Remove unused upubkey and uprvkey from queries
- Switched queries to new dba::* functions
This commit is contained in:
parent
ec6f5193e2
commit
2196a0577b
|
@ -13,13 +13,21 @@ require_once 'include/datetime.php';
|
||||||
if (isset($_COOKIE["Friendica"])) {
|
if (isset($_COOKIE["Friendica"])) {
|
||||||
$data = json_decode($_COOKIE["Friendica"]);
|
$data = json_decode($_COOKIE["Friendica"]);
|
||||||
if (isset($data->uid)) {
|
if (isset($data->uid)) {
|
||||||
$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
|
|
||||||
FROM `user` WHERE `uid` = %d AND NOT `blocked` AND NOT `account_expired` AND NOT `account_removed` AND `verified` LIMIT 1",
|
$user = dba::select('user',
|
||||||
intval($data->uid)
|
[],
|
||||||
|
[
|
||||||
|
'uid' => intval($data->uid),
|
||||||
|
'blocked' => 0,
|
||||||
|
'account_expired' => 0,
|
||||||
|
'account_removed' => 0,
|
||||||
|
'verified' => 1,
|
||||||
|
],
|
||||||
|
['limit' => 1]
|
||||||
);
|
);
|
||||||
|
|
||||||
if ($r) {
|
if (DBM::is_result($user)) {
|
||||||
if ($data->hash != cookie_hash($r[0])) {
|
if ($data->hash != cookie_hash($user)) {
|
||||||
logger("Hash for user " . $data->uid . " doesn't fit.");
|
logger("Hash for user " . $data->uid . " doesn't fit.");
|
||||||
nuke_session();
|
nuke_session();
|
||||||
goaway(System::baseUrl());
|
goaway(System::baseUrl());
|
||||||
|
@ -29,11 +37,11 @@ if (isset($_COOKIE["Friendica"])) {
|
||||||
// Expires after 7 days by default,
|
// Expires after 7 days by default,
|
||||||
// can be set via system.auth_cookie_lifetime
|
// can be set via system.auth_cookie_lifetime
|
||||||
$authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
|
$authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
|
||||||
new_cookie($authcookiedays * 24 * 60 * 60, $r[0]);
|
new_cookie($authcookiedays * 24 * 60 * 60, $user);
|
||||||
|
|
||||||
// Do the authentification if not done by now
|
// Do the authentification if not done by now
|
||||||
if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
|
if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
|
||||||
authenticate_success($r[0]);
|
authenticate_success($user);
|
||||||
|
|
||||||
if (Config::get('system', 'paranoia')) {
|
if (Config::get('system', 'paranoia')) {
|
||||||
$_SESSION['addr'] = $data->ip;
|
$_SESSION['addr'] = $data->ip;
|
||||||
|
@ -75,12 +83,18 @@ if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-param
|
||||||
goaway(System::baseUrl());
|
goaway(System::baseUrl());
|
||||||
}
|
}
|
||||||
|
|
||||||
$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
|
$user = dba::select('user',
|
||||||
FROM `user` WHERE `uid` = %d AND NOT `blocked` AND NOT `account_expired` AND NOT `account_removed` AND `verified` LIMIT 1",
|
[],
|
||||||
intval($_SESSION['uid'])
|
[
|
||||||
|
'uid' => intval($_SESSION['uid']),
|
||||||
|
'blocked' => 0,
|
||||||
|
'account_expired' => 0,
|
||||||
|
'account_removed' => 0,
|
||||||
|
'verified' => 1,
|
||||||
|
],
|
||||||
|
['limit' => 1]
|
||||||
);
|
);
|
||||||
|
if (!DBM::is_result($user)) {
|
||||||
if (!DBM::is_result($r)) {
|
|
||||||
nuke_session();
|
nuke_session();
|
||||||
goaway(System::baseUrl());
|
goaway(System::baseUrl());
|
||||||
}
|
}
|
||||||
|
@ -95,7 +109,7 @@ if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-param
|
||||||
$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
|
$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
|
||||||
$login_refresh = true;
|
$login_refresh = true;
|
||||||
}
|
}
|
||||||
authenticate_success($r[0], false, false, $login_refresh);
|
authenticate_success($user, false, false, $login_refresh);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
session_unset();
|
session_unset();
|
||||||
|
|
|
@ -15,7 +15,7 @@ use Friendica\Database\DBM;
|
||||||
*/
|
*/
|
||||||
function cookie_hash($user) {
|
function cookie_hash($user) {
|
||||||
return(hash("sha256", Config::get("system", "site_prvkey").
