Merge remote-tracking branch 'upstream/develop' into diasppora-delivery
This commit is contained in:
commit
59d8cae805
|
@ -195,7 +195,7 @@ function localize_item(&$item)
|
||||||
$xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">";
|
$xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">";
|
||||||
|
|
||||||
$obj = XML::parseString($xmlhead.$item['object']);
|
$obj = XML::parseString($xmlhead.$item['object']);
|
||||||
$links = XML::parseString($xmlhead."<links>".unxmlify($obj->link)."</links>");
|
$links = XML::parseString($xmlhead."<links>".XML::unescape($obj->link)."</links>");
|
||||||
|
|
||||||
$Bname = $obj->title;
|
$Bname = $obj->title;
|
||||||
$Blink = "";
|
$Blink = "";
|
||||||
|
|
|
@ -26,6 +26,7 @@ use Friendica\Util\Proxy as ProxyUtils;
|
||||||
use Friendica\Core\Logger;
|
use Friendica\Core\Logger;
|
||||||
use Friendica\Core\Renderer;
|
use Friendica\Core\Renderer;
|
||||||
use Friendica\Model\FileTag;
|
use Friendica\Model\FileTag;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once "include/conversation.php";
|
require_once "include/conversation.php";
|
||||||
|
|
||||||
|
@ -162,80 +163,6 @@ function autoname($len) {
|
||||||
return $word;
|
return $word;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* escape text ($str) for XML transport
|
|
||||||
* @param string $str
|
|
||||||
* @return string Escaped text.
|
|
||||||
*/
|
|
||||||
function xmlify($str) {
|
|
||||||
/// @TODO deprecated code found?
|
|
||||||
/* $buffer = '';
|
|
||||||
|
|
||||||
$len = mb_strlen($str);
|
|
||||||
for ($x = 0; $x < $len; $x ++) {
|
|
||||||
$char = mb_substr($str,$x,1);
|
|
||||||
|
|
||||||
switch($char) {
|
|
||||||
|
|
||||||
case "\r" :
|
|
||||||
break;
|
|
||||||
case "&" :
|
|
||||||
$buffer .= '&';
|
|
||||||
break;
|
|
||||||
case "'" :
|
|
||||||
$buffer .= ''';
|
|
||||||
break;
|
|
||||||
case "\"" :
|
|
||||||
$buffer .= '"';
|
|
||||||
break;
|
|
||||||
case '<' :
|
|
||||||
$buffer .= '<';
|
|
||||||
break;
|
|
||||||
case '>' :
|
|
||||||
$buffer .= '>';
|
|
||||||
break;
|
|
||||||
case "\n" :
|
|
||||||
$buffer .= "\n";
|
|
||||||
break;
|
|
||||||
default :
|
|
||||||
$buffer .= $char;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}*/
|
|
||||||
/*
|
|
||||||
$buffer = mb_ereg_replace("&", "&", $str);
|
|
||||||
$buffer = mb_ereg_replace("'", "'", $buffer);
|
|
||||||
$buffer = mb_ereg_replace('"', """, $buffer);
|
|
||||||
$buffer = mb_ereg_replace("<", "<", $buffer);
|
|
||||||
$buffer = mb_ereg_replace(">", ">", $buffer);
|
|
||||||
*/
|
|
||||||
$buffer = htmlspecialchars($str, ENT_QUOTES, "UTF-8");
|
|
||||||
$buffer = trim($buffer);
|
|
||||||
|
|
||||||
return $buffer;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* undo an xmlify
|
|
||||||
* @param string $s xml escaped text
|
|
||||||
* @return string unescaped text
|
|
||||||
*/
|
|
||||||
function unxmlify($s) {
|
|
||||||
/// @TODO deprecated code found?
