diff --git a/include/api.php b/include/api.php index af9fe7736b..90a7bc2d90 100644 --- a/include/api.php +++ b/include/api.php @@ -3627,17 +3627,12 @@ function api_direct_messages_new($type) $recipient = null; if (!empty($_POST['screen_name'])) { - $r = q( - "SELECT `id`, `nurl`, `network` FROM `contact` WHERE `uid`=%d AND `nick`='%s'", - intval(api_user()), - DBA::escape($_POST['screen_name']) - ); - - if (DBA::isResult($r)) { + $contacts = Contact::selectFirst(['id', 'nurl', 'network'], ['uid' => api_user(), 'nick' => $_POST['screen_name']]); + if (DBA::isResult($contacts)) { // Selecting the id by priority, friendica first - api_best_nickname($r); + api_best_nickname($contacts); - $recipient = api_get_user($a, $r[0]['nurl']); + $recipient = api_get_user($a, $contacts[0]['nurl']); } } else { $recipient = api_get_user($a, $_POST['user_id']); @@ -3649,13 +3644,9 @@ function api_direct_messages_new($type) $replyto = ''; if (!empty($_REQUEST['replyto'])) { - $r = q( - 'SELECT `parent-uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d', - intval(api_user()), - intval($_REQUEST['replyto']) - ); - $replyto = $r[0]['parent-uri']; - $sub = $r[0]['title']; + $mail = DBA::selectFirst('mail', ['parent-uri', 'title'], ['uid' => api_user(), 'id' => $_REQUEST['replyto']]); + $replyto = $mail['parent-uri']; + $sub = $mail['title']; } else { if (!empty($_REQUEST['title'])) { $sub = $_REQUEST['title']; @@ -3667,10 +3658,10 @@ function api_direct_messages_new($type) $id = Mail::send($recipient['cid'], $_POST['text'], $sub, $replyto); if ($id > -1) { - $r = q("SELECT * FROM `mail` WHERE id=%d", intval($id)); - $ret = api_format_messages($r[0], $recipient, $sender); + $mail = DBA::selectFirst('mail', [], ['id' => $id]); + $ret = api_format_messages($mail, $recipient, $sender); } else { - $ret = ["error"=>$id]; + $ret = ["error" => $id]; } $data = ['direct_message'=>$ret]; @@ -5084,25 +5075,19 @@ function api_friendica_group_show($type) // get data of the specified group id or all groups if not specified if ($gid != 0) { - $r = q( - "SELECT * FROM `group` WHERE `deleted` = 0 AND `uid` = %d AND `id` = %d", - intval($uid), - intval($gid) - ); + $groups = DBA::selectToArray('group', [], ['deleted' => false, 'uid' => $uid, 'id' => $gid]); + // error message if specified gid is not in database - if (!DBA::isResult($r)) { + if (!DBA::isResult($groups)) { throw new BadRequestException("gid not available"); } } else { - $r = q( - "SELECT * FROM `group` WHERE `deleted` = 0 AND `uid` = %d", - intval($uid) - ); + $groups = DBA::selectToArray('group', [], ['deleted' => false, 'uid' => $uid]); } // loop through all groups and retrieve all members for adding data in the user array $grps = []; - foreach ($r as $rr) { + foreach ($groups as $rr) { $members = Contact\Group::getById($rr['id']); $users = []; @@ -5158,26 +5143,13 @@ function api_friendica_group_delete($type) throw new BadRequestException('gid or name not specified'); } - // get data of the specified group id - $r = q( - "SELECT * FROM `group` WHERE `uid` = %d AND `id` = %d", - intval($uid), - intval($gid) - ); // error message if specified gid is not in database - if (!DBA::isResult($r)) { + if (!DBA::exists('group', ['uid' => $uid, 'id' => $gid])) { throw new BadRequestException('gid not available'); } - // get data of the specified group id and group name - $rname = q( - "SELECT * FROM `group` WHERE `uid` = %d AND `id` = %d AND `name` = '%s'", - intval($uid), - intval($gid), - DBA::escape($name) - ); // error message if specified gid is not in database - if (!DBA::isResult($rname)) { + if (!DBA::exists('group', ['uid' => $uid, 'id' => $gid, 'name' => $name])) { throw new BadRequestException('wrong group name'); } @@ -5261,25 +5233,13 @@ function group_create($name, $uid, $users = []) throw new BadRequestException('group name not specified'); } - // get data of the specified group name - $rname = q( - "SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' AND `deleted` = 