clones/friendica
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #10786 from annando/sanitize-addon-author 

Sanitize the addon author if it is not a valid URL but a handle
This commit is contained in:
Tobias Diekershoff 2021-10-01 15:30:30 +02:00 committed by GitHub
parent 5bcc6cca75 19d5987c9d
commit 3727be9d6c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Core/Addon.php
View File

@ -23,6 +23,7 @@ namespace Friendica\Core;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\DI; use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Util\Strings; use Friendica\Util\Strings;
/** /**
@ -257,6 +258,12 @@ class Addon
if ($type == "author" || $type == "maintainer") { if ($type == "author" || $type == "maintainer") {
$r = preg_match("|([^<]+)<([^>]+)>|", $v, $m); $r = preg_match("|([^<]+)<([^>]+)>|", $v, $m);
if ($r) { if ($r) {
if (!empty($m[2]) && empty(parse_url($m[2], PHP_URL_SCHEME))) {
$contact = Contact::getByURL($m[2], false);
if (!empty($contact['url'])) {
$m[2] = $contact['url'];
}
}
$info[$type][] = ['name' => $m[1], 'link' => $m[2]]; $info[$type][] = ['name' => $m[1], 'link' => $m[2]];
} else { } else {
$info[$type][] = ['name' => $v]; $info[$type][] = ['name' => $v];