diff --git a/include/Contact.php b/include/Contact.php index 6daba33844..ab74a2f866 100644 --- a/include/Contact.php +++ b/include/Contact.php @@ -481,9 +481,9 @@ function get_contact($url, $uid = 0) { if ($contactid == 0) { q("INSERT INTO `contact` (`uid`, `created`, `url`, `nurl`, `addr`, `alias`, `notify`, `poll`, `name`, `nick`, `photo`, `network`, `pubkey`, `rel`, `priority`, - `batch`, `request`, `confirm`, `poco`, + `batch`, `request`, `confirm`, `poco`, `name-date`, `uri-date`, `writable`, `blocked`, `readonly`, `pending`) - VALUES (%d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', 1, 0, 0, 0)", + VALUES (%d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', 1, 0, 0, 0)", intval($uid), dbesc(datetime_convert()), dbesc($data["url"]), @@ -502,7 +502,9 @@ function get_contact($url, $uid = 0) { dbesc($data["batch"]), dbesc($data["request"]), dbesc($data["confirm"]), - dbesc($data["poco"]) + dbesc($data["poco"]), + dbesc(datetime_convert()), + dbesc(datetime_convert()) ); $contact = q("SELECT `id` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d ORDER BY `id` LIMIT 2", @@ -533,16 +535,27 @@ function get_contact($url, $uid = 0) { update_contact_avatar($data["photo"],$uid,$contactid); - q("UPDATE `contact` SET `addr` = '%s', `alias` = '%s', `name` = '%s', `nick` = '%s', - `name-date` = '%s', `uri-date` = '%s' WHERE `id` = %d", - dbesc($data["addr"]), - dbesc($data["alias"]), - dbesc($data["name"]), - dbesc($data["nick"]), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - intval($contactid) - ); + $r = q("SELECT `addr`, `alias`, `name`, `nick` FROM `contact` WHERE `id` = %d", intval($contactid)); + + // This condition should always be true + if (!dbm::is_result($r)) + return $contactid; + + // Only update if there had something been changed + if (($data["addr"] != $r[0]["addr"]) OR + ($data["alias"] != $r[0]["alias"]) OR + ($data["name"] != $r[0]["name"]) OR + ($data["nick"] != $r[0]["nick"])) + q("UPDATE `contact` SET `addr` = '%s', `alias` = '%s', `name` = '%s', `nick` = '%s', + `name-date` = '%s', `uri-date` = '%s' WHERE `id` = %d", + dbesc($data["addr"]), + dbesc($data["alias"]), + dbesc($data["name"]), + dbesc($data["nick"]), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + intval($contactid) + ); return $contactid; } diff --git a/include/Core/Config.php b/include/Core/Config.php index a93f188148..d76a7c2b2b 100644 --- a/include/Core/Config.php +++ b/include/Core/Config.php @@ -132,15 +132,33 @@ class Config { $dbvalue = (is_array($value)?serialize($value):$value); $dbvalue = (is_bool($dbvalue) ? intval($dbvalue) : $dbvalue); - $ret = q("INSERT INTO `config` ( `cat`, `k`, `v` ) VALUES ( '%s', '%s', '%s' ) -ON DUPLICATE KEY UPDATE `v` = '%s'", + // The "INSERT" command is very cost intense. It saves performance to do it this way. + $ret = q("SELECT `v` FROM `config` WHERE `cat` = '%s' AND `k` = '%s' ORDER BY `id` DESC LIMIT 1", dbesc($family), - dbesc($key), - dbesc($dbvalue), - dbesc($dbvalue) + dbesc($key) ); + + // It would be better to use the dbm class. + // But there is an autoloader issue that I don't know how to fix: + // "Class 'Friendica\Core\dbm' not found" + //if (!dbm::is_result($ret)) + if (!