All subqueries in tag searches are now reformed. Further SQL improvements

This commit is contained in:
Michael Vogel 2013-11-03 02:07:44 +01:00
parent 759015e5fd
commit eaefcf9de7
5 changed files with 57 additions and 38 deletions

View File

@ -42,7 +42,7 @@ function install_plugin($plugin) {
// This way the system won't fall over dead during the update.
if(file_exists('addon/' . $plugin . '/.hidden')) {
q("update addon set hidden = 1 where name = '%s' limit 1",
q("update addon set hidden = 1 where name = '%s'",
dbesc($plugin)
);
}
@ -92,7 +92,7 @@ function reload_plugins() {
$func = $pl . '_install';
$func();
}
q("UPDATE `addon` SET `timestamp` = %d WHERE `id` = %d LIMIT 1",
q("UPDATE `addon` SET `timestamp` = %d WHERE `id` = %d",
intval($t),
intval($i['id'])
);
@ -104,7 +104,7 @@ function reload_plugins() {
}
}}
@ -132,7 +132,7 @@ function register_hook($hook,$file,$function,$priority=0) {
if(! function_exists('unregister_hook')) {
function unregister_hook($hook,$file,$function) {
$r = q("DELETE FROM `hook` WHERE `hook` = '%s' AND `file` = '%s' AND `function` = '%s' LIMIT 1",
$r = q("DELETE FROM `hook` WHERE `hook` = '%s' AND `file` = '%s' AND `function` = '%s'",
dbesc($hook),
dbesc($file),
dbesc($function)
@ -175,7 +175,7 @@ function call_hooks($name, &$data = null) {
}
else {
// remove orphan hooks
q("delete from hook where hook = '%s' and file = '%s' and function = '%s' limit 1",
q("delete from hook where hook = '%s' and file = '%s' and function = '%s'",
dbesc($name),
dbesc($hook[0]),
dbesc($hook[1])

View File

@ -191,9 +191,14 @@ function content_content(&$a, $update = 0) {
}*/
if($tag) {
$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d ",
dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
//$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d ",
// dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
//$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
$sql_extra = "";
$sql_table = sprintf("`item` INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG), intval(local_user()));
} else {
if (get_config('system','use_fulltext_engine'))
$sql_extra = sprintf(" AND MATCH (`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode) ", dbesc(protect_sprintf($search)));

