parent
991f259ecb
commit
a0f65ca7a1
|
@ -26,6 +26,7 @@ use Friendica\Object\Thread;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Proxy as ProxyUtils;
|
use Friendica\Util\Proxy as ProxyUtils;
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
use Friendica\Util\Crypto;
|
use Friendica\Util\Crypto;
|
||||||
|
|
||||||
|
@ -482,7 +483,7 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
|
||||||
if (!$update) {
|
if (!$update) {
|
||||||
$tab = 'posts';
|
$tab = 'posts';
|
||||||
if (x($_GET, 'tab')) {
|
if (x($_GET, 'tab')) {
|
||||||
$tab = notags(trim($_GET['tab']));
|
$tab = Strings::removeTags(trim($_GET['tab']));
|
||||||
}
|
}
|
||||||
if ($tab === 'posts') {
|
if ($tab === 'posts') {
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -26,6 +26,7 @@ use Friendica\Util\Proxy as ProxyUtils;
|
||||||
use Friendica\Core\Logger;
|
use Friendica\Core\Logger;
|
||||||
use Friendica\Core\Renderer;
|
use Friendica\Core\Renderer;
|
||||||
use Friendica\Model\FileTag;
|
use Friendica\Model\FileTag;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
use Friendica\Content\Text\HTML;
|
use Friendica\Content\Text\HTML;
|
||||||
|
|
||||||
|
@ -61,7 +62,7 @@ function expand_acl($s) {
|
||||||
*/
|
*/
|
||||||
function sanitise_acl(&$item) {
|
function sanitise_acl(&$item) {
|
||||||
if (intval($item)) {
|
if (intval($item)) {
|
||||||
$item = '<' . intval(notags(trim($item))) . '>';
|
$item = '<' . intval(Strings::removeTags(trim($item))) . '>';
|
||||||
} else {
|
} else {
|
||||||
unset($item);
|
unset($item);
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,6 +12,7 @@ use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Contact;
|
use Friendica\Model\Contact;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
use Friendica\Util\Proxy as ProxyUtils;
|
use Friendica\Util\Proxy as ProxyUtils;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
require_once 'include/dba.php';
|
require_once 'include/dba.php';
|
||||||
|
|
||||||
|
@ -188,7 +189,7 @@ function acl_content(App $a)
|
||||||
);
|
);
|
||||||
} elseif ($type == 'x') {
|
} elseif ($type == 'x') {
|
||||||
// autocomplete for global contact search (e.g. navbar search)
|
// autocomplete for global contact search (e.g. navbar search)
|
||||||
$search = notags(trim($_REQUEST['search']));
|
$search = Strings::removeTags(trim($_REQUEST['search']));
|
||||||
$mode = $_REQUEST['smode'];
|
$mode = $_REQUEST['smode'];
|
||||||
|
|
||||||
$r = ACL::contactAutocomplete($search, $mode);
|
$r = ACL::contactAutocomplete($search, $mode);
|
||||||
|
|
|
@ -30,6 +30,7 @@ use Friendica\Module\Tos;
|
||||||
use Friendica\Util\Arrays;
|
use Friendica\Util\Arrays;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
|
||||||
require_once 'include/enotify.php';
|
require_once 'include/enotify.php';
|
||||||
|
@ -416,8 +417,8 @@ function admin_page_blocklist_post(App $a)
|
||||||
// Add new item to blocklist
|
// Add new item to blocklist
|
||||||
$blocklist = Config::get('system', 'blocklist');
|
$blocklist = Config::get('system', 'blocklist');
|
||||||
$blocklist[] = [
|
$blocklist[] = [
|
||||||
'domain' => notags(trim($_POST['newentry_domain'])),
|
'domain' => Strings::removeTags(trim($_POST['newentry_domain'])),
|
||||||
'reason' => notags(trim($_POST['newentry_reason']))
|
'reason' => Strings::removeTags(trim($_POST['newentry_reason']))
|
||||||
];
|
];
|
||||||
Config::set('system', 'blocklist', $blocklist);
|
Config::set('system', 'blocklist', $blocklist);
|
||||||
info(L10n::t('Server added to blocklist.') . EOL);
|
info(L10n::t('Server added to blocklist.') . EOL);
|
||||||
|
@ -426,8 +427,8 @@ function admin_page_blocklist_post(App $a)
|
||||||
$blocklist = [];
|
$blocklist = [];
|
||||||
foreach ($_POST['domain'] as $id => $domain) {
|
foreach ($_POST['domain'] as $id => $domain) {
|
||||||
// Trimming whitespaces as well as any lingering slashes
|
// Trimming whitespaces as well as any lingering slashes
|
||||||
$domain = notags(trim($domain, "\x00..\x1F/"));
|
$domain = Strings::removeTags(trim($domain, "\x00..\x1F/"));
|
||||||
$reason = notags(trim($_POST['reason'][$id]));
|
$reason = Strings::removeTags(trim($_POST['reason'][$id]));
|
||||||
if (!x($_POST['delete'][$id])) {
|
if (!x($_POST['delete'][$id])) {
|
||||||
$blocklist[] = [
|
$blocklist[] = [
|
||||||
'domain' => $domain,
|
'domain' => $domain,
|
||||||
|
@ -565,7 +566,7 @@ function admin_page_deleteitem_post(App $a)
|
||||||
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/deleteitem/', 'admin_deleteitem');
|
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/deleteitem/', 'admin_deleteitem');
|
||||||
|
|
||||||
if (x($_POST['page_deleteitem_submit'])) {
|
if (x($_POST['page_deleteitem_submit'])) {
|
||||||
$guid = trim(notags($_POST['deleteitemguid']));
|
$guid = trim(Strings::removeTags($_POST['deleteitemguid']));
|
||||||
// The GUID should not include a "/", so if there is one, we got an URL
|
// The GUID should not include a "/", so if there is one, we got an URL
|
||||||
// and the last part of it is most likely the GUID.
|
// and the last part of it is most likely the GUID.
|
||||||
if (strpos($guid, '/')) {
|
if (strpos($guid, '/')) {
|
||||||
|
@ -1048,16 +1049,16 @@ function admin_page_site_post(App $a)
|
||||||
}
|
}
|
||||||
// end relocate
|
// end relocate
|
||||||
|
|
||||||
$sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : '');
|
$sitename = ((x($_POST,'sitename')) ? Strings::removeTags(trim($_POST['sitename'])) : '');
|
||||||
$hostname = ((x($_POST,'hostname')) ? notags(trim($_POST['hostname'])) : '');
|
$hostname = ((x($_POST,'hostname')) ? Strings::removeTags(trim($_POST['hostname'])) : '');
|
||||||
$sender_email = ((x($_POST,'sender_email')) ? notags(trim($_POST['sender_email'])) : '');
|
$sender_email = ((x($_POST,'sender_email')) ? Strings::removeTags(trim($_POST['sender_email'])) : '');
|
||||||
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
|
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
|
||||||
$shortcut_icon = ((x($_POST,'shortcut_icon')) ? notags(trim($_POST['shortcut_icon'])) : '');
|
$shortcut_icon = ((x($_POST,'shortcut_icon')) ? Strings::removeTags(trim($_POST['shortcut_icon'])) : '');
|
||||||
$touch_icon = ((x($_POST,'touch_icon')) ? notags(trim($_POST['touch_icon'])) : '');
|
$touch_icon = ((x($_POST,'touch_icon')) ? Strings::removeTags(trim($_POST['touch_icon'])) : '');
|
||||||
$info = ((x($_POST,'info')) ? trim($_POST['info']) : false);
|
$info = ((x($_POST,'info')) ? trim($_POST['info']) : false);
|
||||||
$language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : '');
|
$language = ((x($_POST,'language')) ? Strings::removeTags(trim($_POST['language'])) : '');
|
||||||
$theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : '');
|
$theme = ((x($_POST,'theme')) ? Strings::removeTags(trim($_POST['theme'])) : '');
|
||||||
$theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : '');
|
$theme_mobile = ((x($_POST,'theme_mobile')) ? Strings::removeTags(trim($_POST['theme_mobile'])) : '');
|
||||||
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
|
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
|
||||||
$maximagelength = ((x($_POST,'maximagelength')) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH);
|
$maximagelength = ((x($_POST,'maximagelength')) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH);
|
||||||
$jpegimagequality = ((x($_POST,'jpegimagequality')) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY);
|
$jpegimagequality = ((x($_POST,'jpegimagequality')) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY);
|
||||||
|
@ -1069,14 +1070,14 @@ function admin_page_site_post(App $a)
|
||||||
|
|
||||||
$register_text = ((x($_POST,'register_text')) ? strip_tags(trim($_POST['register_text'])) : '');
|
$register_text = ((x($_POST,'register_text')) ? strip_tags(trim($_POST['register_text'])) : '');
|
||||||
|
|
||||||
$allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
|
$allowed_sites = ((x($_POST,'allowed_sites')) ? Strings::removeTags(trim($_POST['allowed_sites'])) : '');
|
||||||
$allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : '');
|
$allowed_email = ((x($_POST,'allowed_email')) ? Strings::removeTags(trim($_POST['allowed_email'])) : '');
|
||||||
$forbidden_nicknames = ((x($_POST,'forbidden_nicknames')) ? strtolower(notags(trim($_POST['forbidden_nicknames']))) : '');
|
$forbidden_nicknames = ((x($_POST,'forbidden_nicknames')) ? strtolower(Strings::removeTags(trim($_POST['forbidden_nicknames']))) : '');
|
||||||
$no_oembed_rich_content = x($_POST,'no_oembed_rich_content');
|
$no_oembed_rich_content = x($_POST,'no_oembed_rich_content');
|
||||||
$allowed_oembed = ((x($_POST,'allowed_oembed')) ? notags(trim($_POST['allowed_oembed'])) : '');
|
$allowed_oembed = ((x($_POST,'allowed_oembed')) ? Strings::removeTags(trim($_POST['allowed_oembed'])) : '');
|
||||||
$block_public = ((x($_POST,'block_public')) ? True : False);
|
$block_public = ((x($_POST,'block_public')) ? True : False);
|
||||||
$force_publish = ((x($_POST,'publish_all')) ? True : False);
|
$force_publish = ((x($_POST,'publish_all')) ? True : False);
|
||||||
$global_directory = ((x($_POST,'directory')) ? notags(trim($_POST['directory'])) : '');
|
$global_directory = ((x($_POST,'directory')) ? Strings::removeTags(trim($_POST['directory'])) : '');
|
||||||
$newuser_private = ((x($_POST,'newuser_private')) ? True : False);
|
$newuser_private = ((x($_POST,'newuser_private')) ? True : False);
|
||||||
$enotify_no_content = ((x($_POST,'enotify_no_content')) ? True : False);
|
$enotify_no_content = ((x($_POST,'enotify_no_content')) ? True : False);
|
||||||
$private_addons = ((x($_POST,'private_addons')) ? True : False);
|
$private_addons = ((x($_POST,'private_addons')) ? True : False);
|
||||||
|
@ -1091,8 +1092,8 @@ function admin_page_site_post(App $a)
|
||||||
$max_author_posts_community_page = ((x($_POST,'max_author_posts_community_page')) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
|
$max_author_posts_community_page = ((x($_POST,'max_author_posts_community_page')) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
|
||||||
|
|
||||||
$verifyssl = ((x($_POST,'verifyssl')) ? True : False);
|
$verifyssl = ((x($_POST,'verifyssl')) ? True : False);
|
||||||
$proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : '');
|
$proxyuser = ((x($_POST,'proxyuser')) ? Strings::removeTags(trim($_POST['proxyuser'])) : '');
|
||||||
$proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : '');
|
$proxy = ((x($_POST,'proxy')) ? Strings::removeTags(trim($_POST['proxy'])) : '');
|
||||||
$timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
|
$timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
|
||||||
$maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50);
|
$maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50);
|
||||||
$maxloadavg_frontend = ((x($_POST,'maxloadavg_frontend')) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
|
$maxloadavg_frontend = ((x($_POST,'maxloadavg_frontend')) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
|
||||||
|
@ -1116,16 +1117,16 @@ function admin_page_site_post(App $a)
|
||||||
$dbclean_expire_days = ((x($_POST,'dbclean_expire_days')) ? intval($_POST['dbclean_expire_days']) : 0);
|
$dbclean_expire_days = ((x($_POST,'dbclean_expire_days')) ? intval($_POST['dbclean_expire_days']) : 0);
|
||||||
$dbclean_unclaimed = ((x($_POST,'dbclean_unclaimed')) ? intval($_POST['dbclean_unclaimed']) : 0);
|
$dbclean_unclaimed = ((x($_POST,'dbclean_unclaimed')) ? intval($_POST['dbclean_unclaimed']) : 0);
|
||||||
$suppress_tags = ((x($_POST,'suppress_tags')) ? True : False);
|
$suppress_tags = ((x($_POST,'suppress_tags')) ? True : False);
|
||||||
$itemcache = ((x($_POST,'itemcache')) ? notags(trim($_POST['itemcache'])) : '');
|
$itemcache = ((x($_POST,'itemcache')) ? Strings::removeTags(trim($_POST['itemcache'])) : '');
|
||||||
$itemcache_duration = ((x($_POST,'itemcache_duration')) ? intval($_POST['itemcache_duration']) : 0);
|
$itemcache_duration = ((x($_POST,'itemcache_duration')) ? intval($_POST['itemcache_duration']) : 0);
|
||||||
$max_comments = ((x($_POST,'max_comments')) ? intval($_POST['max_comments']) : 0);
|
$max_comments = ((x($_POST,'max_comments')) ? intval($_POST['max_comments']) : 0);
|
||||||
$temppath = ((x($_POST,'temppath')) ? notags(trim($_POST['temppath'])) : '');
|
$temppath = ((x($_POST,'temppath')) ? Strings::removeTags(trim($_POST['temppath'])) : '');
|
||||||
$basepath = ((x($_POST,'basepath')) ? notags(trim($_POST['basepath'])) : '');
|
$basepath = ((x($_POST,'basepath')) ? Strings::removeTags(trim($_POST['basepath'])) : '');
