Merge pull request #1202 from annando/escapeTags

"escapeTags" is removed from the addons
This commit is contained in:
Philipp 2021-11-07 14:39:12 +01:00 committed by GitHub
commit a6d6edf322
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 31 additions and 40 deletions

View File

@ -17,7 +17,6 @@ use Friendica\Core\Renderer;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\DI; use Friendica\DI;
use Friendica\Util\Proxy as ProxyUtils; use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Util\Strings;
function buffer_install() function buffer_install()
{ {
@ -74,8 +73,8 @@ function buffer_addon_admin(App $a, &$o)
function buffer_addon_admin_post(App $a) function buffer_addon_admin_post(App $a)
{ {
$client_id = (!empty($_POST['client_id']) ? Strings::escapeTags(trim($_POST['client_id'])) : ''); $client_id = trim($_POST['client_id'] ?? '');
$client_secret = (!empty($_POST['client_secret']) ? Strings::escapeTags(trim($_POST['client_secret'])) : ''); $client_secret = trim($_POST['client_secret'] ?? '');
DI::config()->set('buffer', 'client_id' , $client_id); DI::config()->set('buffer', 'client_id' , $client_id);
DI::config()->set('buffer', 'client_secret', $client_secret); DI::config()->set('buffer', 'client_secret', $client_secret);

View File

@ -66,9 +66,9 @@ function forumdirectory_content(App $a)
Nav::setSelected('directory'); Nav::setSelected('directory');
if (!empty($forumdirectory_search)) { if (!empty($forumdirectory_search)) {
$search = Strings::escapeTags(trim($forumdirectory_search)); $search = trim($forumdirectory_search);
} else { } else {
$search = (!empty($_GET['search']) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : ''); $search = (!empty($_GET['search']) ? trim(rawurldecode($_GET['search'])) : '');
} }
$gdirpath = ''; $gdirpath = '';

View File

@ -10,7 +10,6 @@ use Friendica\Core\Hook;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\DI; use Friendica\DI;
use Friendica\Util\Strings;
function geocoordinates_install() function geocoordinates_install()
{ {
@ -91,9 +90,9 @@ function geocoordinates_addon_admin(&$a, &$o)
function geocoordinates_addon_admin_post(&$a) function geocoordinates_addon_admin_post(&$a)
{ {
$api_key = (!empty($_POST['api_key']) ? Strings::escapeTags(trim($_POST['api_key'])) : ''); $api_key = trim($_POST['api_key'] ?? '');
DI::config()->set('geocoordinates', 'api_key', $api_key); DI::config()->set('geocoordinates', 'api_key', $api_key);
$language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : ''); $language = trim($_POST['language'] ?? '');
DI::config()->set('geocoordinates', 'language', $language); DI::config()->set('geocoordinates', 'language', $language);
} }

View File

@ -108,8 +108,8 @@ function gravatar_addon_admin (&$a, &$o) {
function gravatar_addon_admin_post (&$a) { function gravatar_addon_admin_post (&$a) {
BaseModule::checkFormSecurityToken('gravatarsave'); BaseModule::checkFormSecurityToken('gravatarsave');
$default_avatar = (!empty($_POST['avatar']) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon'); $default_avatar = trim($_POST['avatar'] ?? 'identicon');
$rating = (!empty($_POST['rating']) ? Strings::escapeTags(trim($_POST['rating'])) : 'g'); $rating = trim($_POST['rating'] ?? 'g');
DI::config()->set('gravatar', 'default_avatar', $default_avatar); DI::config()->set('gravatar', 'default_avatar', $default_avatar);
DI::config()->set('gravatar', 'rating', $rating); DI::config()->set('gravatar', 'rating', $rating);
} }

View File

@ -14,7 +14,6 @@ use Friendica\Core\Renderer;
use Friendica\DI; use Friendica\DI;
use Friendica\Core\Config\Util\ConfigFileLoader; use Friendica\Core\Config\Util\ConfigFileLoader;
use Friendica\Util\Proxy as ProxyUtils; use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Util\Strings;
function impressum_install() { function impressum_install() {
Hook::register('load_config', 'addon/impressum/impressum.php', 'impressum_load_config'); Hook::register('load_config', 'addon/impressum/impressum.php', 'impressum_load_config');
@ -79,12 +78,12 @@ function impressum_show($a,&$b) {
} }
function impressum_addon_admin_post (&$a) { function impressum_addon_admin_post (&$a) {
$owner = (!empty($_POST['owner']) ? Strings::escapeTags(trim($_POST['owner'])) : ''); $owner = trim($_POST['owner'] ?? '');
$ownerprofile = (!empty($_POST['ownerprofile']) ? Strings::escapeTags(trim($_POST['ownerprofile'])) : ''); $ownerprofile = trim($_POST['ownerprofile'] ?? '');
$postal = (!empty($_POST['postal']) ? (trim($_POST['postal'])) : ''); $postal = trim($_POST['postal'] ?? '');
$notes = (!empty($_POST['notes']) ? (trim($_POST['notes'])) : ''); $notes = trim($_POST['notes'] ?? '');
$email = (!empty($_POST['email']) ? Strings::escapeTags(trim($_POST['email'])) : ''); $email = trim($_POST['email'] ?? '');
$footer_text = (!empty($_POST['footer_text']) ? (trim($_POST['footer_text'])) : ''); $footer_text = trim($_POST['footer_text'] ?? '');
DI::config()->set('impressum','owner',strip_tags($owner)); DI::config()->set('impressum','owner',strip_tags($owner));
DI::config()->set('impressum','ownerprofile',strip_tags($ownerprofile)); DI::config()->set('impressum','ownerprofile',strip_tags($ownerprofile));
DI::config()->set('impressum','postal',strip_tags($postal)); DI::config()->set('impressum','postal',strip_tags($postal));