0", - intval($uid), - DBA::escape($name) - ); - // error message if specified group name already exists - if (DBA::isResult($rname)) { + // error message if specified group name already exists + if (DBA::exists('group', ['uid' => $uid, 'name' => $name, 'deleted' => false])) { throw new BadRequestException('group name already exists'); } - // check if specified group name is a deleted group - $rname = q( - "SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' AND `deleted` = 1", - intval($uid), - DBA::escape($name) - ); - // error message if specified group name already exists - if (DBA::isResult($rname)) { + // Check if the group needs to be reactivated + if (DBA::exists('group', ['uid' => $uid, 'name' => $name, 'deleted' => true])) { $reactivate_group = true; } @@ -5296,13 +5256,7 @@ function group_create($name, $uid, $users = []) $errorusers = []; foreach ($users as $user) { $cid = $user['cid']; - // check if user really exists as contact - $contact = q( - "SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d", - intval($cid), - intval($uid) - ); - if (count($contact)) { + if (DBA::exists('contact', ['id' => $cid, 'uid' => $uid])) { Group::addMember($gid, $cid); } else { $erroraddinguser = true; @@ -5444,14 +5398,8 @@ function api_friendica_group_update($type) $errorusers = []; foreach ($users as $user) { $cid = $user['cid']; - // check if user really exists as contact - $contact = q( - "SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d", - intval($cid), - intval($uid) - ); - if (count($contact)) { + if (DBA::exists('contact', ['id' => $cid, 'uid' => $uid])) { Group::addMember($gid, $cid); } else { $erroraddinguser = true; diff --git a/mod/fbrowser.php b/mod/fbrowser.php index 53aa255a2e..359e83e111 100644 --- a/mod/fbrowser.php +++ b/mod/fbrowser.php @@ -79,13 +79,8 @@ function fbrowser_content(App $a) $filename_e = $rr['filename']; // Take the largest picture that is smaller or equal 640 pixels - $p = q("SELECT `scale` FROM `photo` WHERE `resource-id` = '%s' AND `height` <= 640 AND `width` <= 640 ORDER BY `resource-id`, `scale` LIMIT 1", - DBA::escape($rr['resource-id'])); - if ($p) { - $scale = $p[0]["scale"]; - } else { - $scale = $rr['loq']; - } + $photo = Photo::selectFirst(['scale'], ["`resource-id` = ? AND `height` <= ? AND `width` <= ?", $rr['resource-id'], 640, 640, ['order' => ['scale']]]); + $scale = $photo['scale'] ?? $rr['loq']; return [ DI::baseUrl() . '/photos/' . $a->getLoggedInUserNickname() . '/image/' . $rr['resource-id'], @@ -110,9 +105,7 @@ function fbrowser_content(App $a) break; case "file": if (DI::args()->getArgc()==2) { - $files = q("SELECT `id`, `filename`, `filetype` FROM `attach` WHERE `uid` = %d ", - intval(local_user()) - ); + $files = DBA::selectToArray('attach', ['id', 'filename', 'filetype'], ['uid' => local_user()]); function _map_files2($rr) { diff --git a/mod/photos.php b/mod/photos.php index a15e80d05b..52ab42bf1f 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -214,11 +214,7 @@ function photos_post(App $a) // RENAME photo album $newalbum = Strings::escapeTags(trim($_POST['albumname'])); if ($newalbum != $album) { - q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d", - DBA::escape($newalbum), - DBA::escape($album), - intval($page_owner_uid) - ); + Photo::update(['album' => $newalbum], ['album' => $album, 'uid' => $page_owner_uid]); // Update the photo albums cache Photo::clearAlbumCache($page_owner_uid); diff --git a/mod/repair_ostatus.php b/mod/repair_ostatus.php index bc6b177f95..edbd2e940a 100644 --- a/mod/repair_ostatus.php +++ b/mod/repair_ostatus.php @@ -27,52 +27,38 @@ use Friendica\Model\Contact; function repair_ostatus_content(App $a) { - if (! local_user()) { + if (!local_user()) { notice(DI::l10n()->t('Permission denied.')); DI::baseUrl()->redirect('ostatus_repair'); // NOTREACHED } - $o = "
".$counter."/".$total.": ".$r[0]["url"]."
"; + $o .= "" . $counter . "/" . $total . ": " . $contact[0]["url"] . "
"; - $o .= "".DI::l10n()->t("Keep this window open until done.")."