|
|
||||||
// $ret = str_replace('&','&', $s);
|
|
||||||
// $ret = str_replace(array('<','>','"','''),array('<','>','"',"'"),$ret);
|
|
||||||
/*$ret = mb_ereg_replace('&', '&', $s);
|
|
||||||
$ret = mb_ereg_replace(''', "'", $ret);
|
|
||||||
$ret = mb_ereg_replace('"', '"', $ret);
|
|
||||||
$ret = mb_ereg_replace('<', "<", $ret);
|
|
||||||
$ret = mb_ereg_replace('>', ">", $ret);
|
|
||||||
*/
|
|
||||||
$ret = htmlspecialchars_decode($s, ENT_QUOTES);
|
|
||||||
return $ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Loader for infinite scrolling
|
* Loader for infinite scrolling
|
||||||
* @return string html for loader
|
* @return string html for loader
|
||||||
|
@ -1047,9 +974,9 @@ function get_cats_and_terms($item)
|
||||||
if ($cnt) {
|
if ($cnt) {
|
||||||
foreach ($matches as $mtch) {
|
foreach ($matches as $mtch) {
|
||||||
$categories[] = [
|
$categories[] = [
|
||||||
'name' => xmlify(FileTag::decode($mtch[1])),
|
'name' => XML::escape(FileTag::decode($mtch[1])),
|
||||||
'url' => "#",
|
'url' => "#",
|
||||||
'removeurl' => ((local_user() == $item['uid'])?'filerm/' . $item['id'] . '?f=&cat=' . xmlify(FileTag::decode($mtch[1])):""),
|
'removeurl' => ((local_user() == $item['uid'])?'filerm/' . $item['id'] . '?f=&cat=' . XML::escape(FileTag::decode($mtch[1])):""),
|
||||||
'first' => $first,
|
'first' => $first,
|
||||||
'last' => false
|
'last' => false
|
||||||
];
|
];
|
||||||
|
@ -1068,9 +995,9 @@ function get_cats_and_terms($item)
|
||||||
if ($cnt) {
|
if ($cnt) {
|
||||||
foreach ($matches as $mtch) {
|
foreach ($matches as $mtch) {
|
||||||
$folders[] = [
|
$folders[] = [
|
||||||
'name' => xmlify(FileTag::decode($mtch[1])),
|
'name' => XML::escape(FileTag::decode($mtch[1])),
|
||||||
'url' => "#",
|
'url' => "#",
|
||||||
'removeurl' => ((local_user() == $item['uid']) ? 'filerm/' . $item['id'] . '?f=&term=' . xmlify(FileTag::decode($mtch[1])) : ""),
|
'removeurl' => ((local_user() == $item['uid']) ? 'filerm/' . $item['id'] . '?f=&term=' . XML::escape(FileTag::decode($mtch[1])) : ""),
|
||||||
'first' => $first,
|
'first' => $first,
|
||||||
'last' => false
|
'last' => false
|
||||||
];
|
];
|
||||||
|
@ -1234,21 +1161,6 @@ function html2bb_video($s) {
|
||||||
return $s;
|
return $s;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* apply xmlify() to all values of array $val, recursively
|
|
||||||
* @param array $val
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
function array_xmlify($val){
|
|
||||||
if (is_bool($val)) {
|
|
||||||
return $val?"true":"false";
|
|
||||||
} elseif (is_array($val)) {
|
|
||||||
return array_map('array_xmlify', $val);
|
|
||||||
}
|
|
||||||
return xmlify((string) $val);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* transform link href and img src from relative to absolute
|
* transform link href and img src from relative to absolute
|
||||||
*
|
*
|
||||||
|
|
|
@ -256,7 +256,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
|
||||||
|
|
||||||
$xml = XML::parseString($res);
|
$xml = XML::parseString($res);
|
||||||
$status = (int) $xml->status;
|
$status = (int) $xml->status;
|
||||||
$message = unxmlify($xml->message); // human readable text of what may have gone wrong.
|
$message = XML::unescape($xml->message); // human readable text of what may have gone wrong.
