Merge pull request #10958 from annando/escapeTags
Some more "escapeTags" removed
This commit is contained in:
commit
f99d37d87e
|
@ -70,10 +70,10 @@ function message_post(App $a)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$replyto = !empty($_REQUEST['replyto']) ? Strings::escapeTags(trim($_REQUEST['replyto'])) : '';
|
$replyto = !empty($_REQUEST['replyto']) ? trim($_REQUEST['replyto']) : '';
|
||||||
$subject = !empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '';
|
$subject = !empty($_REQUEST['subject']) ? trim($_REQUEST['subject']) : '';
|
||||||
$body = !empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
|
$body = !empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
|
||||||
$recipient = !empty($_REQUEST['recipient']) ? intval($_REQUEST['recipient']) : 0;
|
$recipient = !empty($_REQUEST['recipient']) ? intval($_REQUEST['recipient']) : 0;
|
||||||
|
|
||||||
$ret = Mail::send($recipient, $body, $subject, $replyto);
|
$ret = Mail::send($recipient, $body, $subject, $replyto);
|
||||||
$norecip = false;
|
$norecip = false;
|
||||||
|
|
|
@ -291,11 +291,11 @@ function photos_post(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (DI::args()->getArgc() > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) {
|
if (DI::args()->getArgc() > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) {
|
||||||
$desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : '';
|
$desc = !empty($_POST['desc']) ? trim($_POST['desc']) : '';
|
||||||
$rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : '';
|
$rawtags = !empty($_POST['newtag']) ? trim($_POST['newtag']) : '';
|
||||||
$item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
|
$item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
|
||||||
$albname = !empty($_POST['albname']) ? trim($_POST['albname']) : '';
|
$albname = !empty($_POST['albname']) ? trim($_POST['albname']) : '';
|
||||||
$origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : '';
|
$origaname = !empty($_POST['origaname']) ? trim($_POST['origaname']) : '';
|
||||||
|
|
||||||
$resource_id = DI::args()->getArgv()[3];
|
$resource_id = DI::args()->getArgv()[3];
|
||||||
|
|
||||||
|
|
|
@ -37,7 +37,6 @@ use Friendica\Model\User;
|
||||||
use Friendica\Module\BaseSettings;
|
use Friendica\Module\BaseSettings;
|
||||||
use Friendica\Module\Security\Login;
|
use Friendica\Module\Security\Login;
|
||||||
use Friendica\Protocol\Email;
|
use Friendica\Protocol\Email;
|
||||||
use Friendica\Util\Strings;
|
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
use Friendica\Worker\Delivery;
|
use Friendica\Worker\Delivery;
|
||||||
|
|
||||||
|
@ -216,14 +215,14 @@ function settings_post(App $a)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$username = (!empty($_POST['username']) ? Strings::escapeTags(trim($_POST['username'])) : '');
|
$username = (!empty($_POST['username']) ? trim($_POST['username']) : '');
|
||||||
$email = (!empty($_POST['email']) ? Strings::escapeTags(trim($_POST['email'])) : '');
|
$email = (!empty($_POST['email']) ? trim($_POST['email']) : '');
|
||||||
$timezone = (!empty($_POST['timezone']) ? Strings::escapeTags(trim($_POST['timezone'])) : '');
|
$timezone = (!empty($_POST['timezone']) ? trim($_POST['timezone']) : '');
|
||||||
$language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
|
$language = (!empty($_POST['language']) ? trim($_POST['language']) : '');
|
||||||
|
|
||||||
$defloc = (!empty($_POST['defloc']) ? Strings::escapeTags(trim($_POST['defloc'])) : '');
|
$defloc = (!empty($_POST['defloc']) ? trim($_POST['defloc']) : '');
|
||||||
$maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
|
$maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
|
||||||
$expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
|
$expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
|
||||||
$def_gid = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
|
$def_gid = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -37,10 +37,10 @@ function wallmessage_post(App $a) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$subject = (!empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '');
