parent
1ac32c622e
commit
4a667f640f
|
@ -84,8 +84,8 @@ function buffer_addon_admin(App $a, &$o)
|
||||||
|
|
||||||
function buffer_addon_admin_post(App $a)
|
function buffer_addon_admin_post(App $a)
|
||||||
{
|
{
|
||||||
$client_id = ((!empty($_POST['client_id'])) ? Strings::removeTags(trim($_POST['client_id'])) : '');
|
$client_id = ((!empty($_POST['client_id'])) ? Strings::escapeTags(trim($_POST['client_id'])) : '');
|
||||||
$client_secret = ((!empty($_POST['client_secret'])) ? Strings::removeTags(trim($_POST['client_secret'])) : '');
|
$client_secret = ((!empty($_POST['client_secret'])) ? Strings::escapeTags(trim($_POST['client_secret'])) : '');
|
||||||
|
|
||||||
Config::set('buffer', 'client_id' , $client_id);
|
Config::set('buffer', 'client_id' , $client_id);
|
||||||
Config::set('buffer', 'client_secret', $client_secret);
|
Config::set('buffer', 'client_secret', $client_secret);
|
||||||
|
|
|
@ -73,9 +73,9 @@ function forumdirectory_content(App $a)
|
||||||
Nav::setSelected('directory');
|
Nav::setSelected('directory');
|
||||||
|
|
||||||
if (!empty($a->data['search'])) {
|
if (!empty($a->data['search'])) {
|
||||||
$search = Strings::removeTags(trim($a->data['search']));
|
$search = Strings::escapeTags(trim($a->data['search']));
|
||||||
} else {
|
} else {
|
||||||
$search = ((!empty($_GET['search'])) ? Strings::removeTags(trim(rawurldecode($_GET['search']))) : '');
|
$search = ((!empty($_GET['search'])) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
|
||||||
}
|
}
|
||||||
|
|
||||||
$tpl = Renderer::getMarkupTemplate('directory_header.tpl');
|
$tpl = Renderer::getMarkupTemplate('directory_header.tpl');
|
||||||
|
|
|
@ -100,10 +100,10 @@ function geocoordinates_addon_admin(&$a, &$o)
|
||||||
|
|
||||||
function geocoordinates_addon_admin_post(&$a)
|
function geocoordinates_addon_admin_post(&$a)
|
||||||
{
|
{
|
||||||
$api_key = ((x($_POST, 'api_key')) ? Strings::removeTags(trim($_POST['api_key'])) : '');
|
$api_key = ((x($_POST, 'api_key')) ? Strings::escapeTags(trim($_POST['api_key'])) : '');
|
||||||
Config::set('geocoordinates', 'api_key', $api_key);
|
Config::set('geocoordinates', 'api_key', $api_key);
|
||||||
|
|
||||||
$language = ((x($_POST, 'language')) ? Strings::removeTags(trim($_POST['language'])) : '');
|
$language = ((x($_POST, 'language')) ? Strings::escapeTags(trim($_POST['language'])) : '');
|
||||||
Config::set('geocoordinates', 'language', $language);
|
Config::set('geocoordinates', 'language', $language);
|
||||||
info(L10n::t('Settings updated.'). EOL);
|
info(L10n::t('Settings updated.'). EOL);
|
||||||
}
|
}
|
||||||
|
|
|
@ -122,8 +122,8 @@ function gravatar_addon_admin (&$a, &$o) {
|
||||||
function gravatar_addon_admin_post (&$a) {
|
function gravatar_addon_admin_post (&$a) {
|
||||||
BaseModule::checkFormSecurityToken('gravatarsave');
|
BaseModule::checkFormSecurityToken('gravatarsave');
|
||||||
|
|
||||||
$default_avatar = ((x($_POST, 'avatar')) ? Strings::removeTags(trim($_POST['avatar'])) : 'identicon');
|
$default_avatar = ((x($_POST, 'avatar')) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon');
|
||||||
