diff --git a/include/conversation.php b/include/conversation.php
index c1d428f24..c10a7bec7 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -195,7 +195,7 @@ function localize_item(&$item)
$xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">";
$obj = XML::parseString($xmlhead.$item['object']);
- $links = XML::parseString($xmlhead."".unxmlify($obj->link)."");
+ $links = XML::parseString($xmlhead."".XML::unescape($obj->link)."");
$Bname = $obj->title;
$Blink = "";
diff --git a/include/text.php b/include/text.php
index 7f66268ad..5da54b5fc 100644
--- a/include/text.php
+++ b/include/text.php
@@ -26,6 +26,7 @@ use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Core\Logger;
use Friendica\Core\Renderer;
use Friendica\Model\FileTag;
+use Friendica\Util\XML;
require_once "include/conversation.php";
@@ -162,80 +163,6 @@ function autoname($len) {
return $word;
}
-
-/**
- * escape text ($str) for XML transport
- * @param string $str
- * @return string Escaped text.
- */
-function xmlify($str) {
- /// @TODO deprecated code found?
-/* $buffer = '';
-
- $len = mb_strlen($str);
- for ($x = 0; $x < $len; $x ++) {
- $char = mb_substr($str,$x,1);
-
- switch($char) {
-
- case "\r" :
- break;
- case "&" :
- $buffer .= '&';
- break;
- case "'" :
- $buffer .= ''';
- break;
- case "\"" :
- $buffer .= '"';
- break;
- case '<' :
- $buffer .= '<';
- break;
- case '>' :
- $buffer .= '>';
- break;
- case "\n" :
- $buffer .= "\n";
- break;
- default :
- $buffer .= $char;
- break;
- }
- }*/
- /*
- $buffer = mb_ereg_replace("&", "&", $str);
- $buffer = mb_ereg_replace("'", "'", $buffer);
- $buffer = mb_ereg_replace('"', """, $buffer);
- $buffer = mb_ereg_replace("<", "<", $buffer);
- $buffer = mb_ereg_replace(">", ">", $buffer);
- */
- $buffer = htmlspecialchars($str, ENT_QUOTES, "UTF-8");
- $buffer = trim($buffer);
-
- return $buffer;
-}
-
-
-/**
- * undo an xmlify
- * @param string $s xml escaped text
- * @return string unescaped text
- */
-function unxmlify($s) {
- /// @TODO deprecated code found?
-// $ret = str_replace('&','&', $s);
-// $ret = str_replace(array('<','>','"','''),array('<','>','"',"'"),$ret);
- /*$ret = mb_ereg_replace('&', '&', $s);
- $ret = mb_ereg_replace(''', "'", $ret);
- $ret = mb_ereg_replace('"', '"', $ret);
- $ret = mb_ereg_replace('<', "<", $ret);
- $ret = mb_ereg_replace('>', ">", $ret);
- */
- $ret = htmlspecialchars_decode($s, ENT_QUOTES);
- return $ret;
-}
-
/**
* Loader for infinite scrolling
* @return string html for loader
@@ -1047,9 +974,9 @@ function get_cats_and_terms($item)
if ($cnt) {
foreach ($matches as $mtch) {
$categories[] = [
- 'name' => xmlify(FileTag::decode($mtch[1])),
+ 'name' => XML::escape(FileTag::decode($mtch[1])),
'url' => "#",
- 'removeurl' => ((local_user() == $item['uid'])?'filerm/' . $item['id'] . '?f=&cat=' . xmlify(FileTag::decode($mtch[1])):""),
+ 'removeurl' => ((local_user() == $item['uid'])?'filerm/' . $item['id'] . '?f=&cat=' . XML::escape(FileTag::decode($mtch[1])):""),
'first' => $first,
'last' => false
];
@@ -1068,9 +995,9 @@ function get_cats_and_terms($item)
if ($cnt) {
foreach ($matches as $mtch) {
$folders[] = [
- 'name' => xmlify(FileTag::decode($mtch[1])),
+ 'name' => XML::escape(FileTag::decode($mtch[1])),
'url' => "#",
- 'removeurl' => ((local_user() == $item['uid']) ? 'filerm/' . $item['id'] . '?f=&term=' . xmlify(FileTag::decode($mtch[1])) : ""),
+ 'removeurl' => ((local_user() == $item['uid']) ? 'filerm/' . $item['id'] . '?f=&term=' . XML::escape(FileTag::decode($mtch[1])) : ""),
'first' => $first,
'last' => false
];
@@ -1234,21 +1161,6 @@ function html2bb_video($s) {
return $s;
}
-/**
- * apply xmlify() to all values of array $val, recursively
- * @param array $val
- * @return array
- */
-function array_xmlify($val){
- if (is_bool($val)) {
- return $val?"true":"false";
- } elseif (is_array($val)) {
- return array_map('array_xmlify', $val);
- }
- return xmlify((string) $val);
-}
-
-
/**
* transform link href and img src from relative to absolute
*
diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 0403085f8..0f001b11a 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -256,7 +256,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
$xml = XML::parseString($res);
$status = (int) $xml->status;
- $message = unxmlify($xml->message); // human readable text of what may have gone wrong.
