From 9bb847bb07ec017eb8e2ebb2764b7e34acf5e619 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 12 Oct 2016 18:15:12 -0700 Subject: remove the rest of the backticks from sql queries; replace with TQUOT const which is driver dependent --- include/import.php | 112 ++++++++++++++++++++++++++--------------------------- 1 file changed, 56 insertions(+), 56 deletions(-) (limited to 'include/import.php') diff --git a/include/import.php b/include/import.php index 479e45cc2..ef3f8bec5 100644 --- a/include/import.php +++ b/include/import.php @@ -84,9 +84,9 @@ function import_channel($channel, $account_id, $seize) { if($clean) { dbesc_array($clean); - $r = dbq("INSERT INTO channel (`" - . implode("`, `", array_keys($clean)) - . "`) VALUES ('" + $r = dbq("INSERT INTO channel (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($clean)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($clean)) . "')" ); @@ -132,9 +132,9 @@ function import_config($channel,$configs) { unset($config['id']); $config['uid'] = $channel['channel_id']; dbesc_array($config); - $r = dbq("INSERT INTO pconfig (`" - . implode("`, `", array_keys($config)) - . "`) VALUES ('" + $r = dbq("INSERT INTO pconfig (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($config)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($config)) . "')" ); } @@ -163,9 +163,9 @@ function import_profiles($channel,$profiles) { $profile['thumb'] = z_root() . '/photo/profile/m/' . $channel['channel_id']; dbesc_array($profile); - $r = dbq("INSERT INTO profile (`" - . implode("`, `", array_keys($profile)) - . "`) VALUES ('" + $r = dbq("INSERT INTO profile (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($profile)) + . TQUOT ") VALUES ('" . implode("', '", array_values($profile)) . "')" ); @@ -205,9 +205,9 @@ function import_hublocs($channel,$hublocs,$seize) { unset($hubloc['hubloc_id']); dbesc_array($hubloc); - $r = dbq("INSERT INTO hubloc (`" - . implode("`, `", array_keys($hubloc)) - . "`) VALUES ('" + $r = dbq("INSERT INTO hubloc (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($hubloc)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($hubloc)) . "')" ); @@ -244,9 +244,9 @@ function import_objs($channel,$objs) { dbesc_array($obj); - $r = dbq("INSERT INTO obj (`" - . implode("`, `", array_keys($obj)) - . "`) VALUES ('" + $r = dbq("INSERT INTO obj (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($obj)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($obj)) . "')" ); @@ -304,7 +304,7 @@ function sync_objs($channel,$objs) { if($exists) { unset($obj['obj_obj']); foreach($obj as $k => $v) { - $r = q("UPDATE obj SET `%s` = '%s' WHERE obj_obj = '%s' AND obj_channel = %d", + $r = q("UPDATE obj SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE obj_obj = '%s' AND obj_channel = %d", dbesc($k), dbesc($v), dbesc($hash), @@ -316,9 +316,9 @@ function sync_objs($channel,$objs) { dbesc_array($obj); - $r = dbq("INSERT INTO obj (`" - . implode("`, `", array_keys($obj)) - . "`) VALUES ('" + $r = dbq("INSERT INTO obj (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($obj)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($obj)) . "')" ); @@ -352,9 +352,9 @@ function import_apps($channel,$apps) { $hash = $app['app_id']; dbesc_array($app); - $r = dbq("INSERT INTO app (`" - . implode("`, `", array_keys($app)) - . "`) VALUES ('" + $r = dbq("INSERT INTO app (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($app)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($app)) . "')" ); @@ -451,7 +451,7 @@ function sync_apps($channel,$apps) { if($exists) { unset($app['app_id']); foreach($app as $k => $v) { - $r = q("UPDATE app SET `%s` = '%s' WHERE app_id = '%s' AND app_channel = %d", + $r = q("UPDATE app SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE app_id = '%s' AND app_channel = %d", dbesc($k), dbesc($v), dbesc($hash), @@ -461,9 +461,9 @@ function sync_apps($channel,$apps) { } else { dbesc_array($app); - $r = dbq("INSERT INTO app (`" - . implode("`, `", array_keys($app)) - . "`) VALUES ('" + $r = dbq("INSERT INTO app (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($app)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($app)) . "')" ); @@ -503,9 +503,9 @@ function import_chatrooms($channel,$chatrooms) { $chatroom['cr_uid'] = $channel['channel_id']; dbesc_array($chatroom); - $r = dbq("INSERT INTO chatroom (`" - . implode("`, `", array_keys($chatroom)) - . "`) VALUES ('" + $r = dbq("INSERT INTO chatroom (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($chatroom)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($chatroom)) . "')" ); @@ -559,7 +559,7 @@ function sync_chatrooms($channel,$chatrooms) { if($exists) { foreach($chatroom as $k => $v) { - $r = q("UPDATE chatroom SET `%s` = '%s' WHERE cr_name = '%s' AND cr_uid = %d", + $r = q("UPDATE chatroom SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE cr_name = '%s' AND cr_uid = %d", dbesc($k), dbesc($v), dbesc($name), @@ -569,9 +569,9 @@ function sync_chatrooms($channel,$chatrooms) { } else { dbesc_array($chatroom); - $r = dbq("INSERT INTO chatroom (`" - . implode("`, `", array_keys($chatroom)) - . "`) VALUES ('" + $r = dbq("INSERT INTO chatroom (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($chatroom)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($chatroom)) . "')" ); @@ -685,9 +685,9 @@ function import_events($channel,$events) { convert_oldfields($event,'ignore','dismissed'); dbesc_array($event); - $r = dbq("INSERT INTO event (`" - . implode("`, `", array_keys($event)) - . "`) VALUES ('" + $r = dbq("INSERT INTO event (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($event)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($event)) . "')" ); @@ -736,7 +736,7 @@ function sync_events($channel,$events) { if($exists) { foreach($event as $k => $v) { - $r = q("UPDATE event SET `%s` = '%s' WHERE event_hash = '%s' AND uid = %d", + $r = q("UPDATE event SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE event_hash = '%s' AND uid = %d", dbesc($k), dbesc($v), dbesc($event['event_hash']), @@ -746,9 +746,9 @@ function sync_events($channel,$events) { } else { dbesc_array($event); - $r = dbq("INSERT INTO event (`" - . implode("`, `", array_keys($event)) - . "`) VALUES ('" + $r = dbq("INSERT INTO event (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($event)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($event)) . "')" ); @@ -928,9 +928,9 @@ function import_likes($channel,$likes) { continue; dbesc_array($like); - $r = dbq("INSERT INTO likes (`" - . implode("`, `", array_keys($like)) - . "`) VALUES ('" + $r = dbq("INSERT INTO likes (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($like)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($like)) . "')" ); } @@ -961,9 +961,9 @@ function import_conv($channel,$convs) { continue; dbesc_array($conv); - $r = dbq("INSERT INTO conv (`" - . implode("`, `", array_keys($conv)) - . "`) VALUES ('" + $r = dbq("INSERT INTO conv (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($conv)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($conv)) . "')" ); } @@ -1118,15 +1118,15 @@ function sync_files($channel,$files) { foreach($att as $k => $v) { if($str) $str .= ","; - $str .= " `" . $k . "` = '" . $v . "' "; + $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; } - $r = dbq("update `attach` set " . $str . " where id = " . intval($attach_id) ); + $r = dbq("update attach set " . $str . " where id = " . intval($attach_id) ); } else { logger('sync_files attach does not exists: ' . print_r($att,true), LOGGER_DEBUG); - $r = dbq("INSERT INTO attach (`" - . implode("`, `", array_keys($att)) - . "`) VALUES ('" + $r = dbq("INSERT INTO attach (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($att)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($att)) . "')" ); } @@ -1236,14 +1236,14 @@ function sync_files($channel,$files) { foreach($p as $k => $v) { if($str) $str .= ","; - $str .