|
||||||
$singleuser = ((x($_POST,'singleuser')) ? notags(trim($_POST['singleuser'])) : '');
|
$singleuser = ((x($_POST,'singleuser')) ? Strings::removeTags(trim($_POST['singleuser'])) : '');
|
||||||
$proxy_disabled = ((x($_POST,'proxy_disabled')) ? True : False);
|
$proxy_disabled = ((x($_POST,'proxy_disabled')) ? True : False);
|
||||||
$only_tag_search = ((x($_POST,'only_tag_search')) ? True : False);
|
$only_tag_search = ((x($_POST,'only_tag_search')) ? True : False);
|
||||||
$rino = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
|
$rino = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
|
||||||
$check_new_version_url = ((x($_POST, 'check_new_version_url')) ? notags(trim($_POST['check_new_version_url'])) : 'none');
|
$check_new_version_url = ((x($_POST, 'check_new_version_url')) ? Strings::removeTags(trim($_POST['check_new_version_url'])) : 'none');
|
||||||
|
|
||||||
$worker_queues = ((x($_POST,'worker_queues')) ? intval($_POST['worker_queues']) : 10);
|
$worker_queues = ((x($_POST,'worker_queues')) ? intval($_POST['worker_queues']) : 10);
|
||||||
$worker_dont_fork = ((x($_POST,'worker_dont_fork')) ? True : False);
|
$worker_dont_fork = ((x($_POST,'worker_dont_fork')) ? True : False);
|
||||||
|
@ -1133,10 +1134,10 @@ function admin_page_site_post(App $a)
|
||||||
$worker_frontend = ((x($_POST,'worker_frontend')) ? True : False);
|
$worker_frontend = ((x($_POST,'worker_frontend')) ? True : False);
|
||||||
|
|
||||||
$relay_directly = ((x($_POST,'relay_directly')) ? True : False);
|
$relay_directly = ((x($_POST,'relay_directly')) ? True : False);
|
||||||
$relay_server = ((x($_POST,'relay_server')) ? notags(trim($_POST['relay_server'])) : '');
|
$relay_server = ((x($_POST,'relay_server')) ? Strings::removeTags(trim($_POST['relay_server'])) : '');
|
||||||
$relay_subscribe = ((x($_POST,'relay_subscribe')) ? True : False);
|
$relay_subscribe = ((x($_POST,'relay_subscribe')) ? True : False);
|
||||||
$relay_scope = ((x($_POST,'relay_scope')) ? notags(trim($_POST['relay_scope'])) : '');
|
$relay_scope = ((x($_POST,'relay_scope')) ? Strings::removeTags(trim($_POST['relay_scope'])) : '');
|
||||||
$relay_server_tags = ((x($_POST,'relay_server_tags')) ? notags(trim($_POST['relay_server_tags'])) : '');
|
$relay_server_tags = ((x($_POST,'relay_server_tags')) ? Strings::removeTags(trim($_POST['relay_server_tags'])) : '');
|
||||||
$relay_user_tags = ((x($_POST,'relay_user_tags')) ? True : False);
|
$relay_user_tags = ((x($_POST,'relay_user_tags')) ? True : False);
|
||||||
|
|
||||||
// Has the directory url changed? If yes, then resubmit the existing profiles there
|
// Has the directory url changed? If yes, then resubmit the existing profiles there
|
||||||
|
@ -2370,7 +2371,7 @@ function admin_page_logs_post(App $a)
|
||||||
if (x($_POST, "page_logs")) {
|
if (x($_POST, "page_logs")) {
|
||||||
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/logs', 'admin_logs');
|
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/logs', 'admin_logs');
|
||||||
|
|
||||||
$logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : '');
|
$logfile = ((x($_POST,'logfile')) ? Strings::removeTags(trim($_POST['logfile'])) : '');
|
||||||
$debugging = ((x($_POST,'debugging')) ? true : false);
|
$debugging = ((x($_POST,'debugging')) ? true : false);
|
||||||
$loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0);
|
$loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0);
|
||||||
|
|
||||||
|
|
|
@ -85,7 +85,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
|
||||||
$cid = 0;
|
$cid = 0;
|
||||||
$hidden = intval(defaults($handsfree, 'hidden' , 0));
|
$hidden = intval(defaults($handsfree, 'hidden' , 0));
|
||||||
} else {
|
} else {
|
||||||
$dfrn_id = notags(trim(defaults($_POST, 'dfrn_id' , '')));
|
$dfrn_id = Strings::removeTags(trim(defaults($_POST, 'dfrn_id' , '')));
|
||||||
$intro_id = intval(defaults($_POST, 'intro_id' , 0));
|
$intro_id = intval(defaults($_POST, 'intro_id' , 0));
|
||||||
$duplex = intval(defaults($_POST, 'duplex' , 0));
|
$duplex = intval(defaults($_POST, 'duplex' , 0));
|
||||||
$cid = intval(defaults($_POST, 'contact_id', 0));
|
$cid = intval(defaults($_POST, 'contact_id', 0));
|
||||||
|
|
|
@ -39,15 +39,15 @@ function dfrn_notify_post(App $a) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$dfrn_id = ((x($_POST,'dfrn_id')) ? notags(trim($_POST['dfrn_id'])) : '');
|
$dfrn_id = ((x($_POST,'dfrn_id')) ? Strings::removeTags(trim($_POST['dfrn_id'])) : '');
|
||||||
$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
|
$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
|
||||||
$challenge = ((x($_POST,'challenge')) ? notags(trim($_POST['challenge'])) : '');
|
$challenge = ((x($_POST,'challenge')) ? Strings::removeTags(trim($_POST['challenge'])) : '');
|
||||||
$data = ((x($_POST,'data')) ? $_POST['data'] : '');
|
$data = ((x($_POST,'data')) ? $_POST['data'] : '');
|
||||||
$key = ((x($_POST,'key')) ? $_POST['key'] : '');
|
$key = ((x($_POST,'key')) ? $_POST['key'] : '');
|
||||||
$rino_remote = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
|
$rino_remote = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
|
||||||
$dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0);
|
$dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0);
|
||||||
$perm = ((x($_POST,'perm')) ? notags(trim($_POST['perm'])) : 'r');
|
$perm = ((x($_POST,'perm')) ? Strings::removeTags(trim($_POST['perm'])) : 'r');
|
||||||
$ssl_policy = ((x($_POST,'ssl_policy')) ? notags(trim($_POST['ssl_policy'])): 'none');
|
$ssl_policy = ((x($_POST,'ssl_policy')) ? Strings::removeTags(trim($_POST['ssl_policy'])): 'none');
|
||||||
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0);
|
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0);
|
||||||
|
|
||||||
$forum = (($page == 1) ? 1 : 0);
|
$forum = (($page == 1) ? 1 : 0);
|
||||||
|
@ -254,7 +254,7 @@ function dfrn_notify_content(App $a) {
|
||||||
* If this is a duplex communication, ours will be the opposite.
|
* If this is a duplex communication, ours will be the opposite.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
$dfrn_id = notags(trim($_GET['dfrn_id']));
|
$dfrn_id = Strings::removeTags(trim($_GET['dfrn_id']));
|
||||||
$dfrn_version = (float) $_GET['dfrn_version'];
|
$dfrn_version = (float) $_GET['dfrn_version'];
|
||||||
$rino_remote = ((x($_GET,'rino')) ? intval($_GET['rino']) : 0);
|
$rino_remote = ((x($_GET,'rino')) ? intval($_GET['rino']) : 0);
|
||||||
$type = "";
|
$type = "";
|
||||||
|
|
|
@ -76,7 +76,7 @@ function dfrn_request_post(App $a)
|
||||||
if ((x($_POST, 'localconfirm')) && ($_POST['localconfirm'] == 1)) {
|
if ((x($_POST, 'localconfirm')) && ($_POST['localconfirm'] == 1)) {
|
||||||
// Ensure this is a valid request
|
// Ensure this is a valid request
|
||||||
if (local_user() && ($a->user['nickname'] == $a->argv[1]) && (x($_POST, 'dfrn_url'))) {
|
if (local_user() && ($a->user['nickname'] == $a->argv[1]) && (x($_POST, 'dfrn_url'))) {
|
||||||
$dfrn_url = notags(trim($_POST['dfrn_url']));
|
$dfrn_url = Strings::removeTags(trim($_POST['dfrn_url']));
|
||||||
$aes_allow = (((x($_POST, 'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0);
|
$aes_allow = (((x($_POST, 'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0);
|
||||||
$confirm_key = ((x($_POST, 'confirm_key')) ? $_POST['confirm_key'] : "");
|
$confirm_key = ((x($_POST, 'confirm_key')) ? $_POST['confirm_key'] : "");
|
||||||
$hidden = ((x($_POST, 'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
|
$hidden = ((x($_POST, 'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
|
||||||
|
@ -270,7 +270,7 @@ function dfrn_request_post(App $a)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$real_name = x($_POST, 'realname') ? notags(trim($_POST['realname'])) : '';
|
$real_name = x($_POST, 'realname') ? Strings::removeTags(trim($_POST['realname'])) : '';
|
||||||
|
|
||||||
$url = trim($_POST['dfrn_url']);
|
$url = trim($_POST['dfrn_url']);
|
||||||
if (!strlen($url)) {
|
if (!strlen($url)) {
|
||||||
|
@ -424,7 +424,7 @@ function dfrn_request_post(App $a)
|
||||||
intval($uid),
|
intval($uid),
|
||||||
intval($contact_record['id']),
|
intval($contact_record['id']),
|
||||||
((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0),
|
((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0),
|
||||||
DBA::escape(notags(trim(defaults($_POST, 'dfrn-request-message', '')))),
|
DBA::escape(Strings::removeTags(trim(defaults($_POST, 'dfrn-request-message', '')))),
|
||||||
DBA::escape($hash),
|
DBA::escape($hash),
|
||||||
DBA::escape(DateTimeFormat::utcNow())
|
DBA::escape(DateTimeFormat::utcNow())
|
||||||
);
|
);
|
||||||
|
@ -498,7 +498,7 @@ function dfrn_request_content(App $a)
|
||||||
return Login::form();
|
return Login::form();
|
||||||
}
|
}
|
||||||
|
|
||||||
$dfrn_url = notags(trim(hex2bin($_GET['dfrn_url'])));
|
$dfrn_url = Strings::removeTags(trim(hex2bin($_GET['dfrn_url'])));
|
||||||
$aes_allow = x($_GET, 'aes_allow') && $_GET['aes_allow'] == 1 ? 1 : 0;
|
$aes_allow = x($_GET, 'aes_allow') && $_GET['aes_allow'] == 1 ? 1 : 0;
|
||||||
$confirm_key = x($_GET, 'confirm_key') ? $_GET['confirm_key'] : "";
|
$confirm_key = x($_GET, 'confirm_key') ? $_GET['confirm_key'] : "";
|
||||||
|
|
||||||
|
|
|
@ -15,6 +15,7 @@ use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Contact;
|
use Friendica\Model\Contact;
|
||||||
use Friendica\Model\Profile;
|
use Friendica\Model\Profile;
|
||||||
use Friendica\Util\Proxy as ProxyUtils;
|
use Friendica\Util\Proxy as ProxyUtils;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function directory_init(App $a)
|
function directory_init(App $a)
|
||||||
{
|
{
|
||||||
|
@ -47,9 +48,9 @@ function directory_content(App $a)
|
||||||
Nav::setSelected('directory');
|
Nav::setSelected('directory');
|
||||||
|
|
||||||
if (x($a->data, 'search')) {
|
if (x($a->data, 'search')) {
|
||||||
$search = notags(trim($a->data['search']));
|
$search = Strings::removeTags(trim($a->data['search']));
|
||||||
} else {
|
} else {
|
||||||
$search = ((x($_GET, 'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
|
$search = ((x($_GET, 'search')) ? Strings::removeTags(trim(rawurldecode($_GET['search']))) : '');
|
||||||
}
|
}
|
||||||
|
|
||||||
$gdirpath = '';
|
$gdirpath = '';
|
||||||
|
|
|
@ -20,6 +20,7 @@ use Friendica\Network\Probe;
|
||||||
use Friendica\Protocol\PortableContact;
|
use Friendica\Protocol\PortableContact;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
use Friendica\Util\Proxy as ProxyUtils;
|
use Friendica\Util\Proxy as ProxyUtils;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
|
|
||||||
function dirfind_init(App $a) {
|
function dirfind_init(App $a) {
|
||||||
|
@ -45,7 +46,7 @@ function dirfind_content(App $a, $prefix = "") {
|
||||||
|
|
||||||
$local = Config::get('system','poco_local_search');
|
$local = Config::get('system','poco_local_search');
|
||||||
|
|
||||||
$search = $prefix.notags(trim(defaults($_REQUEST, 'search', '')));
|
$search = $prefix.Strings::removeTags(trim(defaults($_REQUEST, 'search', '')));
|
||||||
|
|
||||||
$header = '';
|
$header = '';
|
||||||
|
|
||||||
|
|
|
@ -13,6 +13,7 @@ use Friendica\Model\Profile;
|
||||||
use Friendica\Network\Probe;
|
use Friendica\Network\Probe;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Util\Proxy as ProxyUtils;
|
use Friendica\Util\Proxy as ProxyUtils;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function follow_post(App $a)
|
function follow_post(App $a)
|
||||||
{
|
{
|
||||||
|
@ -25,7 +26,7 @@ function follow_post(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
$uid = local_user();
|
$uid = local_user();
|
||||||
$url = notags(trim($_REQUEST['url']));
|
$url = Strings::removeTags(trim($_REQUEST['url']));
|
||||||
$return_path = 'contacts';
|
$return_path = 'contacts';
|
||||||
|
|
||||||
// Makes the connection request for friendica contacts easier
|
// Makes the connection request for friendica contacts easier
|
||||||
|
@ -60,7 +61,7 @@ function follow_content(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
$uid = local_user();
|
$uid = local_user();
|
||||||
$url = notags(trim($_REQUEST['url']));
|
$url = Strings::removeTags(trim($_REQUEST['url']));
|
||||||
|
|
||||||
$submit = L10n::t('Submit Request');
|
$submit = L10n::t('Submit Request');
|
||||||
|
|
||||||
|
|
|
@ -16,6 +16,7 @@ use Friendica\Database\DBA;
|
||||||
use Friendica\Model;
|
use Friendica\Model;
|
||||||
use Friendica\Module;
|
use Friendica\Module;
|
||||||
use Friendica\Util\Security;
|