$ret) + $ret = q("INSERT INTO `config` (`cat`, `k`, `v`) VALUES ('%s', '%s', '%s') ON DUPLICATE KEY UPDATE `v` = '%s'", + dbesc($family), + dbesc($key), + dbesc($dbvalue), + dbesc($dbvalue) + ); + elseif ($ret[0]['v'] != $dbvalue) + $ret = q("UPDATE `config` SET `v` = '%s' WHERE `cat` = '%s' AND `k` = '%s'", + dbesc($dbvalue), + dbesc($family), + dbesc($key) + ); + if($ret) return $value; + return $ret; } diff --git a/include/Core/PConfig.php b/include/Core/PConfig.php index de8994d1de..70f83adcbc 100644 --- a/include/Core/PConfig.php +++ b/include/Core/PConfig.php @@ -128,14 +128,32 @@ class PConfig { $a->config[$uid][$family][$key] = $value; - $ret = q("INSERT INTO `pconfig` ( `uid`, `cat`, `k`, `v` ) VALUES ( %d, '%s', '%s', '%s' ) -ON DUPLICATE KEY UPDATE `v` = '%s'", + // The "INSERT" command is very cost intense. It saves performance to do it this way. + $ret = q("SELECT `v` FROM `pconfig` WHERE `uid` = %d AND `cat` = '%s' AND `k` = '%s' ORDER BY `id` DESC LIMIT 1", intval($uid), dbesc($family), - dbesc($key), - dbesc($dbvalue), - dbesc($dbvalue) + dbesc($key) ); + + // It would be better to use the dbm class. + // My lacking knowdledge in autoloaders prohibits this. + // if (!dbm::is_result($ret)) + if (!$ret) + $ret = q("INSERT INTO `pconfig` (`uid`, `cat`, `k`, `v`) VALUES (%d, '%s', '%s', '%s') ON DUPLICATE KEY UPDATE `v` = '%s'", + intval($uid), + dbesc($family), + dbesc($key), + dbesc($dbvalue), + dbesc($dbvalue) + ); + elseif ($ret[0]['v'] != $dbvalue) + $ret = q("UPDATE `pconfig` SET `v` = '%s' WHERE `uid` = %d AND `cat` = '%s' AND `k` = '%s'", + dbesc($dbvalue), + intval($uid), + dbesc($family), + dbesc($key) + ); + if($ret) return $value; return $ret; diff --git a/include/dba.php b/include/dba.php index 2d96886dce..a9ed9e5a05 100644 --- a/include/dba.php +++ b/include/dba.php @@ -362,7 +362,7 @@ function qu($sql) { $stmt = @vsprintf($sql,$args); // Disabled warnings if($stmt === false) logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true), LOGGER_DEBUG); - $db->q("SET SESSION TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;"); + $db->q("SET TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;"); $retval = $db->q($stmt); $db->q("COMMIT;"); return $retval; diff --git a/include/dbstructure.php b/include/dbstructure.php index fdf09d90de..2aefdf45c1 100644 --- a/include/dbstructure.php +++ b/include/dbstructure.php @@ -1120,7 +1120,7 @@ function db_definition($charset) { ), "indexes" => array( "PRIMARY" => array("id"), - "uid" => array("uid"), + "uid_contactid" => array("uid", "contact-id"), "resource-id" => array("resource-id"), "guid" => array("guid"), ) diff --git a/include/items.php b/include/items.php index aec51ba318..0741e1b3d4 100644 --- a/include/items.php +++ b/include/items.php @@ -705,22 +705,34 @@ function item_store($arr,$force_parent = false, $notify = false, $dontcache = fa dbesc(NETWORK_DFRN), intval($arr['uid']) ); - if($r && count($r)) { - logger('duplicated item with the same uri found. ' . print_r($arr,true)); + if (dbm::is_result($r)) { + logger('duplicated item with the same uri found. '.print_r($arr,true)); return 0; } - // Check for an existing post with the same content. There seems to be a problem with OStatus. - $r = q("SELECT `id` FROM `item` WHERE `body` = '%s' AND `network` = '%s' AND `created` = '%s' AND `contact-id` = %d AND `uid` = %d LIMIT 1", - dbesc($arr['body']), - dbesc($arr['network']), - dbesc($arr['created']), - intval($arr['contact-id']), - intval($arr['uid']) - ); - if($r && count($r)) { - logger('duplicated item with the same body found. ' . print_r($arr,true)); - return 0; + // On Friendica and Diaspora the GUID is unique + if (in_array($arr['network'], array(NETWORK_DFRN, NETWORK_DIASPORA))) { + $r = q("SELECT `id` FROM `item` WHERE `guid` = '%s' AND `uid` = %d LIMIT 1", + dbesc($arr['guid']), + intval($arr['uid']) + ); + if (dbm::is_result($r)) { + logger('duplicated item with the same guid found. '.print_r($arr,true)); + return 0; + } + } else { + // Check for an existing post with the same content. There seems to be a problem with OStatus. + $r = q("SELECT `id` FROM `item` WHERE `body` = '%s' AND `network` = '%s' AND `created` = '%s' AND `contact-id` = %d