|
return(hash("sha256", Config::get("system", "site_prvkey").
|
||||||
$user["uprvkey"].
|
$user["prvkey"].
|
||||||
$user["password"]));
|
$user["password"]));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -33,7 +33,8 @@ function openid_content(App $a) {
|
||||||
// mod/settings.php in 8367cad so it might have left mixed
|
// mod/settings.php in 8367cad so it might have left mixed
|
||||||
// records in the user table
|
// records in the user table
|
||||||
//
|
//
|
||||||
$r = q("SELECT *, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` FROM `user`
|
$r = q("SELECT *
|
||||||
|
FROM `user`
|
||||||
WHERE ( `openid` = '%s' OR `openid` = '%s' )
|
WHERE ( `openid` = '%s' OR `openid` = '%s' )
|
||||||
AND `blocked` = 0 AND `account_expired` = 0
|
AND `blocked` = 0 AND `account_expired` = 0
|
||||||
AND `account_removed` = 0 AND `verified` = 1
|
AND `account_removed` = 0 AND `verified` = 1
|
||||||
|
|
|
@ -506,14 +506,14 @@ function settings_post(App $a) {
|
||||||
}
|
}
|
||||||
// check the email is valid
|
// check the email is valid
|
||||||
if (!valid_email($email)) {
|
if (!valid_email($email)) {
|
||||||
$err .= t(' Not valid email.');
|
$err .= t('Invalid email.');
|
||||||
}
|
}
|
||||||
// ensure new email is not the admin mail
|
// ensure new email is not the admin mail
|
||||||
//if ((x($a->config, 'admin_email')) && (strcasecmp($email, $a->config['admin_email']) == 0)) {
|
//if ((x($a->config, 'admin_email')) && (strcasecmp($email, $a->config['admin_email']) == 0)) {
|
||||||
if (x($a->config, 'admin_email')) {
|
if (x($a->config, 'admin_email')) {
|
||||||
$adminlist = explode(",", str_replace(" ", "", strtolower($a->config['admin_email'])));
|
$adminlist = explode(",", str_replace(" ", "", strtolower($a->config['admin_email'])));
|
||||||
if (in_array(strtolower($email), $adminlist)) {
|
if (in_array(strtolower($email), $adminlist)) {
|
||||||
$err .= t(' Cannot change to that email.');
|
$err .= t('Cannot change to that email.');
|
||||||
$email = $a->user['email'];
|
$email = $a->user['email'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -78,21 +78,20 @@ class User
|
||||||
|
|
||||||
logger('Removing user: ' . $uid);
|
logger('Removing user: ' . $uid);
|
||||||
|
|
||||||
$r = dba::select('user', array(), array('uid' => $uid), array("limit" => 1));
|
$user = dba::select('user', [], ['uid' => $uid], ['limit' => 1]);
|
||||||
|
|
||||||
call_hooks('remove_user', $r);
|
call_hooks('remove_user', $user);
|
||||||
|
|
||||||
// save username (actually the nickname as it is guaranteed
|
// save username (actually the nickname as it is guaranteed
|
||||||
// unique), so it cannot be re-registered in the future.
|
// unique), so it cannot be re-registered in the future.
