The display contained bad sql queries
This commit is contained in:
parent
cabb84a42a
commit
99d5f8afc6
115
mod/display.php
115
mod/display.php
|
@ -17,7 +17,7 @@ function display_init(&$a) {
|
||||||
// Does the local user have this item?
|
// Does the local user have this item?
|
||||||
if (local_user()) {
|
if (local_user()) {
|
||||||
$r = q("SELECT `id`, `parent`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid` FROM `item`
|
$r = q("SELECT `id`, `parent`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid` FROM `item`
|
||||||
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
|
WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
|
||||||
AND `guid` = '%s' AND `uid` = %d", dbesc($a->argv[1]), local_user());
|
AND `guid` = '%s' AND `uid` = %d", dbesc($a->argv[1]), local_user());
|
||||||
if (count($r)) {
|
if (count($r)) {
|
||||||
$nick = $a->user["nickname"];
|
$nick = $a->user["nickname"];
|
||||||
|
@ -30,12 +30,12 @@ function display_init(&$a) {
|
||||||
$r = q("SELECT `user`.`nickname`, `item`.`id`, `item`.`parent`, `item`.`author-name`,
|
$r = q("SELECT `user`.`nickname`, `item`.`id`, `item`.`parent`, `item`.`author-name`,
|
||||||
`item`.`author-link`, `item`.`author-avatar`, `item`.`network`, `item`.`uid`, `item`.`body`
|
`item`.`author-link`, `item`.`author-avatar`, `item`.`network`, `item`.`uid`, `item`.`body`
|
||||||
FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
|
FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
|
||||||
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
|
WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
|
||||||
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
|
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
|
||||||
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
|
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
|
||||||
AND `item`.`private` = 0 AND NOT `user`.`hidewall`
|
AND NOT `item`.`private` AND NOT `user`.`hidewall`
|
||||||
AND `item`.`guid` = '%s'", dbesc($a->argv[1]));
|
AND `item`.`guid` = '%s'", dbesc($a->argv[1]));
|
||||||
// AND `item`.`private` = 0 AND `item`.`wall` = 1
|
// AND NOT `item`.`private` AND `item`.`wall`
|
||||||
if (count($r)) {
|
if (count($r)) {
|
||||||
$nick = $r[0]["nickname"];
|
$nick = $r[0]["nickname"];
|
||||||
$itemuid = $r[0]["uid"];
|
$itemuid = $r[0]["uid"];
|
||||||
|
@ -46,17 +46,17 @@ function display_init(&$a) {
|
||||||
if ($nick == "") {
|
if ($nick == "") {
|
||||||
$r = q("SELECT `item`.`id`, `item`.`parent`, `item`.`author-name`,
|
$r = q("SELECT `item`.`id`, `item`.`parent`, `item`.`author-name`,
|
||||||
`item`.`author-link`, `item`.`author-avatar`, `item`.`network`, `item`.`uid`, `item`.`body`
|
`item`.`author-link`, `item`.`author-avatar`, `item`.`network`, `item`.`uid`, `item`.`body`
|
||||||
FROM `item` WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
|
FROM `item` WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
|
||||||
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
|
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
|
||||||
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
|
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
|
||||||
AND `item`.`private` = 0 AND `item`.`uid` = 0
|
AND NOT `item`.`private` AND `item`.`uid` = 0
|
||||||
AND `item`.`guid` = '%s'", dbesc($a->argv[1]));
|
AND `item`.`guid` = '%s'", dbesc($a->argv[1]));
|
||||||
// AND `item`.`private` = 0 AND `item`.`wall` = 1
|
// AND NOT `item`.`private` AND `item`.`wall`
|
||||||
}
|
}
|
||||||
if (count($r)) {
|
if (count($r)) {
|
||||||
if ($r[0]["id"] != $r[0]["parent"])
|
if ($r[0]["id"] != $r[0]["parent"])
|
||||||
$r = q("SELECT `id`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid` FROM `item`
|
$r = q("SELECT `id`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid` FROM `item`
|
||||||
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
|
WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