|
$subject = trim($_REQUEST['subject'] ?? '');
|
||||||
$body = (!empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '');
|
$body = Strings::escapeHtml(trim($_REQUEST['body'] ?? ''));
|
||||||
|
|
||||||
$recipient = ((DI::args()->getArgc() > 1) ? Strings::escapeTags(DI::args()->getArgv()[1]) : '');
|
$recipient = ((DI::args()->getArgc() > 1) ? DI::args()->getArgv()[1] : '');
|
||||||
if ((! $recipient) || (! $body)) {
|
if ((! $recipient) || (! $body)) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -128,16 +128,16 @@ class Site extends BaseAdmin
|
||||||
}
|
}
|
||||||
// end relocate
|
// end relocate
|
||||||
|
|
||||||
$sitename = (!empty($_POST['sitename']) ? Strings::escapeTags(trim($_POST['sitename'])) : '');
|
$sitename = (!empty($_POST['sitename']) ? trim($_POST['sitename']) : '');
|
||||||
$sender_email = (!empty($_POST['sender_email']) ? Strings::escapeTags(trim($_POST['sender_email'])) : '');
|
$sender_email = (!empty($_POST['sender_email']) ? trim($_POST['sender_email']) : '');
|
||||||
$banner = (!empty($_POST['banner']) ? trim($_POST['banner']) : false);
|
$banner = (!empty($_POST['banner']) ? trim($_POST['banner']) : false);
|
||||||
$email_banner = (!empty($_POST['email_banner']) ? trim($_POST['email_banner']) : false);
|
$email_banner = (!empty($_POST['email_banner']) ? trim($_POST['email_banner']) : false);
|
||||||
$shortcut_icon = (!empty($_POST['shortcut_icon']) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : '');
|
$shortcut_icon = (!empty($_POST['shortcut_icon']) ? trim($_POST['shortcut_icon']) : '');
|
||||||
$touch_icon = (!empty($_POST['touch_icon']) ? Strings::escapeTags(trim($_POST['touch_icon'])) : '');
|
$touch_icon = (!empty($_POST['touch_icon']) ? trim($_POST['touch_icon']) : '');
|
||||||
$additional_info = (!empty($_POST['additional_info']) ? trim($_POST['additional_info']) : '');
|
$additional_info = (!empty($_POST['additional_info']) ? trim($_POST['additional_info']) : '');
|
||||||
$language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
|
$language = (!empty($_POST['language']) ? trim($_POST['language']) : '');
|
||||||
$theme = (!empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : '');
|
$theme = (!empty($_POST['theme']) ? trim($_POST['theme']) : '');
|
||||||
$theme_mobile = (!empty($_POST['theme_mobile']) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : '');
|
$theme_mobile = (!empty($_POST['theme_mobile']) ? trim($_POST['theme_mobile']) : '');
|
||||||
$maximagesize = (!empty($_POST['maximagesize']) ? intval(trim($_POST['maximagesize'])) : 0);
|
$maximagesize = (!empty($_POST['maximagesize']) ? intval(trim($_POST['maximagesize'])) : 0);
|
||||||
$maximagelength = (!empty($_POST['maximagelength']) ? intval(trim($_POST['maximagelength'])) : -1);
|
$maximagelength = (!empty($_POST['maximagelength']) ? intval(trim($_POST['maximagelength'])) : -1);
|
||||||
$jpegimagequality = (!empty($_POST['jpegimagequality']) ? intval(trim($_POST['jpegimagequality'])) : 100);
|
$jpegimagequality = (!empty($_POST['jpegimagequality']) ? intval(trim($_POST['jpegimagequality'])) : 100);
|
||||||
|
@ -148,15 +148,15 @@ class Site extends BaseAdmin
|
||||||
|
|
||||||
$register_text = (!empty($_POST['register_text']) ? strip_tags(trim($_POST['register_text'])) : '');
|
$register_text = (!empty($_POST['register_text']) ? strip_tags(trim($_POST['register_text'])) : '');
|
||||||
|
|
||||||
$allowed_sites = (!empty($_POST['allowed_sites']) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : '');
|
$allowed_sites = (!empty($_POST['allowed_sites']) ? trim($_POST['allowed_sites']) : '');
|
||||||
$allowed_email = (!empty($_POST['allowed_email']) ? Strings::escapeTags(trim($_POST['allowed_email'])) : '');
|
$allowed_email = (!empty($_POST['allowed_email']) ? trim($_POST['allowed_email']) : '');
|
||||||
$forbidden_nicknames = (!empty($_POST['forbidden_nicknames']) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : '');
|