use Friendica\Util\Security;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function group_init(App $a) {
|
function group_init(App $a) {
|
||||||
if (local_user()) {
|
if (local_user()) {
|
||||||
|
@ -33,7 +34,7 @@ function group_post(App $a) {
|
||||||
if (($a->argc == 2) && ($a->argv[1] === 'new')) {
|
if (($a->argc == 2) && ($a->argv[1] === 'new')) {
|
||||||
BaseModule::checkFormSecurityTokenRedirectOnError('/group/new', 'group_edit');
|
BaseModule::checkFormSecurityTokenRedirectOnError('/group/new', 'group_edit');
|
||||||
|
|
||||||
$name = notags(trim($_POST['groupname']));
|
$name = Strings::removeTags(trim($_POST['groupname']));
|
||||||
$r = Model\Group::create(local_user(), $name);
|
$r = Model\Group::create(local_user(), $name);
|
||||||
if ($r) {
|
if ($r) {
|
||||||
info(L10n::t('Group created.') . EOL);
|
info(L10n::t('Group created.') . EOL);
|
||||||
|
@ -61,7 +62,7 @@ function group_post(App $a) {
|
||||||
return; // NOTREACHED
|
return; // NOTREACHED
|
||||||
}
|
}
|
||||||
$group = $r[0];
|
$group = $r[0];
|
||||||
$groupname = notags(trim($_POST['groupname']));
|
$groupname = Strings::removeTags(trim($_POST['groupname']));
|
||||||
if (strlen($groupname) && ($groupname != $group['name'])) {
|
if (strlen($groupname) && ($groupname != $group['name'])) {
|
||||||
$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d",
|
$r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d",
|
||||||
DBA::escape($groupname),
|
DBA::escape($groupname),
|
||||||
|
|
|
@ -10,6 +10,7 @@ use Friendica\Core\Config;
|
||||||
use Friendica\Core\L10n;
|
use Friendica\Core\L10n;
|
||||||
use Friendica\Core\Renderer;
|
use Friendica\Core\Renderer;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function load_doc_file($s)
|
function load_doc_file($s)
|
||||||
{
|
{
|
||||||
|
@ -47,7 +48,7 @@ function help_content(App $a)
|
||||||
$title = basename($path);
|
$title = basename($path);
|
||||||
$filename = $path;
|
$filename = $path;
|
||||||
$text = load_doc_file('doc/' . $path . '.md');
|
$text = load_doc_file('doc/' . $path . '.md');
|
||||||
$a->page['title'] = L10n::t('Help:') . ' ' . str_replace('-', ' ', notags($title));
|
$a->page['title'] = L10n::t('Help:') . ' ' . str_replace('-', ' ', Strings::removeTags($title));
|
||||||
}
|
}
|
||||||
|
|
||||||
$home = load_doc_file('doc/Home.md');
|
$home = load_doc_file('doc/Home.md');
|
||||||
|
|
|
@ -17,6 +17,7 @@ use Friendica\Database\DBA;
|
||||||
use Friendica\Protocol\Email;
|
use Friendica\Protocol\Email;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Security;
|
use Friendica\Util\Security;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function invite_post(App $a)
|
function invite_post(App $a)
|
||||||
{
|
{
|
||||||
|
@ -40,7 +41,7 @@ function invite_post(App $a)
|
||||||
|
|
||||||
|
|
||||||
$recipients = !empty($_POST['recipients']) ? explode("\n", $_POST['recipients']) : [];
|
$recipients = !empty($_POST['recipients']) ? explode("\n", $_POST['recipients']) : [];
|
||||||
$message = !empty($_POST['message']) ? notags(trim($_POST['message'])) : '';
|
$message = !empty($_POST['message']) ? Strings::removeTags(trim($_POST['message'])) : '';
|
||||||
|
|
||||||
$total = 0;
|
$total = 0;
|
||||||
|
|
||||||
|
|
15
mod/item.php
15
mod/item.php
|
@ -36,6 +36,7 @@ use Friendica\Protocol\Email;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Emailer;
|
use Friendica\Util\Emailer;
|
||||||
use Friendica\Util\Security;
|
use Friendica\Util\Security;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
require_once 'include/enotify.php';
|
require_once 'include/enotify.php';
|
||||||
require_once 'include/text.php';
|
require_once 'include/text.php';
|
||||||
|
@ -203,7 +204,7 @@ function item_post(App $a) {
|
||||||
$objecttype = $orig_post['object-type'];
|
$objecttype = $orig_post['object-type'];
|
||||||
$app = $orig_post['app'];
|
$app = $orig_post['app'];
|
||||||
$categories = $orig_post['file'];
|
$categories = $orig_post['file'];
|
||||||
$title = notags(trim($_REQUEST['title']));
|
$title = Strings::removeTags(trim($_REQUEST['title']));
|
||||||
$body = escape_tags(trim($_REQUEST['body']));
|
$body = escape_tags(trim($_REQUEST['body']));
|
||||||
$private = $orig_post['private'];
|
$private = $orig_post['private'];
|
||||||
$pubmail_enabled = $orig_post['pubmail'];
|
$pubmail_enabled = $orig_post['pubmail'];
|
||||||
|
@ -235,13 +236,13 @@ function item_post(App $a) {
|
||||||
$str_contact_deny = perms2str(defaults($_REQUEST, 'contact_deny', ''));
|
$str_contact_deny = perms2str(defaults($_REQUEST, 'contact_deny', ''));
|
||||||
}
|
}
|
||||||
|
|
||||||
$title = notags(trim(defaults($_REQUEST, 'title' , '')));
|
$title = Strings::removeTags(trim(defaults($_REQUEST, 'title' , '')));
|
||||||
$location = notags(trim(defaults($_REQUEST, 'location', '')));
|
$location = Strings::removeTags(trim(defaults($_REQUEST, 'location', '')));
|
||||||
$coord = notags(trim(defaults($_REQUEST, 'coord' , '')));
|
$coord = Strings::removeTags(trim(defaults($_REQUEST, 'coord' , '')));
|
||||||
$verb = notags(trim(defaults($_REQUEST, 'verb' , '')));
|
$verb = Strings::removeTags(trim(defaults($_REQUEST, 'verb' , '')));
|
||||||
$emailcc = notags(trim(defaults($_REQUEST, 'emailcc' , '')));
|
$emailcc = Strings::removeTags(trim(defaults($_REQUEST, 'emailcc' , '')));
|
||||||
$body = escape_tags(trim(defaults($_REQUEST, 'body' , '')));
|
$body = escape_tags(trim(defaults($_REQUEST, 'body' , '')));
|
||||||
$network = notags(trim(defaults($_REQUEST, 'network' , Protocol::DFRN)));
|
$network = Strings::removeTags(trim(defaults($_REQUEST, 'network' , Protocol::DFRN)));
|
||||||
$guid = System::createUUID();
|
$guid = System::createUUID();
|
||||||
|
|
||||||
$postopts = defaults($_REQUEST, 'postopts', '');
|
$postopts = defaults($_REQUEST, 'postopts', '');
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
use Friendica\App;
|
use Friendica\App;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
|
||||||
|
@ -12,13 +13,13 @@ function like_content(App $a) {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
$verb = notags(trim($_GET['verb']));
|
$verb = Strings::removeTags(trim($_GET['verb']));
|
||||||
|
|
||||||
if (!$verb) {
|
if (!$verb) {
|
||||||
$verb = 'like';
|
$verb = 'like';
|
||||||
}
|
}
|
||||||
|
|
||||||
$item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
|
$item_id = (($a->argc > 1) ? Strings::removeTags(trim($a->argv[1])) : 0);
|
||||||
|
|
||||||
$r = Item::performLike($item_id, $verb);
|
$r = Item::performLike($item_id, $verb);
|
||||||
if (!$r) {
|
if (!$r) {
|
||||||
|
|
|
@ -11,6 +11,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\User;
|
use Friendica\Model\User;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
require_once 'boot.php';
|
require_once 'boot.php';
|
||||||
require_once 'include/enotify.php';
|
require_once 'include/enotify.php';
|
||||||
|
@ -18,7 +19,7 @@ require_once 'include/text.php';
|
||||||
|
|
||||||
function lostpass_post(App $a)
|
function lostpass_post(App $a)
|
||||||
{
|
{
|
||||||
$loginame = notags(trim($_POST['login-name']));
|
$loginame = Strings::removeTags(trim($_POST['login-name']));
|
||||||
if (!$loginame) {
|
if (!$loginame) {
|
||||||
$a->internalRedirect();
|
$a->internalRedirect();
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,6 +18,7 @@ use Friendica\Model\Mail;
|
||||||
use Friendica\Module\Login;
|
use Friendica\Module\Login;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Proxy as ProxyUtils;
|
use Friendica\Util\Proxy as ProxyUtils;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
|
||||||
require_once 'include/conversation.php';
|
require_once 'include/conversation.php';
|
||||||
|
@ -58,8 +59,8 @@ function message_post(App $a)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$replyto = x($_REQUEST, 'replyto') ? notags(trim($_REQUEST['replyto'])) : '';
|
$replyto = x($_REQUEST, 'replyto') ? Strings::removeTags(trim($_REQUEST['replyto'])) : '';
|
||||||
$subject = x($_REQUEST, 'subject') ? notags(trim($_REQUEST['subject'])) : '';
|
$subject = x($_REQUEST, 'subject') ? Strings::removeTags(trim($_REQUEST['subject'])) : '';
|
||||||
$body = x($_REQUEST, 'body') ? escape_tags(trim($_REQUEST['body'])) : '';
|
$body = x($_REQUEST, 'body') ? escape_tags(trim($_REQUEST['body'])) : '';
|
||||||
$recipient = x($_REQUEST, 'messageto') ? intval($_REQUEST['messageto']) : 0;
|
$recipient = x($_REQUEST, 'messageto') ? intval($_REQUEST['messageto']) : 0;
|
||||||
|
|
||||||
|
|
|
@ -28,6 +28,7 @@ use Friendica\Model\Profile;
|
||||||
use Friendica\Module\Login;
|
use Friendica\Module\Login;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Proxy as ProxyUtils;
|
use Friendica\Util\Proxy as ProxyUtils;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
require_once 'include/conversation.php';
|
require_once 'include/conversation.php';
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
@ -536,7 +537,7 @@ function networkThreadedView(App $a, $update, $parent)
|
||||||
$star = intval(defaults($_GET, 'star' , 0));
|
$star = intval(defaults($_GET, 'star' , 0));
|
||||||
$bmark = intval(defaults($_GET, 'bmark', 0));
|
$bmark = intval(defaults($_GET, 'bmark', 0));
|
||||||
$conv = intval(defaults($_GET, 'conv' , 0));
|
$conv = intval(defaults($_GET, 'conv' , 0));
|
||||||
$order = notags(defaults($_GET, 'order', 'comment'));
|
$order = Strings::removeTags(defaults($_GET, 'order', 'comment'));
|
||||||
$nets = defaults($_GET, 'nets' , '');
|
$nets = defaults($_GET, 'nets' , '');
|
||||||
|
|
||||||
if ($cid) {
|
if ($cid) {
|
||||||
|
|
|
@ -8,6 +8,7 @@ use Friendica\Core\Renderer;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
use Friendica\Module\Login;
|
use Friendica\Module\Login;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function oexchange_init(App $a) {
|
function oexchange_init(App $a) {
|
||||||
|
|
||||||
|
@ -33,13 +34,13 @@ function oexchange_content(App $a) {
|
||||||
}
|
}
|
||||||
|
|
||||||
$url = ((x($_REQUEST,'url') && strlen($_REQUEST['url']))
|
$url = ((x($_REQUEST,'url') && strlen($_REQUEST['url']))
|
||||||
? urlencode(notags(trim($_REQUEST['url']))) : '');
|
? urlencode(Strings::removeTags(trim($_REQUEST['url']))) : '');
|
||||||
$title = ((x($_REQUEST,'title') && strlen($_REQUEST['title']))
|
$title = ((x($_REQUEST,'title') && strlen($_REQUEST['title']))
|
||||||
? '&title=' . urlencode(notags(trim($_REQUEST['title']))) : '');
|
? '&title=' . urlencode(Strings::removeTags(trim($_REQUEST['title']))) : '');
|
||||||
$description = ((x($_REQUEST,'description') && strlen($_REQUEST['description']))
|
$description = ((x($_REQUEST,'description') && strlen($_REQUEST['description']))
|
||||||
? '&description=' . urlencode(notags(trim($_REQUEST['description']))) : '');
|
? '&description=' . urlencode(Strings::removeTags(trim($_REQUEST['description']))) : '');
|
||||||
$tags = ((x($_REQUEST,'tags') && strlen($_REQUEST['tags']))
|
$tags = ((x($_REQUEST,'tags') && strlen($_REQUEST['tags']))
|
||||||
? '&tags=' . urlencode(notags(trim($_REQUEST['tags']))) : '');
|
? '&tags=' . urlencode(Strings::removeTags(trim($_REQUEST['tags']))) : '');
|
||||||
|
|
||||||
$s = Network::fetchUrl(System::baseUrl() . '/parse_url?f=&url=' . $url . $title . $description . $tags);
|
$s = Network::fetchUrl(System::baseUrl() . '/parse_url?f=&url=' . $url . $title . $description . $tags);
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,7 @@ use Friendica\Core\L10n;
|
||||||
use Friendica\Core\Logger;
|
use Friendica\Core\Logger;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function openid_content(App $a) {
|
function openid_content(App $a) {
|
||||||
|
|
||||||
|
@ -74,16 +75,16 @@ function openid_content(App $a) {
|
||||||
if (is_array($attr) && count($attr)) {
|
if (is_array($attr) && count($attr)) {
|
||||||
foreach ($attr as $k => $v) {
|
foreach ($attr as $k => $v) {
|
||||||
if ($k === 'namePerson/friendly') {
|
if ($k === 'namePerson/friendly') {
|
||||||
$nick = notags(trim($v));
|
$nick = Strings::removeTags(trim($v));
|
||||||
}
|
}
|
||||||
if($k === 'namePerson/first') {
|
if($k === 'namePerson/first') {
|
||||||
$first = notags(trim($v));
|
$first = Strings::removeTags(trim($v));
|
||||||
}
|
}
|
||||||
if($k === 'namePerson') {
|
if($k === 'namePerson') {
|
||||||
$args .= '&username=' . urlencode(notags(trim($v)));
|
$args .= '&username=' . urlencode(Strings::removeTags(trim($v)));
|
||||||
}
|
}
|
||||||
if ($k === 'contact/email') {
|
if ($k === 'contact/email') {
|
||||||
$args .= '&email=' . urlencode(notags(trim($v)));
|
$args .= '&email=' . urlencode(Strings::removeTags(trim($v)));
|
||||||
}
|
}
|
||||||
if ($k === 'media/image/aspect11') {