"; + $o .= "" . DI::l10n()->t("Keep this window open until done.") . "
"; - Contact::createFromProbeForUser($a->getLoggedInUserId(), $r[0]["url"]); + Contact::createFromProbeForUser($a->getLoggedInUserId(), $contact[0]["url"]); - DI::page()['htmlhead'] = ''; + DI::page()['htmlhead'] = ''; return $o; } diff --git a/mod/settings.php b/mod/settings.php index 9ece81b556..9ea99789d1 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -93,11 +93,7 @@ function settings_post(App $a) $mail_pubmail = $_POST['mail_pubmail'] ?? ''; if (function_exists('imap_open') && !DI::config()->get('system', 'imap_disabled')) { - $failed = false; - $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", - intval(local_user()) - ); - if (!DBA::isResult($r)) { + if (!DBA::exists('mailacct', ['uid' => local_user()])) { DBA::insert('mailacct', ['uid' => local_user()]); } if (strlen($mail_pass)) { @@ -105,34 +101,30 @@ function settings_post(App $a) openssl_public_encrypt($mail_pass, $pass, $user['pubkey']); DBA::update('mailacct', ['pass' => bin2hex($pass)], ['uid' => local_user()]); } - $r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s', - `action` = %d, `movetofolder` = '%s', - `mailbox` = 'INBOX', `reply_to` = '%s', `pubmail` = %d WHERE `uid` = %d", - DBA::escape($mail_server), - intval($mail_port), - DBA::escape($mail_ssl), - DBA::escape($mail_user), - intval($mail_action), - DBA::escape($mail_movetofolder), - DBA::escape($mail_replyto), - intval($mail_pubmail), - intval(local_user()) - ); - Logger::notice('updating mailaccount', ['response' => $r]); - $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", - intval(local_user()) - ); - if (DBA::isResult($r)) { - $eacct = $r[0]; - $mb = Email::constructMailboxName($eacct); - if (strlen($eacct['server'])) { + $r = DBA::update('mailacct', [ + 'server' => $mail_server, + 'port' => $mail_port, + 'ssltype' => $mail_ssl, + 'user' => $mail_user, + `action` => $mail_action, + 'movetofolder' => $mail_movetofolder, + 'mailbox' => 'INBOX', + 'reply_to' => $mail_replyto, + 'pubmail' => $mail_pubmail + ], ['uid' => local_user()]); + + Logger::notice('updating mailaccount', ['response' => $r]); + $mailacct = DBA::selectFirst('mailacct', [], ['uid' => local_user()]); + if (DBA::isResult($mailacct)) { + $mb = Email::constructMailboxName($mailacct); + + if (strlen($mailacct['server'])) { $dcrpass = ''; - openssl_private_decrypt(hex2bin($eacct['pass']), $dcrpass, $user['prvkey']); + openssl_private_decrypt(hex2bin($mailacct['pass']), $dcrpass, $user['prvkey']); $mbox = Email::connect($mb, $mail_user, $dcrpass); unset($dcrpass); if (!$mbox) { - $failed = true; notice(DI::l10n()->t('Failed to connect with email account using the settings provided.')); } } @@ -510,22 +502,20 @@ function settings_content(App $a) $mail_disabled = ((function_exists('imap_open') && (!DI::config()->get('system', 'imap_disabled'))) ? 0 : 1); if (!$mail_disabled) { - $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", - local_user() - ); + $mailacct = DBA::selectFirst('mailacct', [], ['uid' => local_user()]); } else { - $r = null; + $mailacct = null; } - $mail_server = ((DBA::isResult($r)) ? $r[0]['server'] : ''); - $mail_port = ((DBA::isResult($r) && intval($r[0]['port'])) ? intval($r[0]['port']) : ''); - $mail_ssl = ((DBA::isResult($r)) ? $r[0]['ssltype'] : ''); - $mail_user = ((DBA::isResult($r)) ? $r[0]['user'] : ''); - $mail_replyto = ((DBA::isResult($r)) ? $r[0]['reply_to'] : ''); - $mail_pubmail = ((DBA::isResult($r)) ? $r[0]['pubmail'] : 0); - $mail_action = ((DBA::isResult($r)) ? $r[0]['action'] : 0); - $mail_movetofolder = ((DBA::isResult($r)) ? $r[0]['movetofolder'] : ''); - $mail_chk = ((DBA::isResult($r)) ? $r[0]['last_check'] : DBA::NULL_DATETIME); + $mail_server = $mailacct['server'] ?? ''; + $mail_port = (!empty($mailacct['port']) && is_numeric($mailacct['port'])) ? (int)$mailacct['port'] : ''; + $mail_ssl = $mailacct['ssltype'] ?? ''; + $mail_user = $mailacct['user'] ?? ''; + $mail_replyto = $mailacct['reply_to'] ?? ''; + $mail_pubmail = $mailacct['pubmail'] ?? 