diff --git a/include/api.php b/include/api.php index 35ebaef03..873006ac2 100644 --- a/include/api.php +++ b/include/api.php @@ -285,7 +285,7 @@ * Unique contact to contact url. */ function api_unique_id_to_url($id){ - $r = q("SELECT url FROM unique_contacts WHERE id=%d LIMIT 1", + $r = q("SELECT `url` FROM `unique_contacts` WHERE `id`=%d LIMIT 1", intval($id)); if ($r) return ($r[0]["url"]); @@ -390,9 +390,9 @@ $r = array(); if ($url != "") - $r = q("SELECT * FROM unique_contacts WHERE url='%s' LIMIT 1", $url); + $r = q("SELECT * FROM `unique_contacts` WHERE `url`='%s' LIMIT 1", $url); elseif ($nick != "") - $r = q("SELECT * FROM unique_contacts WHERE nick='%s' LIMIT 1", $nick); + $r = q("SELECT * FROM `unique_contacts` WHERE `nick`='%s' LIMIT 1", $nick); if ($r) { // If no nick where given, extract it from the address @@ -505,14 +505,14 @@ } // Fetching unique id - $r = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url']))); + $r = q("SELECT id FROM `unique_contacts` WHERE `url`='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url']))); // If not there, then add it if (count($r) == 0) { - q("INSERT INTO unique_contacts (url, name, nick, avatar) VALUES ('%s', '%s', '%s', '%s')", + q("INSERT INTO `unique_contacts` (`url`, `name`, `nick`, `avatar`) VALUES ('%s', '%s', '%s', '%s')", dbesc(normalise_link($uinfo[0]['url'])), dbesc($uinfo[0]['name']),dbesc($uinfo[0]['nick']), dbesc($uinfo[0]['micro'])); - $r = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url']))); + $r = q("SELECT `id` FROM `unique_contacts` WHERE `url`='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url']))); } $network_name = network_to_name($uinfo[0]['network'], $uinfo[0]['url']); @@ -552,36 +552,44 @@ function api_item_get_user(&$a, $item) { - $author = q("SELECT * FROM unique_contacts WHERE url='%s' LIMIT 1", + $author = q("SELECT * FROM `unique_contacts` WHERE `url`='%s' LIMIT 1", dbesc(normalise_link($item['author-link']))); if (count($author) == 0) { - q("INSERT INTO unique_contacts (url, name, avatar) VALUES ('%s', '%s', '%s')", - dbesc(normalise_link($item["author-link"])), dbesc($item["author-name"]), dbesc($item["author-avatar"])); + q("INSERT INTO `unique_contacts` (`url`, `name`, `avatar`) VALUES ('%s', '%s', '%s')", + dbesc(normalise_link($item["author-link"])), dbesc($item["author-name"]), dbesc($item["author-avatar"])); - $author = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", + $author = q("SELECT `id` FROM `unique_contacts` WHERE `url`='%s' LIMIT 1", dbesc(normalise_link($item['author-link']))); } else if ($item["author-link"].$item["author-name"] != $author[0]["url"].$author[0]["name"]) { - q("UPDATE unique_contacts SET name = '%s', avatar = '%s' WHERE (`name` != '%s' OR `avatar` != '%s') AND url = '%s'", - dbesc($item["author-name"]), dbesc($item["author-avatar"]), - dbesc($item["author-name"]), dbesc($item["author-avatar"]), - dbesc(normalise_link($item["author-link"]))); + $r = q("SELECT `id` FROM `unique_contacts` WHERE `name` = '%s' AND `avatar` = '%s' AND url = '%s'", + dbesc($item["author-name"]), dbesc($item["author-avatar"]), + dbesc(normalise_link($item["author-link"]))); + + if (!