|
if ($k === 'media/image/aspect11') {
|
||||||
$photosq = bin2hex(trim($v));
|
$photosq = bin2hex(trim($v));
|
||||||
|
@ -107,7 +108,7 @@ function openid_content(App $a) {
|
||||||
$args .= '&photo=' . urlencode($photo);
|
$args .= '&photo=' . urlencode($photo);
|
||||||
}
|
}
|
||||||
|
|
||||||
$args .= '&openid_url=' . urlencode(notags(trim($authid)));
|
$args .= '&openid_url=' . urlencode(Strings::removeTags(trim($authid)));
|
||||||
|
|
||||||
$a->internalRedirect('register?' . $args);
|
$a->internalRedirect('register?' . $args);
|
||||||
|
|
||||||
|
|
|
@ -31,6 +31,7 @@ use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Map;
|
use Friendica\Util\Map;
|
||||||
use Friendica\Util\Security;
|
use Friendica\Util\Security;
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
@ -222,7 +223,7 @@ function photos_post(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
// RENAME photo album
|
// RENAME photo album
|
||||||
$newalbum = notags(trim($_POST['albumname']));
|
$newalbum = Strings::removeTags(trim($_POST['albumname']));
|
||||||
if ($newalbum != $album) {
|
if ($newalbum != $album) {
|
||||||
q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
|
q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
|
||||||
DBA::escape($newalbum),
|
DBA::escape($newalbum),
|
||||||
|
@ -365,11 +366,11 @@ function photos_post(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($a->argc > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || !empty($_POST['albname']) !== false)) {
|
if ($a->argc > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || !empty($_POST['albname']) !== false)) {
|
||||||
$desc = !empty($_POST['desc']) ? notags(trim($_POST['desc'])) : '';
|
$desc = !empty($_POST['desc']) ? Strings::removeTags(trim($_POST['desc'])) : '';
|
||||||
$rawtags = !empty($_POST['newtag']) ? notags(trim($_POST['newtag'])) : '';
|
$rawtags = !empty($_POST['newtag']) ? Strings::removeTags(trim($_POST['newtag'])) : '';
|
||||||
$item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
|
$item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
|
||||||
$albname = !empty($_POST['albname']) ? notags(trim($_POST['albname'])) : '';
|
$albname = !empty($_POST['albname']) ? Strings::removeTags(trim($_POST['albname'])) : '';
|
||||||
$origaname = !empty($_POST['origaname']) ? notags(trim($_POST['origaname'])) : '';
|
$origaname = !empty($_POST['origaname']) ? Strings::removeTags(trim($_POST['origaname'])) : '';
|
||||||
|
|
||||||
$str_group_allow = !empty($_POST['group_allow']) ? perms2str($_POST['group_allow']) : '';
|
$str_group_allow = !empty($_POST['group_allow']) ? perms2str($_POST['group_allow']) : '';
|
||||||
$str_contact_allow = !empty($_POST['contact_allow']) ? perms2str($_POST['contact_allow']) : '';
|
$str_contact_allow = !empty($_POST['contact_allow']) ? perms2str($_POST['contact_allow']) : '';
|
||||||
|
@ -707,8 +708,8 @@ function photos_post(App $a)
|
||||||
Addon::callHooks('photo_post_init', $_POST);
|
Addon::callHooks('photo_post_init', $_POST);
|
||||||
|
|
||||||
// Determine the album to use
|
// Determine the album to use
|
||||||
$album = !empty($_REQUEST['album']) ? notags(trim($_REQUEST['album'])) : '';
|
$album = !empty($_REQUEST['album']) ? Strings::removeTags(trim($_REQUEST['album'])) : '';
|
||||||
$newalbum = !empty($_REQUEST['newalbum']) ? notags(trim($_REQUEST['newalbum'])) : '';
|
$newalbum = !empty($_REQUEST['newalbum']) ? Strings::removeTags(trim($_REQUEST['newalbum'])) : '';
|
||||||
|
|
||||||
Logger::log('mod/photos.php: photos_post(): album= ' . $album . ' newalbum= ' . $newalbum , Logger::DEBUG);
|
Logger::log('mod/photos.php: photos_post(): album= ' . $album . ' newalbum= ' . $newalbum , Logger::DEBUG);
|
||||||
|
|
||||||
|
|
|
@ -15,6 +15,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Protocol\PortableContact;
|
use Friendica\Protocol\PortableContact;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
function poco_init(App $a) {
|
function poco_init(App $a) {
|
||||||
|
@ -25,7 +26,7 @@ function poco_init(App $a) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($a->argc > 1) {
|
if ($a->argc > 1) {
|
||||||
$user = notags(trim($a->argv[1]));
|
$user = Strings::removeTags(trim($a->argv[1]));
|
||||||
}
|
}
|
||||||
if (empty($user)) {
|
if (empty($user)) {
|
||||||
$c = q("SELECT * FROM `pconfig` WHERE `cat` = 'system' AND `k` = 'suggestme' AND `v` = 1");
|
$c = q("SELECT * FROM `pconfig` WHERE `cat` = 'system' AND `k` = 'suggestme' AND `v` = 1");
|
||||||
|
|
|
@ -22,6 +22,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Core\Worker;
|
use Friendica\Core\Worker;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
@ -38,7 +39,7 @@ function poke_init(App $a)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$verb = notags(trim($_GET['verb']));
|
$verb = Strings::removeTags(trim($_GET['verb']));
|
||||||
|
|
||||||
$verbs = L10n::getPokeVerbs();
|
$verbs = L10n::getPokeVerbs();
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,7 @@ use Friendica\Protocol\ActivityPub;
|
||||||
use Friendica\Protocol\DFRN;
|
use Friendica\Protocol\DFRN;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Security;
|
use Friendica\Util\Security;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
function profile_init(App $a)
|
function profile_init(App $a)
|
||||||
|
@ -193,7 +194,7 @@ function profile_content(App $a, $update = 0)
|
||||||
if (!$update) {
|
if (!$update) {
|
||||||
$tab = false;
|
$tab = false;
|
||||||
if (!empty($_GET['tab'])) {
|
if (!empty($_GET['tab'])) {
|
||||||
$tab = notags(trim($_GET['tab']));
|
$tab = Strings::removeTags(trim($_GET['tab']));
|
||||||
}
|
}
|
||||||
|
|
||||||
$o .= Profile::getTabs($a, $is_owner, $a->profile['nickname']);
|
$o .= Profile::getTabs($a, $is_owner, $a->profile['nickname']);
|
||||||
|
|
|
@ -22,6 +22,7 @@ use Friendica\Model\Profile;
|
||||||
use Friendica\Module\Login;
|
use Friendica\Module\Login;
|
||||||
use Friendica\Network\Probe;
|
use Friendica\Network\Probe;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
|
||||||
function profiles_init(App $a) {
|
function profiles_init(App $a) {
|
||||||
|
@ -201,7 +202,7 @@ function profiles_post(App $a) {
|
||||||
|
|
||||||
$is_default = (($orig[0]['is-default']) ? 1 : 0);
|
$is_default = (($orig[0]['is-default']) ? 1 : 0);
|
||||||
|
|
||||||
$profile_name = notags(trim($_POST['profile_name']));
|
$profile_name = Strings::removeTags(trim($_POST['profile_name']));
|
||||||
if (! strlen($profile_name)) {
|
if (! strlen($profile_name)) {
|
||||||
notice(L10n::t('Profile Name is required.') . EOL);
|
notice(L10n::t('Profile Name is required.') . EOL);
|
||||||
return;
|
return;
|
||||||
|
@ -228,7 +229,7 @@ function profiles_post(App $a) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$name = notags(trim($_POST['name']));
|
$name = Strings::removeTags(trim($_POST['name']));
|
||||||
|
|
||||||
if (! strlen($name)) {
|
if (! strlen($name)) {
|
||||||
$name = '[No Name]';
|
$name = '[No Name]';
|
||||||
|
@ -238,19 +239,19 @@ function profiles_post(App $a) {
|
||||||
$namechanged = true;
|
$namechanged = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
$pdesc = notags(trim($_POST['pdesc']));
|
$pdesc = Strings::removeTags(trim($_POST['pdesc']));
|
||||||
$gender = notags(trim($_POST['gender']));
|
$gender = Strings::removeTags(trim($_POST['gender']));
|
||||||
$address = notags(trim($_POST['address']));
|
$address = Strings::removeTags(trim($_POST['address']));
|
||||||
$locality = notags(trim($_POST['locality']));
|
$locality = Strings::removeTags(trim($_POST['locality']));
|
||||||
$region = notags(trim($_POST['region']));
|
$region = Strings::removeTags(trim($_POST['region']));
|
||||||
$postal_code = notags(trim($_POST['postal_code']));
|
$postal_code = Strings::removeTags(trim($_POST['postal_code']));
|
||||||
$country_name = notags(trim($_POST['country_name']));
|
$country_name = Strings::removeTags(trim($_POST['country_name']));
|
||||||
$pub_keywords = profile_clean_keywords(notags(trim($_POST['pub_keywords'])));
|
$pub_keywords = profile_clean_keywords(Strings::removeTags(trim($_POST['pub_keywords'])));
|
||||||
$prv_keywords = profile_clean_keywords(notags(trim($_POST['prv_keywords'])));
|
$prv_keywords = profile_clean_keywords(Strings::removeTags(trim($_POST['prv_keywords'])));
|
||||||
$marital = notags(trim($_POST['marital']));
|
$marital = Strings::removeTags(trim($_POST['marital']));
|
||||||
$howlong = notags(trim($_POST['howlong']));
|
$howlong = Strings::removeTags(trim($_POST['howlong']));
|
||||||
|
|
||||||
$with = ((x($_POST,'with')) ? notags(trim($_POST['with'])) : '');
|
$with = ((x($_POST,'with')) ? Strings::removeTags(trim($_POST['with'])) : '');
|
||||||
|
|
||||||
if (! strlen($howlong)) {
|
if (! strlen($howlong)) {
|
||||||
$howlong = DBA::NULL_DATETIME;
|
$howlong = DBA::NULL_DATETIME;
|
||||||
|
@ -311,16 +312,16 @@ function profiles_post(App $a) {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// @TODO Not flexible enough for later expansion, let's have more OOP here
|
/// @TODO Not flexible enough for later expansion, let's have more OOP here
|
||||||
$sexual = notags(trim($_POST['sexual']));
|
$sexual = Strings::removeTags(trim($_POST['sexual']));
|
||||||
$xmpp = notags(trim($_POST['xmpp']));
|
$xmpp = Strings::removeTags(trim($_POST['xmpp']));
|
||||||
$homepage = notags(trim($_POST['homepage']));
|
$homepage = Strings::removeTags(trim($_POST['homepage']));
|
||||||
if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) {
|
if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) {
|
||||||
// neither http nor https in URL, add them
|
// neither http nor https in URL, add them
|
||||||
$homepage = 'http://'.$homepage;
|
$homepage = 'http://'.$homepage;
|
||||||
}
|
}
|
||||||
$hometown = notags(trim($_POST['hometown']));
|
$hometown = Strings::removeTags(trim($_POST['hometown']));
|
||||||
$politic = notags(trim($_POST['politic']));
|
$politic = Strings::removeTags(trim($_POST['politic']));
|
||||||
$religion = notags(trim($_POST['religion']));
|
$religion = Strings::removeTags(trim($_POST['religion']));
|
||||||
|
|
||||||
$likes = escape_tags(trim($_POST['likes']));
|
$likes = escape_tags(trim($_POST['likes']));
|
||||||
$dislikes = escape_tags(trim($_POST['dislikes']));
|
$dislikes = escape_tags(trim($_POST['dislikes']));
|
||||||
|
|
|
@ -6,6 +6,7 @@ use Friendica\Core\Protocol;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Contact;
|
use Friendica\Model\Contact;
|
||||||
use Friendica\Protocol\OStatus;
|
use Friendica\Protocol\OStatus;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
|
||||||
|
@ -30,15 +31,15 @@ function hub_post_return()
|
||||||
|
|
||||||
function pubsub_init(App $a)
|
function pubsub_init(App $a)
|
||||||
{
|
{
|
||||||
$nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : '');
|
$nick = (($a->argc > 1) ? Strings::removeTags(trim($a->argv[1])) : '');
|
||||||
$contact_id = (($a->argc > 2) ? intval($a->argv[2]) : 0 );
|
$contact_id = (($a->argc > 2) ? intval($a->argv[2]) : 0 );
|
||||||
|
|
||||||
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
|
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
|
||||||
$hub_mode = notags(trim(defaults($_GET, 'hub_mode', '')));
|
$hub_mode = Strings::removeTags(trim(defaults($_GET, 'hub_mode', '')));
|
||||||
$hub_topic = notags(trim(defaults($_GET, 'hub_topic', '')));
|
$hub_topic = Strings::removeTags(trim(defaults($_GET, 'hub_topic', '')));
|
||||||
$hub_challenge = notags(trim(defaults($_GET, 'hub_challenge', '')));
|
$hub_challenge = Strings::removeTags(trim(defaults($_GET, 'hub_challenge', '')));
|
||||||
$hub_lease = notags(trim(defaults($_GET, 'hub_lease_seconds', '')));
|
$hub_lease = Strings::removeTags(trim(defaults($_GET, 'hub_lease_seconds', '')));
|
||||||
$hub_verify = notags(trim(defaults($_GET, 'hub_verify_token', '')));
|
$hub_verify = Strings::removeTags(trim(defaults($_GET, 'hub_verify_token', '')));
|
||||||
|
|
||||||
Logger::log('Subscription from ' . $_SERVER['REMOTE_ADDR'] . ' Mode: ' . $hub_mode . ' Nick: ' . $nick);
|
Logger::log('Subscription from ' . $_SERVER['REMOTE_ADDR'] . ' Mode: ' . $hub_mode . ' Nick: ' . $nick);
|
||||||
Logger::log('Data: ' . print_r($_GET,true), Logger::DATA);
|
Logger::log('Data: ' . print_r($_GET,true), Logger::DATA);
|
||||||
|
@ -91,7 +92,7 @@ function pubsub_post(App $a)
|
||||||
Logger::log('Feed arrived from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $a->cmd . ' with user-agent: ' . $_SERVER['HTTP_USER_AGENT']);
|
Logger::log('Feed arrived from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $a->cmd . ' with user-agent: ' . $_SERVER['HTTP_USER_AGENT']);
