From 4714cb746b6fb8e7bc4ae9676866c9da37af75af Mon Sep 17 00:00:00 2001 From: Michael Date: Mon, 18 Jun 2018 20:36:34 +0000 Subject: [PATCH] Use the item functions at many more places --- include/api.php | 113 +++++++++++---------------------------- include/conversation.php | 10 ++-- include/items.php | 10 ++-- mod/display.php | 74 +++++++++++-------------- mod/editpost.php | 17 +++--- mod/fetch.php | 42 +++++---------- mod/photos.php | 21 +++----- mod/tagrm.php | 43 ++++++--------- mod/viewsrc.php | 29 +++++----- src/Model/Item.php | 16 +++--- src/Model/User.php | 15 ++++++ src/Object/Post.php | 10 ++-- src/Protocol/OStatus.php | 97 ++++++++++++--------------------- 13 files changed, 191 insertions(+), 306 deletions(-) diff --git a/include/api.php b/include/api.php index 1fbdd8f7fc..8f3dea6167 100644 --- a/include/api.php +++ b/include/api.php @@ -1122,18 +1122,8 @@ function api_statuses_update($type) if ($throttle_day > 0) { $datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60); - $r = q( - "SELECT COUNT(*) AS `posts_day` FROM `item` WHERE `uid`=%d AND `wall` - AND `created` > '%s' AND `id` = `parent`", - intval(api_user()), - dbesc($datefrom) - ); - - if (DBM::is_result($r)) { - $posts_day = $r[0]["posts_day"]; - } else { - $posts_day = 0; - } + $condition = ["`uid` = ? AND `wall` AND `created` > ? AND `id` = `parent`", api_user(), $datefrom]; + $posts_day = dba::count('item', $condition); if ($posts_day > $throttle_day) { logger('Daily posting limit reached for user '.api_user(), LOGGER_DEBUG); @@ -1146,18 +1136,8 @@ function api_statuses_update($type) if ($throttle_week > 0) { $datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*7); - $r = q( - "SELECT COUNT(*) AS `posts_week` FROM `item` WHERE `uid`=%d AND `wall` - AND `created` > '%s' AND `id` = `parent`", - intval(api_user()), - dbesc($datefrom) - ); - - if (DBM::is_result($r)) { - $posts_week = $r[0]["posts_week"]; - } else { - $posts_week = 0; - } + $condition = ["`uid` = ? AND `wall` AND `created` > ? AND `id` = `parent`", api_user(), $datefrom]; + $posts_week = dba::count('item', $condition); if ($posts_week > $throttle_week) { logger('Weekly posting limit reached for user '.api_user(), LOGGER_DEBUG); @@ -1170,18 +1150,8 @@ function api_statuses_update($type) if ($throttle_month > 0) { $datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*30); - $r = q( - "SELECT COUNT(*) AS `posts_month` FROM `item` WHERE `uid`=%d AND `wall` - AND `created` > '%s' AND `id` = `parent`", - intval(api_user()), - dbesc($datefrom) - ); - - if (DBM::is_result($r)) { - $posts_month = $r[0]["posts_month"]; - } else { - $posts_month = 0; - } + $condition = ["`uid` = ? AND `wall` AND `created` > ? AND `id` = `parent`", api_user(), $datefrom]; + $posts_month = dba::count('item', $condition); if ($posts_month > $throttle_month) { logger('Monthly posting limit reached for user '.api_user(), LOGGER_DEBUG); @@ -2755,14 +2725,10 @@ function api_format_items_activities(&$item, $type = "json") 'attendmaybe' => [], ]; - $items = q( - 'SELECT * FROM `item` - WHERE `uid` = %d AND `thr-parent` = "%s" AND `visible` AND NOT `deleted`', - intval($item['uid']), - dbesc($item['uri']) - ); + $condition = ['uid' => $item['uid'], 'thr-parent' => $item['uri']]; + $ret = Item::selectForUser($item['uid'], ['author-id', 'verb'], $condition); - foreach ($items as $i) { + while ($i = dba::fetch($ret)) { // not used as result should be structured like other user data //builtin_activity_puller($i, $activities); @@ -2789,6 +2755,8 @@ function api_format_items_activities(&$item, $type = "json") } } + dba::close($ret); + if ($type == "xml") { $xml_activities = []; foreach ($activities as $k => $v) { @@ -3872,16 +3840,13 @@ function api_fr_photoalbum_delete($type) // function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore // to the user and the contacts of the users (drop_items() performs the federation of the deletion to other networks foreach ($r as $rr) { - $photo_item = q( - "SELECT `id` FROM `item` WHERE `uid` = %d AND `resource-id` = '%s' AND `type` = 'photo'", - intval(local_user()), - dbesc($rr['resource-id']) - ); + $condition = ['uid' => local_user(), 'resource-id' => $rr['resource-id'], 'type' => 'photo']; + $photo_item = Item::selectFirstForUser(local_user(), ['id'], $condition); if (!DBM::is_result($photo_item)) { throw new InternalServerErrorException("problem with deleting items occured"); } - Item::deleteForUser(['id' => $photo_item[0]['id']], api_user()); + Item::deleteForUser(['id' => $photo_item['id']], api_user()); } // now let's delete all photos from the album @@ -4162,18 +4127,15 @@ function api_fr_photo_delete($type) // return success of deletion or error message if ($result) { // retrieve the id of the parent element (the photo element) - $photo_item = q( - "SELECT `id` FROM `item` WHERE `uid` = %d AND `resource-id` = '%s' AND `type` = 'photo'", - intval(local_user()), - dbesc($photo_id) - ); + $condition = ['uid' => local_user(), 'resource-id' => $photo_id, 'type' => 'photo']; + $photo_item = Item::selectFirstForUser(local_user(), ['id'], $condition); if (!DBM::is_result($photo_item)) { throw new InternalServerErrorException("problem with deleting items occured"); } // function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore // to the user and the contacts of the users (drop_items() do all the necessary magic to avoid orphans in database and federate deletion) - Item::deleteForUser(['id' => $photo_item[0]['id']], api_user()); + Item::deleteForUser(['id' => $photo_item['id']], api_user()); $answer = ['result' => 'deleted', 'message' => 'photo with id `' . $photo_id . '` has been deleted from server.']; return api_format_data("photo_delete", $type, ['$result' => $answer]); @@ -4661,12 +4623,10 @@ function prepare_photo_data($type, $scale, $photo_id) } // retrieve item element for getting activities (like, dislike etc.) related to photo - $item = q( - "SELECT * FROM `item` WHERE `uid` = %d AND `resource-id` = '%s' AND `type` = 'photo'", - intval(local_user()), - dbesc($photo_id) - ); - $data['photo']['friendica_activities'] = api_format_items_activities($item[0], $type); + $condition = ['uid' => local_user(), 'resource-id' => $photo_id, 'type' => 'photo']; + $item = Item::selectFirstForUser(local_user(), ['id'], $condition); + + $data['photo']['friendica_activities'] = api_format_items_activities($item, $type); // retrieve comments on photo $condition = ["`parent` = ? AND `uid` = ? AND (`verb` = ? OR `type`='photo')", @@ -4961,35 +4921,26 @@ function api_in_reply_to($item) $in_reply_to['screen_name'] = null; if (($item['thr-parent'] != $item['uri']) && (intval($item['parent']) != intval($item['id']))) { - $r = q( - "SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' LIMIT 1", - intval($item['uid']), - dbesc($item['thr-parent']) - ); - - if (DBM::is_result($r)) { - $in_reply_to['status_id'] = intval($r[0]['id']); + $parent = Item::selectFirst(['id'], ['uid' => $item['uid'], 'uri' => $item['thr-parent']]); + if (DBM::is_result($parent)) { + $in_reply_to['status_id'] = intval($parent['id']); } else { $in_reply_to['status_id'] = intval($item['parent']); } $in_reply_to['status_id_str'] = (string) intval($in_reply_to['status_id']); - $r = q( - "SELECT `contact`.`nick`, `contact`.`name`, `contact`.`id`, `contact`.`url` FROM `item` - STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`author-id` - WHERE `item`.