AND `uid` = %d LIMIT 1", + dbesc($arr['body']), + dbesc($arr['network']), + dbesc($arr['created']), + intval($arr['contact-id']), + intval($arr['uid']) + ); + if (dbm::is_result($r)) { + logger('duplicated item with the same body found. '.print_r($arr,true)); + return 0; + } } // Is this item available in the global items (with uid=0)? diff --git a/include/poller.php b/include/poller.php index c1761e302d..bbec43ae7b 100644 --- a/include/poller.php +++ b/include/poller.php @@ -91,11 +91,16 @@ function poller_run(&$argv, &$argc){ if (poller_too_much_workers()) return; - q("UPDATE `workerqueue` SET `executed` = '%s', `pid` = %d WHERE `id` = %d AND `executed` = '0000-00-00 00:00:00'", + $upd = q("UPDATE `workerqueue` SET `executed` = '%s', `pid` = %d WHERE `id` = %d AND `pid` = 0", dbesc(datetime_convert()), intval($mypid), intval($r[0]["id"])); + if (!$upd) { + logger("Couldn't update queue entry ".$r[0]["id"]." - skip this execution", LOGGER_DEBUG); + continue; + } + // Assure that there are no tasks executed twice $id = q("SELECT `pid`, `executed` FROM `workerqueue` WHERE `id` = %d", intval($r[0]["id"])); if (!$id) { diff --git a/mod/community.php b/mod/community.php index 06a96c7403..c8d1e0c9dd 100644 --- a/mod/community.php +++ b/mod/community.php @@ -49,7 +49,7 @@ function community_content(&$a, $update = 0) { // OR your own posts if you are a logged in member if(get_config('system', 'old_pager')) { - $r = q("SELECT COUNT(distinct(`item`.`uri`)) AS `total` + $r = qu("SELECT COUNT(distinct(`item`.`uri`)) AS `total` FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 INNER JOIN `user` ON `user`.`uid` = `item`.`uid` AND `user`.`hidewall` = 0 @@ -120,7 +120,7 @@ function community_getitems($start, $itemspage) { if (get_config('system','community_page_style') == CP_GLOBAL_COMMUNITY) return(community_getpublicitems($start, $itemspage)); - $r = q("SELECT %s + $r = qu("SELECT %s FROM `thread` FORCE INDEX (`wall_private_received`) INNER JOIN `user` ON `user`.`uid` = `thread`.`uid` AND NOT `user`.`hidewall` INNER JOIN `item` ON `item`.`id` = `thread`.`iid` @@ -140,7 +140,7 @@ function community_getitems($start, $itemspage) { function community_getpublicitems($start, $itemspage) { - $r = q("SELECT %s + $r = qu("SELECT %s FROM `thread` INNER JOIN `item` ON `item`.`id` = `thread`.`iid` %s WHERE `thread`.`uid` = 0 diff --git a/mod/display.php b/mod/display.php index f879a91aec..01a66c93b6 100644 --- a/mod/display.php +++ b/mod/display.php @@ -16,7 +16,7 @@ function display_init(&$a) { // Does the local user have this item? if (local_user()) { - $r = q("SELECT `id`, `parent`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid`, `owner-link` FROM `item` + $r = qu("SELECT `id`, `parent`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid`, `owner-link` FROM `item` WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` AND `guid` = '%s' AND `uid` = %d", dbesc($a->argv[1]), local_user()); if (count($r)) { @@ -27,7 +27,7 @@ function display_init(&$a) { // Or is it anywhere on the server? if ($nick == "") { - $r = q("SELECT `user`.`nickname`, `item`.`id`, `item`.`parent`, `item`.`author-name`, + $r = qu("SELECT `user`.`nickname`, `item`.`id`, `item`.`parent`, `item`.`author-name`, `item`.`author-link`, `item`.`author-avatar`, `item`.`network`, `item`.`uid`, `item`.`owner-link`, `item`.`body` FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid` WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` @@ -44,7 +44,7 @@ function display_init(&$a) { // Is it an item with uid=0? if ($nick == "") { - $r = q("SELECT `item`.`id`, `item`.`parent`, `item`.`author-name`, `item`.`author-link`, + $r = qu("SELECT `item`.`id`, `item`.`parent`, `item`.