|
||||||
Logger::log('Data: ' . $xml, Logger::DATA);
|
Logger::log('Data: ' . $xml, Logger::DATA);
|
||||||
|
|
||||||
$nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : '');
|
$nick = (($a->argc > 1) ? Strings::removeTags(trim($a->argv[1])) : '');
|
||||||
$contact_id = (($a->argc > 2) ? intval($a->argv[2]) : 0 );
|
$contact_id = (($a->argc > 2) ? intval($a->argv[2]) : 0 );
|
||||||
|
|
||||||
$importer = DBA::selectFirst('user', [], ['nickname' => $nick, 'account_expired' => false, 'account_removed' => false]);
|
$importer = DBA::selectFirst('user', [], ['nickname' => $nick, 'account_expired' => false, 'account_removed' => false]);
|
||||||
|
|
|
@ -7,9 +7,10 @@ use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\PushSubscriber;
|
use Friendica\Model\PushSubscriber;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function post_var($name) {
|
function post_var($name) {
|
||||||
return (x($_POST, $name)) ? notags(trim($_POST[$name])) : '';
|
return (x($_POST, $name)) ? Strings::removeTags(trim($_POST[$name])) : '';
|
||||||
}
|
}
|
||||||
|
|
||||||
function pubsubhubbub_init(App $a) {
|
function pubsubhubbub_init(App $a) {
|
||||||
|
|
|
@ -16,6 +16,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Core\Worker;
|
use Friendica\Core\Worker;
|
||||||
use Friendica\Model;
|
use Friendica\Model;
|
||||||
use Friendica\Module\Tos;
|
use Friendica\Module\Tos;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
require_once 'include/enotify.php';
|
require_once 'include/enotify.php';
|
||||||
|
|
||||||
|
@ -83,7 +84,7 @@ function register_post(App $a)
|
||||||
|
|
||||||
$using_invites = Config::get('system', 'invitation_only');
|
$using_invites = Config::get('system', 'invitation_only');
|
||||||
$num_invites = Config::get('system', 'number_invites');
|
$num_invites = Config::get('system', 'number_invites');
|
||||||
$invite_id = ((x($_POST, 'invite_id')) ? notags(trim($_POST['invite_id'])) : '');
|
$invite_id = ((x($_POST, 'invite_id')) ? Strings::removeTags(trim($_POST['invite_id'])) : '');
|
||||||
|
|
||||||
if (intval(Config::get('config', 'register_policy')) === REGISTER_OPEN) {
|
if (intval(Config::get('config', 'register_policy')) === REGISTER_OPEN) {
|
||||||
if ($using_invites && $invite_id) {
|
if ($using_invites && $invite_id) {
|
||||||
|
|
|
@ -12,6 +12,7 @@ use Friendica\Model\Contact;
|
||||||
use Friendica\Protocol\OStatus;
|
use Friendica\Protocol\OStatus;
|
||||||
use Friendica\Protocol\Salmon;
|
use Friendica\Protocol\Salmon;
|
||||||
use Friendica\Util\Crypto;
|
use Friendica\Util\Crypto;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
|
||||||
|
@ -23,7 +24,7 @@ function salmon_post(App $a, $xml = '') {
|
||||||
|
|
||||||
Logger::log('new salmon ' . $xml, Logger::DATA);
|
Logger::log('new salmon ' . $xml, Logger::DATA);
|
||||||
|
|
||||||
$nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : '');
|
$nick = (($a->argc > 1) ? Strings::removeTags(trim($a->argv[1])) : '');
|
||||||
$mentions = (($a->argc > 2 && $a->argv[2] === 'mention') ? true : false);
|
$mentions = (($a->argc > 2 && $a->argv[2] === 'mention') ? true : false);
|
||||||
|
|
||||||
$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1",
|
$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1",
|
||||||
|
|
|
@ -16,6 +16,7 @@ use Friendica\Core\Renderer;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
require_once 'include/conversation.php';
|
require_once 'include/conversation.php';
|
||||||
require_once 'mod/dirfind.php';
|
require_once 'mod/dirfind.php';
|
||||||
|
@ -23,7 +24,7 @@ require_once 'mod/dirfind.php';
|
||||||
function search_saved_searches() {
|
function search_saved_searches() {
|
||||||
|
|
||||||
$o = '';
|
$o = '';
|
||||||
$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
|
$search = ((x($_GET,'search')) ? Strings::removeTags(trim(rawurldecode($_GET['search']))) : '');
|
||||||
|
|
||||||
if (!Feature::isEnabled(local_user(),'savedsearch'))
|
if (!Feature::isEnabled(local_user(),'savedsearch'))
|
||||||
return $o;
|
return $o;
|
||||||
|
@ -62,7 +63,7 @@ function search_saved_searches() {
|
||||||
|
|
||||||
function search_init(App $a) {
|
function search_init(App $a) {
|
||||||
|
|
||||||
$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
|
$search = ((x($_GET,'search')) ? Strings::removeTags(trim(rawurldecode($_GET['search']))) : '');
|
||||||
|
|
||||||
if (local_user()) {
|
if (local_user()) {
|
||||||
if (x($_GET,'save') && $search) {
|
if (x($_GET,'save') && $search) {
|
||||||
|
@ -149,14 +150,14 @@ function search_content(App $a) {
|
||||||
|
|
||||||
$search = '';
|
$search = '';
|
||||||
if (x($a->data,'search'))
|
if (x($a->data,'search'))
|
||||||
$search = notags(trim($a->data['search']));
|
$search = Strings::removeTags(trim($a->data['search']));
|
||||||
else
|
else
|
||||||
$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
|
$search = ((x($_GET,'search')) ? Strings::removeTags(trim(rawurldecode($_GET['search']))) : '');
|
||||||
|
|
||||||
$tag = false;
|
$tag = false;
|
||||||
if (x($_GET,'tag')) {
|
if (x($_GET,'tag')) {
|
||||||
$tag = true;
|
$tag = true;
|
||||||
$search = (x($_GET,'tag') ? '#' . notags(trim(rawurldecode($_GET['tag']))) : '');
|
$search = (x($_GET,'tag') ? '#' . Strings::removeTags(trim(rawurldecode($_GET['tag']))) : '');
|
||||||
}
|
}
|
||||||
|
|
||||||
// contruct a wrapper for the search header
|
// contruct a wrapper for the search header
|
||||||
|
|
|
@ -25,6 +25,7 @@ use Friendica\Model\User;
|
||||||
use Friendica\Module\Login;
|
use Friendica\Module\Login;
|
||||||
use Friendica\Protocol\Email;
|
use Friendica\Protocol\Email;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
|
||||||
function get_theme_config_file($theme)
|
function get_theme_config_file($theme)
|
||||||
|
@ -314,8 +315,8 @@ function settings_post(App $a)
|
||||||
if (($a->argc > 1) && ($a->argv[1] === 'display')) {
|
if (($a->argc > 1) && ($a->argv[1] === 'display')) {
|
||||||
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/display', 'settings_display');
|
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/display', 'settings_display');
|
||||||
|
|
||||||
$theme = x($_POST, 'theme') ? notags(trim($_POST['theme'])) : $a->user['theme'];
|
$theme = x($_POST, 'theme') ? Strings::removeTags(trim($_POST['theme'])) : $a->user['theme'];
|
||||||
$mobile_theme = x($_POST, 'mobile_theme') ? notags(trim($_POST['mobile_theme'])) : '';
|
$mobile_theme = x($_POST, 'mobile_theme') ? Strings::removeTags(trim($_POST['mobile_theme'])) : '';
|
||||||
$nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0;
|
$nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0;
|
||||||
$first_day_of_week = x($_POST, 'first_day_of_week') ? intval($_POST['first_day_of_week']) : 0;
|
$first_day_of_week = x($_POST, 'first_day_of_week') ? intval($_POST['first_day_of_week']) : 0;
|
||||||
$noinfo = x($_POST, 'noinfo') ? intval($_POST['noinfo']) : 0;
|
$noinfo = x($_POST, 'noinfo') ? intval($_POST['noinfo']) : 0;
|
||||||
|
@ -422,13 +423,13 @@ function settings_post(App $a)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$username = ((x($_POST, 'username')) ? notags(trim($_POST['username'])) : '');
|
$username = ((x($_POST, 'username')) ? Strings::removeTags(trim($_POST['username'])) : '');
|
||||||
$email = ((x($_POST, 'email')) ? notags(trim($_POST['email'])) : '');
|
$email = ((x($_POST, 'email')) ? Strings::removeTags(trim($_POST['email'])) : '');
|
||||||
$timezone = ((x($_POST, 'timezone')) ? notags(trim($_POST['timezone'])) : '');
|
$timezone = ((x($_POST, 'timezone')) ? Strings::removeTags(trim($_POST['timezone'])) : '');
|
||||||
$language = ((x($_POST, 'language')) ? notags(trim($_POST['language'])) : '');
|
$language = ((x($_POST, 'language')) ? Strings::removeTags(trim($_POST['language'])) : '');
|
||||||
|
|
||||||
$defloc = ((x($_POST, 'defloc')) ? notags(trim($_POST['defloc'])) : '');
|
$defloc = ((x($_POST, 'defloc')) ? Strings::removeTags(trim($_POST['defloc'])) : '');
|
||||||
$openid = ((x($_POST, 'openid_url')) ? notags(trim($_POST['openid_url'])) : '');
|
$openid = ((x($_POST, 'openid_url')) ? Strings::removeTags(trim($_POST['openid_url'])) : '');
|
||||||
$maxreq = ((x($_POST, 'maxreq')) ? intval($_POST['maxreq']) : 0);
|
$maxreq = ((x($_POST, 'maxreq')) ? intval($_POST['maxreq']) : 0);
|
||||||
$expire = ((x($_POST, 'expire')) ? intval($_POST['expire']) : 0);
|
$expire = ((x($_POST, 'expire')) ? intval($_POST['expire']) : 0);
|
||||||
$def_gid = ((x($_POST, 'group-selection')) ? intval($_POST['group-selection']) : 0);
|
$def_gid = ((x($_POST, 'group-selection')) ? intval($_POST['group-selection']) : 0);
|
||||||
|
|
|
@ -10,6 +10,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
use Friendica\Util\Security;
|
use Friendica\Util\Security;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
@ -22,7 +23,7 @@ function subthread_content(App $a) {
|
||||||
|
|
||||||
$activity = ACTIVITY_FOLLOW;
|
$activity = ACTIVITY_FOLLOW;
|
||||||
|
|
||||||
$item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
|
$item_id = (($a->argc > 1) ? Strings::removeTags(trim($a->argv[1])) : 0);
|
||||||
|
|
||||||
$condition = ["`parent` = ? OR `parent-uri` = ? AND `parent` = `id`", $item_id, $item_id];
|
$condition = ["`parent` = ? OR `parent-uri` = ? AND `parent` = `id`", $item_id, $item_id];
|
||||||
$item = Item::selectFirst([], $condition);
|
$item = Item::selectFirst([], $condition);
|
||||||
|
|
|
@ -10,6 +10,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Core\Worker;
|
use Friendica\Core\Worker;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
@ -20,7 +21,7 @@ function tagger_content(App $a) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$term = notags(trim($_GET['term']));
|
$term = Strings::removeTags(trim($_GET['term']));
|
||||||
// no commas allowed
|
// no commas allowed
|
||||||
$term = str_replace([',',' '],['','_'],$term);
|
$term = str_replace([',',' '],['','_'],$term);
|
||||||
|
|
||||||
|
@ -28,7 +29,7 @@ function tagger_content(App $a) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
|
$item_id = (($a->argc > 1) ? Strings::removeTags(trim($a->argv[1])) : 0);
|
||||||
|
|
||||||
Logger::log('tagger: tag ' . $term . ' item ' . $item_id);
|
Logger::log('tagger: tag ' . $term . ' item ' . $item_id);
|
||||||
|
|
||||||
|
|
|
@ -9,6 +9,7 @@ use Friendica\Core\L10n;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
use Friendica\Model\Term;
|
use Friendica\Model\Term;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function tagrm_post(App $a)
|
function tagrm_post(App $a)
|
||||||
{
|
{
|
||||||
|
@ -22,7 +23,7 @@ function tagrm_post(App $a)
|
||||||
|
|
||||||
$tags = [];
|
$tags = [];
|
||||||
foreach (defaults($_POST, 'tag', []) as $tag) {
|
foreach (defaults($_POST, 'tag', []) as $tag) {
|
||||||
$tags[] = hex2bin(notags(trim($tag)));
|
$tags[] = hex2bin(Strings::removeTags(trim($tag)));
|
||||||
}
|
}
|
||||||
|
|
||||||
$item_id = defaults($_POST,'item', 0);
|
$item_id = defaults($_POST,'item', 0);
|
||||||
|
@ -73,7 +74,7 @@ function tagrm_content(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($a->argc == 3) {
|
if ($a->argc == 3) {
|
||||||
update_tags($a->argv[1], [notags(trim(hex2bin($a->argv[2])))]);
|
update_tags($a->argv[1], [Strings::removeTags(trim(hex2bin($a->argv[2])))]);
|
||||||
$a->internalRedirect($_SESSION['photo_return']);
|
$a->internalRedirect($_SESSION['photo_return']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,7 @@ use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Contact;
|
use Friendica\Model\Contact;
|
||||||
use Friendica\Model\Profile;
|
use Friendica\Model\Profile;
|
||||||
use Friendica\Model\User;
|
use Friendica\Model\User;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function unfollow_post(App $a)
|
function unfollow_post(App $a)
|
||||||
{
|
{
|
||||||
|
@ -24,7 +25,7 @@ function unfollow_post(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
$uid = local_user();
|
$uid = local_user();
|
||||||
$url = notags(trim(defaults($_REQUEST, 'url', '')));
|
$url = Strings::removeTags(trim(defaults($_REQUEST, 'url', '')));
|
||||||
|
|
||||||
$condition = ["`uid` = ? AND (`rel` = ? OR `rel` = ?) AND (`nurl` = ? OR `alias` = ? OR `alias` = ?)",
|
$condition = ["`uid` = ? AND (`rel` = ? OR `rel` = ?) AND (`nurl` = ? OR `alias` = ? OR `alias` = ?)",
|
||||||
$uid, Contact::SHARING, Contact::FRIEND, normalise_link($url),
|
$uid, Contact::SHARING, Contact::FRIEND, normalise_link($url),
|
||||||
|
@ -79,7 +80,7 @@ function unfollow_content(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