$forbidden_nicknames = (!empty($_POST['forbidden_nicknames']) ? strtolower(trim($_POST['forbidden_nicknames'])) : '');
|
||||||
$system_actor_name = (!empty($_POST['system_actor_name']) ? Strings::escapeTags(trim($_POST['system_actor_name'])) : '');
|
$system_actor_name = (!empty($_POST['system_actor_name']) ? trim($_POST['system_actor_name']) : '');
|
||||||
$no_oembed_rich_content = !empty($_POST['no_oembed_rich_content']);
|
$no_oembed_rich_content = !empty($_POST['no_oembed_rich_content']);
|
||||||
$allowed_oembed = (!empty($_POST['allowed_oembed']) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : '');
|
$allowed_oembed = (!empty($_POST['allowed_oembed']) ? trim($_POST['allowed_oembed']) : '');
|
||||||
$block_public = !empty($_POST['block_public']);
|
$block_public = !empty($_POST['block_public']);
|
||||||
$force_publish = !empty($_POST['publish_all']);
|
$force_publish = !empty($_POST['publish_all']);
|
||||||
$global_directory = (!empty($_POST['directory']) ? Strings::escapeTags(trim($_POST['directory'])) : '');
|
$global_directory = (!empty($_POST['directory']) ? trim($_POST['directory']) : '');
|
||||||
$newuser_private = !empty($_POST['newuser_private']);
|
$newuser_private = !empty($_POST['newuser_private']);
|
||||||
$enotify_no_content = !empty($_POST['enotify_no_content']);
|
$enotify_no_content = !empty($_POST['enotify_no_content']);
|
||||||
$private_addons = !empty($_POST['private_addons']);
|
$private_addons = !empty($_POST['private_addons']);
|
||||||
|
@ -173,8 +173,8 @@ class Site extends BaseAdmin
|
||||||
$max_author_posts_community_page = (!empty($_POST['max_author_posts_community_page']) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
|
$max_author_posts_community_page = (!empty($_POST['max_author_posts_community_page']) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
|
||||||
|
|
||||||
$verifyssl = !empty($_POST['verifyssl']);
|
$verifyssl = !empty($_POST['verifyssl']);
|
||||||
$proxyuser = (!empty($_POST['proxyuser']) ? Strings::escapeTags(trim($_POST['proxyuser'])) : '');
|
$proxyuser = (!empty($_POST['proxyuser']) ? trim($_POST['proxyuser']) : '');
|
||||||
$proxy = (!empty($_POST['proxy']) ? Strings::escapeTags(trim($_POST['proxy'])) : '');
|
$proxy = (!empty($_POST['proxy']) ? trim($_POST['proxy']) : '');
|
||||||
$timeout = (!empty($_POST['timeout']) ? intval(trim($_POST['timeout'])) : 60);
|
$timeout = (!empty($_POST['timeout']) ? intval(trim($_POST['timeout'])) : 60);
|
||||||
$maxloadavg = (!empty($_POST['maxloadavg']) ? intval(trim($_POST['maxloadavg'])) : 20);
|
$maxloadavg = (!empty($_POST['maxloadavg']) ? intval(trim($_POST['maxloadavg'])) : 20);
|
||||||
$min_memory = (!empty($_POST['min_memory']) ? intval(trim($_POST['min_memory'])) : 0);
|
$min_memory = (!empty($_POST['min_memory']) ? intval(trim($_POST['min_memory'])) : 0);
|
||||||
|
@ -198,20 +198,20 @@ class Site extends BaseAdmin
|
||||||
$suppress_tags = !empty($_POST['suppress_tags']);
|
$suppress_tags = !empty($_POST['suppress_tags']);
|
||||||
$max_comments = (!empty($_POST['max_comments']) ? intval($_POST['max_comments']) : 0);
|
$max_comments = (!empty($_POST['max_comments']) ? intval($_POST['max_comments']) : 0);
|
||||||
$max_display_comments = (!empty($_POST['max_display_comments']) ? intval($_POST['max_display_comments']) : 0);
|
$max_display_comments = (!empty($_POST['max_display_comments']) ? intval($_POST['max_display_comments']) : 0);
|
||||||
$temppath = (!empty($_POST['temppath']) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
|
$temppath = (!empty($_POST['temppath']) ? trim($_POST['temppath']) : '');
|
||||||
$singleuser = (!empty($_POST['singleuser']) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
|
$singleuser = (!empty($_POST['singleuser']) ? trim($_POST['singleuser']) : '');
|
||||||
$only_tag_search = !empty($_POST['only_tag_search']);
|
$only_tag_search = !empty($_POST['only_tag_search']);
|
||||||
$check_new_version_url = (!empty($_POST['check_new_version_url']) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
|
$check_new_version_url = (!empty($_POST['check_new_version_url']) ? trim($_POST['check_new_version_url']) : 'none');