`author-name`, `item`.`author-link`, `item`.`author-avatar`, `item`.`network`, `item`.`uid`, `item`.`owner-link`, `item`.`body` FROM `item` WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' @@ -55,7 +55,7 @@ function display_init(&$a) { } if (count($r)) { if ($r[0]["id"] != $r[0]["parent"]) - $r = q("SELECT `id`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid`, `owner-link` FROM `item` + $r = qu("SELECT `id`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid`, `owner-link` FROM `item` WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` AND `id` = %d", $r[0]["parent"]); @@ -65,7 +65,7 @@ function display_init(&$a) { // We really should change this need for the future since it scales very bad. $contactid = get_contact($r[0]['owner-link'], local_user()); if ($contactid) { - $items = q("SELECT * FROM `item` WHERE `parent` = %d ORDER BY `id`", intval($r[0]["id"])); + $items = qu("SELECT * FROM `item` WHERE `parent` = %d ORDER BY `id`", intval($r[0]["id"])); foreach ($items AS $item) { $itemcontactid = get_contact($item['owner-link'], local_user()); if (!$itemcontactid) @@ -87,7 +87,7 @@ function display_init(&$a) { $nickname = str_replace(normalise_link($a->get_baseurl())."/profile/", "", normalise_link($profiledata["url"])); if (($nickname != $a->user["nickname"])) { - $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile` + $r = qu("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile` INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid` WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` AND `contact`.`self` LIMIT 1", dbesc($nickname) @@ -228,7 +228,7 @@ function display_content(&$a, $update = 0) { $nick = ""; if (local_user()) { - $r = q("SELECT `id` FROM `item` + $r = qu("SELECT `id` FROM `item` WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` AND `guid` = '%s' AND `uid` = %d", dbesc($a->argv[1]), local_user()); if (count($r)) { @@ -238,7 +238,7 @@ function display_content(&$a, $update = 0) { } if ($nick == "") { - $r = q("SELECT `user`.`nickname`, `item`.`id` FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid` + $r = qu("SELECT `user`.`nickname`, `item`.`id` FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid` WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' @@ -251,7 +251,7 @@ function display_content(&$a, $update = 0) { } } if ($nick == "") { - $r = q("SELECT `item`.`id` FROM `item` + $r = qu("SELECT `item`.`id` FROM `item` WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' @@ -266,7 +266,7 @@ function display_content(&$a, $update = 0) { } if ($item_id AND !is_numeric($item_id)) { - $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", + $r = qu("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($a->profile['uid'])); if ($r) $item_id = $r[0]["id"]; @@ -299,7 +299,7 @@ function display_content(&$a, $update = 0) { if($contact_id) { $groups = init_groups_visitor($contact_id); - $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = qu("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), intval($a->profile['uid']) ); @@ -316,7 +316,7 @@ function display_content(&$a, $update = 0) { } } - $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1", + $r = qu("SELECT * FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1", intval($a->profile['uid']) ); if(count($r)) @@ -351,7 +351,7 @@ function display_content(&$a, $update = 0) { if($update) { - $r = q("SELECT `id` FROM `item` WHERE `item`.`uid` = %d + $r = qu("SELECT `id` FROM `item` WHERE `item`.`uid` = %d AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `id` = %d) $sql_extra AND `unseen`", intval($a->profile['uid']), @@ -362,7 +362,7 @@ function display_content(&$a, $update = 0) { return ''; } - $r = q(item_query()." AND `item`.