`id` = %d LIMIT 1", - intval($in_reply_to['status_id']) - ); + $fields = ['author-nick', 'author-name', 'author-id', 'author-link']; + $parent = Item::selectFirst($fields, ['id' => $in_reply_to['status_id']]); - if (DBM::is_result($r)) { - if ($r[0]['nick'] == "") { - $r[0]['nick'] = api_get_nick($r[0]["url"]); + if (DBM::is_result($parent)) { + if ($parent['author-nick'] == "") { + $parent['author-nick'] = api_get_nick($parent['author-link']); } - $in_reply_to['screen_name'] = (($r[0]['nick']) ? $r[0]['nick'] : $r[0]['name']); - $in_reply_to['user_id'] = intval($r[0]['id']); - $in_reply_to['user_id_str'] = (string) intval($r[0]['id']); + $in_reply_to['screen_name'] = (($parent['author-nick']) ? $parent['author-nick'] : $parent['author-name']); + $in_reply_to['user_id'] = intval($parent['author-id']); + $in_reply_to['user_id_str'] = (string) intval($parent['author-id']); } // There seems to be situation, where both fields are identical: diff --git a/include/conversation.php b/include/conversation.php index 97be7e9aa9..6ef2e73aa2 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -633,16 +633,12 @@ function conversation(App $a, $items, $mode, $update, $preview = false, $order = $location_e = $location; $owner_name_e = $owner_name; - if ($item['item_network'] == "") { - $item['item_network'] = $item['network']; - } - $tmp_item = [ 'template' => $tpl, 'id' => (($preview) ? 'P0' : $item['item_id']), 'guid' => (($preview) ? 'Q0' : $item['guid']), - 'network' => $item['item_network'], - 'network_name' => ContactSelector::networkToName($item['item_network'], $profile_link), + 'network' => $item['network'], + 'network_name' => ContactSelector::networkToName($item['network'], $profile_link), 'linktitle' => L10n::t('View %s\'s profile @ %s', $profile_name, $item['author-link']), 'profile_url' => $profile_link, 'item_photo_menu' => item_photo_menu($item), @@ -688,7 +684,7 @@ function conversation(App $a, $items, $mode, $update, $preview = false, $order = Addon::callHooks('display_item', $arr); $threads[$threadsid]['id'] = $item['item_id']; - $threads[$threadsid]['network'] = $item['item_network']; + $threads[$threadsid]['network'] = $item['network']; $threads[$threadsid]['items'] = [$arr['output']]; } diff --git a/include/items.php b/include/items.php index c54869c3e5..ee514c8fc4 100644 --- a/include/items.php +++ b/include/items.php @@ -335,17 +335,14 @@ function drop_item($id) { // locate item to be deleted - $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", - intval($id) - ); + $fields = ['id', 'uid', 'contact-id', 'deleted']; + $item = Item::selectFirstForUser(local_user(), $fields, ['id' => $id]); - if (!DBM::is_result($r)) { + if (!DBM::is_result($item)) { notice(L10n::t('Item not found.') . EOL); goaway(System::baseUrl() . '/' . $_SESSION['return_url']); } - $item = $r[0]; - if ($item['deleted']) { return 0; } @@ -364,7 +361,6 @@ function drop_item($id) { } if ((local_user() == $item['uid']) || $contact_id) { - // Check if we should do HTML-based delete confirmation if ($_REQUEST['confirm']) { //
can't take arguments in its "action" parameter diff --git a/mod/display.php b/mod/display.php index 13ec9331be..ff1ae6741b 100644 --- a/mod/display.php +++ b/mod/display.php @@ -43,6 +43,8 @@ function display_init(App $a) $r = false; + $fields = ['id', 'parent', 'author-id', 'body', 'uid']; + // If there is only one parameter, then check if this parameter could be a guid if ($a->argc == 2) { $nick = ""; @@ -50,9 +52,7 @@ function display_init(App $a) // Does the local user have this item? if (local_user()) { - $r = dba::fetch_first("SELECT `id`, `parent`, `author-id`, `body`, `uid` - FROM `item` WHERE `visible` AND NOT `deleted` AND NOT `moderated` - AND `guid` = ? AND `uid` = ? LIMIT 1", $a->argv[1], local_user()); + $r = Item::selectFirstForUser(local_user(), $fields, ['guid' => $a->argv[1], 'uid' => local_user()]); if (DBM::is_result($r)) { $nick = $a->user["nickname"]; } @@ -60,54 +60,44 @@ function display_init(App $a) // Is it an item with uid=0? if (!DBM::is_result($r)) { - $r = dba::fetch_first("SELECT `id`, `parent`, `author-id`, `body`, `uid` - FROM `item` WHERE `visible` AND NOT `deleted` AND NOT `moderated` - AND NOT `private` AND `uid` = 0 - AND `guid` = ? LIMIT 1", $a->argv[1]); - } - - if (!DBM::is_result($r)) { - $a->error = 404; - notice(L10n::t('Item not found.') . EOL); - return; + $r = Item::selectFirstForUser(local_user(), $fields, ['guid' => $a->argv[1], 'private' => false, 'uid' => 0]); } } elseif (($a->argc == 3) && ($nick == 'feed-item')) { - $r = dba::fetch_first("SELECT `id`, `parent`, `author-id`, `body`, `uid` - FROM `item` WHERE `visible` AND NOT `deleted` AND NOT `moderated` - AND NOT `private` AND `uid` = 0 - AND `id` = ? LIMIT 1", $a->argv[2]); + $r = Item::selectFirstForUser(local_user(), $fields, ['id' => $a->argv[2], 'private' => false, 'uid' => 0]); } - if (DBM::is_result($r)) { - if (strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) { - logger('Directly serving XML for id '.$r["id"], LOGGER_DEBUG); - displayShowFeed($r["id"], false); - } + if (!DBM::is_result($r) || $r['deleted']) { + $a->error = 404; + notice(L10n::t('Item not found.') . EOL); + return; + } - if ($r["id"] != $r["parent"]) { - $r = dba::fetch_first("SELECT `id`, `author-id`, `body`, `uid` FROM `item` - WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` - AND `id` = ?", $r["parent"]); - } + if (strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) { + logger('Directly serving XML for id '.$r["id"], LOGGER_DEBUG); + displayShowFeed($r["id"], false); + } - $profiledata = display_fetchauthor($a, $r); + if ($r["id"] != $r["parent"]) { + $r = Item::selectFirstForUser(local_user(), $fields, ['id' => $r["parent"]]); + } - if (strstr(normalise_link($profiledata["url"]), normalise_link(System::baseUrl()))) { - $nickname = str_replace(normalise_link(System::baseUrl())."/profile/", "", normalise_link($profiledata["url"])); + $profiledata = display_fetchauthor($a, $r); - if (($nickname != $a->user["nickname"])) { - $r = dba::fetch_first("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile` - INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid` - WHERE `user`.`nickname` = ? AND `profile`.`is-default` AND `contact`.`self` LIMIT 1", - $nickname - ); - if (DBM::is_result($r)) { - $profiledata = $r; - } - $profiledata["network"] = NETWORK_DFRN; - } else { - $profiledata = []; + if (strstr(normalise_link($profiledata["url"]), normalise_link(System::baseUrl()))) { + $nickname = str_replace(normalise_link(System::baseUrl())."/profile/", "", normalise_link($profiledata["url"])); + + if (($nickname != $a->user["nickname"])) { + $r = dba::fetch_first("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile` + INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid` + WHERE `user`.`nickname` = ? AND `profile`.`is-default` AND `contact`.`self` LIMIT 1", + $nickname + ); + if (DBM::is_result($r)) { + $profiledata = $r; } + $profiledata["network"] = NETWORK_DFRN; + } else { + $profiledata = []; } } diff --git a/mod/editpost.php b/mod/editpost.php index aa2c296845..dc98e93d91 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -8,6 +8,7 @@ use Friendica\Core\Addon; use Friendica\Core\Config; use Friendica\Core\L10n; use Friendica\Core\System; +use Friendica\Model\Item; use Friendica\Database\DBM; function editpost_content(App $a) { @@ -26,11 +27,9 @@ function editpost_content(App $a) { return; } - $itm = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($post_id), - intval(local_user()) - ); - + $fields = ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid', + 'type', 'body', 'title', 'file']; + $itm = Item::selectFirstForUser(local_user(), $fields, ['id' => $post_id, 'uid' => local_user()]); if (! DBM::is_result($itm)) { notice(L10n::t('Item