|
||||||
|
dba::insert('userd', ['username' => $user['nickname']]);
|
||||||
dba::insert('userd', array('username' => $r['nickname']));
|
|
||||||
|
|
||||||
// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
|
// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
|
||||||
q("UPDATE `user` SET `account_removed` = 1, `account_expires_on` = UTC_TIMESTAMP() WHERE `uid` = %d", intval($uid));
|
dba::update('user', ['account_removed' => 1, 'account_expires_on' => datetime_convert()], ['uid' => intval($uid)]);
|
||||||
Worker::add(PRIORITY_HIGH, "Notifier", "removeme", $uid);
|
Worker::add(PRIORITY_HIGH, "Notifier", "removeme", $uid);
|
||||||
|
|
||||||
// Send an update to the directory
|
// Send an update to the directory
|
||||||
Worker::add(PRIORITY_LOW, "Directory", $r['url']);
|
Worker::add(PRIORITY_LOW, "Directory", $user['url']);
|
||||||
|
|
||||||
if ($uid == local_user()) {
|
if ($uid == local_user()) {
|
||||||
unset($_SESSION['authenticated']);
|
unset($_SESSION['authenticated']);
|
||||||
|
|
|
@ -140,7 +140,7 @@ class Delivery {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$r = q("SELECT `contact`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`,
|
$r = q("SELECT `contact`.*, `user`.`prvkey` AS `uprvkey`,
|
||||||
`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,
|
`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,
|
||||||
`user`.`page-flags`, `user`.`account-type`, `user`.`prvnets`
|
`user`.`page-flags`, `user`.`account-type`, `user`.`prvnets`
|
||||||
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
|
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
|
||||||
|
|
|
@ -108,7 +108,7 @@ class Notifier {
|
||||||
$recipients[] = $suggest[0]['cid'];
|
$recipients[] = $suggest[0]['cid'];
|
||||||
$item = $suggest[0];
|
$item = $suggest[0];
|
||||||
} elseif ($cmd === 'removeme') {
|
} elseif ($cmd === 'removeme') {
|
||||||
$r = q("SELECT `contact`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`,
|
$r = q("SELECT `contact`.*, `user`.`prvkey` AS `uprvkey`,
|
||||||
`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,
|
`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,
|
||||||
`user`.`page-flags`, `user`.`prvnets`, `user`.`account-type`, `user`.`guid`
|
`user`.`page-flags`, `user`.`prvnets`, `user`.`account-type`, `user`.`guid`
|
||||||
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
|
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
|
||||||
|
@ -173,7 +173,7 @@ class Notifier {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$r = q("SELECT `contact`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`,
|
$r = q("SELECT `contact`.*, `user`.`prvkey` AS `uprvkey`,
|
||||||
`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,
|
`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,
|
||||||
`user`.`page-flags`, `user`.`prvnets`, `user`.`account-type`
|
`user`.`page-flags`, `user`.`prvnets`, `user`.`account-type`
|
||||||
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
|
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
|
||||||
|
|
|
@ -80,33 +80,29 @@ class Queue
|
||||||
|
|
||||||
$q_item = $r[0];
|
$q_item = $r[0];
|
||||||
|
|
||||||
$c = q(
|
$contact = dba::select('contact', [], ['id' => intval($q_item['cid'])], ['limit' => 1]);
|
||||||
"SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
|
if (!DBM::is_result($contact)) {
|
||||||
intval($q_item['cid'])
|
|
||||||
);
|
|
||||||
|
|
||||||
if (!DBM::is_result($c)) {
|
|
||||||
remove_queue_item($q_item['id']);
|
remove_queue_item($q_item['id']);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$dead = Cache::get($cachekey_deadguy . $c[0]['notify']);
|
$dead = Cache::get($cachekey_deadguy . $contact['notify']);
|
||||||
|
|
||||||
if (!is_null($dead) && $dead) {
|
if (!is_null($dead) && $dead) {
|
||||||
logger('queue: skipping known dead url: ' . $c[0]['notify']);
|
logger('queue: skipping known dead url: ' . $contact['notify']);
|
||||||
update_queue_time($q_item['id']);
|
update_queue_time($q_item['id']);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$server = PortableContact::detectServer($c[0]['url']);
|
$server = PortableContact::detectServer($contact['url']);
|
||||||
|
|
||||||
if ($server != "") {
|
if ($server != "") {
|
||||||
$vital = Cache::get($cachekey_server . $server);
|
$vital = Cache::get($cachekey_server . $server);
|
||||||
|
|
||||||
if (is_null($vital)) {
|
if (is_null($vital)) {
|
||||||
logger("Check server " . $server . " (" . $c[0]["network"] . ")");
|
logger("Check server " . $server . " (" . $contact["network"] . ")");
|
||||||
|
|
||||||
$vital = PortableContact::checkServer($server, $c[0]["network"], true);
|
$vital = PortableContact::checkServer($server, $contact["network"], true);
|
||||||
Cache::set($cachekey_server . $server, $vital, CACHE_QUARTER_HOUR);
|
Cache::set($cachekey_server . $server, $vital, CACHE_QUARTER_HOUR);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -117,12 +113,8 @@ class Queue
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$u = q(
|
$user = dba::select('user', [], ['uid' => intval($contact['uid'])], ['limit' => 1]);
|
||||||
"SELECT `user`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`
|
if (!DBM::is_result($user)) {
|
||||||
FROM `user` WHERE `uid` = %d LIMIT 1",
|
|
||||||
intval($c[0]['uid'])
|
|
||||||
);
|
|
||||||
if (!DBM::is_result($u)) {
|
|
||||||
remove_queue_item($q_item['id']);
|
remove_queue_item($q_item['id']);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user