`uid` = %d + $r = qu(item_query()." AND `item`.`uid` = %d AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `id` = %d) $sql_extra ORDER BY `parent` DESC, `gravity` ASC, `id` ASC", @@ -373,7 +373,7 @@ function display_content(&$a, $update = 0) { if(!$r && local_user()) { // Check if this is another person's link to a post that we have - $r = q("SELECT `item`.uri FROM `item` + $r = qu("SELECT `item`.uri FROM `item` WHERE (`item`.`id` = %d OR `item`.`uri` = '%s') LIMIT 1", intval($item_id), @@ -382,7 +382,7 @@ function display_content(&$a, $update = 0) { if($r) { $item_uri = $r[0]['uri']; - $r = q(item_query()." AND `item`.`uid` = %d + $r = qu(item_query()." AND `item`.`uid` = %d AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `uri` = '%s' AND uid = %d) ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ", intval(local_user()), @@ -462,7 +462,7 @@ function display_content(&$a, $update = 0) { return $o; } - $r = q("SELECT `id`,`deleted` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1", + $r = qu("SELECT `id`,`deleted` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1", dbesc($item_id), dbesc($item_id) ); diff --git a/mod/network.php b/mod/network.php index f4af489db9..559bad0a3e 100644 --- a/mod/network.php +++ b/mod/network.php @@ -122,7 +122,7 @@ function network_init(&$a) { $search = ((x($_GET,'search')) ? escape_tags($_GET['search']) : ''); if(x($_GET,'save')) { - $r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1", + $r = qu("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1", intval(local_user()), dbesc($search) ); @@ -176,7 +176,7 @@ function saved_searches($search) { $o = ''; - $r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d", + $r = qu("SELECT `id`,`term` FROM `search` WHERE `uid` = %d", intval(local_user()) ); @@ -375,7 +375,7 @@ function network_content(&$a, $update = 0) { $def_acl = array('allow_cid' => '<' . intval($cid) . '>'); if($nets) { - $r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND network = '%s' AND `self` = 0", + $r = qu("SELECT `id` FROM `contact` WHERE `uid` = %d AND network = '%s' AND `self` = 0", intval(local_user()), dbesc($nets) ); @@ -408,7 +408,7 @@ function network_content(&$a, $update = 0) { if ($cid) { // If $cid belongs to a communitity forum or a privat goup,.add a mention to the status editor - $contact = q("SELECT `nick` FROM `contact` WHERE `id` = %d AND `uid` = %d AND (`forum` OR `prv`) ", + $contact = qu("SELECT `nick` FROM `contact` WHERE `id` = %d AND `uid` = %d AND (`forum` OR `prv`) ", intval($cid), intval(local_user()) ); @@ -458,7 +458,7 @@ function network_content(&$a, $update = 0) { $sql_nets = (($nets) ? sprintf(" and $sql_table.`network` = '%s' ", dbesc($nets)) : ''); if($group) { - $r = q("SELECT `name`, `id` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = qu("SELECT `name`, `id` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($group), intval($_SESSION['uid']) ); @@ -479,7 +479,7 @@ function network_content(&$a, $update = 0) { $contact_str = implode(',',$contacts); $gcontact_str = implode(',',$gcontacts); - $self = q("SELECT `contact`.`id`, `gcontact`.`id` AS `gid` FROM `contact` + $self = qu("SELECT `contact`.`id`, `gcontact`.`id` AS `gid` FROM `contact` INNER JOIN `gcontact` ON `gcontact`.`nurl` = `contact`.