|
||||||
|
|
||||||
$worker_queues = (!empty($_POST['worker_queues']) ? intval($_POST['worker_queues']) : 10);
|
$worker_queues = (!empty($_POST['worker_queues']) ? intval($_POST['worker_queues']) : 10);
|
||||||
$worker_fastlane = !empty($_POST['worker_fastlane']);
|
$worker_fastlane = !empty($_POST['worker_fastlane']);
|
||||||
|
|
||||||
$relay_directly = !empty($_POST['relay_directly']);
|
$relay_directly = !empty($_POST['relay_directly']);
|
||||||
$relay_scope = (!empty($_POST['relay_scope']) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
|
$relay_scope = (!empty($_POST['relay_scope']) ? trim($_POST['relay_scope']) : '');
|
||||||
$relay_server_tags = (!empty($_POST['relay_server_tags']) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
|
$relay_server_tags = (!empty($_POST['relay_server_tags']) ? trim($_POST['relay_server_tags']) : '');
|
||||||
$relay_deny_tags = (!empty($_POST['relay_deny_tags']) ? Strings::escapeTags(trim($_POST['relay_deny_tags'])) : '');
|
$relay_deny_tags = (!empty($_POST['relay_deny_tags']) ? trim($_POST['relay_deny_tags']) : '');
|
||||||
$relay_user_tags = !empty($_POST['relay_user_tags']);
|
$relay_user_tags = !empty($_POST['relay_user_tags']);
|
||||||
$active_panel = (!empty($_POST['active_panel']) ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
|
$active_panel = (!empty($_POST['active_panel']) ? "#" . trim($_POST['active_panel']) : '');
|
||||||
|
|
||||||
// Has the directory url changed? If yes, then resubmit the existing profiles there
|
// Has the directory url changed? If yes, then resubmit the existing profiles there
|
||||||
if ($global_directory != DI::config()->get('system', 'directory') && ($global_directory != '')) {
|
if ($global_directory != DI::config()->get('system', 'directory') && ($global_directory != '')) {
|
||||||
|
|
|
@ -234,10 +234,10 @@ class Contact extends BaseModule
|
||||||
|
|
||||||
$a = DI::app();
|
$a = DI::app();
|
||||||
|
|
||||||
$search = Strings::escapeTags(trim($_GET['search'] ?? ''));
|
$search = trim($_GET['search'] ?? '');
|
||||||
$nets = Strings::escapeTags(trim($_GET['nets'] ?? ''));
|
$nets = trim($_GET['nets'] ?? '');
|
||||||
$rel = Strings::escapeTags(trim($_GET['rel'] ?? ''));
|
$rel = trim($_GET['rel'] ?? '');
|
||||||
$group = Strings::escapeTags(trim($_GET['group'] ?? ''));
|
$group = trim($_GET['group'] ?? '');
|
||||||
|
|
||||||
$accounttype = $_GET['accounttype'] ?? '';
|
$accounttype = $_GET['accounttype'] ?? '';
|
||||||
$accounttypeid = User::getAccountTypeByString($accounttype);
|
$accounttypeid = User::getAccountTypeByString($accounttype);
|
||||||
|
@ -523,7 +523,7 @@ class Contact extends BaseModule
|
||||||
'$submit' => DI::l10n()->t('Submit'),
|
'$submit' => DI::l10n()->t('Submit'),
|
||||||
'$lbl_info1' => $lbl_info1,
|
'$lbl_info1' => $lbl_info1,
|
||||||
'$lbl_info2' => DI::l10n()->t('Their personal note'),
|
'$lbl_info2' => DI::l10n()->t('Their personal note'),
|
||||||
'$reason' => trim(Strings::escapeTags($contact['reason'])),
|
'$reason' => trim($contact['reason']),
|
||||||
'$infedit' => DI::l10n()->t('Edit contact notes'),
|
'$infedit' => DI::l10n()->t('Edit contact notes'),
|
||||||
'$common_link' => 'contact/' . $contact['id'] . '/contacts/common',
|
'$common_link' => 'contact/' . $contact['id'] . '/contacts/common',
|
||||||
'$relation_text' => $relation_text,
|
'$relation_text' => $relation_text,
|
||||||
|
|
|
@ -32,7 +32,6 @@ use Friendica\DI;
|
||||||
use Friendica\Model;
|
use Friendica\Model;
|
||||||
use Friendica\Model\Profile;
|
use Friendica\Model\Profile;
|
||||||
use Friendica\Network\HTTPException;
|
use Friendica\Network\HTTPException;
|
||||||
use Friendica\Util\Strings;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Shows the local directory of this node
|
* Shows the local directory of this node
|
||||||
|
@ -59,9 +58,7 @@ class Directory extends BaseModule
|
||||||
|
|
||||||
Nav::setSelected('directory');
|
Nav::setSelected('directory');
|
||||||
|
|
||||||
$search = (!empty($_REQUEST['search']) ?
