From 09b09dedbc3157e1859f4a777aeab54fadabfb43 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 16:06:16 -0800 Subject: Most directory searches are POST. get_query_args() only handles GET so that had to be fixed or page 2 of directory search results wouldn't match the search. --- include/text.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'include/text.php') diff --git a/include/text.php b/include/text.php index fca23ca22..4aa412355 100644 --- a/include/text.php +++ b/include/text.php @@ -2046,7 +2046,7 @@ function normalise_openid($s) { // used in ajax endless scroll request to find out all the args that the master page was viewing. // This was using $_REQUEST, but $_REQUEST also contains all your cookies. So we're restricting it -// to $_GET. If this is used in a post handler, that decision may need to be considered. +// to $_GET and $_POST. function extra_query_args() { $s = ''; @@ -2058,5 +2058,13 @@ function extra_query_args() { } } } + if(count($_POST)) { + foreach($_POST as $k => $v) { + // these are request vars we don't want to duplicate + if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) { + $s .= '&' . $k . '=' . $v; + } + } + } return $s; } -- cgit v1.2.3 From 06e5d0798c67e8314429e475523a6a30e50bfb8e Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 16:09:45 -0800 Subject: and urlencode that. --- include/text.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/text.php') diff --git a/include/text.php b/include/text.php index 4aa412355..7cb54edd3 100644 --- a/include/text.php +++ b/include/text.php @@ -2054,7 +2054,7 @@ function extra_query_args() { foreach($_GET as $k => $v) { // these are request vars we don't want to duplicate if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) { - $s .= '&' . $k . '=' . $v; + $s .= '&' . $k . '=' . urlencode($v); } } } @@ -2062,7 +2062,7 @@ function extra_query_args() { foreach($_POST as $k => $v) { // these are request vars we don't want to duplicate if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) { - $s .= '&' . $k . '=' . $v; + $s .= '&' . $k . '=' . urlencode($v); } } } -- cgit v1.2.3 From 570577a99089ff5bb48c5c67a612bdd874721e95 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 18:05:50 -0800 Subject: a couple of places where we need to look for a sys channel euid. --- include/text.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'include/text.php') diff --git a/include/text.php b/include/text.php index 7cb54edd3..ba1f9e5a3 100644 --- a/include/text.php +++ b/include/text.php @@ -2021,7 +2021,14 @@ function json_decode_plus($s) { function design_tools() { + $channel = get_app()->get_channel(); + + if(array_key_exists('sys',$_REQUEST) && $_REQUEST['sys'] == 1 && is_site_admin()) { + require_once('include/identity.php'); + $channel = get_sys_channel(); + } + $who = $channel['channel_address']; return replace_macros(get_markup_template('design_tools.tpl'), array( -- cgit v1.2.3 From b5af6679857eeafcb360d7dec69acf11af034c1d Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 19:29:30 -0800 Subject: slow progress on sys publishing, making sure all the data we need is in the places we need it but validate it anyway --- include/text.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/text.php') diff --git a/include/text.php b/include/text.php index ba1f9e5a3..686dee4a2 100644 --- a/include/text.php +++ b/include/text.php @@ -2024,7 +2024,7 @@ function design_tools() { $channel = get_app()->get_channel(); - if(array_key_exists('sys',$_REQUEST) && $_REQUEST['sys'] == 1 && is_site_admin()) { + if(get_app()->is_sys && is_site_admin()) { require_once('include/identity.php'); $channel = get_sys_channel(); } -- cgit v1.2.3 From 4b9ec6645b79f4da1ad5e7dd20a04ca6ca4a3e4a Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 20:44:43 -0800 Subject: cleanup --- include/text.