0; + $mail_action = $mailacct['action'] ?? 0; + $mail_movetofolder = $mailacct['movetofolder'] ?? ''; + $mail_chk = $mailacct['last_check'] ?? DBA::NULL_DATETIME; $tpl = Renderer::getMarkupTemplate('settings/connectors.tpl'); diff --git a/mod/uimport.php b/mod/uimport.php index c291247247..62bece5e3a 100644 --- a/mod/uimport.php +++ b/mod/uimport.php @@ -24,6 +24,7 @@ use Friendica\App; use Friendica\Core\Logger; use Friendica\Core\UserImport; use Friendica\Core\Renderer; +use Friendica\Database\DBA; use Friendica\DI; function uimport_post(App $a) @@ -48,9 +49,9 @@ function uimport_content(App $a) $max_dailies = intval(DI::config()->get('system', 'max_daily_registrations')); if ($max_dailies) { - $r = q("select count(*) as total from user where register_date > UTC_TIMESTAMP - INTERVAL 1 day"); - if ($r && $r[0]['total'] >= $max_dailies) { - Logger::log('max daily registrations exceeded.'); + $total = DBA::count('user', ["`register_date` > UTC_TIMESTAMP - INTERVAL 1 DAY"]); + if ($total >= $max_dailies) { + Logger::notice('max daily registrations exceeded.'); notice(DI::l10n()->t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.')); return; } diff --git a/mod/wall_upload.php b/mod/wall_upload.php index d935c6d327..100c948088 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -255,12 +255,8 @@ function wall_upload_post(App $a, $desktopmode = true) } if (!$desktopmode) { - $r = q("SELECT `id`, `datasize`, `width`, `height`, `type` FROM `photo` - WHERE `resource-id` = '%s' - ORDER BY `width` DESC LIMIT 1", - $resource_id - ); - if (!$r) { + $photo = Photo::selectFirst(['id', 'datasize', 'width', 'height', 'type'], ['resource-id' => $resource_id], ['order' => ['width']]); + if (!$photo) { if ($r_json) { echo json_encode(['error' => '']); exit(); @@ -269,11 +265,11 @@ function wall_upload_post(App $a, $desktopmode = true) } $picture = []; - $picture["id"] = $r[0]["id"]; - $picture["size"] = $r[0]["datasize"]; - $picture["width"] = $r[0]["width"]; - $picture["height"] = $r[0]["height"]; - $picture["type"] = $r[0]["type"]; + $picture["id"] = $photo["id"]; + $picture["size"] = $photo["datasize"]; + $picture["width"] = $photo["width"]; + $picture["height"] = $photo["height"]; + $picture["type"] = $photo["type"]; $picture["albumpage"] = DI::baseUrl() . '/photos/' . $page_owner_nick . '/image/' . $resource_id; $picture["picture"] = DI::baseUrl() . "/photo/{$resource_id}-0." . $Image->getExt(); $picture["preview"] = DI::baseUrl() . "/photo/{$resource_id}-{$smallest}." . $Image->getExt(); diff --git a/mod/wallmessage.php b/mod/wallmessage.php index cf1bca9cb9..6e0ea0caf2 100644 --- a/mod/wallmessage.php +++ b/mod/wallmessage.php @@ -26,6 +26,7 @@ use Friendica\Database\DBA; use Friendica\DI; use Friendica\Model\Mail; use Friendica\Model\Profile; +use Friendica\Model\User; use Friendica\Util\Strings; function wallmessage_post(App $a) { @@ -44,27 +45,19 @@ function wallmessage_post(App $a) { return; } - $r = q("select * from user where nickname = '%s' limit 1", - DBA::escape($recipient) - ); - - if (! DBA::isResult($r)) { - Logger::log('wallmessage: no recipient'); + $user = User::getByNickname($recipient); + if (empty($r)) { + Logger::notice('wallmessage: no recipient'); return; } - $user = $r[0]; - - if (! intval($user['unkmail'])) { + if (!