|
$search = trim(rawurldecode($_REQUEST['search'] ?? ''));
|
||||||
Strings::escapeTags(trim(rawurldecode($_REQUEST['search']))) :
|
|
||||||
'');
|
|
||||||
|
|
||||||
$gDirPath = '';
|
$gDirPath = '';
|
||||||
$dirURL = $config->get('system', 'directory');
|
$dirURL = $config->get('system', 'directory');
|
||||||
|
|
|
@ -27,7 +27,6 @@ use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\DI;
|
use Friendica\DI;
|
||||||
use Friendica\Model;
|
use Friendica\Model;
|
||||||
use Friendica\Util\Strings;
|
|
||||||
|
|
||||||
require_once 'boot.php';
|
require_once 'boot.php';
|
||||||
|
|
||||||
|
@ -50,7 +49,7 @@ class Group extends BaseModule
|
||||||
if ((DI::args()->getArgc() == 2) && (DI::args()->getArgv()[1] === 'new')) {
|
if ((DI::args()->getArgc() == 2) && (DI::args()->getArgv()[1] === 'new')) {
|
||||||
BaseModule::checkFormSecurityTokenRedirectOnError('/group/new', 'group_edit');
|
BaseModule::checkFormSecurityTokenRedirectOnError('/group/new', 'group_edit');
|
||||||
|
|
||||||
$name = Strings::escapeTags(trim($_POST['groupname']));
|
$name = trim($_POST['groupname']);
|
||||||
$r = Model\Group::create(local_user(), $name);
|
$r = Model\Group::create(local_user(), $name);
|
||||||
if ($r) {
|
if ($r) {
|
||||||
$r = Model\Group::getIdByName(local_user(), $name);
|
$r = Model\Group::getIdByName(local_user(), $name);
|
||||||
|
@ -72,7 +71,7 @@ class Group extends BaseModule
|
||||||
notice(DI::l10n()->t('Group not found.'));
|
notice(DI::l10n()->t('Group not found.'));
|
||||||
DI::baseUrl()->redirect('contact');
|
DI::baseUrl()->redirect('contact');
|
||||||
}
|
}
|
||||||
$groupname = Strings::escapeTags(trim($_POST['groupname']));
|
$groupname = trim($_POST['groupname']);
|
||||||
if (strlen($groupname) && ($groupname != $group['name'])) {
|
if (strlen($groupname) && ($groupname != $group['name'])) {
|
||||||
if (!Model\Group::update($group['id'], $groupname)) {
|
if (!Model\Group::update($group['id'], $groupname)) {
|
||||||
notice(DI::l10n()->t('Group name was not changed.'));
|
notice(DI::l10n()->t('Group name was not changed.'));
|
||||||
|
|
|
@ -26,7 +26,6 @@ use Friendica\Content\Nav;
|
||||||
use Friendica\Content\Text\Markdown;
|
use Friendica\Content\Text\Markdown;
|
||||||
use Friendica\DI;
|
use Friendica\DI;
|
||||||
use Friendica\Network\HTTPException;
|
use Friendica\Network\HTTPException;
|
||||||
use Friendica\Util\Strings;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Shows the friendica help based on the /doc/ directory
|
* Shows the friendica help based on the /doc/ directory
|
||||||
|
@ -59,7 +58,7 @@ class Help extends BaseModule
|
||||||
$title = basename($path);
|
$title = basename($path);
|
||||||
$filename = $path;
|
$filename = $path;
|
||||||
$text = self::loadDocFile('doc/' . $path . '.md', $lang);
|
$text = self::loadDocFile('doc/' . $path . '.md', $lang);
|
||||||
DI::page()['title'] = DI::l10n()->t('Help:') . ' ' . str_replace('-', ' ', Strings::escapeTags($title));
|
DI::page()['title'] = DI::l10n()->t('Help:') . ' ' . str_replace('-', ' ', $title);
|
||||||
}
|
}
|
||||||
|
|
||||||
$home = self::loadDocFile('doc/Home.md', $lang);
|
$home = self::loadDocFile('doc/Home.md', $lang);
|
||||||
|
|
|
@ -30,7 +30,6 @@ use Friendica\Core\Theme;
|
||||||
use Friendica\DI;
|
use Friendica\DI;
|
||||||
use Friendica\Network\HTTPException;
|
use Friendica\Network\HTTPException;
|
||||||
use Friendica\Util\BasePath;