+ $message = XML::unescape($xml->message); // human readable text of what may have gone wrong.
switch ($status) {
case 0:
info(L10n::t("Confirmation completed successfully.") . EOL);
diff --git a/mod/filer.php b/mod/filer.php
index 11a5dd057..350807940 100644
--- a/mod/filer.php
+++ b/mod/filer.php
@@ -8,6 +8,7 @@ use Friendica\Core\Logger;
use Friendica\Core\PConfig;
use Friendica\Core\Renderer;
use Friendica\Model\FileTag;
+use Friendica\Util\XML;
require_once 'include/items.php';
@@ -17,7 +18,7 @@ function filer_content(App $a)
killme();
}
- $term = unxmlify(trim(defaults($_GET, 'term', '')));
+ $term = XML::unescape(trim(defaults($_GET, 'term', '')));
$item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0);
Logger::log('filer: tag ' . $term . ' item ' . $item_id);
diff --git a/mod/filerm.php b/mod/filerm.php
index d899d8f3f..335b27b32 100644
--- a/mod/filerm.php
+++ b/mod/filerm.php
@@ -4,6 +4,7 @@ use Friendica\App;
use Friendica\Core\Logger;
use Friendica\Core\System;
use Friendica\Model\FileTag;
+use Friendica\Util\XML;
function filerm_content(App $a)
{
@@ -12,8 +13,8 @@ function filerm_content(App $a)
killme();
}
- $term = unxmlify(trim($_GET['term']));
- $cat = unxmlify(trim($_GET['cat']));
+ $term = XML::unescape(trim($_GET['term']));
+ $cat = XML::unescape(trim($_GET['cat']));
$category = (($cat) ? true : false);
diff --git a/mod/photos.php b/mod/photos.php
index 82a6ccca2..69b1972d4 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -30,6 +30,7 @@ use Friendica\Util\DateTimeFormat;
use Friendica\Util\Map;
use Friendica\Util\Security;
use Friendica\Util\Temporal;
+use Friendica\Util\XML;
require_once 'include/items.php';
@@ -682,15 +683,15 @@ function photos_post(App $a)
$arr['body'] .= "\n\n" . '[url=' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . System::baseUrl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n" ;
$arr['object'] = '' . "\n";
$arr['target'] = '' . ACTIVITY_OBJ_IMAGE . '' . $p[0]['desc'] . ''
. System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '';
- $arr['target'] .= '' . xmlify('' . "\n" . '') . '';
+ $arr['target'] .= '' . XML::escape('' . "\n" . '') . '';
$item_id = Item::insert($arr);
}
diff --git a/mod/poco.php b/mod/poco.php
index 41fabff4e..08677ef8d 100644
--- a/mod/poco.php
+++ b/mod/poco.php
@@ -15,6 +15,7 @@ use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\Protocol\PortableContact;
use Friendica\Util\DateTimeFormat;
+use Friendica\Util\XML;
function poco_init(App $a) {
$system_mode = false;
@@ -375,7 +376,7 @@ function poco_init(App $a) {
if ($format === 'xml') {
header('Content-type: text/xml');
- echo Renderer::replaceMacros(Renderer::getMarkupTemplate('poco_xml.tpl'), array_xmlify(['$response' => $ret]));
+ echo Renderer::replaceMacros(Renderer::getMarkupTemplate('poco_xml.tpl'), XML::arrayEscape(['$response' => $ret]));
killme();
}
if ($format === 'json') {
diff --git a/mod/poke.php b/mod/poke.php
index be2625438..60ed5c402 100644
--- a/mod/poke.php
+++ b/mod/poke.php
@@ -22,6 +22,7 @@ use Friendica\Core\System;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\Model\Item;
+use Friendica\Util\XML;
require_once 'include/items.php';
@@ -124,9 +125,9 @@ function poke_init(App $a)
$arr['body'] = '[url=' . $poster['url'] . ']' . $poster['name'] . '[/url]' . ' ' . L10n::t($verbs[$verb][0]) . ' ' . '[url=' . $target['url'] . ']' . $target['name'] . '[/url]';
$arr['object'] = '' . "\n";
$item_id = Item::insert($arr);
diff --git a/mod/profile.php b/mod/profile.php
index f2df82849..cfbe07dad 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -24,6 +24,7 @@ use Friendica\Protocol\ActivityPub;
