From 991e377e16a16841f0c17278237c43e1c353b711 Mon Sep 17 00:00:00 2001 From: veselcraft Date: Sun, 1 Nov 2020 04:17:04 -0500 Subject: [PATCH] fix bug with friends method when you can add non-existing or deleted users and yourself --- VKAPI/Handlers/Friends.php | 230 +++++++++++++++++++------------------ 1 file changed, 118 insertions(+), 112 deletions(-) diff --git a/VKAPI/Handlers/Friends.php b/VKAPI/Handlers/Friends.php index 31a9f6d9..c9125a47 100644 --- a/VKAPI/Handlers/Friends.php +++ b/VKAPI/Handlers/Friends.php @@ -6,149 +6,155 @@ use openvk\Web\Models\Repositories\Users as UsersRepo; final class Friends extends VKAPIRequestHandler { function get(int $user_id, string $fields = "", int $offset = 0, int $count = 100): object - { - $i = 0; - $offset++; - $friends = []; + { + $i = 0; + $offset++; + $friends = []; - $users = new UsersRepo; + $users = new UsersRepo; - $this->requireUser(); - - foreach ($users->get($user_id)->getFriends($offset, $count) as $friend) { - $friends[$i] = $friend->getId(); - $i++; - } + $this->requireUser(); + + foreach ($users->get($user_id)->getFriends($offset, $count) as $friend) { + $friends[$i] = $friend->getId(); + $i++; + } - $response = $friends; + $response = $friends; - $usersApi = new Users($this->getUser()); + $usersApi = new Users($this->getUser()); - if (!is_null($fields)) { - $response = $usersApi->get(implode(',', $friends), $fields, 0, $count, true); // FIXME - } + if (!is_null($fields)) { + $response = $usersApi->get(implode(',', $friends), $fields, 0, $count, true); // FIXME + } - return (object) [ - "count" => $users->get($user_id)->getFriendsCount(), - "items" => $response - ]; - } + return (object) [ + "count" => $users->get($user_id)->getFriendsCount(), + "items" => $response + ]; + } - function getLists(): object - { - $this->requireUser(); + function getLists(): object + { + $this->requireUser(); - return (object) [ - "count" => 0, - "items" => (array)[] - ]; - } + return (object) [ + "count" => 0, + "items" => (array)[] + ]; + } - function deleteList(): int - { - $this->requireUser(); + function deleteList(): int + { + $this->requireUser(); - return 1; - } + return 1; + } - function edit(): int - { - $this->requireUser(); + function edit(): int + { + $this->requireUser(); - return 1; - } + return 1; + } - function editList(): int - { - $this->requireUser(); + function editList(): int + { + $this->requireUser(); - return 1; - } + return 1; + } - function add(string $user_id): int - { - $this->requireUser(); + function add(string $user_id): int + { + $this->requireUser(); - $users = new UsersRepo; + $users = new UsersRepo; - $user = $users->get(intval($user_id)); + $user = $users->get(intval($user_id)); + + if(is_null($user)){ + $this->fail(177, "Cannot add this user to friends as user not found"); + } else if($user->getId() == $this->getUser()->getId()) { + $this->fail(174, "Cannot add user himself as friend"); + } - switch ($user->getSubscriptionStatus($this->getUser())) { - case 0: - $user->toggleSubscription($this->getUser()); - return 1; - break; + switch ($user->getSubscriptionStatus($this->getUser())) { + case 0: + $user->toggleSubscription($this->getUser()); + return 1; + break; - case 1: - $user->toggleSubscription($this->getUser()); - return 2; - break; + case 1: + $user->toggleSubscription($this->getUser()); + return 2; + break; - case 3: - return 2; - break; - - default: - return 1; - break; - } - } + case 3: + return 2; + break; + + default: + return 1; + break; + } + } - function delete(string $user_id): int - { - $this->requireUser(); + function delete(string $user_id): int + { + $this->requireUser(); - $users = new UsersRepo; + $users = new UsersRepo; - $user = $users->get(intval($user_id)); + $user = $users->get(intval($user_id)); - switch ($user->getSubscriptionStatus($this->getUser())) { - case 3: - $user->toggleSubscription($this->getUser()); - return 1; - break; - - default: - fail(15, "Access denied: No friend or friend request found."); - break; - } - } + switch ($user->getSubscriptionStatus($this->getUser())) { + case 3: + $user->toggleSubscription($this->getUser()); + return 1; + break; + + default: + fail(15, "Access denied: No friend or friend request found."); + break; + } + } - function areFriends(string $user_ids): array - { - $this->requireUser(); + function areFriends(string $user_ids): array + { + $this->requireUser(); - $users = new UsersRepo; + $users = new UsersRepo; - $friends = explode(',', $user_ids); + $friends = explode(',', $user_ids); - $response = []; + $response = []; - for ($i=0; $i < sizeof($friends); $i++) { - $friend = $users->get(intval($friends[$i])); + for ($i=0; $i < sizeof($friends); $i++) { + $friend = $users->get(intval($friends[$i])); - $status = 0; - switch ($friend->getSubscriptionStatus($this->getUser())) { - case 3: - case 0: - $status = $friend->getSubscriptionStatus($this->getUser()); - break; - - case 1: - $status = 2; - break; + $status = 0; + switch ($friend->getSubscriptionStatus($this->getUser())) { + case 3: + case 0: + $status = $friend->getSubscriptionStatus($this->getUser()); + break; + + case 1: + $status = 2; + break; - case 2: - $status = 1; - break; - } + case 2: + $status = 1; + break; + } - $response[] = (object)[ - "friend_status" => $friend->getSubscriptionStatus($this->getUser()), - "user_id" => $friend->getId() - ]; - } + $response[] = (object)[ + "friend_status" => $friend->getSubscriptionStatus($this->getUser()), + "user_id" => $friend->getId() + ]; + } - return $response; - } + return $response; + } } \ No newline at end of file