$rating = ((x($_POST, 'rating')) ? Strings::removeTags(trim($_POST['rating'])) : 'g');
|
$rating = ((x($_POST, 'rating')) ? Strings::escapeTags(trim($_POST['rating'])) : 'g');
|
||||||
Config::set('gravatar', 'default_avatar', $default_avatar);
|
Config::set('gravatar', 'default_avatar', $default_avatar);
|
||||||
Config::set('gravatar', 'rating', $rating);
|
Config::set('gravatar', 'rating', $rating);
|
||||||
info(L10n::t('Gravatar settings updated.') .EOL);
|
info(L10n::t('Gravatar settings updated.') .EOL);
|
||||||
|
|
|
@ -87,11 +87,11 @@ function impressum_show($a,&$b) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function impressum_addon_admin_post (&$a) {
|
function impressum_addon_admin_post (&$a) {
|
||||||
$owner = ((x($_POST, 'owner')) ? Strings::removeTags(trim($_POST['owner'])) : '');
|
$owner = ((x($_POST, 'owner')) ? Strings::escapeTags(trim($_POST['owner'])) : '');
|
||||||
$ownerprofile = ((x($_POST, 'ownerprofile')) ? Strings::removeTags(trim($_POST['ownerprofile'])) : '');
|
$ownerprofile = ((x($_POST, 'ownerprofile')) ? Strings::escapeTags(trim($_POST['ownerprofile'])) : '');
|
||||||
$postal = ((x($_POST, 'postal')) ? (trim($_POST['postal'])) : '');
|
$postal = ((x($_POST, 'postal')) ? (trim($_POST['postal'])) : '');
|
||||||
$notes = ((x($_POST, 'notes')) ? (trim($_POST['notes'])) : '');
|
$notes = ((x($_POST, 'notes')) ? (trim($_POST['notes'])) : '');
|
||||||
$email = ((x($_POST, 'email')) ? Strings::removeTags(trim($_POST['email'])) : '');
|
$email = ((x($_POST, 'email')) ? Strings::escapeTags(trim($_POST['email'])) : '');
|
||||||
$footer_text = ((x($_POST, 'footer_text')) ? (trim($_POST['footer_text'])) : '');
|
$footer_text = ((x($_POST, 'footer_text')) ? (trim($_POST['footer_text'])) : '');
|
||||||
Config::set('impressum','owner',strip_tags($owner));
|
Config::set('impressum','owner',strip_tags($owner));
|
||||||
Config::set('impressum','ownerprofile',strip_tags($ownerprofile));
|
Config::set('impressum','ownerprofile',strip_tags($ownerprofile));
|
||||||
|
|
|
@ -125,7 +125,7 @@ function libravatar_addon_admin_post(&$a)
|
||||||
{
|
{
|
||||||
BaseModule::checkFormSecurityToken('libravatarrsave');
|
BaseModule::checkFormSecurityToken('libravatarrsave');
|
||||||
|
|
||||||
$default_avatar = ((x($_POST, 'avatar')) ? Strings::removeTags(trim($_POST['avatar'])) : 'identicon');
|
$default_avatar = ((x($_POST, 'avatar')) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon');
|
||||||
Config::set('libravatar', 'default_avatar', $default_avatar);
|
Config::set('libravatar', 'default_avatar', $default_avatar);
|
||||||
info(L10n::t('Libravatar settings updated.') .EOL);
|
info(L10n::t('Libravatar settings updated.') .EOL);
|
||||||
}
|
}
|
||||||
|
|
|
@ -55,7 +55,7 @@ function newmemberwidget_network_mod_init ($a, $b)
|
||||||
function newmemberwidget_addon_admin_post(&$a)
|
function newmemberwidget_addon_admin_post(&$a)
|
||||||
{
|
{
|
||||||
$ft = ((x($_POST, 'freetext')) ? trim($_POST['freetext']) : "");
|
$ft = ((x($_POST, 'freetext')) ? trim($_POST['freetext']) : "");
|
||||||