|
||||||
AND `id` = %d", $r[0]["parent"]);
|
AND `id` = %d", $r[0]["parent"]);
|
||||||
|
|
||||||
$profiledata = display_fetchauthor($a, $r[0]);
|
$profiledata = display_fetchauthor($a, $r[0]);
|
||||||
|
@ -67,7 +67,7 @@ function display_init(&$a) {
|
||||||
if (($nickname != $a->user["nickname"])) {
|
if (($nickname != $a->user["nickname"])) {
|
||||||
$r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
|
$r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
|
||||||
INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
|
INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
|
||||||
WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 and `contact`.`self` = 1 LIMIT 1",
|
WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` AND `contact`.`self` LIMIT 1",
|
||||||
dbesc($nickname)
|
dbesc($nickname)
|
||||||
);
|
);
|
||||||
if (count($r))
|
if (count($r))
|
||||||
|
@ -120,27 +120,27 @@ function display_fetchauthor($a, $item) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$skip) {
|
if (!$skip) {
|
||||||
$author = "";
|
$author = "";
|
||||||
preg_match("/author='(.*?)'/ism", $attributes, $matches);
|
preg_match("/author='(.*?)'/ism", $attributes, $matches);
|
||||||
if ($matches[1] != "")
|
if ($matches[1] != "")
|
||||||
$profiledata["name"] = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8');
|
$profiledata["name"] = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8');
|
||||||
|
|
||||||
preg_match('/author="(.*?)"/ism', $attributes, $matches);
|
preg_match('/author="(.*?)"/ism', $attributes, $matches);
|
||||||
if ($matches[1] != "")
|
if ($matches[1] != "")
|
||||||
$profiledata["name"] = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8');
|
$profiledata["name"] = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8');
|
||||||
|
|
||||||
$profile = "";
|
$profile = "";
|
||||||
preg_match("/profile='(.*?)'/ism", $attributes, $matches);
|
preg_match("/profile='(.*?)'/ism", $attributes, $matches);
|
||||||
if ($matches[1] != "")
|
if ($matches[1] != "")
|
||||||
$profiledata["url"] = $matches[1];
|
$profiledata["url"] = $matches[1];
|
||||||
|
|
||||||
preg_match('/profile="(.*?)"/ism', $attributes, $matches);
|
preg_match('/profile="(.*?)"/ism', $attributes, $matches);
|
||||||
if ($matches[1] != "")
|
if ($matches[1] != "")
|
||||||
$profiledata["url"] = $matches[1];
|
$profiledata["url"] = $matches[1];
|
||||||
|
|
||||||
$avatar = "";
|
$avatar = "";
|
||||||
preg_match("/avatar='(.*?)'/ism", $attributes, $matches);
|
preg_match("/avatar='(.*?)'/ism", $attributes, $matches);
|
||||||
if ($matches[1] != "")
|
if ($matches[1] != "")
|
||||||
$profiledata["photo"] = $matches[1];
|
$profiledata["photo"] = $matches[1];
|
||||||
|
|
||||||
preg_match('/avatar="(.*?)"/ism', $attributes, $matches);
|
preg_match('/avatar="(.*?)"/ism', $attributes, $matches);
|
||||||
|
@ -257,7 +257,7 @@ function display_content(&$a, $update = 0) {
|
||||||
|
|
||||||
if (local_user()) {
|
if (local_user()) {
|
||||||
$r = q("SELECT `id` FROM `item`
|
$r = q("SELECT `id` FROM `item`
|
||||||
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
|
WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
|
||||||
AND `guid` = '%s' AND `uid` = %d", dbesc($a->argv[1]), local_user());
|
AND `guid` = '%s' AND `uid` = %d", dbesc($a->argv[1]), local_user());
|
||||||
if (count($r)) {
|
if (count($r)) {
|
||||||
$item_id = $r[0]["id"];
|
$item_id = $r[0]["id"];
|
||||||
|
@ -267,12 +267,12 @@ function display_content(&$a, $update = 0) {
|
||||||
|
|
||||||
if ($nick == "") {
|
if ($nick == "") {
|
||||||
$r = q("SELECT `user`.`nickname`, `item`.`id` FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
|
$r = q("SELECT `user`.`nickname`, `item`.`id` FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
|
||||||
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
|
WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
|
||||||