not found') . EOL); return; @@ -124,8 +123,8 @@ function editpost_content(App $a) { '$shortnoloc' => L10n::t('clear location'), '$wait' => L10n::t('Please wait'), '$permset' => L10n::t('Permission settings'), - '$ptyp' => $itm[0]['type'], - '$content' => undo_post_tagging($itm[0]['body']), + '$ptyp' => $itm['type'], + '$content' => undo_post_tagging($itm['body']), '$post_id' => $post_id, '$baseurl' => System::baseUrl(), '$defloc' => $a->user['default-location'], @@ -134,9 +133,9 @@ function editpost_content(App $a) { '$emailcc' => L10n::t('CC: email addresses'), '$public' => L10n::t('Public post'), '$jotnets' => $jotnets, - '$title' => htmlspecialchars($itm[0]['title']), + '$title' => htmlspecialchars($itm['title']), '$placeholdertitle' => L10n::t('Set title'), - '$category' => file_tag_file_to_list($itm[0]['file'], 'category'), + '$category' => file_tag_file_to_list($itm['file'], 'category'), '$placeholdercategory' => (Feature::isEnabled(local_user(),'categories') ? L10n::t("Categories \x28comma-separated list\x29") : ''), '$emtitle' => L10n::t('Example: bob@example.com, mary@example.com'), '$lockstate' => $lockstate, diff --git a/mod/fetch.php b/mod/fetch.php index 6892990c24..da616ad5bb 100644 --- a/mod/fetch.php +++ b/mod/fetch.php @@ -7,7 +7,10 @@ use Friendica\App; use Friendica\Core\L10n; use Friendica\Core\System; use Friendica\Protocol\Diaspora; +use Friendica\Model\Item; +use Friendica\Model\User; use Friendica\Util\XML; +use Friendica\Database\DBM; function fetch_init(App $a) { @@ -20,24 +23,14 @@ function fetch_init(App $a) $guid = $a->argv[2]; // Fetch the item - $item = q( - "SELECT `uid`, `title`, `body`, `guid`, `contact-id`, `private`, `created`, `app`, `location`, `coord` - FROM `item` WHERE `wall` AND NOT `private` AND `guid` = '%s' AND `network` IN ('%s', '%s') AND `id` = `parent` LIMIT 1", - dbesc($guid), - NETWORK_DFRN, - NETWORK_DIASPORA - ); - if (!$item) { - $r = q( - "SELECT `author-link` - FROM `item` WHERE `uid` = 0 AND `guid` = '%s' AND `network` IN ('%s', '%s') AND `id` = `parent` LIMIT 1", - dbesc($guid), - NETWORK_DFRN, - NETWORK_DIASPORA - ); - - if ($r) { - $parts = parse_url($r[0]["author-link"]); + $fields = ['uid', 'title', 'body', 'guid', 'contact-id', 'private', 'created', 'app', 'location', 'coord', 'network']; + $condition = ['wall' => true, 'private' => false, 'guid' => $guid, 'network' => [NETWORK_DFRN, NETWORK_DIASPORA]]; + $item = Item::selectFirst($fields, $condition); + if (!DBM::is_result($item)) { + $condition = ['guid' => $guid, 'network' => [NETWORK_DFRN, NETWORK_DIASPORA]]; + $item = Item::selectFirst(['author-link'], $condition); + if (DBM::is_result($item)) { + $parts = parse_url($item["author-link"]); $host = $parts["scheme"]."://".$parts["host"]; if (normalise_link($host) != normalise_link(System::baseUrl())) { @@ -54,20 +47,13 @@ function fetch_init(App $a) } // Fetch some data from the author (We could combine both queries - but I think this is more readable) - $r = q( - "SELECT `user`.`prvkey`, `contact`.`addr`, `user`.`nickname`, `contact`.`nick` FROM `user` - INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self` - WHERE `user`.`uid` = %d", - intval($item[0]["uid"]) - ); - - if (!$r) { + $user = User::getOwnerDataById($item["uid"]); + if (!$user) { header($_SERVER["SERVER_PROTOCOL"].' 404 '.L10n::t('Not Found')); killme(); } - $user = $r[0]; - $status = Diaspora::buildStatus($item[0], $user); + $status = Diaspora::buildStatus($item, $user); $xml = Diaspora::buildPostXml($status["type"], $status["message"]); // Send the envelope diff --git a/mod/photos.php b/mod/photos.php index f6540c2608..9cd3482746 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -19,6 +19,7 @@ use Friendica\Model\Group; use Friendica\Model\Item; use Friendica\Model\Photo; use Friendica\Model\Profile; +use Friendica\Model\User; use Friendica\Network\Probe; use Friendica\Object\Image; use Friendica\Protocol\DFRN; @@ -175,19 +176,14 @@ function photos_post(App $a) killme(); } - $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` - WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1", - intval($page_owner_uid) - ); + $owner_record = User::getOwnerDataById($page_owner_uid); - if (!DBM::is_result($r)) { + if (!