$lsn = ((x($_POST, 'localsupportname')) ? Strings::removeTags(trim($_POST['localsupportname'])) : "");
|
$lsn = ((x($_POST, 'localsupportname')) ? Strings::escapeTags(trim($_POST['localsupportname'])) : "");
|
||||||
$gs = intval($_POST['linkglobalsupport']);
|
$gs = intval($_POST['linkglobalsupport']);
|
||||||
$ls = intval($_POST['linklocalsupport']);
|
$ls = intval($_POST['linklocalsupport']);
|
||||||
Config::set('newmemberwidget', 'freetext', trim($ft));
|
Config::set('newmemberwidget', 'freetext', trim($ft));
|
||||||
|
|
|
@ -177,7 +177,7 @@ function openstreetmap_generate_map(&$a, &$b)
|
||||||
$cardlink .= '?mlat=' . $lat . '&mlon=' . $lon;
|
$cardlink .= '?mlat=' . $lat . '&mlon=' . $lon;
|
||||||
}
|
}
|
||||||
|
|
||||||
$cardlink .= '#map=' . $zoom . '/' . $lat . '/' . $lon . '">' . ($b['location'] ? Strings::escapeTags($b['location']) : L10n::t('View Larger')) . '</a>';
|
$cardlink .= '#map=' . $zoom . '/' . $lat . '/' . $lon . '">' . ($b['location'] ? Strings::escapeHtml($b['location']) : L10n::t('View Larger')) . '</a>';
|
||||||
if (empty($b['mode'])) {
|
if (empty($b['mode'])) {
|
||||||
$b['html'] = '<iframe style="width:100%; height:300px; border:1px solid #ccc" src="' . $tmsserver .
|
$b['html'] = '<iframe style="width:100%; height:300px; border:1px solid #ccc" src="' . $tmsserver .
|
||||||
'/export/embed.html?bbox=' . ($lon - 0.01) . '%2C' . ($lat - 0.01) . '%2C' . ($lon + 0.01) . '%2C' . ($lat + 0.01) .
|
'/export/embed.html?bbox=' . ($lon - 0.01) . '%2C' . ($lat - 0.01) . '%2C' . ($lon + 0.01) . '%2C' . ($lat + 0.01) .
|
||||||
|
|
|
@ -108,7 +108,7 @@ function piwik_addon_admin (&$a, &$o) {
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
function piwik_addon_admin_post (&$a) {
|
function piwik_addon_admin_post (&$a) {
|
||||||
$url = ((x($_POST, 'baseurl')) ? Strings::removeTags(trim($_POST['baseurl'])) : '');
|
$url = ((x($_POST, 'baseurl')) ? Strings::escapeTags(trim($_POST['baseurl'])) : '');
|
||||||
$id = ((x($_POST, 'siteid')) ? trim($_POST['siteid']) : '');
|
$id = ((x($_POST, 'siteid')) ? trim($_POST['siteid']) : '');
|
||||||
$optout = ((x($_POST, 'optout')) ? trim($_POST['optout']) : '');
|
$optout = ((x($_POST, 'optout')) ? trim($_POST['optout']) : '');
|
||||||
$async = ((x($_POST, 'async')) ? trim($_POST['async']) : '');
|
$async = ((x($_POST, 'async')) ? trim($_POST['async']) : '');
|
||||||
|
|
|
@ -148,12 +148,12 @@ function public_server_login($a, $b)
|
||||||
function public_server_addon_admin_post(&$a)
|
function public_server_addon_admin_post(&$a)
|
||||||
{
|
{
|
||||||
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/addons/publicserver', 'publicserver');
|
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/addons/publicserver', 'publicserver');
|
||||||
$expiredays = (x($_POST, 'expiredays') ? Strings::removeTags(trim($_POST['expiredays'])) : '');
|
$expiredays = (x($_POST, 'expiredays') ? Strings::escapeTags(trim($_POST['expiredays'])) : '');
|
||||||
$expireposts = (x($_POST, 'expireposts') ? Strings::removeTags(trim($_POST['expireposts'])) : '');
|
$expireposts = (x($_POST, 'expireposts') ? Strings::escapeTags(trim($_POST['expireposts'])) : '');
|