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
|
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
|
||||||
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
|
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
|
||||||
AND `item`.`private` = 0 AND NOT `user`.`hidewall`
|
AND NOT `item`.`private` AND NOT `user`.`hidewall`
|
||||||
AND `item`.`guid` = '%s'", dbesc($a->argv[1]));
|
AND `item`.`guid` = '%s'", dbesc($a->argv[1]));
|
||||||
// AND `item`.`private` = 0 AND `item`.`wall` = 1
|
// AND NOT `item`.`private` AND `item`.`wall`
|
||||||
if (count($r)) {
|
if (count($r)) {
|
||||||
$item_id = $r[0]["id"];
|
$item_id = $r[0]["id"];
|
||||||
$nick = $r[0]["nickname"];
|
$nick = $r[0]["nickname"];
|
||||||
|
@ -280,12 +280,12 @@ function display_content(&$a, $update = 0) {
|
||||||
}
|
}
|
||||||
if ($nick == "") {
|
if ($nick == "") {
|
||||||
$r = q("SELECT `item`.`id` FROM `item`
|
$r = q("SELECT `item`.`id` FROM `item`
|
||||||
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
|
WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
|
||||||
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
|
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
|
||||||
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
|
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
|
||||||
AND `item`.`private` = 0 AND `item`.`uid` = 0
|
AND NOT `item`.`private` AND `item`.`uid` = 0
|
||||||
AND `item`.`guid` = '%s'", dbesc($a->argv[1]));
|
AND `item`.`guid` = '%s'", dbesc($a->argv[1]));
|
||||||
// AND `item`.`private` = 0 AND `item`.`wall` = 1
|
// AND NOT `item`.`private` AND `item`.`wall`
|
||||||
if (count($r)) {
|
if (count($r)) {
|
||||||
$item_id = $r[0]["id"];
|
$item_id = $r[0]["id"];
|
||||||
}
|
}
|
||||||
|
@ -293,12 +293,22 @@ function display_content(&$a, $update = 0) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(! $item_id) {
|
if ($item_id AND !is_numeric($item_id)) {
|
||||||
|
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
|
||||||
|
dbesc($item_id), intval($a->profile['uid']));
|
||||||
|
if ($r)
|
||||||
|
$item_id = $r[0]["id"];
|
||||||
|
else
|
||||||
|
$item_id = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$item_id) {
|
||||||
$a->error = 404;
|
$a->error = 404;
|
||||||
notice( t('Item not found.') . EOL);
|
notice(t('Item not found.').EOL);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
$groups = array();
|
$groups = array();
|
||||||
|
|
||||||
$contact = null;
|
$contact = null;
|
||||||
|
@ -334,7 +344,7 @@ function display_content(&$a, $update = 0) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
|
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1",
|
||||||
intval($a->profile['uid'])
|
intval($a->profile['uid'])
|
||||||
);
|
);
|
||||||
if(count($r))
|
if(count($r))
|
||||||
|
@ -367,62 +377,53 @@ function display_content(&$a, $update = 0) {
|
||||||
|
|
||||||
$sql_extra = item_permissions_sql($a->profile['uid'],$remote_contact,$groups);
|
$sql_extra = item_permissions_sql($a->profile['uid'],$remote_contact,$groups);
|
||||||
|
|
||||||
// AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE ( `id` = '%s' OR `uri` = '%s' ))
|
|
||||||
|
|
||||||
if($update) {
|
if($update) {
|
||||||
|
|
||||||
$r = q("SELECT id FROM item WHERE item.uid = %d
|
$r = q("SELECT `id` FROM `item` WHERE `item`.`uid` = %d
|
||||||
AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE (`id` = '%s' OR `uri` = '%s'))
|
AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `id` = %d)
|
||||||
$sql_extra AND unseen = 1",
|
$sql_extra AND `unseen`",
|
||||||
intval($a->profile['uid']),
|
intval($a->profile['uid']),
|
||||||
dbesc($item_id),
|
intval($item_id)
|
||||||
dbesc($item_id)
|
|
||||||
);
|
);
|
||||||
|
|
||||||
if(!$r)
|
if(!$r)
|
||||||
return '';
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
// AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE ( `id` = '%s' OR `uri` = '%s' )
|
|
||||||
|
|
||||||