$uid = local_user();
|
$uid = local_user();
|
||||||
$url = notags(trim($_REQUEST['url']));
|
$url = Strings::removeTags(trim($_REQUEST['url']));
|
||||||
|
|
||||||
$condition = ["`uid` = ? AND (`rel` = ? OR `rel` = ?) AND (`nurl` = ? OR `alias` = ? OR `alias` = ?)",
|
$condition = ["`uid` = ? AND (`rel` = ? OR `rel` = ?) AND (`nurl` = ? OR `alias` = ? OR `alias` = ?)",
|
||||||
local_user(), Contact::SHARING, Contact::FRIEND, normalise_link($url),
|
local_user(), Contact::SHARING, Contact::FRIEND, normalise_link($url),
|
||||||
|
|
|
@ -17,13 +17,14 @@ use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Contact;
|
use Friendica\Model\Contact;
|
||||||
use Friendica\Model\Photo;
|
use Friendica\Model\Photo;
|
||||||
use Friendica\Object\Image;
|
use Friendica\Object\Image;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function wall_upload_post(App $a, $desktopmode = true)
|
function wall_upload_post(App $a, $desktopmode = true)
|
||||||
{
|
{
|
||||||
Logger::log("wall upload: starting new upload", Logger::DEBUG);
|
Logger::log("wall upload: starting new upload", Logger::DEBUG);
|
||||||
|
|
||||||
$r_json = (x($_GET, 'response') && $_GET['response'] == 'json');
|
$r_json = (x($_GET, 'response') && $_GET['response'] == 'json');
|
||||||
$album = (x($_GET, 'album') ? notags(trim($_GET['album'])) : '');
|
$album = (x($_GET, 'album') ? Strings::removeTags(trim($_GET['album'])) : '');
|
||||||
|
|
||||||
if ($a->argc > 1) {
|
if ($a->argc > 1) {
|
||||||
if (!x($_FILES, 'media')) {
|
if (!x($_FILES, 'media')) {
|
||||||
|
|
|
@ -10,6 +10,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Mail;
|
use Friendica\Model\Mail;
|
||||||
use Friendica\Model\Profile;
|
use Friendica\Model\Profile;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function wallmessage_post(App $a) {
|
function wallmessage_post(App $a) {
|
||||||
|
|
||||||
|
@ -19,10 +20,10 @@ function wallmessage_post(App $a) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$subject = ((x($_REQUEST,'subject')) ? notags(trim($_REQUEST['subject'])) : '');
|
$subject = ((x($_REQUEST,'subject')) ? Strings::removeTags(trim($_REQUEST['subject'])) : '');
|
||||||
$body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : '');
|
$body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : '');
|
||||||
|
|
||||||
$recipient = (($a->argc > 1) ? notags($a->argv[1]) : '');
|
$recipient = (($a->argc > 1) ? Strings::removeTags($a->argv[1]) : '');
|
||||||
if ((! $recipient) || (! $body)) {
|
if ((! $recipient) || (! $body)) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,6 +9,7 @@ use Friendica\Core\Renderer;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Protocol\Salmon;
|
use Friendica\Protocol\Salmon;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
function xrd_init(App $a)
|
function xrd_init(App $a)
|
||||||
{
|
{
|
||||||
|
@ -17,7 +18,7 @@ function xrd_init(App $a)
|
||||||
System::httpExit(404);
|
System::httpExit(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$uri = urldecode(notags(trim($_GET['uri'])));
|
$uri = urldecode(Strings::removeTags(trim($_GET['uri'])));
|
||||||
if (defaults($_SERVER, 'HTTP_ACCEPT', '') == 'application/jrd+json') {
|
if (defaults($_SERVER, 'HTTP_ACCEPT', '') == 'application/jrd+json') {
|
||||||
$mode = 'json';
|
$mode = 'json';
|
||||||
} else {
|
} else {
|
||||||
|
@ -28,7 +29,7 @@ function xrd_init(App $a)
|
||||||
System::httpExit(404);
|
System::httpExit(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$uri = urldecode(notags(trim($_GET['resource'])));
|
$uri = urldecode(Strings::removeTags(trim($_GET['resource'])));
|
||||||
if (defaults($_SERVER, 'HTTP_ACCEPT', '') == 'application/xrd+xml') {
|
if (defaults($_SERVER, 'HTTP_ACCEPT', '') == 'application/xrd+xml') {
|
||||||
$mode = 'xml';
|
$mode = 'xml';
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -1150,7 +1150,7 @@ class Item extends BaseObject
|
||||||
private static function guid($item, $notify)
|
private static function guid($item, $notify)
|
||||||
{
|
{
|
||||||
if (!empty($item['guid'])) {
|
if (!empty($item['guid'])) {
|
||||||
return notags(trim($item['guid']));
|
return Strings::removeTags(trim($item['guid']));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($notify) {
|
if ($notify) {
|
||||||
|
@ -1265,7 +1265,7 @@ class Item extends BaseObject
|
||||||
}
|
}
|
||||||
|
|
||||||
$item['guid'] = self::guid($item, $notify);
|
$item['guid'] = self::guid($item, $notify);
|
||||||
$item['uri'] = notags(trim(defaults($item, 'uri', self::newURI($item['uid'], $item['guid']))));
|
$item['uri'] = Strings::removeTags(trim(defaults($item, 'uri', self::newURI($item['uid'], $item['guid']))));
|
||||||
|
|
||||||
// Store URI data
|
// Store URI data
|
||||||
$item['uri-id'] = ItemURI::insert(['uri' => $item['uri'], 'guid' => $item['guid']]);
|
$item['uri-id'] = ItemURI::insert(['uri' => $item['uri'], 'guid' => $item['guid']]);
|
||||||
|
|
|
@ -25,6 +25,7 @@ use Friendica\Protocol\Diaspora;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
use Friendica\Util\Proxy as ProxyUtils;
|
use Friendica\Util\Proxy as ProxyUtils;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
|
||||||
require_once 'include/dba.php';
|
require_once 'include/dba.php';
|
||||||
|
@ -881,7 +882,7 @@ class Profile
|
||||||
|
|
||||||
$tab = false;
|
$tab = false;
|
||||||
if (x($_GET, 'tab')) {
|
if (x($_GET, 'tab')) {
|
||||||
$tab = notags(trim($_GET['tab']));
|
$tab = Strings::removeTags(trim($_GET['tab']));
|
||||||
}
|
}
|
||||||
|
|
||||||
$url = System::baseUrl() . '/profile/' . $nickname;
|
$url = System::baseUrl() . '/profile/' . $nickname;
|
||||||
|
|
|
@ -20,6 +20,7 @@ use Friendica\Object\Image;
|
||||||
use Friendica\Util\Crypto;
|
use Friendica\Util\Crypto;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use LightOpenID;
|
use LightOpenID;
|
||||||
|
|
||||||
require_once 'boot.php';
|
require_once 'boot.php';
|
||||||
|
@ -401,18 +402,18 @@ class User
|
||||||
$using_invites = Config::get('system', 'invitation_only');
|
$using_invites = Config::get('system', 'invitation_only');
|
||||||
$num_invites = Config::get('system', 'number_invites');
|
$num_invites = Config::get('system', 'number_invites');
|
||||||
|
|
||||||
$invite_id = !empty($data['invite_id']) ? notags(trim($data['invite_id'])) : '';
|
$invite_id = !empty($data['invite_id']) ? Strings::removeTags(trim($data['invite_id'])) : '';
|
||||||
$username = !empty($data['username']) ? notags(trim($data['username'])) : '';
|
$username = !empty($data['username']) ? Strings::removeTags(trim($data['username'])) : '';
|
||||||
$nickname = !empty($data['nickname']) ? notags(trim($data['nickname'])) : '';
|
$nickname = !empty($data['nickname']) ? Strings::removeTags(trim($data['nickname'])) : '';
|
||||||
$email = !empty($data['email']) ? notags(trim($data['email'])) : '';
|
$email = !empty($data['email']) ? Strings::removeTags(trim($data['email'])) : '';
|
||||||
$openid_url = !empty($data['openid_url']) ? notags(trim($data['openid_url'])) : '';
|
$openid_url = !empty($data['openid_url']) ? Strings::removeTags(trim($data['openid_url'])) : '';
|
||||||
$photo = !empty($data['photo']) ? notags(trim($data['photo'])) : '';
|
$photo = !empty($data['photo']) ? Strings::removeTags(trim($data['photo'])) : '';
|
||||||
$password = !empty($data['password']) ? trim($data['password']) : '';
|
$password = !empty($data['password']) ? trim($data['password']) : '';
|
||||||
$password1 = !empty($data['password1']) ? trim($data['password1']) : '';
|
$password1 = !empty($data['password1']) ? trim($data['password1']) : '';
|
||||||
$confirm = !empty($data['confirm']) ? trim($data['confirm']) : '';
|
$confirm = !empty($data['confirm']) ? trim($data['confirm']) : '';
|
||||||
$blocked = !empty($data['blocked']) ? intval($data['blocked']) : 0;
|
$blocked = !empty($data['blocked']) ? intval($data['blocked']) : 0;
|
||||||
$verified = !empty($data['verified']) ? intval($data['verified']) : 0;
|
$verified = !empty($data['verified']) ? intval($data['verified']) : 0;
|
||||||
$language = !empty($data['language']) ? notags(trim($data['language'])) : 'en';
|
$language = !empty($data['language']) ? Strings::removeTags(trim($data['language'])) : 'en';
|
||||||
|
|
||||||
$publish = !empty($data['profile_publish_reg']) && intval($data['profile_publish_reg']) ? 1 : 0;
|
$publish = !empty($data['profile_publish_reg']) && intval($data['profile_publish_reg']) ? 1 : 0;
|
||||||
$netpublish = strlen(Config::get('system', 'directory')) ? $publish : 0;
|
$netpublish = strlen(Config::get('system', 'directory')) ? $publish : 0;
|
||||||
|
|
|
@ -22,6 +22,7 @@ use Friendica\Module\Login;
|
||||||
use Friendica\Network\Probe;
|
use Friendica\Network\Probe;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Proxy as ProxyUtils;
|
use Friendica\Util\Proxy as ProxyUtils;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Manages and show Contacts and their content
|
* Manages and show Contacts and their content
|
||||||
|
@ -601,7 +602,7 @@ class Contact extends BaseModule
|
||||||
'$lbl_vis2' => L10n::t('Please choose the profile you would like to display to %s when viewing your profile securely.', $contact['name']),
|
'$lbl_vis2' => L10n::t('Please choose the profile you would like to display to %s when viewing your profile securely.', $contact['name']),
|
||||||
'$lbl_info1' => $lbl_info1,
|
'$lbl_info1' => $lbl_info1,
|
||||||
'$lbl_info2' => L10n::t('Their personal note'),
|
'$lbl_info2' => L10n::t('Their personal note'),
|
||||||
'$reason' => trim(notags($contact['reason'])),
|
'$reason' => trim(Strings::removeTags($contact['reason'])),
|
||||||
'$infedit' => L10n::t('Edit contact notes'),
|
'$infedit' => L10n::t('Edit contact notes'),
|
||||||
'$common_link' => 'common/loc/' . local_user() . '/' . $contact['id'],
|
'$common_link' => 'common/loc/' . local_user() . '/' . $contact['id'],
|
||||||
'$relation_text' => $relation_text,
|
'$relation_text' => $relation_text,
|
||||||
|
@ -694,8 +695,8 @@ class Contact extends BaseModule
|
||||||
|
|
||||||
$sql_extra .= sprintf(" AND `network` != '%s' ", Protocol::PHANTOM);
|
$sql_extra .= sprintf(" AND `network` != '%s' ", Protocol::PHANTOM);
|
||||||
|
|
||||||
$search = notags(trim(defaults($_GET, 'search', '')));
|
$search = Strings::removeTags(trim(defaults($_GET, 'search', '')));
|
||||||
$nets = notags(trim(defaults($_GET, 'nets' , '')));
|
$nets = Strings::removeTags(trim(defaults($_GET, 'nets' , '')));
|
||||||
|
|
||||||
$tabs = [
|
$tabs = [
|
||||||
[
|
[
|
||||||
|
|
|
@ -9,6 +9,7 @@ use Friendica\Database\DBStructure;
|
||||||
use Friendica\Core;
|
use Friendica\Core;
|
||||||
use Friendica\Core\L10n;
|
use Friendica\Core\L10n;
|
||||||
use Friendica\Core\Renderer;
|
use Friendica\Core\Renderer;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
|
||||||
class Install extends BaseModule
|
class Install extends BaseModule
|
||||||
|
@ -70,10 +71,10 @@ class Install extends BaseModule
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case self::SITE_SETTINGS:
|
case self::SITE_SETTINGS:
|
||||||
$dbhost = notags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST)));
|
$dbhost = Strings::removeTags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST)));
|
||||||
$dbuser = notags(trim(defaults($_POST, 'dbuser', '')));
|
$dbuser = Strings::removeTags(trim(defaults($_POST, 'dbuser', '')));
|
||||||
$dbpass = notags(trim(defaults($_POST, 'dbpass', '')));
|
$dbpass = Strings::removeTags(trim(defaults($_POST, 'dbpass', '')));
|
||||||
$dbdata = notags(trim(defaults($_POST, 'dbdata', '')));
|
$dbdata = Strings::removeTags(trim(defaults($_POST, 'dbdata', '')));
|
||||||
|
|
||||||
// If we cannot connect to the database, return to the previous step
|
// If we cannot connect to the database, return to the previous step
|
||||||
if (!self::$installer->checkDB($dbhost, $dbuser, $dbpass, $dbdata)) {
|
if (!self::$installer->checkDB($dbhost, $dbuser, $dbpass, $dbdata)) {
|
||||||
|
@ -84,13 +85,13 @@ class Install extends BaseModule
|
||||||
|
|
||||||
case self::FINISHED:
|
case self::FINISHED:
|
||||||
$urlpath = $a->getURLPath();
|
$urlpath = $a->getURLPath();
|
||||||
$dbhost = notags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST)));
|
$dbhost = Strings::removeTags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST)));
|
||||||
$dbuser = notags(trim(defaults($_POST, 'dbuser', '')));
|
$dbuser = Strings::removeTags(trim(defaults($_POST, 'dbuser', '')));
|
||||||
$dbpass = notags(trim(defaults($_POST, 'dbpass', '')));
|
$dbpass = Strings::removeTags(trim(defaults($_POST, 'dbpass', '')));