= " `" . $k . "` = '" . $v . "' "; + $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; } - $r = dbq("update `photo` set " . $str . " where id = " . intval($exists[0]['id']) ); + $r = dbq("update photo set " . $str . " where id = " . intval($exists[0]['id']) ); } else { - $r = dbq("INSERT INTO photo (`" - . implode("`, `", array_keys($p)) - . "`) VALUES ('" + $r = dbq("INSERT INTO photo (" . TQUOT + . implode(TQUOT . ", " . TQUOT, array_keys($p)) + . TQUOT . ") VALUES ('" . implode("', '", array_values($p)) . "')" ); } -- cgit v1.2.3 From 8a00b62cbab22fb46828d2dc13e4b6f317a08f98 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 12 Oct 2016 18:17:34 -0700 Subject: caught one typo from the last checkin --- include/import.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/import.php') diff --git a/include/import.php b/include/import.php index ef3f8bec5..370d3085e 100644 --- a/include/import.php +++ b/include/import.php @@ -165,7 +165,7 @@ function import_profiles($channel,$profiles) { dbesc_array($profile); $r = dbq("INSERT INTO profile (" . TQUOT . implode(TQUOT . ", " . TQUOT, array_keys($profile)) - . TQUOT ") VALUES ('" + . TQUOT . ") VALUES ('" . implode("', '", array_values($profile)) . "')" ); -- cgit v1.2.3 From 48026efddfdf063fad7c7bd7a86dd7fc4ca4a0a7 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 12 Oct 2016 22:12:58 -0700 Subject: consolidate duplicated code for creating table entries from an array --- include/import.php | 143 +++++++++-------------------------------------------- 1 file changed, 24 insertions(+), 119 deletions(-) (limited to 'include/import.php') diff --git a/include/import.php b/include/import.php index 370d3085e..4225fe493 100644 --- a/include/import.php +++ b/include/import.php @@ -82,14 +82,7 @@ function import_channel($channel, $account_id, $seize) { } if($clean) { - dbesc_array($clean); - - $r = dbq("INSERT INTO channel (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($clean)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($clean)) - . "')" - ); + create_table_from_array('channel',$clean); } if(! $r) { @@ -131,12 +124,7 @@ function import_config($channel,$configs) { foreach($configs as $config) { unset($config['id']); $config['uid'] = $channel['channel_id']; - dbesc_array($config); - $r = dbq("INSERT INTO pconfig (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($config)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($config)) - . "')" ); + create_table_from_array('pconfig',$config); } load_pconfig($channel['channel_id']); } @@ -161,14 +149,7 @@ function import_profiles($channel,$profiles) { $profile['photo'] = z_root() . '/photo/profile/l/' . $channel['channel_id']; $profile['thumb'] = z_root() . '/photo/profile/m/' . $channel['channel_id']; - - dbesc_array($profile); - $r = dbq("INSERT INTO profile (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($profile)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($profile)) - . "')" - ); + create_table_from_array('profile',$profile); } } } @@ -203,14 +184,7 @@ function import_hublocs($channel,$hublocs,$seize) { if(! zot_gethub($arr)) { unset($hubloc['hubloc_id']); - dbesc_array($hubloc); - - $r = dbq("INSERT INTO hubloc (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($hubloc)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($hubloc)) - . "')" - ); + create_table_from_array('hubloc',$hubloc); } } } @@ -242,14 +216,7 @@ function import_objs($channel,$objs) { $obj['obj_imgurl'] = $x[0]; } - dbesc_array($obj); - - $r = dbq("INSERT INTO obj (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($obj)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($obj)) - . "')" - ); + create_table_from_array('obj',$obj); } } } @@ -313,15 +280,7 @@ function sync_objs($channel,$objs) { } } else { - - dbesc_array($obj); - - $r = dbq("INSERT INTO obj (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($obj)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($obj)) - . "')" - ); + create_table_from_array('obj',$obj); } } } @@ -351,13 +310,7 @@ function import_apps($channel,$apps) { $hash = $app['app_id']; - dbesc_array($app); - $r = dbq("INSERT INTO app (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($app)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($app)) - . "')" - ); + create_table_from_array('app',$app); if($term) { $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", @@ -460,13 +413,8 @@ function sync_apps($channel,$apps) { } } else { - dbesc_array($app); - $r = dbq("INSERT INTO app (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($app)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($app)) - . "')" - ); + create_table_from_array('app',$app); + if($term) { $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", dbesc($hash), @@ -502,13 +450,7 @@ function import_chatrooms($channel,$chatrooms) { $chatroom['cr_aid'] = $channel['channel_account_id']; $chatroom['cr_uid'] = $channel['channel_id']; - dbesc_array($chatroom); - $r = dbq("INSERT INTO chatroom (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($chatroom)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($chatroom)) - . "')" - ); + create_table_from_array('chatroom',$chatroom); } } } @@ -568,13 +510,7 @@ function sync_chatrooms($channel,$chatrooms) { } } else { - dbesc_array($chatroom); - $r = dbq("INSERT INTO chatroom (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($chatroom)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($chatroom)) - . "')" - ); + create_table_from_array('chatroom',$chatroom); } } } @@ -684,13 +620,7 @@ function import_events($channel,$events) { convert_oldfields($event,'type','etype'); convert_oldfields($event,'ignore','dismissed'); - dbesc_array($event); - $r = dbq("INSERT INTO event (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($event)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($event)) - . "')" - ); + create_table_from_array('event',$event); } } } @@ -745,13 +675,7 @@ function sync_events($channel,$events) { } } else { - dbesc_array($event); - $r = dbq("INSERT INTO event (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($event)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($event)) - . "')" - ); + create_table_from_array('event',$event); } } } @@ -927,12 +851,7 @@ function import_likes($channel,$likes) { if($r) continue; - dbesc_array($like); - $r = dbq("INSERT INTO likes (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($like)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($like)) - . "')" ); + create_table_from_array('likes',$like); } } } @@ -959,13 +878,7 @@ function import_conv($channel,$convs) { ); if($r) continue; - - dbesc_array($conv); - $r = dbq("INSERT INTO conv (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($conv)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($conv)) - . "')" ); + create_table_from_array('conv',$conv); } } } @@ -1110,25 +1023,21 @@ function sync_files($channel,$files) { if(!isset($att['os_path'])) $att['os_path'] = ''; - dbesc_array($att); if($attach_exists) { logger('sync_files attach exists: ' . print_r($att,true), LOGGER_DEBUG); + dbesc_array($att); $str = ''; - foreach($att as $k => $v) { - if($str) - $str .= ","; - $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; - } + foreach($att as $k => $v) { + if($str) + $str .= ","; + $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; + } $r = dbq("update attach set " . $str . " where id = " . intval($attach_id) ); } else { logger('sync_files attach does not exists: ' . print_r($att,true), LOGGER_DEBUG); - $r = dbq("INSERT INTO attach (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($att)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($att)) - . "')" ); + create_table_from_array('attach',$att); } @@ -1229,9 +1138,9 @@ function sync_files($channel,$files) { intval($channel['channel_id']) ); - dbesc_array($p); if($exists) { + dbesc_array($p); $str = ''; foreach($p as $k => $v) { if($str) @@ -1241,11 +1150,7 @@ function sync_files($channel,$files) { $r = dbq("update photo set " . $str . " where id = " . intval($exists[0]['id']) ); } else { - $r = dbq("INSERT INTO photo (" . TQUOT - . implode(TQUOT . ", " . TQUOT, array_keys($p)) - . TQUOT . ") VALUES ('" - . implode("', '", array_values($p)) - . "')" ); + create_attach_from_array('photo',$p); } } } -- cgit v1.2.3 From 6532972e61a2aa5e8517ebcca3113adb3c8f336d Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 13 Oct 2016 00:30:41 -0700 Subject: additional array checking --- include/import.