight(); + $data = $ph->imageString(); + $fsize = strlen($data); - $x = q("update photo set edited = '%s', content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 2", - dbesc(datetime_convert()), - dbescbin($ph->imageString()), + $x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 2", + dbesc(datetime_convert()), + dbescbin($data), + intval($fsize), intval($height), intval($width), dbesc($resource_id), @@ -310,10 +316,13 @@ class Photos extends \Zotlabs\Web\Controller { $width = $ph->getWidth(); $height = $ph->getHeight(); + $data = $ph->imageString(); + $fsize = strlen($data); - $x = q("update photo set edited = '%s', content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 3", - dbesc(datetime_convert()), - dbescbin($ph->imageString()), + $x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 3", + dbesc(datetime_convert()), + dbescbin($data), + intval($fsize), intval($height), intval($width), dbesc($resource_id), diff --git a/Zotlabs/Update/_1228.php b/Zotlabs/Update/_1228.php index b9ba1d86f..9e6bf8047 100644 --- a/Zotlabs/Update/_1228.php +++ b/Zotlabs/Update/_1228.php @@ -11,8 +11,8 @@ class _1228 { if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { $r1 = q("ALTER TABLE item ADD uuid text NOT NULL DEFAULT '' "); - $r2 = q("create index \"uuid_idx\" on channel (\"uuid\")"); - $r3 = q("ALTER TABLE item add summary TEXT NOT NULL"); + $r2 = q("create index \"uuid_idx\" on item (\"uuid\")"); + $r3 = q("ALTER TABLE item add summary TEXT NOT NULL DEFAULT ''"); $r = ($r1 && $r2 && $r3); } @@ -25,7 +25,6 @@ class _1228 { if($r) { q("COMMIT"); - self::upgrade(); return UPDATE_SUCCESS; } |