|
||||||
$dbdata = notags(trim(defaults($_POST, 'dbdata', '')));
|
$dbdata = Strings::removeTags(trim(defaults($_POST, 'dbdata', '')));
|
||||||
$timezone = notags(trim(defaults($_POST, 'timezone', Core\Installer::DEFAULT_TZ)));
|
$timezone = Strings::removeTags(trim(defaults($_POST, 'timezone', Core\Installer::DEFAULT_TZ)));
|
||||||
$language = notags(trim(defaults($_POST, 'language', Core\Installer::DEFAULT_LANG)));
|
$language = Strings::removeTags(trim(defaults($_POST, 'language', Core\Installer::DEFAULT_LANG)));
|
||||||
$adminmail = notags(trim(defaults($_POST, 'adminmail', '')));
|
$adminmail = Strings::removeTags(trim(defaults($_POST, 'adminmail', '')));
|
||||||
|
|
||||||
// If we cannot connect to the database, return to the Database config wizard
|
// If we cannot connect to the database, return to the Database config wizard
|
||||||
if (!self::$installer->checkDB($dbhost, $dbuser, $dbpass, $dbdata)) {
|
if (!self::$installer->checkDB($dbhost, $dbuser, $dbpass, $dbdata)) {
|
||||||
|
@ -139,12 +140,12 @@ class Install extends BaseModule
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case self::DATABASE_CONFIG:
|
case self::DATABASE_CONFIG:
|
||||||
$dbhost = notags(trim(defaults($_POST, 'dbhost' , Core\Installer::DEFAULT_HOST)));
|
$dbhost = Strings::removeTags(trim(defaults($_POST, 'dbhost' , Core\Installer::DEFAULT_HOST)));
|
||||||
$dbuser = notags(trim(defaults($_POST, 'dbuser' , '' )));
|
$dbuser = Strings::removeTags(trim(defaults($_POST, 'dbuser' , '' )));
|
||||||
$dbpass = notags(trim(defaults($_POST, 'dbpass' , '' )));
|
$dbpass = Strings::removeTags(trim(defaults($_POST, 'dbpass' , '' )));
|
||||||
$dbdata = notags(trim(defaults($_POST, 'dbdata' , '' )));
|
$dbdata = Strings::removeTags(trim(defaults($_POST, 'dbdata' , '' )));
|
||||||
$phpath = notags(trim(defaults($_POST, 'phpath' , '' )));
|
$phpath = Strings::removeTags(trim(defaults($_POST, 'phpath' , '' )));
|
||||||
$adminmail = notags(trim(defaults($_POST, 'adminmail', '' )));
|
$adminmail = Strings::removeTags(trim(defaults($_POST, 'adminmail', '' )));
|
||||||
|
|
||||||
$tpl = Renderer::getMarkupTemplate('install_db.tpl');
|
$tpl = Renderer::getMarkupTemplate('install_db.tpl');
|
||||||
$output .= Renderer::replaceMacros($tpl, [
|
$output .= Renderer::replaceMacros($tpl, [
|
||||||
|
@ -190,13 +191,13 @@ class Install extends BaseModule
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case self::SITE_SETTINGS:
|
case self::SITE_SETTINGS:
|
||||||
$dbhost = notags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST)));
|
$dbhost = Strings::removeTags(trim(defaults($_POST, 'dbhost', Core\Installer::DEFAULT_HOST)));
|
||||||
$dbuser = notags(trim(defaults($_POST, 'dbuser', '' )));
|
$dbuser = Strings::removeTags(trim(defaults($_POST, 'dbuser', '' )));
|
||||||
$dbpass = notags(trim(defaults($_POST, 'dbpass', '' )));
|
$dbpass = Strings::removeTags(trim(defaults($_POST, 'dbpass', '' )));
|
||||||
$dbdata = notags(trim(defaults($_POST, 'dbdata', '' )));
|
$dbdata = Strings::removeTags(trim(defaults($_POST, 'dbdata', '' )));
|
||||||
$phpath = notags(trim(defaults($_POST, 'phpath', '' )));
|
$phpath = Strings::removeTags(trim(defaults($_POST, 'phpath', '' )));
|
||||||
|
|
||||||
$adminmail = notags(trim(defaults($_POST, 'adminmail', '')));
|
$adminmail = Strings::removeTags(trim(defaults($_POST, 'adminmail', '')));
|
||||||
|
|
||||||
$timezone = defaults($_POST, 'timezone', Core\Installer::DEFAULT_TZ);
|
$timezone = defaults($_POST, 'timezone', Core\Installer::DEFAULT_TZ);
|
||||||
/* Installed langs */
|
/* Installed langs */
|
||||||
|
|
|
@ -17,6 +17,7 @@ use Friendica\Database\DBA;
|
||||||
use Friendica\Model\User;
|
use Friendica\Model\User;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use LightOpenID;
|
use LightOpenID;
|
||||||
|
|
||||||
require_once 'boot.php';
|
require_once 'boot.php';
|
||||||
|
@ -148,7 +149,7 @@ class Login extends BaseModule
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
Logger::log('authenticate: failed login attempt: ' . notags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
|
Logger::log('authenticate: failed login attempt: ' . Strings::removeTags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
|
||||||
info('Login failed. Please check your credentials.' . EOL);
|
info('Login failed. Please check your credentials.' . EOL);
|
||||||
$a->internalRedirect();
|
$a->internalRedirect();
|
||||||
}
|
}
|
||||||
|
|
|
@ -1674,7 +1674,7 @@ class Probe
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$data["name"] = notags($data["name"]);
|
$data["name"] = Strings::removeTags($data["name"]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -2494,7 +2494,7 @@ class DFRN
|
||||||
$item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry);
|
$item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry);
|
||||||
$item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]);
|
$item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]);
|
||||||
// make sure nobody is trying to sneak some html tags by us
|
// make sure nobody is trying to sneak some html tags by us
|
||||||
$item["body"] = notags(base64url_decode($item["body"]));
|
$item["body"] = Strings::removeTags(base64url_decode($item["body"]));
|
||||||
|
|
||||||
$item["body"] = BBCode::limitBodySize($item["body"]);
|
$item["body"] = BBCode::limitBodySize($item["body"]);
|
||||||
|
|
||||||
|
|
|
@ -1506,9 +1506,9 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveAccountMigration(array $importer, $data)
|
private static function receiveAccountMigration(array $importer, $data)
|
||||||
{
|
{
|
||||||
$old_handle = notags(XML::unescape($data->author));
|
$old_handle = Strings::removeTags(XML::unescape($data->author));
|
||||||
$new_handle = notags(XML::unescape($data->profile->author));
|
$new_handle = Strings::removeTags(XML::unescape($data->profile->author));
|
||||||
$signature = notags(XML::unescape($data->signature));
|
$signature = Strings::removeTags(XML::unescape($data->signature));
|
||||||
|
|
||||||
$contact = self::contactByHandle($importer["uid"], $old_handle);
|
$contact = self::contactByHandle($importer["uid"], $old_handle);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
|
@ -1566,7 +1566,7 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveAccountDeletion($data)
|
private static function receiveAccountDeletion($data)
|
||||||
{
|
{
|
||||||
$author = notags(XML::unescape($data->author));
|
$author = Strings::removeTags(XML::unescape($data->author));
|
||||||
|
|
||||||
$contacts = DBA::select('contact', ['id'], ['addr' => $author]);
|
$contacts = DBA::select('contact', ['id'], ['addr' => $author]);
|
||||||
while ($contact = DBA::fetch($contacts)) {
|
while ($contact = DBA::fetch($contacts)) {
|
||||||
|
@ -1657,19 +1657,19 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveComment(array $importer, $sender, $data, $xml)
|
private static function receiveComment(array $importer, $sender, $data, $xml)
|
||||||
{
|
{
|
||||||
$author = notags(XML::unescape($data->author));
|
$author = Strings::removeTags(XML::unescape($data->author));
|
||||||
$guid = notags(XML::unescape($data->guid));
|
$guid = Strings::removeTags(XML::unescape($data->guid));
|
||||||
$parent_guid = notags(XML::unescape($data->parent_guid));
|
$parent_guid = Strings::removeTags(XML::unescape($data->parent_guid));
|
||||||
$text = XML::unescape($data->text);
|
$text = XML::unescape($data->text);
|
||||||
|
|
||||||
if (isset($data->created_at)) {
|
if (isset($data->created_at)) {
|
||||||
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
$created_at = DateTimeFormat::utc(Strings::removeTags(XML::unescape($data->created_at)));
|
||||||
} else {
|
} else {
|
||||||
$created_at = DateTimeFormat::utcNow();
|
$created_at = DateTimeFormat::utcNow();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($data->thread_parent_guid)) {
|
if (isset($data->thread_parent_guid)) {
|
||||||
$thread_parent_guid = notags(XML::unescape($data->thread_parent_guid));
|
$thread_parent_guid = Strings::removeTags(XML::unescape($data->thread_parent_guid));
|
||||||
$thr_uri = self::getUriFromGuid("", $thread_parent_guid, true);
|
$thr_uri = self::getUriFromGuid("", $thread_parent_guid, true);
|
||||||
} else {
|
} else {
|
||||||
$thr_uri = "";
|
$thr_uri = "";
|
||||||
|
@ -1774,24 +1774,24 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveConversationMessage(array $importer, array $contact, $data, $msg, $mesg, $conversation)
|
private static function receiveConversationMessage(array $importer, array $contact, $data, $msg, $mesg, $conversation)
|
||||||
{
|
{
|
||||||
$author = notags(XML::unescape($data->author));
|
$author = Strings::removeTags(XML::unescape($data->author));
|
||||||
$guid = notags(XML::unescape($data->guid));
|
$guid = Strings::removeTags(XML::unescape($data->guid));
|
||||||
$subject = notags(XML::unescape($data->subject));
|
$subject = Strings::removeTags(XML::unescape($data->subject));
|
||||||
|
|
||||||
// "diaspora_handle" is the element name from the old version
|
// "diaspora_handle" is the element name from the old version
|
||||||
// "author" is the element name from the new version
|
// "author" is the element name from the new version
|
||||||
if ($mesg->author) {
|
if ($mesg->author) {
|
||||||
$msg_author = notags(XML::unescape($mesg->author));
|
$msg_author = Strings::removeTags(XML::unescape($mesg->author));
|
||||||
} elseif ($mesg->diaspora_handle) {
|
} elseif ($mesg->diaspora_handle) {
|
||||||
$msg_author = notags(XML::unescape($mesg->diaspora_handle));
|
$msg_author = Strings::removeTags(XML::unescape($mesg->diaspora_handle));
|
||||||
} else {
|
} else {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$msg_guid = notags(XML::unescape($mesg->guid));
|
$msg_guid = Strings::removeTags(XML::unescape($mesg->guid));
|
||||||
$msg_conversation_guid = notags(XML::unescape($mesg->conversation_guid));
|
$msg_conversation_guid = Strings::removeTags(XML::unescape($mesg->conversation_guid));
|
||||||
$msg_text = XML::unescape($mesg->text);
|
$msg_text = XML::unescape($mesg->text);
|
||||||
$msg_created_at = DateTimeFormat::utc(notags(XML::unescape($mesg->created_at)));
|
$msg_created_at = DateTimeFormat::utc(Strings::removeTags(XML::unescape($mesg->created_at)));
|
||||||
|
|
||||||
if ($msg_conversation_guid != $guid) {
|
if ($msg_conversation_guid != $guid) {
|
||||||
Logger::log("message conversation guid does not belong to the current conversation.");
|
Logger::log("message conversation guid does not belong to the current conversation.");
|
||||||
|
@ -1862,11 +1862,11 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveConversation(array $importer, $msg, $data)
|
private static function receiveConversation(array $importer, $msg, $data)
|
||||||
{
|
{
|
||||||
$author = notags(XML::unescape($data->author));
|
$author = Strings::removeTags(XML::unescape($data->author));
|
||||||
$guid = notags(XML::unescape($data->guid));
|
$guid = Strings::removeTags(XML::unescape($data->guid));
|
||||||
$subject = notags(XML::unescape($data->subject));
|
$subject = Strings::removeTags(XML::unescape($data->subject));
|
||||||
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
$created_at = DateTimeFormat::utc(Strings::removeTags(XML::unescape($data->created_at)));
|
||||||
$participants = notags(XML::unescape($data->participants));
|
$participants = Strings::removeTags(XML::unescape($data->participants));
|
||||||
|
|
||||||
$messages = $data->message;
|
$messages = $data->message;
|
||||||
|
|
||||||
|
@ -1920,11 +1920,11 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveLike(array $importer, $sender, $data)
|
private static function receiveLike(array $importer, $sender, $data)
|
||||||
{
|
{
|
||||||
$author = notags(XML::unescape($data->author));
|
$author = Strings::removeTags(XML::unescape($data->author));
|
||||||
$guid = notags(XML::unescape($data->guid));
|
$guid = Strings::removeTags(XML::unescape($data->guid));
|
||||||
$parent_guid = notags(XML::unescape($data->parent_guid));
|
$parent_guid = Strings::removeTags(XML::unescape($data->parent_guid));
|
||||||
$parent_type = notags(XML::unescape($data->parent_type));
|
$parent_type = Strings::removeTags(XML::unescape($data->parent_type));
|
||||||
$positive = notags(XML::unescape($data->positive));
|
$positive = Strings::removeTags(XML::unescape($data->positive));
|
||||||
|
|
||||||
// likes on comments aren't supported by Diaspora - only on posts
|
// likes on comments aren't supported by Diaspora - only on posts
|
||||||
// But maybe this will be supported in the future, so we will accept it.