|
use Friendica\Util\BasePath;
|
||||||
use Friendica\Util\Strings;
|
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
|
||||||
class Install extends BaseModule
|
class Install extends BaseModule
|
||||||
|
@ -380,10 +379,8 @@ class Install extends BaseModule
|
||||||
private static function checkSetting(Cache $configCache, array $post, $cat, $key, $default = null)
|
private static function checkSetting(Cache $configCache, array $post, $cat, $key, $default = null)
|
||||||
{
|
{
|
||||||
$configCache->set($cat, $key,
|
$configCache->set($cat, $key,
|
||||||
Strings::escapeTags(
|
trim(($post[sprintf('%s-%s', $cat, $key)] ?? '') ?:
|
||||||
trim(($post[sprintf('%s-%s', $cat, $key)] ?? '') ?:
|
($default ?? $configCache->get($cat, $key))
|
||||||
($default ?? $configCache->get($cat, $key))
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
@ -32,7 +32,6 @@ use Friendica\DI;
|
||||||
use Friendica\Model\Contact;
|
use Friendica\Model\Contact;
|
||||||
use Friendica\Model\Post;
|
use Friendica\Model\Post;
|
||||||
use Friendica\Network\HTTPException;
|
use Friendica\Network\HTTPException;
|
||||||
use Friendica\Util\Strings;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL selector json backend
|
* ACL selector json backend
|
||||||
|
@ -69,7 +68,7 @@ class Acl extends BaseModule
|
||||||
private static function globalContactSearch()
|
private static function globalContactSearch()
|
||||||
{
|
{
|
||||||
// autocomplete for global contact search (e.g. navbar search)
|
// autocomplete for global contact search (e.g. navbar search)
|
||||||
$search = Strings::escapeTags(trim($_REQUEST['search']));
|
$search = trim($_REQUEST['search']);
|
||||||
$mode = $_REQUEST['smode'];
|
$mode = $_REQUEST['smode'];
|
||||||
$page = $_REQUEST['page'] ?? 1;
|
$page = $_REQUEST['page'] ?? 1;
|
||||||
|
|
||||||
|
|
|
@ -27,7 +27,6 @@ use Friendica\Core\Renderer;
|
||||||
use Friendica\Core\Session;
|
use Friendica\Core\Session;
|
||||||
use Friendica\DI;
|
use Friendica\DI;
|
||||||
use Friendica\Module\Register;
|
use Friendica\Module\Register;
|
||||||
use Friendica\Util\Strings;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Login module
|
* Login module
|
||||||
|
@ -187,16 +186,16 @@ class Login extends BaseModule
|
||||||
if (is_array($attr) && count($attr)) {
|
if (is_array($attr) && count($attr)) {
|
||||||
foreach ($attr as $k => $v) {
|
foreach ($attr as $k => $v) {
|
||||||
if ($k === 'namePerson/friendly') {
|
if ($k === 'namePerson/friendly') {
|
||||||
$nick = Strings::escapeTags(trim($v));
|
$nick = trim($v);
|
||||||
}
|
}
|
||||||
if ($k === 'namePerson/first') {
|
if ($k === 'namePerson/first') {
|
||||||
$first = Strings::escapeTags(trim($v));
|
$first = trim($v);
|
||||||
}
|
}
|
||||||
if ($k === 'namePerson') {
|
if ($k === 'namePerson') {
|
||||||
$args['username'] = Strings::escapeTags(trim($v));
|
$args['username'] = trim($v);
|
||||||
}
|
}
|
||||||
if ($k === 'contact/email') {
|
if ($k === 'contact/email') {
|
||||||
$args['email'] = Strings::escapeTags(trim($v));
|
$args['email'] = trim($v);
|
||||||
}
|
}
|
||||||
if ($k === 'media/image/aspect11') {
|
if ($k === 'media/image/aspect11') {
|
||||||
$photosq = bin2hex(trim($v));
|
$photosq = bin2hex(trim($v));
|
||||||
|
@ -219,7 +218,7 @@ class Login extends BaseModule
|
||||||
$args['photo'] = $photo;
|
$args['photo'] = $photo;
|
||||||
}
|
}
|
||||||
|
|
||||||