use Friendica\Protocol\DFRN;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Security;
+use Friendica\Util\XML;
function profile_init(App $a)
{
@@ -209,7 +210,7 @@ function profile_content(App $a, $update = 0)
$commvisitor = $commpage && $remote_contact;
$a->page['aside'] .= posted_date_widget(System::baseUrl(true) . '/profile/' . $a->profile['nickname'], $a->profile['profile_uid'], true);
- $a->page['aside'] .= Widget::categories(System::baseUrl(true) . '/profile/' . $a->profile['nickname'], (!empty($category) ? xmlify($category) : ''));
+ $a->page['aside'] .= Widget::categories(System::baseUrl(true) . '/profile/' . $a->profile['nickname'], (!empty($category) ? XML::escape($category) : ''));
$a->page['aside'] .= Widget::tagCloud();
if (Security::canWriteToUserWall($a->profile['profile_uid'])) {
diff --git a/mod/subthread.php b/mod/subthread.php
index 36cf835c2..425306b6f 100644
--- a/mod/subthread.php
+++ b/mod/subthread.php
@@ -10,6 +10,7 @@ use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\Model\Item;
use Friendica\Util\Security;
+use Friendica\Util\XML;
require_once 'include/items.php';
@@ -87,7 +88,7 @@ function subthread_content(App $a) {
$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
- $link = xmlify('' . "\n") ;
+ $link = XML::escape('' . "\n") ;
$body = $item['body'];
$obj = <<< EOT
diff --git a/mod/tagger.php b/mod/tagger.php
index edfcd7bd1..dd859e61c 100644
--- a/mod/tagger.php
+++ b/mod/tagger.php
@@ -10,6 +10,7 @@ use Friendica\Core\System;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\Model\Item;
+use Friendica\Util\XML;
require_once 'include/items.php';
@@ -66,7 +67,7 @@ function tagger_content(App $a) {
}
$uri = Item::newURI($owner_uid);
- $xterm = xmlify($term);
+ $xterm = XML::escape($term);
$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
$targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
@@ -76,9 +77,9 @@ function tagger_content(App $a) {
$href = System::baseUrl() . '/display/' . $item['guid'];
}
- $link = xmlify('' . "\n") ;
+ $link = XML::escape('' . "\n") ;
- $body = xmlify($item['body']);
+ $body = XML::escape($item['body']);
$target = <<< EOT
diff --git a/src/Content/Widget.php b/src/Content/Widget.php
index 2f78d0fd3..397a1863d 100644
--- a/src/Content/Widget.php
+++ b/src/Content/Widget.php
@@ -18,6 +18,7 @@ use Friendica\Model\Contact;
use Friendica\Model\FileTag;
use Friendica\Model\GContact;
use Friendica\Model\Profile;
+use Friendica\Util\XML;
require_once 'boot.php';
require_once 'include/dba.php';
@@ -189,7 +190,7 @@ class Widget
if ($cnt) {
foreach ($matches as $mtch)
{
- $unescaped = xmlify(FileTag::decode($mtch[1]));
+ $unescaped = XML::escape(FileTag::decode($mtch[1]));
$terms[] = array('name' => $unescaped, 'selected' => (($selected == $unescaped) ? 'selected' : ''));
}
}
@@ -229,7 +230,7 @@ class Widget
if ($cnt) {
foreach ($matches as $mtch) {
- $unescaped = xmlify(FileTag::decode($mtch[1]));
+ $unescaped = XML::escape(FileTag::decode($mtch[1]));
$terms[] = array('name' => $unescaped, 'selected' => (($selected == $unescaped) ? 'selected' : ''));
}
}
diff --git a/src/Model/Event.php b/src/Model/Event.php
index ee61149de..f4df6ac9f 100644
--- a/src/Model/Event.php
+++ b/src/Model/Event.php
@@ -17,6 +17,7 @@ use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Map;
+use Friendica\Util\XML;
require_once 'boot.php';
require_once 'include/dba.php';
@@ -302,8 +303,8 @@ class Event extends BaseObject
$item = Item::selectFirst(['id'], ['event-id' => $event['id'], 'uid' => $event['uid']]);
if (DBA::isResult($item)) {
- $object = '