View File

@ -106,7 +106,7 @@ function item_post(&$a) {
if(($r === false) || (! count($r))) {
notice( t('Unable to locate original post.') . EOL);
if(x($_REQUEST,'return'))
if(x($_REQUEST,'return'))
goaway($a->get_baseurl() . "/" . $return_path );
killme();
}
@ -157,7 +157,7 @@ function item_post(&$a) {
if((! can_write_wall($a,$profile_uid)) && (! $allow_moderated)) {
notice( t('Permission denied.') . EOL) ;
if(x($_REQUEST,'return'))
if(x($_REQUEST,'return'))
goaway($a->get_baseurl() . "/" . $return_path );
killme();
}
@ -275,10 +275,10 @@ function item_post(&$a) {
if($parent_item) {
$private = 0;
if(($parent_item['private'])
|| strlen($parent_item['allow_cid'])
|| strlen($parent_item['allow_gid'])
|| strlen($parent_item['deny_cid'])
if(($parent_item['private'])
|| strlen($parent_item['allow_cid'])
|| strlen($parent_item['allow_gid'])
|| strlen($parent_item['deny_cid'])
|| strlen($parent_item['deny_gid'])) {
$private = (($parent_item['private']) ? $parent_item['private'] : 1);
}
@ -288,7 +288,7 @@ function item_post(&$a) {
$str_contact_deny = $parent_item['deny_cid'];
$str_group_deny = $parent_item['deny_gid'];
}
$pubmail_enable = ((x($_REQUEST,'pubmail_enable') && intval($_REQUEST['pubmail_enable']) && (! $private)) ? 1 : 0);
// if using the API, we won't see pubmail_enable - figure out if it should be set
@ -308,7 +308,7 @@ function item_post(&$a) {
if($preview)
killme();
info( t('Empty post discarded.') . EOL );
if(x($_REQUEST,'return'))
if(x($_REQUEST,'return'))
goaway($a->get_baseurl() . "/" . $return_path );
killme();
}
@ -361,7 +361,7 @@ function item_post(&$a) {
break;
}
}
}
}
if($contact_id) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
intval($contact_id)
@ -375,7 +375,7 @@ function item_post(&$a) {
}
// get contact info for owner
if($profile_uid == local_user()) {
$contact_record = $author;
}
@ -400,7 +400,7 @@ function item_post(&$a) {
/**
*
* When a photo was uploaded into the message using the (profile wall) ajax
* When a photo was uploaded into the message using the (profile wall) ajax
* uploader, The permissions are initially set to disallow anybody but the
* owner from seeing it. This is because the permissions may not yet have been
* set for the post. If it's private, the photo permissions should be set
@ -433,7 +433,7 @@ function item_post(&$a) {
if(! count($r))
continue;
$r = q("UPDATE `photo` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'
WHERE `resource-id` = '%s' AND `uid` = %d AND `album` = '%s' ",
@ -445,7 +445,7 @@ function item_post(&$a) {
intval($profile_uid),
dbesc( t('Wall Photos'))
);
}
}
}
@ -464,10 +464,10 @@ function item_post(&$a) {
$r = q("SELECT * FROM `attach` WHERE `uid` = %d AND `id` = %d LIMIT 1",
intval($profile_uid),
intval($attach)
);
);
if(count($r)) {
$r = q("UPDATE `attach` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'
WHERE `uid` = %d AND `id` = %d LIMIT 1",
WHERE `uid` = %d AND `id` = %d",
dbesc($str_contact_allow),
dbesc($str_group_allow),
dbesc($str_contact_deny),
@ -555,7 +555,7 @@ function item_post(&$a) {
// we tagged a private forum in a top level post and the message was public.
// Restrict it.
$private = 1;
$str_contact_allow = '<' . $private_id . '>';
$str_contact_allow = '<' . $private_id . '>';
}
$attachments = '';
@ -683,7 +683,7 @@ function item_post(&$a) {
if($orig_post) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `attach` = '%s', `file` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `attach` = '%s', `file` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d",
dbesc($datarray['title']),
dbesc($datarray['body']),
dbesc($datarray['tag']),
@ -786,7 +786,7 @@ function item_post(&$a) {
// Inherit ACL's from the parent item.
$r = q("UPDATE `item` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `private` = %d
WHERE `id` = %d LIMIT 1",
WHERE `id` = %d",
dbesc($parent_item['allow_cid']),
dbesc($parent_item['allow_gid']),
dbesc($parent_item['deny_cid']),
@ -849,7 +849,7 @@ function item_post(&$a) {
$parent = $post_id;
$r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `plink` = '%s', `changed` = '%s', `last-child` = 1, `visible` = 1
WHERE `id` = %d LIMIT 1",
WHERE `id` = %d",
intval($parent),
dbesc(($parent == $post_id) ? $uri : $parent_item['uri']),
dbesc($a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id),
@ -862,7 +862,7 @@ function item_post(&$a) {
// They will show up as people comment on them.
if(! $parent_item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d LIMIT 1",
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d",
intval($parent_item['id'])
);
}
@ -876,7 +876,7 @@ function item_post(&$a) {
// update the commented timestamp on the parent
q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1",
q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($parent)

View File

@ -168,7 +168,7 @@ function network_init(&$a) {
}
}
if(x($_GET,'remove')) {
q("delete from `search` where `uid` = %d and `term` = '%s' limit 1",
q("delete from `search` where `uid` = %d and `term` = '%s'",
intval(local_user()),
dbesc($search)
);
@ -675,11 +675,18 @@ function network_content(&$a, $update = 0) {
}*/
if($tag) {
$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d ",
dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
//$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d ",
// dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
//$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
$sql_order = "`term`.`tid`";
//$sql_order = "`term`.`tid`";
$sql_extra = "";
$sql_table = sprintf("`item` INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG), intval(local_user()));
$sql_order = "`item`.`received`";
} else {
if (get_config('system','use_fulltext_engine'))
$sql_extra = sprintf(" AND MATCH (`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode) ", dbesc(protect_sprintf($search)));

View File

@ -141,15 +141,22 @@ function search_content(&$a) {
if($tag) {
//$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d",
$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d group by `item`.`uri` ",
dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
$sql_order = "`term`.`tid`";
//$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d group by `item`.`uri` ",
// dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
//$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
//$sql_order = "`term`.`tid`";
//$sql_order = "`item`.`received`";
//$sql_extra = sprintf(" AND EXISTS (SELECT * FROM `term` WHERE `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d) GROUP BY `item`.`uri` ",
// dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
//$sql_table = "`item` FORCE INDEX (`uri`) ";
$sql_extra = "";
$sql_table = sprintf("`item` INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG), intval(local_user()));
$sql_order = "`item`.`received`";
} else {
if (get_config('system','use_fulltext_engine')) {
$sql_extra = sprintf(" AND MATCH (`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode) ", dbesc(protect_sprintf($search)));