$owner_record) { notice(L10n::t('Contact information unavailable') . EOL); logger('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid); killme(); } - $owner_record = $r[0]; - if ($a->argc > 3 && $a->argv[2] === 'album') { $album = hex2bin($a->argv[3]); @@ -487,14 +483,11 @@ function photos_post(App $a) } if ($item_id) { - $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($item_id), - intval($page_owner_uid) - ); + $item = Item::selectFirst(['tag', 'inform'], ['id' => $item_id, 'uid' => $page_owner_uid]); } - if (DBM::is_result($r)) { - $old_tag = $r[0]['tag']; - $old_inform = $r[0]['inform']; + if (DBM::is_result($item)) { + $old_tag = $item['tag']; + $old_inform = $item['inform']; } if (strlen($rawtags)) { diff --git a/mod/tagrm.php b/mod/tagrm.php index b9991d68da..dbe6f10877 100644 --- a/mod/tagrm.php +++ b/mod/tagrm.php @@ -10,29 +10,25 @@ use Friendica\Core\System; use Friendica\Database\DBM; use Friendica\Model\Item; -function tagrm_post(App $a) { - +function tagrm_post(App $a) +{ if (!local_user()) { goaway(System::baseUrl() . '/' . $_SESSION['photo_return']); } - if ((x($_POST,'submit')) && ($_POST['submit'] === L10n::t('Cancel'))) { + if (x($_POST,'submit') && ($_POST['submit'] === L10n::t('Cancel'))) { goaway(System::baseUrl() . '/' . $_SESSION['photo_return']); } - $tag = ((x($_POST,'tag')) ? hex2bin(notags(trim($_POST['tag']))) : ''); - $item = ((x($_POST,'item')) ? intval($_POST['item']) : 0 ); + $tag = (x($_POST,'tag') ? hex2bin(notags(trim($_POST['tag']))) : ''); + $item_id = (x($_POST,'item') ? intval($_POST['item']) : 0); - $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($item), - intval(local_user()) - ); - - if (!DBM::is_result($r)) { + $item = Item::selectFirst(['tag'], ['id' => $item_id, 'uid' => local_user()]); + if (!DBM::is_result($item)) { goaway(System::baseUrl() . '/' . $_SESSION['photo_return']); } - $arr = explode(',', $r[0]['tag']); + $arr = explode(',', $item['tag']); for ($x = 0; $x < count($arr); $x ++) { if ($arr[$x] === $tag) { unset($arr[$x]); @@ -42,7 +38,7 @@ function tagrm_post(App $a) { $tag_str = implode(',',$arr); - Item::update(['tag' => $tag_str], ['id' => $item]); + Item::update(['tag' => $tag_str], ['id' => $item_id]); info(L10n::t('Tag removed') . EOL ); goaway(System::baseUrl() . '/' . $_SESSION['photo_return']); @@ -52,8 +48,8 @@ function tagrm_post(App $a) { -function tagrm_content(App $a) { - +function tagrm_content(App $a) +{ $o = ''; if (!local_user()) { @@ -61,22 +57,18 @@ function tagrm_content(App $a) { // NOTREACHED } - $item = (($a->argc > 1) ? intval($a->argv[1]) : 0); - if (!$item) { + $item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0); + if (!$item_id) { goaway(System::baseUrl() . '/' . $_SESSION['photo_return']); // NOTREACHED } - $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($item), - intval(local_user()) - ); - - if (!DBM::is_result($r)) { + $item = Item::selectFirst(['tag'], ['id' => $item_id, 'uid' => local_user()]); + if (!DBM::is_result($item)) { goaway(System::baseUrl() . '/' . $_SESSION['photo_return']); } - $arr = explode(',', $r[0]['tag']); + $arr = explode(',', $item['tag']); if (!count($arr)) { goaway(System::baseUrl() . '/' . $_SESSION['photo_return']); @@ -87,7 +79,7 @@ function tagrm_content(App $a) { $o .= '

' . L10n::t('Select a tag to remove: ') . '

'; $o .= ''; - $o .= ''; + $o .= ''; $o .= '