$args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
|
$args['openid_url'] = trim(Session::get('openid_identity'));
|
||||||
|
|
||||||
return 'register?' . http_build_query($args);
|
return 'register?' . http_build_query($args);
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,7 +30,6 @@ use Friendica\DI;
|
||||||
use Friendica\Model\User;
|
use Friendica\Model\User;
|
||||||
use Friendica\Module\BaseSettings;
|
use Friendica\Module\BaseSettings;
|
||||||
use Friendica\Network\HTTPException;
|
use Friendica\Network\HTTPException;
|
||||||
use Friendica\Util\Strings;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Module to update user settings
|
* Module to update user settings
|
||||||
|
@ -47,9 +46,9 @@ class Display extends BaseSettings
|
||||||
|
|
||||||
$user = User::getById(local_user());
|
$user = User::getById(local_user());
|
||||||
|
|
||||||
$theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : $user['theme'];
|
$theme = !empty($_POST['theme']) ? trim($_POST['theme']) : $user['theme'];
|
||||||
$mobile_theme = !empty($_POST['mobile_theme']) ? Strings::escapeTags(trim($_POST['mobile_theme'])) : '';
|
$mobile_theme = !empty($_POST['mobile_theme']) ? trim($_POST['mobile_theme']) : '';
|
||||||
$enable_smile = !empty($_POST['enable_smile']) ? intval($_POST['enable_smile']) : 0;
|
$enable_smile = !empty($_POST['enable_smile']) ? intval($_POST['enable_smile']) : 0;
|
||||||
$first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0;
|
$first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0;
|
||||||
$infinite_scroll = !empty($_POST['infinite_scroll']) ? intval($_POST['infinite_scroll']) : 0;
|
$infinite_scroll = !empty($_POST['infinite_scroll']) ? intval($_POST['infinite_scroll']) : 0;
|
||||||
$no_auto_update = !empty($_POST['no_auto_update']) ? intval($_POST['no_auto_update']) : 0;
|
$no_auto_update = !empty($_POST['no_auto_update']) ? intval($_POST['no_auto_update']) : 0;
|
||||||
|
|
|
@ -37,7 +37,6 @@ use Friendica\Module\BaseSettings;
|
||||||
use Friendica\Module\Security\Login;
|
use Friendica\Module\Security\Login;
|
||||||
use Friendica\Network\HTTPException;
|
use Friendica\Network\HTTPException;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Strings;
|
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
|
||||||
class Index extends BaseSettings
|
class Index extends BaseSettings
|
||||||
|
@ -79,23 +78,23 @@ class Index extends BaseSettings
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$name = Strings::escapeTags(trim($_POST['name'] ?? ''));
|
$name = trim($_POST['name'] ?? '');
|
||||||
if (!strlen($name)) {
|
if (!strlen($name)) {
|
||||||
notice(DI::l10n()->t('Profile Name is required.'));
|
notice(DI::l10n()->t('Profile Name is required.'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$about = Strings::escapeTags(trim($_POST['about']));
|
$about = trim($_POST['about']);
|
||||||
$address = Strings::escapeTags(trim($_POST['address']));
|
$address = trim($_POST['address']);
|
||||||
$locality = Strings::escapeTags(trim($_POST['locality']));
|
$locality = trim($_POST['locality']);
|
||||||
$region = Strings::escapeTags(trim($_POST['region']));
|
$region = trim($_POST['region']);
|
||||||
$postal_code = Strings::escapeTags(trim($_POST['postal_code']));
|
$postal_code = trim($_POST['postal_code']);
|
||||||
$country_name = Strings::escapeTags(trim($_POST['country_name']));
|