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
|
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
|
||||||
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
|
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
|
||||||
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
|
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
|
||||||
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
|
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
|
||||||
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
|
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
|
||||||
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
|
AND NOT `contact`.`blocked` AND NOT `contact`.`pending`
|
||||||
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
|
WHERE `item`.`uid` = %d AND `item`.`visible` AND NOT `item`.`deleted`
|
||||||
and `item`.`moderated` = 0
|
AND NOT `item`.`moderated`
|
||||||
AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE (`id` = '%s' OR `uri` = '%s')
|
AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `id` = %d)
|
||||||
AND uid = %d)
|
|
||||||
$sql_extra
|
$sql_extra
|
||||||
ORDER BY `parent` DESC, `gravity` ASC, `id` ASC",
|
ORDER BY `parent` DESC, `gravity` ASC, `id` ASC",
|
||||||
intval($a->profile['uid']),
|
intval($a->profile['uid']),
|
||||||
dbesc($item_id),
|
intval($item_id)
|
||||||
dbesc($item_id),
|
|
||||||
intval($a->profile['uid'])
|
|
||||||
);
|
);
|
||||||
|
|
||||||
if(!$r && local_user()) {
|
if(!$r && local_user()) {
|
||||||
// Check if this is another person's link to a post that we have
|
// Check if this is another person's link to a post that we have
|
||||||
$r = q("SELECT `item`.uri FROM `item`
|
$r = q("SELECT `item`.uri FROM `item`
|
||||||
WHERE (`item`.`id` = '%s' OR `item`.`uri` = '%s' )
|
WHERE (`item`.`id` = %d OR `item`.`uri` = '%s')
|
||||||
LIMIT 1",
|
LIMIT 1",
|
||||||
dbesc($item_id),
|
intval($item_id),
|
||||||
dbesc($item_id)
|
dbesc($item_id)
|
||||||
);
|
);
|
||||||
if($r) {
|
if($r) {
|
||||||
$item_uri = $r[0]['uri'];
|
$item_uri = $r[0]['uri'];
|
||||||
// AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE `uri` = '%s' AND uid = %d )
|
|
||||||
|
|
||||||
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
|
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
|
||||||
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
|
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
|
||||||
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
|
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
|
||||||
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
|
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
|
||||||
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
|
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
|
||||||
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
|
AND NOT `contact`.`blocked` AND NOT `contact`.`pending`
|
||||||
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
|
WHERE `item`.`uid` = %d AND `item`.`visible` AND NOT `item`.`deleted`
|
||||||
and `item`.`moderated` = 0
|
AND NOT `item`.`moderated`
|
||||||
AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `uri` = '%s' AND uid = %d)
|
AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `uri` = '%s' AND uid = %d)
|
||||||
ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ",
|
ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ",
|
||||||
intval(local_user()),
|
intval(local_user()),
|
||||||
|
@ -437,7 +438,7 @@ function display_content(&$a, $update = 0) {
|
||||||
|
|
||||||
if((local_user()) && (local_user() == $a->profile['uid'])) {
|
if((local_user()) && (local_user() == $a->profile['uid'])) {
|
||||||
q("UPDATE `item` SET `unseen` = 0
|
q("UPDATE `item` SET `unseen` = 0
|
||||||
WHERE `parent` = %d AND `unseen` = 1",
|
WHERE `parent` = %d AND `unseen`",
|
||||||
intval($r[0]['parent'])
|
intval($r[0]['parent'])
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user