$r) + q("UPDATE `unique_contacts` SET `name` = '%s', `avatar` = '%s' WHERE `url` = '%s'", + dbesc($item["author-name"]), dbesc($item["author-avatar"]), + dbesc(normalise_link($item["author-link"]))); } - $owner = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", + $owner = q("SELECT `id` FROM `unique_contacts` WHERE `url`='%s' LIMIT 1", dbesc(normalise_link($item['owner-link']))); if (count($owner) == 0) { - q("INSERT INTO unique_contacts (url, name, avatar) VALUES ('%s', '%s', '%s')", - dbesc(normalise_link($item["owner-link"])), dbesc($item["owner-name"]), dbesc($item["owner-avatar"])); + q("INSERT INTO `unique_contacts` (`url`, `name`, `avatar`) VALUES ('%s', '%s', '%s')", + dbesc(normalise_link($item["owner-link"])), dbesc($item["owner-name"]), dbesc($item["owner-avatar"])); - $owner = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", + $owner = q("SELECT `id` FROM `unique_contacts` WHERE `url`='%s' LIMIT 1", dbesc(normalise_link($item['owner-link']))); } else if ($item["owner-link"].$item["owner-name"] != $owner[0]["url"].$owner[0]["name"]) { - q("UPDATE unique_contacts SET name = '%s', avatar = '%s' WHERE (`name` != '%s' OR `avatar` != '%s') AND url = '%s'", - dbesc($item["owner-name"]), dbesc($item["owner-avatar"]), - dbesc($item["owner-name"]), dbesc($item["owner-avatar"]), - dbesc(normalise_link($item["owner-link"]))); + $r = q("SELECT `id` FROM `unique_contacts` WHERE `name` = '%s' AND `avatar` = '%s' AND url = '%s'", + dbesc($item["owner-name"]), dbesc($item["owner-avatar"]), + dbesc(normalise_link($item["owner-link"]))); + + if (!$r) + q("UPDATE `unique_contacts` SET `name` = '%s', `avatar` = '%s' WHERE `url` = '%s'", + dbesc($item["owner-name"]), dbesc($item["owner-avatar"]), + dbesc(normalise_link($item["owner-link"]))); } // Comments in threads may appear as wall-to-wall postings. @@ -952,7 +960,7 @@ $in_reply_to_status_id= intval($lastwall['parent']); $in_reply_to_status_id_str = (string) intval($lastwall['parent']); - $r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($lastwall['item-author']))); + $r = q("SELECT * FROM `unique_contacts` WHERE `url` = '%s'", dbesc(normalise_link($lastwall['item-author']))); if ($r) { if ($r[0]['nick'] == "") $r[0]['nick'] = api_get_nick($r[0]["url"]); @@ -1074,7 +1082,7 @@ $in_reply_to_status_id = intval($lastwall['parent']); $in_reply_to_status_id_str = (string) intval($lastwall['parent']); - $r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($reply[0]['item-author']))); + $r = q("SELECT * FROM `unique_contacts` WHERE `url` = '%s'", dbesc(normalise_link($reply[0]['item-author']))); if ($r) { if ($r[0]['nick'] == "") $r[0]['nick'] = api_get_nick($r[0]["url"]); @@ -1135,9 +1143,9 @@ $userlist = array(); if (isset($_GET["q"])) { - $r = q("SELECT id FROM unique_contacts WHERE name='%s'", dbesc($_GET["q"])); + $r = q("SELECT id FROM `unique_contacts` WHERE `name`='%s'", dbesc($_GET["q"])); if (!count($r)) - $r = q("SELECT id FROM unique_contacts WHERE nick='%s'", dbesc($_GET["q"])); + $r = q("SELECT `id` FROM `unique_contacts` WHERE `nick`='%s'", dbesc($_GET["q"])); if (count($r)) { foreach ($r AS $user) { @@ -2180,7 +2188,7 @@ intval(api_user()), intval($in_reply_to_status_id)); if ($r) { - $r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($r[0]['author-link']))); + $r = q("SELECT * FROM `unique_contacts` WHERE `url` = '%s'", dbesc(normalise_link($r[0]['author-link']))); if ($r) { if ($r[0]['nick'] == "") @@ -2439,7 +2447,7 @@ $stringify_ids = (x($_REQUEST,'stringify_ids')?$_REQUEST['stringify_ids']:false); - $r = q("SELECT unique_contacts.id FROM contact, unique_contacts WHERE contact.nurl = unique_contacts.url AND `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra", + $r = q("SELECT `unique_contact`.