aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/connedit.php41
-rw-r--r--mod/dirsearch.php12
-rw-r--r--mod/prate.php91
-rw-r--r--mod/tagger.php6
4 files changed, 143 insertions, 7 deletions
diff --git a/mod/connedit.php b/mod/connedit.php
index c082e03a8..8c0212afe 100644
--- a/mod/connedit.php
+++ b/mod/connedit.php
@@ -55,6 +55,8 @@ function connedit_post(&$a) {
if(! $contact_id)
return;
+ $channel = $a->get_channel();
+
// TODO if configured for hassle-free permissions, we'll post the form with ajax as soon as the
// connection enable is toggled to a special autopost url and set permissions immediately, leaving
// the other form elements alone pending a manual submit of the form. The downside is that there
@@ -79,9 +81,11 @@ function connedit_post(&$a) {
if($orig_record[0]['abook_flags'] & ABOOK_FLAG_SELF) {
$autoperms = intval($_POST['autoperms']);
+ $is_self = true;
}
else {
$autoperms = null;
+ $is_self = false;
}
@@ -126,7 +130,40 @@ function connedit_post(&$a) {
$abook_flags = $orig_record[0]['abook_flags'];
$new_friend = false;
-
+ if(! $is_self) {
+ $z = q("select * from xlink where xlink_xchan = '%s' and xlink_xlink = '%s' and xlink_static = 1 limit 1",
+ dbesc($channel['channel_hash']),
+ dbesc($orig_record[0]['abook_xchan'])
+ );
+ if($z) {
+ $record = $z[0]['xlink_id'];
+ $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_updated = '%s'
+ where xlink_id = %d",
+ intval($rating),
+ dbesc($rating_text),
+ dbesc(datetime_convert()),
+ intval($record)
+ );
+ }
+ else {
+ $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', 1 ) ",
+ dbesc($channel['channel_hash']),
+ dbesc($orig_record[0]['abook_xchan']),
+ intval($rating),
+ dbesc($rating_text),
+ dbesc(datetime_convert())
+ );
+ $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
+ dbesc($channel['channel_hash']),
+ dbesc($orig_record[0]['abook_xchan'])
+ );
+ if($z)
+ $record = $z[0]['xlink_id'];
+ }
+ if($record) {
+ proc_run('php','include/notifier.php','rating',$record);
+ }
+ }
if(($_REQUEST['pending']) && ($abook_flags & ABOOK_FLAG_PENDING)) {
$abook_flags = ( $abook_flags ^ ABOOK_FLAG_PENDING );
@@ -167,7 +204,6 @@ function connedit_post(&$a) {
}
if($new_friend) {
- $channel = $a->get_channel();
$default_group = $channel['channel_default_group'];
if($default_group) {
require_once('include/group.php');
@@ -528,6 +564,7 @@ function connedit_content(&$a) {
}
$poco_rating = get_config('system','poco_rating_enable');
+ $poco_rating = 0;
// if unset default to enabled
if($poco_rating === false)
$poco_rating = true;
diff --git a/mod/dirsearch.php b/mod/dirsearch.php
index 06d530849..52a3d02cf 100644
--- a/mod/dirsearch.php
+++ b/mod/dirsearch.php
@@ -125,7 +125,7 @@ function dirsearch_content(&$a) {
if($hash) {
- $sql_extra = " AND xchan_hash = '" . dbesc($hash) . "' ";
+ $sql_extra = " AND xchan_hash like '" . dbesc($hash) . protect_sprintf('%') . "' ";
}
@@ -229,8 +229,18 @@ function dirsearch_content(&$a) {
foreach($r as $rr) {
+
$entry = array();
+ $pc = q("select count(xlink_rating) as total_ratings from xlink where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 group by xlink_rating",
+ dbesc($rr['xchan_hash'])
+ );
+
+ if($pc)
+ $entry['total_ratings'] = intval($pc[0]['total_ratings']);
+ else
+ $entry['total_ratings'] = 0;
+
$entry['name'] = $rr['xchan_name'];
$entry['hash'] = $rr['xchan_hash'];
diff --git a/mod/prate.php b/mod/prate.php
new file mode 100644
index 000000000..28703d414
--- /dev/null
+++ b/mod/prate.php
@@ -0,0 +1,91 @@
+<?php
+
+
+function prate_post(&$a) {
+ if(! local_channel())
+ return;
+
+ $channel = $a->get_channel();
+
+ $target = $_REQUEST['target'];
+ if(! $target)
+ return;
+
+ if($target === $channel['channel_hash'])
+ return;
+
+ $rating = intval($_POST['rating']);
+ if($rating < (-10))
+ $rating = (-10);
+ if($rating > 10)
+ $rating = 10;
+
+ $rating_text = escape_tags($_REQUEST['rating_text']);
+
+ $z = q("select * from xlink where xlink_xchan = '%s' and xlink_xlink = '%s' and xlink_static = 1 limit 1",
+ dbesc($channel['channel_hash']),
+ dbesc($target)
+ );
+ if($z) {
+ $record = $z[0]['xlink_id'];
+ $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_updated = '%s'
+ where xlink_id = %d",
+ intval($rating),
+ dbesc($rating_text),
+ dbesc(datetime_convert()),
+ intval($record)
+ );
+ }
+ else {
+ $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', 1 ) ",
+ dbesc($channel['channel_hash']),
+ dbesc($target),
+ intval($rating),
+ dbesc($rating_text),
+ dbesc(datetime_convert())
+ );
+ $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
+ dbesc($channel['channel_hash']),
+ dbesc($orig_record[0]['abook_xchan'])
+ );
+ if($z)
+ $record = $z[0]['xlink_id'];
+ }
+ if($record) {
+ proc_run('php','include/notifier.php','rating',$record);
+ }
+
+ $x = q("select abook_id from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
+ dbesc($target),
+ intval($local_channel())
+ );
+ if($x) {
+ $w = q("update abook set abook_rating = %d, abook_rating_text = '%s' where abook_xchan = '%s' and abook_channel = %d",
+ intval($rating),
+ dbesc($rating_text),
+ dbesc($target),
+ intval(local_channel())
+ );
+ $x = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
+ dbesc($target),
+ intval($local_channel())
+ );
+ if($x) {
+ unset($x[0]['abook_id']);
+ unset($x[0]['abook_account']);
+ unset($x[0]['abook_channel']);
+ build_sync_packet(0, array('abook' => array($x[0])));
+ }
+ }
+ return;
+}
+
+
+
+
+
+
+
+
+
+
diff --git a/mod/tagger.php b/mod/tagger.php
index a93609c3c..aafad58cf 100644
--- a/mod/tagger.php
+++ b/mod/tagger.php
@@ -12,11 +12,9 @@ function tagger_content(&$a) {
}
$observer_hash = get_observer_hash();
-
+ //strip html-tags
$term = notags(trim($_GET['term']));
- // no commas allowed
- $term = str_replace(array(',',' '),array('','_'),$term);
-
+ //check if empty
if(! $term)
return;