||||||
$nologin = (x($_POST, 'nologin') ? Strings::removeTags(trim($_POST['nologin'])) : '');
|
$nologin = (x($_POST, 'nologin') ? Strings::escapeTags(trim($_POST['nologin'])) : '');
|
||||||
$flagusers = (x($_POST, 'flagusers') ? Strings::removeTags(trim($_POST['flagusers'])) : '');
|
$flagusers = (x($_POST, 'flagusers') ? Strings::escapeTags(trim($_POST['flagusers'])) : '');
|
||||||
$flagposts = (x($_POST, 'flagposts') ? Strings::removeTags(trim($_POST['flagposts'])) : '');
|
$flagposts = (x($_POST, 'flagposts') ? Strings::escapeTags(trim($_POST['flagposts'])) : '');
|
||||||
$flagpostsexpire = (x($_POST, 'flagpostsexpire') ? Strings::removeTags(trim($_POST['flagpostsexpire'])) : '');
|
$flagpostsexpire = (x($_POST, 'flagpostsexpire') ? Strings::escapeTags(trim($_POST['flagpostsexpire'])) : '');
|
||||||
Config::set('public_server', 'expiredays', $expiredays);
|
Config::set('public_server', 'expiredays', $expiredays);
|
||||||
Config::set('public_server', 'expireposts', $expireposts);
|
Config::set('public_server', 'expireposts', $expireposts);
|
||||||
Config::set('public_server', 'nologin', $nologin);
|
Config::set('public_server', 'nologin', $nologin);
|
||||||
|
|
|
@ -207,7 +207,7 @@ function remote_permissions_addon_admin(&$a, &$o){
|
||||||
}
|
}
|
||||||
|
|
||||||
function remote_permissions_addon_admin_post(&$a){
|
function remote_permissions_addon_admin_post(&$a){
|
||||||
$choice = ((x($_POST,'remotepermschoice')) ? Strings::removeTags(trim($_POST['remotepermschoice'])) : '');
|
$choice = ((x($_POST,'remotepermschoice')) ? Strings::escapeTags(trim($_POST['remotepermschoice'])) : '');
|
||||||
Config::set('remote_perms','global',($choice == 1 ? 1 : 0));
|
Config::set('remote_perms','global',($choice == 1 ? 1 : 0));
|
||||||
info(L10n::t('Settings updated.'). EOL);
|
info(L10n::t('Settings updated.'). EOL);
|
||||||
}
|
}
|
||||||
|
|
|
@ -624,7 +624,7 @@ function statusnet_addon_admin_post(App $a)
|
||||||
}
|
}
|
||||||
$secret = trim($_POST['secret'][$id]);
|
$secret = trim($_POST['secret'][$id]);
|
||||||
$key = trim($_POST['key'][$id]);
|
$key = trim($_POST['key'][$id]);
|
||||||
//$applicationname = ((x($_POST, 'applicationname')) ? Strings::removeTags(trim($_POST['applicationname'][$id])):'');
|
//$applicationname = ((x($_POST, 'applicationname')) ? Strings::escapeTags(trim($_POST['applicationname'][$id])):'');
|
||||||
if ($sitename != "" &&
|
if ($sitename != "" &&
|
||||||
$apiurl != "" &&
|
$apiurl != "" &&
|
||||||
$secret != "" &&
|
$secret != "" &&
|
||||||
|
|
|
@ -84,8 +84,8 @@ function tumblr_addon_admin(App $a, &$o)
|
||||||
|
|
||||||
function tumblr_addon_admin_post(App $a)
|
function tumblr_addon_admin_post(App $a)
|
||||||
{
|
{
|
||||||
$consumer_key = ((!empty($_POST['consumer_key'])) ? Strings::removeTags(trim($_POST['consumer_key'])) : '');
|
$consumer_key = ((!empty($_POST['consumer_key'])) ? Strings::escapeTags(trim($_POST['consumer_key'])) : '');
|
||||||
$consumer_secret = ((!empty($_POST['consumer_secret'])) ? Strings::removeTags(trim($_POST['consumer_secret'])): '');
|