`id` FROM contact, `unique_contacts` WHERE contact.nurl = unique_contacts.url AND `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra", intval(api_user()) ); @@ -2887,7 +2895,7 @@ function api_get_nick($profile) { //} if ($nick != "") { - q("UPDATE unique_contacts SET nick = '%s' WHERE `nick` != '%s' AND url = '%s'", + q("UPDATE `unique_contacts` SET `nick` = '%s' WHERE `nick` != '%s' AND url = '%s'", dbesc($nick), dbesc($nick), dbesc(normalise_link($profile))); return($nick); } diff --git a/include/delivery.php b/include/delivery.php index 659add2ad..cdd59451f 100644 --- a/include/delivery.php +++ b/include/delivery.php @@ -340,9 +340,9 @@ function delivery_run(&$argv, &$argc){ $ssl_policy = get_config('system','ssl_policy'); fix_contact_ssl_policy($x[0],$ssl_policy); - // If we are setup as a soapbox we aren't accepting input from this person + // If we are setup as a soapbox we aren't accepting top level posts from this person - if($x[0]['page-flags'] == PAGE_SOAPBOX) + if (($x[0]['page-flags'] == PAGE_SOAPBOX) AND $top_level) break; require_once('library/simplepie/simplepie.inc'); diff --git a/include/items.php b/include/items.php index 7a4648872..65c49bf26 100644 --- a/include/items.php +++ b/include/items.php @@ -2398,26 +2398,28 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) if ($name_updated > $contact_updated) $contact_updated = $name_updated; - $r = q("select * from contact where uid = %d and id = %d limit 1", + $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($contact['uid']), intval($contact['id']) ); - $x = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `id` = %d", + $x = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `id` = %d AND `name` != '%s'", dbesc(notags(trim($new_name))), dbesc(datetime_convert()), intval($contact['uid']), - intval($contact['id']) + intval($contact['id']), + dbesc(notags(trim($new_name))) ); // do our best to update the name on content items - if(count($r)) { - q("update item set `author-name` = '%s' where `author-name` = '%s' and `author-link` = '%s' and uid = %d", + if(count($r) AND (notags(trim($new_name)) != $r[0]['name'])) { + q("UPDATE `item` SET `author-name` = '%s' WHERE `author-name` = '%s' AND `author-link` = '%s' AND `uid` = %d AND `author-name` != '%s'", dbesc(notags(trim($new_name))), dbesc($r[0]['name']), dbesc($r[0]['url']), - intval($contact['uid']) + intval($contact['uid']), + dbesc(notags(trim($new_name))) ); } } @@ -3095,26 +3097,28 @@ function local_delivery($importer,$data) { if ($name_updated > $contact_updated) $contact_updated = $name_updated; - $r = q("select * from contact where uid = %d and id = %d limit 1", + $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($importer['importer_uid']), intval($importer['id']) ); - $x = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `id` = %d", + $x = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `id` = %d AND `name` != '%s'", dbesc(notags(trim($new_name))), dbesc(datetime_convert()), intval($importer['importer_uid']), - intval($importer['id']) + intval($importer['id']), + dbesc(notags(trim($new_name))) ); // do our best to update the name on content items - if(count($r)) { - q("update item set `author-name` = '%s' where `author-name` = '%s' and `author-link` = '%s' and uid = %d", + if(count($r) AND (notags(trim($new_name)) != $r[0]['name'])) { + q("UPDATE `item` SET `author-name` = '%s' WHERE `author-name` = '%s' AND `author-link` = '%s' AND `uid` = %d AND `author-name` != '%s'", dbesc(notags(trim($new_name))), dbesc($r[0]['name']), dbesc($r[0]['url']), - intval($importer['importer_uid']) + intval($importer['importer_uid']), + dbesc(notags(trim($new_name))) ); } } diff --git a/include/notifier.php b/include/notifier.php index 0f9cc8046..9dac5f114 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -734,9 +734,9 @@ function notifier_run(&$argv, &$argc){ $ssl_policy = get_config('system','ssl_policy'); fix_contact_ssl_policy($x[0],$ssl_policy); - // If we are setup as a soapbox we aren't accepting input from this person + // If we are setup as a soapbox we aren't accepting top level posts from this person - if($x[0]['page-flags'] == PAGE_SOAPBOX) + if (($x[0]['page-flags'] == PAGE_SOAPBOX) AND $top_level) break; require_once('library/simplepie/simplepie.inc'); diff --git a/mod/wall_upload.php b/mod/wall_upload.php index 8e7eaa027..8bf471d3d 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -16,10 +16,10 @@ function wall_upload_post(&$a, $desktopmode = true) { ); if(! count($r)){ - if ($r_json) { - echo json_encode(array('error'=>t('Invalid request.'))); - killme(); - } + if ($r_json) { + echo json_encode(array('error'=>t('Invalid request.'))); + killme(); + } return; } } else { @@ -29,10 +29,10 @@ function wall_upload_post(&$a, $desktopmode = true) { ); } } else { - if ($r_json) { - echo json_encode(array('error'=>t('Invalid request.'))); - killme(); - } + if ($r_json) { + echo json_encode(array('error'=>t('Invalid request.'))); + killme(); + } return; } @@ -73,18 +73,18 @@ function wall_upload_post(&$a, $desktopmode = true) { if(! $can_post) { - if ($r_json) { - echo json_encode(array('error'=>t('Permission denied.'))); - killme(); - } + if ($r_json) { + echo json_encode(array('error'=>t('Permission denied.'))); + killme(); + } notice( t('Permission denied.') . EOL ); killme(); } if(! x($_FILES,'userfile') && ! x($_FILES,'media')){ - if ($r_json) { - echo json_encode(array('error'=>t('Invalid request.'))); - } + if ($r_json) { + echo json_encode(array('error'=>t('Invalid request.'))); + } killme(); } @@ -118,10 +118,10 @@ function wall_upload_post(&$a, $desktopmode = true) { } if ($src=="") { - if ($r_json) { - echo json_encode(array('error'=>t('Invalid request.'))); - killme(); - } + if ($r_json) { + echo json_encode(array('error'=>t('Invalid request.'))); + killme(); + } notice(t('Invalid request.').EOL); killme(); } @@ -243,9 +243,9 @@ function wall_upload_post(&$a, $desktopmode = true) { $r = q("SELECT `id`, `datasize`, `width`, `height`, `type` FROM `photo` WHERE `resource-id` = '%s' ORDER BY `width` DESC LIMIT 1", $hash); if (!$r){ if ($r_json) { - echo json_encode(array('error'=>'')); - killme(); - } + echo json_encode(array('error'=>'')); + killme(); + } return false; } $picture = array(); @@ -260,16 +260,16 @@ function wall_upload_post(&$a, $desktopmode = true) { $picture["preview"] = $a->get_baseurl()."/photo/{$hash}-{$smallest}.".$ph->getExt(); if ($r_json) { - echo json_encode(array('picture'=>$picture)); - killme(); - } + echo json_encode(array('picture'=>$picture)); + killme(); + } return $picture; } if ($r_json) { - echo json_encode(array('ok'=>true)); - killme(); - } + echo json_encode(array('ok'=>true)); + killme(); + } /* mod Waitman Gobble NO WARRANTY */