|
// But maybe this will be supported in the future, so we will accept it.
|
||||||
|
@ -2029,11 +2029,11 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveMessage(array $importer, $data)
|
private static function receiveMessage(array $importer, $data)
|
||||||
{
|
{
|
||||||
$author = notags(XML::unescape($data->author));
|
$author = Strings::removeTags(XML::unescape($data->author));
|
||||||
$guid = notags(XML::unescape($data->guid));
|
$guid = Strings::removeTags(XML::unescape($data->guid));
|
||||||
$conversation_guid = notags(XML::unescape($data->conversation_guid));
|
$conversation_guid = Strings::removeTags(XML::unescape($data->conversation_guid));
|
||||||
$text = XML::unescape($data->text);
|
$text = XML::unescape($data->text);
|
||||||
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
$created_at = DateTimeFormat::utc(Strings::removeTags(XML::unescape($data->created_at)));
|
||||||
|
|
||||||
$contact = self::allowedContactByHandle($importer, $author, true);
|
$contact = self::allowedContactByHandle($importer, $author, true);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
|
@ -2104,8 +2104,8 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveParticipation(array $importer, $data)
|
private static function receiveParticipation(array $importer, $data)
|
||||||
{
|
{
|
||||||
$author = strtolower(notags(XML::unescape($data->author)));
|
$author = strtolower(Strings::removeTags(XML::unescape($data->author)));
|
||||||
$parent_guid = notags(XML::unescape($data->parent_guid));
|
$parent_guid = Strings::removeTags(XML::unescape($data->parent_guid));
|
||||||
|
|
||||||
$contact_id = Contact::getIdForURL($author);
|
$contact_id = Contact::getIdForURL($author);
|
||||||
if (!$contact_id) {
|
if (!$contact_id) {
|
||||||
|
@ -2197,7 +2197,7 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveProfile(array $importer, $data)
|
private static function receiveProfile(array $importer, $data)
|
||||||
{
|
{
|
||||||
$author = strtolower(notags(XML::unescape($data->author)));
|
$author = strtolower(Strings::removeTags(XML::unescape($data->author)));
|
||||||
|
|
||||||
$contact = self::contactByHandle($importer["uid"], $author);
|
$contact = self::contactByHandle($importer["uid"], $author);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
|
@ -2574,13 +2574,13 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveReshare(array $importer, $data, $xml)
|
private static function receiveReshare(array $importer, $data, $xml)
|
||||||
{
|
{
|
||||||
$author = notags(XML::unescape($data->author));
|
$author = Strings::removeTags(XML::unescape($data->author));
|
||||||
$guid = notags(XML::unescape($data->guid));
|
$guid = Strings::removeTags(XML::unescape($data->guid));
|
||||||
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
$created_at = DateTimeFormat::utc(Strings::removeTags(XML::unescape($data->created_at)));
|
||||||
$root_author = notags(XML::unescape($data->root_author));
|
$root_author = Strings::removeTags(XML::unescape($data->root_author));
|
||||||
$root_guid = notags(XML::unescape($data->root_guid));
|
$root_guid = Strings::removeTags(XML::unescape($data->root_guid));
|
||||||
/// @todo handle unprocessed property "provider_display_name"
|
/// @todo handle unprocessed property "provider_display_name"
|
||||||
$public = notags(XML::unescape($data->public));
|
$public = Strings::removeTags(XML::unescape($data->public));
|
||||||
|
|
||||||
$contact = self::allowedContactByHandle($importer, $author, false);
|
$contact = self::allowedContactByHandle($importer, $author, false);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
|
@ -2666,9 +2666,9 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function itemRetraction(array $importer, array $contact, $data)
|
private static function itemRetraction(array $importer, array $contact, $data)
|
||||||
{
|
{
|
||||||
$author = notags(XML::unescape($data->author));
|
$author = Strings::removeTags(XML::unescape($data->author));
|
||||||
$target_guid = notags(XML::unescape($data->target_guid));
|
$target_guid = Strings::removeTags(XML::unescape($data->target_guid));
|
||||||
$target_type = notags(XML::unescape($data->target_type));
|
$target_type = Strings::removeTags(XML::unescape($data->target_type));
|
||||||
|
|
||||||
$person = self::personByHandle($author);
|
$person = self::personByHandle($author);
|
||||||
if (!is_array($person)) {
|
if (!is_array($person)) {
|
||||||
|
@ -2730,7 +2730,7 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveRetraction(array $importer, $sender, $data)
|
private static function receiveRetraction(array $importer, $sender, $data)
|
||||||
{
|
{
|
||||||
$target_type = notags(XML::unescape($data->target_type));
|
$target_type = Strings::removeTags(XML::unescape($data->target_type));
|
||||||
|
|
||||||
$contact = self::contactByHandle($importer["uid"], $sender);
|
$contact = self::contactByHandle($importer["uid"], $sender);
|
||||||
if (!$contact && (in_array($target_type, ["Contact", "Person"]))) {
|
if (!$contact && (in_array($target_type, ["Contact", "Person"]))) {
|
||||||
|
@ -2775,12 +2775,12 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveStatusMessage(array $importer, SimpleXMLElement $data, $xml)
|
private static function receiveStatusMessage(array $importer, SimpleXMLElement $data, $xml)
|
||||||
{
|
{
|
||||||
$author = notags(XML::unescape($data->author));
|
$author = Strings::removeTags(XML::unescape($data->author));
|
||||||
$guid = notags(XML::unescape($data->guid));
|
$guid = Strings::removeTags(XML::unescape($data->guid));
|
||||||
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
$created_at = DateTimeFormat::utc(Strings::removeTags(XML::unescape($data->created_at)));
|
||||||
$public = notags(XML::unescape($data->public));
|
$public = Strings::removeTags(XML::unescape($data->public));
|
||||||
$text = XML::unescape($data->text);
|
$text = XML::unescape($data->text);
|
||||||
$provider_display_name = notags(XML::unescape($data->provider_display_name));
|
$provider_display_name = Strings::removeTags(XML::unescape($data->provider_display_name));
|
||||||
|
|
||||||
$contact = self::allowedContactByHandle($importer, $author, false);
|
$contact = self::allowedContactByHandle($importer, $author, false);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
|
@ -2795,7 +2795,7 @@ class Diaspora
|
||||||
$address = [];
|
$address = [];
|
||||||
if ($data->location) {
|
if ($data->location) {
|
||||||
foreach ($data->location->children() as $fieldname => $data) {
|
foreach ($data->location->children() as $fieldname => $data) {
|
||||||
$address[$fieldname] = notags(XML::unescape($data));
|
$address[$fieldname] = Strings::removeTags(XML::unescape($data));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -44,7 +44,7 @@ class Strings
|
||||||
* @param string $string Input string
|
* @param string $string Input string
|
||||||
* @return string Filtered string
|
* @return string Filtered string
|
||||||
*/
|
*/
|
||||||
public static function removeTags($string) // notags()
|
public static function removeTags($string)
|
||||||
{
|
{
|
||||||
return str_replace(["<", ">"], ['[', ']'], $string);
|
return str_replace(["<", ">"], ['[', ']'], $string);
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,6 +18,7 @@ use Friendica\Protocol\Email;
|
||||||
use Friendica\Protocol\PortableContact;
|
use Friendica\Protocol\PortableContact;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Network;
|
use Friendica\Util\Network;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
use Friendica\Util\XML;
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/dba.php';
|
require_once 'include/dba.php';
|
||||||
|
@ -474,9 +475,9 @@ class OnePoll
|
||||||
$datarray['title'] .= $subpart->text;
|
$datarray['title'] .= $subpart->text;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$datarray['title'] = notags(trim($datarray['title']));
|
$datarray['title'] = Strings::removeTags(trim($datarray['title']));
|
||||||
|
|
||||||
//$datarray['title'] = notags(trim($meta->subject));
|
//$datarray['title'] = Strings::removeTags(trim($meta->subject));
|
||||||
$datarray['created'] = DateTimeFormat::utc($meta->date);
|
$datarray['created'] = DateTimeFormat::utc($meta->date);
|
||||||
|
|
||||||
// Is it a reply?
|
// Is it a reply?
|
||||||
|
|
|
@ -239,7 +239,7 @@ class TextTest extends TestCase
|
||||||
{
|
{
|
||||||
$invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
|
$invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
|
||||||
|
|
||||||
$validstring=notags($invalidstring);
|
$validstring = Friendica\Util\Strings::removeTags($invalidstring);
|
||||||
$escapedString=escape_tags($invalidstring);
|
$escapedString=escape_tags($invalidstring);
|
||||||
|
|
||||||
$this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring);
|
$this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring);
|
||||||
|
|
|
@ -20,6 +20,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model;
|
use Friendica\Model;
|
||||||
use Friendica\Module;
|
use Friendica\Module;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
$frio = 'view/theme/frio';
|
$frio = 'view/theme/frio';
|
||||||
|
|
||||||
|
@ -300,7 +301,7 @@ function frio_remote_nav($a, &$nav)
|
||||||
*/
|
*/
|
||||||
function frio_acl_lookup(App $a, &$results)
|
function frio_acl_lookup(App $a, &$results)
|
||||||
{
|
{
|
||||||
$nets = x($_GET, 'nets') ? notags(trim($_GET['nets'])) : '';
|
$nets = x($_GET, 'nets') ? Strings::removeTags(trim($_GET['nets'])) : '';
|
||||||
|
|
||||||
// we introduce a new search type, r should do the same query like it's
|
// we introduce a new search type, r should do the same query like it's
|
||||||
// done in /src/Module/Contact.php for connections
|
// done in /src/Module/Contact.php for connections
|
||||||
|
|
Loading…
Reference in New Issue
Block a user