From 4eb40528a9d615b9498c64b4a308596ba632119a Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Sun, 20 May 2018 14:07:30 +0200 Subject: local_channel() is not string --- Zotlabs/Module/Settings/Oauth2.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'Zotlabs/Module/Settings/Oauth2.php') diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php index 88bbea3b8..66eb95f81 100644 --- a/Zotlabs/Module/Settings/Oauth2.php +++ b/Zotlabs/Module/Settings/Oauth2.php @@ -132,10 +132,10 @@ class Oauth2 { } - $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = '%s') AS my + $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my FROM oauth_clients LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id - WHERE oauth_clients.user_id IN ('%s',0)", + WHERE oauth_clients.user_id IN (%d,0)", dbesc(local_channel()), dbesc(local_channel()) ); @@ -157,4 +157,4 @@ class Oauth2 { } -} \ No newline at end of file +} -- cgit v1.2.3 From 9e1af2492ff30f65e678ca1b885350069583ade0 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Sun, 20 May 2018 14:15:46 +0200 Subject: more local_channel() is not string --- Zotlabs/Module/Settings/Oauth2.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'Zotlabs/Module/Settings/Oauth2.php') diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php index 66eb95f81..8db5c14aa 100644 --- a/Zotlabs/Module/Settings/Oauth2.php +++ b/Zotlabs/Module/Settings/Oauth2.php @@ -43,24 +43,24 @@ class Oauth2 { redirect_uri = '%s', grant_types = '%s', scope = '%s', - user_id = '%s' + user_id = %d WHERE client_id='%s'", dbesc($name), dbesc($secret), dbesc($redirect), dbesc($grant), dbesc($scope), - dbesc(local_channel()), + intval(local_channel()), dbesc($name)); } else { $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id) - VALUES ('%s','%s','%s','%s','%s','%s')", + VALUES ('%s','%s','%s','%s','%s',%d)", dbesc($name), dbesc($secret), dbesc($redirect), dbesc($grant), dbesc($scope), - dbesc(local_channel()) + intval(local_channel()) ); $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", dbesc($name), @@ -93,9 +93,9 @@ class Oauth2 { } if((argc() > 3) && (argv(2) === 'edit')) { - $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= '%s'", + $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= %d", dbesc(argv(3)), - dbesc(local_channel()) + intval(local_channel()) ); if (! $r){ @@ -123,9 +123,9 @@ class Oauth2 { if((argc() > 3) && (argv(2) === 'delete')) { check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't'); - $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = '%s'", + $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = %d", dbesc(argv(3)), - dbesc(local_channel()) + intval(local_channel()) ); goaway(z_root()."/settings/oauth2/"); return; @@ -136,8 +136,8 @@ class Oauth2 { FROM oauth_clients LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id WHERE oauth_clients.user_id IN (%d,0)", - dbesc(local_channel()), - dbesc(local_channel()) + intval(local_channel()), + intval(local_channel()) ); $tpl = get_markup_template("settings_oauth2.tpl"); -- cgit v1.2.3 From 469809183d232761b8984848c133f9f11f5e7cea Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 20 May 2018 22:42:47 +0200 Subject: update oauth related tables to use bigint/int(10) for user_id column. this is to be more consistent with the rest of the tables and fixes issue #1180 --- Zotlabs/Module/Settings/Oauth2.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'Zotlabs/Module/Settings/Oauth2.php') diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php index 8db5c14aa..985095115 100644 --- a/Zotlabs/Module/Settings/Oauth2.php +++ b/Zotlabs/Module/Settings/Oauth2.php @@ -14,7 +14,8 @@ class Oauth2 { $key = $_POST['remove']; q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), - local_channel()); + intval(local_channel()) + ); goaway(z_root()."/settings/oauth2/"); return; } -- cgit v1.2.3