View File

@ -13,7 +13,6 @@ use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\DI; use Friendica\DI;
use Friendica\Core\Config\Util\ConfigFileLoader; use Friendica\Core\Config\Util\ConfigFileLoader;
use Friendica\Util\Strings;
/** /**
* Installs the addon hook * Installs the addon hook
@ -90,6 +89,6 @@ function libravatar_addon_admin(&$a, &$o)
*/ */
function libravatar_addon_admin_post(&$a) function libravatar_addon_admin_post(&$a)
{ {
$default_avatar = (!empty($_POST['avatar']) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon'); $default_avatar = trim($_POST['avatar'] ?? 'identicon');
DI::config()->set('libravatar', 'default_avatar', $default_avatar); DI::config()->set('libravatar', 'default_avatar', $default_avatar);
} }

View File

@ -11,7 +11,6 @@ use Friendica\Core\Hook;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\DI; use Friendica\DI;
use Friendica\Util\Strings;
function newmemberwidget_install() function newmemberwidget_install()
{ {
@ -49,7 +48,7 @@ function newmemberwidget_network_mod_init ($a, $b)
function newmemberwidget_addon_admin_post(&$a) function newmemberwidget_addon_admin_post(&$a)
{ {
$ft = (!empty($_POST['freetext']) ? trim($_POST['freetext']) : ""); $ft = (!empty($_POST['freetext']) ? trim($_POST['freetext']) : "");
$lsn = (!empty($_POST['localsupportname']) ? Strings::escapeTags(trim($_POST['localsupportname'])) : ""); $lsn = trim($_POST['localsupportname'] ?? '');
$gs = intval($_POST['linkglobalsupport']); $gs = intval($_POST['linkglobalsupport']);
$ls = intval($_POST['linklocalsupport']); $ls = intval($_POST['linklocalsupport']);
DI::config()->set('newmemberwidget', 'freetext', trim($ft)); DI::config()->set('newmemberwidget', 'freetext', trim($ft));

View File

@ -36,7 +36,6 @@ use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\DI; use Friendica\DI;
use Friendica\Core\Config\Util\ConfigFileLoader; use Friendica\Core\Config\Util\ConfigFileLoader;
use Friendica\Util\Strings;
function piwik_install() { function piwik_install() {
Hook::register('load_config', 'addon/piwik/piwik.php', 'piwik_load_config'); Hook::register('load_config', 'addon/piwik/piwik.php', 'piwik_load_config');
@ -102,10 +101,10 @@ function piwik_addon_admin (&$a, &$o) {
]); ]);
} }
function piwik_addon_admin_post (&$a) { function piwik_addon_admin_post (&$a) {
$url = (!empty($_POST['baseurl']) ? Strings::escapeTags(trim($_POST['baseurl'])) : ''); $url = trim($_POST['baseurl'] ?? '');
$id = (!empty($_POST['siteid']) ? trim($_POST['siteid']) : ''); $id = trim($_POST['siteid'] ?? '');
$optout = (!empty($_POST['optout']) ? trim($_POST['optout']) : ''); $optout = trim($_POST['optout'] ?? '');
$async = (!empty($_POST['async']) ? trim($_POST['async']) : ''); $async = trim($_POST['async'] ?? '');
DI::config()->set('piwik', 'baseurl', $url); DI::config()->set('piwik', 'baseurl', $url);
DI::config()->set('piwik', 'siteid', $id); DI::config()->set('piwik', 'siteid', $id);
DI::config()->set('piwik', 'optout', $optout); DI::config()->set('piwik', 'optout', $optout);