`nurl` WHERE `uid` = %d AND `self`", intval($_SESSION['uid'])); if (count($self)) { @@ -502,7 +502,7 @@ function network_content(&$a, $update = 0) { } elseif($cid) { - $r = q("SELECT `id`,`name`,`network`,`writable`,`nurl`, `forum`, `prv`, `contact-type`, `addr`, `thumb`, `location` FROM `contact` WHERE `id` = %d + $r = qu("SELECT `id`,`name`,`network`,`writable`,`nurl`, `forum`, `prv`, `contact-type`, `addr`, `thumb`, `location` FROM `contact` WHERE `id` = %d AND `blocked` = 0 AND `pending` = 0 LIMIT 1", intval($cid) ); @@ -600,7 +600,7 @@ function network_content(&$a, $update = 0) { } else { if(get_config('system', 'old_pager')) { - $r = q("SELECT COUNT(*) AS `total` + $r = qu("SELECT COUNT(*) AS `total` FROM $sql_table $sql_post_table INNER JOIN `contact` ON `contact`.`id` = $sql_table.`contact-id` AND NOT `contact`.`blocked` AND NOT `contact`.`pending` WHERE $sql_table.`uid` = %d AND $sql_table.`visible` AND NOT $sql_table.`deleted` @@ -640,7 +640,7 @@ function network_content(&$a, $update = 0) { $sql_order = "`item`.`received`"; // "New Item View" - show all items unthreaded in reverse created date order - $items = q("SELECT %s FROM $sql_table $sql_post_table %s + $items = qu("SELECT %s FROM $sql_table $sql_post_table %s WHERE %s AND `item`.`uid` = %d $simple_update $sql_extra $sql_nets @@ -678,7 +678,7 @@ function network_content(&$a, $update = 0) { else $sql_extra4 = ""; - $r = q("SELECT `item`.`parent` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`uid` AS `contact_uid` + $r = qu("SELECT `item`.`parent` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`uid` AS `contact_uid` FROM $sql_table $sql_post_table INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND NOT `contact`.`blocked` AND NOT `contact`.`pending` WHERE `item`.`uid` = %d AND `item`.`visible` AND NOT `item`.`deleted` $sql_extra4 @@ -688,7 +688,7 @@ function network_content(&$a, $update = 0) { intval(local_user()) ); } else { - $r = q("SELECT `thread`.`iid` AS `item_id`, `thread`.`network` AS `item_network`, `contact`.`uid` AS `contact_uid` + $r = qu("SELECT `thread`.`iid` AS `item_id`, `thread`.`network` AS `item_network`, `contact`.`uid` AS `contact_uid` FROM $sql_table $sql_post_table STRAIGHT_JOIN `contact` ON `contact`.`id` = `thread`.`contact-id` AND NOT `contact`.`blocked` AND NOT `contact`.`pending` WHERE `thread`.`uid` = %d AND `thread`.`visible` AND NOT `thread`.`deleted` @@ -722,7 +722,7 @@ function network_content(&$a, $update = 0) { $items = array(); foreach ($parents_arr AS $parents) { - $thread_items = q(item_query()." AND `item`.`uid` = %d + $thread_items = qu(item_query()." AND `item`.`uid` = %d AND `item`.`parent` = %d ORDER BY `item`.`commented` DESC LIMIT %d", intval(local_user()), diff --git a/mod/photo.php b/mod/photo.php index 4166b4d539..0d60282d5f 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -72,7 +72,7 @@ function photo_init(&$a) { $uid = str_replace(array('.jpg','.png'),array('',''), $person); - $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1", + $r = qu("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1", intval($resolution), intval($uid) ); @@ -102,7 +102,7 @@ function photo_init(&$a) { } // check if the photo exists and get the owner of the photo - $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", + $r = qu("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", dbesc($photo), intval($resolution) ); @@ -112,7 +112,7 @@ function photo_init(&$a) { // Now we'll see if we can access the photo - $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1", + $r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1", dbesc($photo), intval($resolution) ); diff --git a/mod/proxy.php b/mod/proxy.php index abcaf49127..a4fbdd2440 100644 --- a/mod/proxy.php +++ b/mod/proxy.php @@ -135,7 +135,7 @@ function proxy_init() { $valid = true; if (!$direct_cache AND ($cachefile == "")) { - $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", $urlhash); + $r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", $urlhash); if (count($r)) { $img_str = $r[0]['data']; $mime = $r[0]["desc"];