$country_name = trim($_POST['country_name']);
|
||||||
$pub_keywords = self::cleanKeywords(Strings::escapeTags(trim($_POST['pub_keywords'])));
|
$pub_keywords = self::cleanKeywords(trim($_POST['pub_keywords']));
|
||||||
$prv_keywords = self::cleanKeywords(Strings::escapeTags(trim($_POST['prv_keywords'])));
|
$prv_keywords = self::cleanKeywords(trim($_POST['prv_keywords']));
|
||||||
$xmpp = Strings::escapeTags(trim($_POST['xmpp']));
|
$xmpp = trim($_POST['xmpp']);
|
||||||
$matrix = Strings::escapeTags(trim($_POST['matrix']));
|
$matrix = trim($_POST['matrix']);
|
||||||
$homepage = Strings::escapeTags(trim($_POST['homepage']));
|
$homepage = trim($_POST['homepage']);
|
||||||
if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) {
|
if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) {
|
||||||
// neither http nor https in URL, add them
|
// neither http nor https in URL, add them
|
||||||
$homepage = 'http://' . $homepage;
|
$homepage = 'http://' . $homepage;
|
||||||
|
|
|
@ -63,7 +63,7 @@
|
||||||
|
|
||||||
<div id="photo-photo-end"></div>
|
<div id="photo-photo-end"></div>
|
||||||
{{* The photo description *}}
|
{{* The photo description *}}
|
||||||
<div id="photo-caption">{{$desc nofilter}}</div>
|
<div id="photo-caption">{{$desc}}</div>
|
||||||
|
|
||||||
{{* Tags and mentions *}}
|
{{* Tags and mentions *}}
|
||||||
{{if $tags}}
|
{{if $tags}}
|
||||||
|
|
|
@ -24,7 +24,7 @@
|
||||||
<div id="photo-photo"><a href="{{$photo.href}}" title="{{$photo.title}}"><img src="{{$photo.src}}" /></a></div>
|
<div id="photo-photo"><a href="{{$photo.href}}" title="{{$photo.title}}"><img src="{{$photo.src}}" /></a></div>
|
||||||
{{if $prevlink}}<div id="photo-prev-link"><a href="{{$prevlink.0}}">{{$prevlink.1 nofilter}}</a></div>{{/if}}
|
{{if $prevlink}}<div id="photo-prev-link"><a href="{{$prevlink.0}}">{{$prevlink.1 nofilter}}</a></div>{{/if}}
|
||||||
{{if $nextlink}}<div id="photo-next-link"><a href="{{$nextlink.0}}">{{$nextlink.1 nofilter}}</a></div>{{/if}}
|
{{if $nextlink}}<div id="photo-next-link"><a href="{{$nextlink.0}}">{{$nextlink.1 nofilter}}</a></div>{{/if}}
|
||||||
<div id="photo-caption">{{$desc nofilter}}</div>
|
<div id="photo-caption">{{$desc}}</div>
|
||||||
{{if $tags}}
|
{{if $tags}}
|
||||||
<div id="in-this-photo-text">{{$tags.0}}</div>
|
<div id="in-this-photo-text">{{$tags.0}}</div>
|
||||||
<div id="in-this-photo">{{$tags.1}}</div>
|
<div id="in-this-photo">{{$tags.1}}</div>
|
||||||
|
|
|
@ -26,7 +26,7 @@
|
||||||
<div id="photo-photo"><a href="{{$photo.href}}" title="{{$photo.title}}"><img src="{{$photo.src}}" /></a></div>
|
<div id="photo-photo"><a href="{{$photo.href}}" title="{{$photo.title}}"><img src="{{$photo.src}}" /></a></div>
|
||||||
{{if $nextlink}}<div id="photo-next-link"><a href="{{$nextlink.0}}">{{$nextlink.1 nofilter}}</a></div>{{/if}}
|
{{if $nextlink}}<div id="photo-next-link"><a href="{{$nextlink.0}}">{{$nextlink.1 nofilter}}</a></div>{{/if}}
|
||||||
<div id="photo-photo-end"></div>
|
<div id="photo-photo-end"></div>
|
||||||
<div id="photo-caption">{{$desc nofilter}}</div>
|
<div id="photo-caption">{{$desc}}</div>
|
||||||
{{if $tags}}
|
{{if $tags}}
|
||||||
<div id="in-this-photo-text">{{$tags.0}}</div>
|
<div id="in-this-photo-text">{{$tags.0}}</div>
|
||||||
<div id="in-this-photo">{{$tags.1}}</div>
|
<div id="in-this-photo">{{$tags.1}}</div>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user