View File

@ -17,7 +17,6 @@ use Friendica\Model\Notification;
use Friendica\Model\User; use Friendica\Model\User;
use Friendica\Core\Config\Util\ConfigFileLoader; use Friendica\Core\Config\Util\ConfigFileLoader;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
use Friendica\Util\Strings;
function public_server_install() function public_server_install()
{ {
@ -126,12 +125,12 @@ function public_server_login($a, $b)
function public_server_addon_admin_post(&$a) function public_server_addon_admin_post(&$a)
{ {
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/addons/publicserver', 'publicserver'); BaseModule::checkFormSecurityTokenRedirectOnError('/admin/addons/publicserver', 'publicserver');
$expiredays = (!empty($_POST['expiredays']) ? Strings::escapeTags(trim($_POST['expiredays'])) : ''); $expiredays = trim($_POST['expiredays'] ?? '');
$expireposts = (!empty($_POST['expireposts']) ? Strings::escapeTags(trim($_POST['expireposts'])) : ''); $expireposts = trim($_POST['expireposts'] ?? '');
$nologin = (!empty($_POST['nologin']) ? Strings::escapeTags(trim($_POST['nologin'])) : ''); $nologin = trim($_POST['nologin'] ?? '');
$flagusers = (!empty($_POST['flagusers']) ? Strings::escapeTags(trim($_POST['flagusers'])) : ''); $flagusers = trim($_POST['flagusers'] ?? '');
$flagposts = (!empty($_POST['flagposts']) ? Strings::escapeTags(trim($_POST['flagposts'])) : ''); $flagposts = trim($_POST['flagposts'] ?? '');
$flagpostsexpire = (!empty($_POST['flagpostsexpire']) ? Strings::escapeTags(trim($_POST['flagpostsexpire'])) : ''); $flagpostsexpire = trim($_POST['flagpostsexpire'] ?? '');
DI::config()->set('public_server', 'expiredays', $expiredays); DI::config()->set('public_server', 'expiredays', $expiredays);
DI::config()->set('public_server', 'expireposts', $expireposts); DI::config()->set('public_server', 'expireposts', $expireposts);
DI::config()->set('public_server', 'nologin', $nologin); DI::config()->set('public_server', 'nologin', $nologin);

View File

@ -18,7 +18,6 @@ use Friendica\Database\DBA;
use Friendica\DI; use Friendica\DI;
use Friendica\Model\Post; use Friendica\Model\Post;
use Friendica\Model\Tag; use Friendica\Model\Tag;
use Friendica\Util\Strings;
function tumblr_install() function tumblr_install()
{ {
@ -76,8 +75,8 @@ function tumblr_addon_admin(App $a, &$o)
function tumblr_addon_admin_post(App $a) function tumblr_addon_admin_post(App $a)
{ {
$consumer_key = (!empty($_POST['consumer_key']) ? Strings::escapeTags(trim($_POST['consumer_key'])) : ''); $consumer_key = trim($_POST['consumer_key'] ?? : '');
$consumer_secret = (!empty($_POST['consumer_secret']) ? Strings::escapeTags(trim($_POST['consumer_secret'])): ''); $consumer_secret = trim($_POST['consumer_secret'] ?? '');
DI::config()->set('tumblr', 'consumer_key',$consumer_key); DI::config()->set('tumblr', 'consumer_key',$consumer_key);
DI::config()->set('tumblr', 'consumer_secret',$consumer_secret); DI::config()->set('tumblr', 'consumer_secret',$consumer_secret);

View File

@ -791,8 +791,8 @@ function twitter_post_hook(App $a, array &$b)
function twitter_addon_admin_post(App $a) function twitter_addon_admin_post(App $a)
{ {
$consumerkey = !empty($_POST['consumerkey']) ? Strings::escapeTags(trim($_POST['consumerkey'])) : ''; $consumerkey = trim($_POST['consumerkey'] ?? : '');
$consumersecret = !empty($_POST['consumersecret']) ? Strings::escapeTags(trim($_POST['consumersecret'])) : ''; $consumersecret = trim($_POST['consumersecret'] ?? '');
DI::config()->set('twitter', 'consumerkey', $consumerkey); DI::config()->set('twitter', 'consumerkey', $consumerkey);
DI::config()->set('twitter', 'consumersecret', $consumersecret); DI::config()->set('twitter', 'consumersecret', $consumersecret);
} }

View File

@ -9,7 +9,6 @@
use Friendica\Core\Hook; use Friendica\Core\Hook;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\DI; use Friendica\DI;
use Friendica\Util\Strings;
function webrtc_install() { function webrtc_install() {
Hook::register('app_menu', 'addon/webrtc/webrtc.php', 'webrtc_app_menu'); Hook::register('app_menu', 'addon/webrtc/webrtc.php', 'webrtc_app_menu');
@ -27,7 +26,7 @@ function webrtc_addon_admin (&$a, &$o) {
]); ]);
} }
function webrtc_addon_admin_post (&$a) { function webrtc_addon_admin_post (&$a) {
$url = (!empty($_POST['webrtcurl']) ? Strings::escapeTags(trim($_POST['webrtcurl'])) : ''); $url = trim($_POST['webrtcurl'] ?? '');
DI::config()->set('webrtc', 'webrtcurl', $url); DI::config()->set('webrtc', 'webrtcurl', $url);
} }