$user['unkmail']) { notice(DI::l10n()->t('Permission denied.')); return; } - $r = q("select count(*) as total from mail where uid = %d and created > UTC_TIMESTAMP() - INTERVAL 1 day and unknown = 1", - intval($user['uid']) - ); - - if ($r[0]['total'] > $user['cntunkmail']) { + $total = DBA::count('mail', ["`uid` = ? AND `created` > UTC_TIMESTAMP() - INTERVAL 1 DAY AND `unknown`", $user['uid']]); + if ($total > $user['cntunkmail']) { notice(DI::l10n()->t('Number of daily wall messages for %s exceeded. Message failed.', $user['username'])); return; } @@ -104,28 +97,21 @@ function wallmessage_content(App $a) { return; } - $r = q("select * from user where nickname = '%s' limit 1", - DBA::escape($recipient) - ); + $user = User::getByNickname($recipient); - if (! DBA::isResult($r)) { + if (empty($user)) { notice(DI::l10n()->t('No recipient.')); - Logger::log('wallmessage: no recipient'); + Logger::notice('wallmessage: no recipient'); return; } - $user = $r[0]; - - if (!intval($user['unkmail'])) { + if (!$user['unkmail']) { notice(DI::l10n()->t('Permission denied.')); return; } - $r = q("select count(*) as total from mail where uid = %d and created > UTC_TIMESTAMP() - INTERVAL 1 day and unknown = 1", - intval($user['uid']) - ); - - if ($r[0]['total'] > $user['cntunkmail']) { + $total = DBA::count('mail', ["`uid` = ? AND `created` > UTC_TIMESTAMP() - INTERVAL 1 DAY AND `unknown`", $user['uid']]); + if ($total > $user['cntunkmail']) { notice(DI::l10n()->t('Number of daily wall messages for %s exceeded. Message failed.', $user['username'])); return; } diff --git a/src/Model/FContact.php b/src/Model/FContact.php index 0fc4633275..1c5c186e69 100644 --- a/src/Model/FContact.php +++ b/src/Model/FContact.php @@ -121,14 +121,9 @@ class FContact { Logger::info('fcontact', ['guid' => $fcontact_guid]); - $r = q( - "SELECT `url` FROM `fcontact` WHERE `url` != '' AND `network` = '%s' AND `guid` = '%s'", - DBA::escape(Protocol::DIASPORA), - DBA::escape($fcontact_guid) - ); - - if (DBA::isResult($r)) { - return $r[0]['url']; + $fcontact = DBA::selectFirst('fcontact', ['url'], ["`url` != ? AND `network` = ? AND `guid` = ?", '', Protocol::DIASPORA, $fcontact_guid]); + if (DBA::isResult($fcontact)) { + return $fcontact['url']; } return null; @@ -176,7 +171,7 @@ class FContact $suggest['body'] = $note; $hash = Strings::getRandomHex(); - $fields = ['uid' => $suggest['uid'], 'fid' => $fid, 'contact-id' => $suggest['cid'], + $fields = ['uid' => $suggest['uid'], 'fid' => $fid, 'contact-id' => $suggest['cid'], 'note' => $suggest['body'], 'hash' => $hash, 'datetime' => DateTimeFormat::utcNow(), 'blocked' => false]; DBA::insert('intro', $fields); diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index 53f7e752d6..6c692b21fd 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -37,6 +37,7 @@ use Friendica\Model\Item; use Friendica\Model\ItemURI; use Friendica\Model\Mail; use Friendica\Model\Notification; +use Friendica\Model\Photo; use Friendica\Model\Post; use Friendica\Model\Profile; use Friendica\Model\Tag; @@ -299,15 +300,12 @@ class DFRN DI::config()->set('system', 'site_pubkey', $res['pubkey']); } - $rp = q( - "SELECT `resource-id` , `scale`, type FROM `photo` - WHERE `profile` = 1 AND `uid` = %d ORDER BY scale;", - $uid - ); + $profilephotos = Photo::selectToArray(['resource-id' , 'scale'], ['profile' => true, 'uid' => $uid], ['order' => ['scale']]); + $photos = []; $ext = Images::supportedTypes(); - foreach ($rp as $p) { + foreach ($profilephotos as $p) { $photos[$p['scale']] = DI::baseUrl().'/photo/'.$p['resource-id'].'-'.$p['scale'].'.'.$ext[$p['type']]; } @@ -1379,19 +1377,13 @@ class DFRN } // update contact - $r = q( - "SELECT `photo`, `url` FROM `contact` WHERE `id` = %d AND `uid` = %d", - intval($importer["id"]), - intval($importer["importer_uid"]) - ); + $old = Contact::selectFirst(['photo', 'url'], ['id' => $importer["id"], 'uid' => $importer["importer_uid"]]); - if (!DBA::isResult($r)) { - Logger::log("Query failed to execute, no result returned in " . __FUNCTION__); + if (!DBA::isResult($old)) { + Logger::notice("Query failed to execute, no result returned in " . __FUNCTION__); return false; } - $old = $r[0]; - // Update the contact table. We try to find every entry. $fields = ['name' => $relocate["name"], 'avatar' => $relocate["avatar"], 'url' => $relocate["url"], 'nurl' => Strings::normaliseLink($relocate["url"]),