$consumer_secret = ((!empty($_POST['consumer_secret'])) ? Strings::escapeTags(trim($_POST['consumer_secret'])): '');
|
||||||
|
|
||||||
Config::set('tumblr', 'consumer_key',$consumer_key);
|
Config::set('tumblr', 'consumer_key',$consumer_key);
|
||||||
Config::set('tumblr', 'consumer_secret',$consumer_secret);
|
Config::set('tumblr', 'consumer_secret',$consumer_secret);
|
||||||
|
|
|
@ -658,8 +658,8 @@ function twitter_post_hook(App $a, array &$b)
|
||||||
|
|
||||||
function twitter_addon_admin_post(App $a)
|
function twitter_addon_admin_post(App $a)
|
||||||
{
|
{
|
||||||
$consumerkey = x($_POST, 'consumerkey') ? Strings::removeTags(trim($_POST['consumerkey'])) : '';
|
$consumerkey = x($_POST, 'consumerkey') ? Strings::escapeTags(trim($_POST['consumerkey'])) : '';
|
||||||
$consumersecret = x($_POST, 'consumersecret') ? Strings::removeTags(trim($_POST['consumersecret'])) : '';
|
$consumersecret = x($_POST, 'consumersecret') ? Strings::escapeTags(trim($_POST['consumersecret'])) : '';
|
||||||
Config::set('twitter', 'consumerkey', $consumerkey);
|
Config::set('twitter', 'consumerkey', $consumerkey);
|
||||||
Config::set('twitter', 'consumersecret', $consumersecret);
|
Config::set('twitter', 'consumersecret', $consumersecret);
|
||||||
info(L10n::t('Settings updated.') . EOL);
|
info(L10n::t('Settings updated.') . EOL);
|
||||||
|
|
|
@ -33,7 +33,7 @@ function webrtc_addon_admin (&$a, &$o) {
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
function webrtc_addon_admin_post (&$a) {
|
function webrtc_addon_admin_post (&$a) {
|
||||||
$url = ((x($_POST, 'webrtcurl')) ? Strings::removeTags(trim($_POST['webrtcurl'])) : '');
|
$url = ((x($_POST, 'webrtcurl')) ? Strings::escapeTags(trim($_POST['webrtcurl'])) : '');
|
||||||
Config::set('webrtc', 'webrtcurl', $url);
|
Config::set('webrtc', 'webrtcurl', $url);
|
||||||
info(L10n::t('Settings updated.'). EOL);
|
info(L10n::t('Settings updated.'). EOL);
|
||||||
}
|
}
|
||||||
|
|
|
@ -150,7 +150,7 @@ function wppost_settings_post(&$a,&$b) {
|
||||||
PConfig::set(local_user(),'wppost','wp_blog',trim($_POST['wp_blog']));
|
PConfig::set(local_user(),'wppost','wp_blog',trim($_POST['wp_blog']));
|
||||||
PConfig::set(local_user(),'wppost','backlink',trim($_POST['wp_backlink']));
|
PConfig::set(local_user(),'wppost','backlink',trim($_POST['wp_backlink']));
|
||||||
PConfig::set(local_user(),'wppost','shortcheck',trim($_POST['wp_shortcheck']));
|
PConfig::set(local_user(),'wppost','shortcheck',trim($_POST['wp_shortcheck']));
|
||||||
$wp_backlink_text = Strings::removeTags(trim($_POST['wp_backlink_text']));
|
$wp_backlink_text = Strings::escapeTags(trim($_POST['wp_backlink_text']));
|
||||||
$wp_backlink_text = BBCode::convert($wp_backlink_text, false, 8);
|
$wp_backlink_text = BBCode::convert($wp_backlink_text, false, 8);
|
||||||
$wp_backlink_text = HTML::toPlaintext($wp_backlink_text, 0, true);
|
$wp_backlink_text = HTML::toPlaintext($wp_backlink_text, 0, true);
|
||||||
PConfig::set(local_user(),'wppost','wp_backlink_text', $wp_backlink_text);
|
PConfig::set(local_user(),'wppost','wp_backlink_text', $wp_backlink_text);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user