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'include/import.php') diff --git a/include/import.php b/include/import.php index 4225fe493..d5f6e5c8a 100644 --- a/include/import.php +++ b/include/import.php @@ -1026,7 +1026,8 @@ function sync_files($channel,$files) { if($attach_exists) { logger('sync_files attach exists: ' . print_r($att,true), LOGGER_DEBUG); - dbesc_array($att); + if(! dbesc_array($att)) + continue; $str = ''; foreach($att as $k => $v) { if($str) @@ -1140,7 +1141,8 @@ function sync_files($channel,$files) { if($exists) { - dbesc_array($p); + if(! dbesc_array($p)) + continue; $str = ''; foreach($p as $k => $v) { if($str) -- cgit v1.2.3 From c5dcac4dbb9348da8b11bb99e4d9b5a50e16fad9 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 21 Oct 2016 21:44:15 -0700 Subject: issue #564 --- include/import.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/import.php') diff --git a/include/import.php b/include/import.php index d5f6e5c8a..49cdb2574 100644 --- a/include/import.php +++ b/include/import.php @@ -860,7 +860,7 @@ function import_conv($channel,$convs) { if($channel && $convs) { foreach($convs as $conv) { if($conv['deleted']) { - q("delete from conv where guid = '%s' and uid = %d limit 1", + q("delete from conv where guid = '%s' and uid = %d", dbesc($conv['guid']), intval($channel['channel_id']) ); -- cgit v1.2.3 From c1c96e01fab131dd48cd68cdd9b63639e269d9c8 Mon Sep 17 00:00:00 2001 From: Florian Steinel Date: Thu, 27 Oct 2016 02:41:32 +0200 Subject: sql: limit 1 for UPDATE and DELETE is not supported by the SQL standard and postgresql (see: https://www.postgresql.org/message-id/flat/1291109101.26137.35.camel%40pcd12478 ) --- include/import.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'include/import.php') diff --git a/include/import.php b/include/import.php index 49cdb2574..0d8398acb 100644 --- a/include/import.php +++ b/include/import.php @@ -227,7 +227,7 @@ function sync_objs($channel,$objs) { foreach($objs as $obj) { if(array_key_exists('obj_deleted',$obj) && $obj['obj_deleted'] && $obj['obj_obj']) { - q("delete from obj where obj_obj = '%s' and obj_channel = %d limit 1", + q("delete from obj where obj_obj = '%s' and obj_channel = %d", dbesc($obj['obj_obj']), intval($channel['channel_id']) ); @@ -351,7 +351,7 @@ function sync_apps($channel,$apps) { } if(array_key_exists('app_deleted',$app) && $app['app_deleted'] && $app['app_id']) { - q("delete from app where app_id = '%s' and app_channel = %d limit 1", + q("delete from app where app_id = '%s' and app_channel = %d", dbesc($app['app_id']), intval($channel['channel_id']) ); @@ -416,7 +416,7 @@ function sync_apps($channel,$apps) { create_table_from_array('app',$app); if($term) { - $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", + $x = q("select * from app where app_id = '%s' and app_channel = %d", dbesc($hash), intval($channel['channel_id']) ); @@ -466,7 +466,7 @@ function sync_chatrooms($channel,$chatrooms) { continue; if(array_key_exists('cr_deleted',$chatroom) && $chatroom['cr_deleted']) { - q("delete from chatroom where cr_name = '%s' and cr_uid = %d limit 1", + q("delete from chatroom where cr_name = '%s' and cr_uid = %d", dbesc($chatroom['cr_name']), intval($channel['channel_id']) ); @@ -635,7 +635,7 @@ function sync_events($channel,$events) { continue; if($event['event_deleted']) { - $r = q("delete from event where event_hash = '%s' and uid = %d limit 1", + $r = q("delete from event where event_hash = '%s' and uid = %d", dbesc($event['event_hash']), intval($channel['channel_id']) ); @@ -889,14 +889,14 @@ function import_mail($channel,$mails,$sync = false) { if($channel && $mails) { foreach($mails as $mail) { if(array_key_exists('flags',$mail) && in_array('deleted',$mail['flags'])) { - q("delete from mail where mid = '%s' and uid = %d limit 1", + q("delete from mail where mid = '%s' and uid = %d", dbesc($mail['message_id']), intval($channel['channel_id']) ); continue; } if(array_key_exists('flags',$mail) && in_array('recalled',$mail['flags'])) { - q("update mail set mail_recalled = 1 where mid = '%s' and uid = %d limit 1", + q("update mail set mail_recalled = 1 where mid = '%s' and uid = %d", dbesc($mail['message_id']), intval($channel['channel_id']) ); -- cgit v1.2.3