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include/text.php') diff --git a/include/text.php b/include/text.php index 686dee4a2..d816fdb0a 100644 --- a/include/text.php +++ b/include/text.php @@ -2023,10 +2023,12 @@ function json_decode_plus($s) { function design_tools() { $channel = get_app()->get_channel(); + $sys = false; if(get_app()->is_sys && is_site_admin()) { require_once('include/identity.php'); $channel = get_sys_channel(); + $sys = true; } $who = $channel['channel_address']; @@ -2034,6 +2036,7 @@ function design_tools() { return replace_macros(get_markup_template('design_tools.tpl'), array( '$title' => t('Design'), '$who' => $who, + '$sys' => $sys, '$blocks' => t('Blocks'), '$menus' => t('Menus'), '$layout' => t('Layouts'), -- cgit v1.2.3 From 1a5a5c7edb8697c93f8bababbafa80245378dd7e Mon Sep 17 00:00:00 2001 From: Habeas Codice Date: Thu, 13 Nov 2014 12:21:58 -0800 Subject: PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres) --- include/text.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'include/text.php') diff --git a/include/text.php b/include/text.php index fca23ca22..437bb8b5f 100644 --- a/include/text.php +++ b/include/text.php @@ -724,7 +724,7 @@ function contact_block() { if((! is_array($a->profile)) || ($a->profile['hide_friends'])) return $o; - $r = q("SELECT COUNT(abook_id) AS total FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and not ( abook_flags & %d ) and not (xchan_flags & %d)", + $r = q("SELECT COUNT(abook_id) AS total FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and not ( abook_flags & %d )>0 and not (xchan_flags & %d)>0", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags) @@ -737,8 +737,12 @@ function contact_block() { $micropro = Null; } else { - - $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash WHERE abook_channel = %d AND not ( abook_flags & %d) and not (xchan_flags & %d ) ORDER BY RAND() LIMIT %d", + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $randfunc = 'RANDOM()'; + } else { + $randfunc = 'RAND()'; + } + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash WHERE abook_channel = %d AND not ( abook_flags & %d)>0 and not (xchan_flags & %d )>0 ORDER BY $randfunc LIMIT %d", intval($a->profile['uid']), intval($abook_flags|ABOOK_FLAG_ARCHIVED), intval($xchan_flags), @@ -1534,7 +1538,7 @@ function unamp($s) { } function layout_select($channel_id, $current = '') { - $r = q("select mid,sid from item left join item_id on iid = item.id where service = 'PDL' and item.uid = item_id.uid and item_id.uid = %d and (item_restrict & %d)", + $r = q("select mid,sid from item left join item_id on iid = item.id where service = 'PDL' and item.uid = item_id.uid and item_id.uid = %d and (item_restrict & %d)>0", intval($channel_id), intval(ITEM_PDL) ); @@ -1874,13 +1878,13 @@ function xchan_query(&$items,$abook = true,$effective_uid = 0) { if(count($arr)) { if($abook) { $chans = q("select * from xchan left join hubloc on hubloc_hash = xchan_hash left join abook on abook_xchan = xchan_hash and abook_channel = %d - where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )", + where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0", intval($item['uid']) ); } else { $chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash - where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )"); + where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0"); } $xchans = q("select * from xchan where xchan_hash in (" . implode(',',$arr) . ") and xchan_network in ('rss','unknown')"); if(! $chans) @@ -1909,7 +1913,7 @@ function xchan_mail_query(&$item) { if(count($arr)) { $chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash - where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )"); + where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0"); } if($chans) { $item['from'] = find_xchan_in_array($item['from_xchan'],$chans); -- cgit v1.2.3 From b224f8056cbf9b41994b44e48a7ad154976d1c88 Mon Sep 17 00:00:00 2001 From: Habeas Codice Date: Fri, 21 Nov 2014 15:35:59 -0800 Subject: new system config reserved_channels prevents members from creating channels in a reserved list --- include/text.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'include/text.php') diff --git a/include/text.php b/include/text.php index 22a1a78c4..ce729ac1b 100644 --- a/include/text.php +++ b/include/text.php @@ -1815,8 +1815,13 @@ function legal_webbie($s) { function check_webbie($arr) { + $reservechan = get_config('system','reserved_channels'); + if(strlen($reservechan)) + $taken = explode(',', $reservechan); + else + $taken = array(); + $str = ''; - $taken = array(); if(count($arr)) { foreach($arr as $x) { $y = legal_webbie($x); -- cgit v1.2.3