|
||||||
switch ($status) {
|
switch ($status) {
|
||||||
case 0:
|
case 0:
|
||||||
info(L10n::t("Confirmation completed successfully.") . EOL);
|
info(L10n::t("Confirmation completed successfully.") . EOL);
|
||||||
|
|
|
@ -8,6 +8,7 @@ use Friendica\Core\Logger;
|
||||||
use Friendica\Core\PConfig;
|
use Friendica\Core\PConfig;
|
||||||
use Friendica\Core\Renderer;
|
use Friendica\Core\Renderer;
|
||||||
use Friendica\Model\FileTag;
|
use Friendica\Model\FileTag;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
|
||||||
|
@ -17,7 +18,7 @@ function filer_content(App $a)
|
||||||
killme();
|
killme();
|
||||||
}
|
}
|
||||||
|
|
||||||
$term = unxmlify(trim(defaults($_GET, 'term', '')));
|
$term = XML::unescape(trim(defaults($_GET, 'term', '')));
|
||||||
$item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0);
|
$item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0);
|
||||||
|
|
||||||
Logger::log('filer: tag ' . $term . ' item ' . $item_id);
|
Logger::log('filer: tag ' . $term . ' item ' . $item_id);
|
||||||
|
|
|
@ -4,6 +4,7 @@ use Friendica\App;
|
||||||
use Friendica\Core\Logger;
|
use Friendica\Core\Logger;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
use Friendica\Model\FileTag;
|
use Friendica\Model\FileTag;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
function filerm_content(App $a)
|
function filerm_content(App $a)
|
||||||
{
|
{
|
||||||
|
@ -12,8 +13,8 @@ function filerm_content(App $a)
|
||||||
killme();
|
killme();
|
||||||
}
|
}
|
||||||
|
|
||||||
$term = unxmlify(trim($_GET['term']));
|
$term = XML::unescape(trim($_GET['term']));
|
||||||
$cat = unxmlify(trim($_GET['cat']));
|
$cat = XML::unescape(trim($_GET['cat']));
|
||||||
|
|
||||||
$category = (($cat) ? true : false);
|
$category = (($cat) ? true : false);
|
||||||
|
|
||||||
|
|
|
@ -50,7 +50,9 @@ function friendica_init(App $a)
|
||||||
'url' => System::baseUrl(),
|
'url' => System::baseUrl(),
|
||||||
'addons' => $visible_addons,
|
'addons' => $visible_addons,
|
||||||
'locked_features' => $locked_features,
|
'locked_features' => $locked_features,
|
||||||
'register_policy' => $register_policy[intval(Config::get('config', 'register_policy'))],
|
'explicit_content' => (int)Config::get('system', 'explicit_content', false),
|
||||||
|
'language' => Config::get('system','language'),
|
||||||
|
'register_policy ' => $register_policy[intval(Config::get('config', 'register_policy'))],
|
||||||
'admin' => $admin,
|
'admin' => $admin,
|
||||||
'site_name' => Config::get('config', 'sitename'),
|
'site_name' => Config::get('config', 'sitename'),
|
||||||
'platform' => FRIENDICA_PLATFORM,
|
'platform' => FRIENDICA_PLATFORM,
|
||||||
|
@ -58,6 +60,7 @@ function friendica_init(App $a)
|
||||||
'no_scrape_url' => System::baseUrl().'/noscrape'
|
'no_scrape_url' => System::baseUrl().'/noscrape'
|
||||||
];
|
];
|
||||||
|
|
||||||
|
header('Content-type: application/json; charset=utf-8');
|
||||||
echo json_encode($data);
|
echo json_encode($data);
|
||||||
killme();
|
killme();
|
||||||
}
|
}
|
||||||
|
|
|
@ -33,6 +33,7 @@ function noscrape_init(App $a)
|
||||||
'key' => $a->profile['pubkey'],
|
'key' => $a->profile['pubkey'],
|
||||||
'homepage' => System::baseUrl()."/profile/{$which}",
|
'homepage' => System::baseUrl()."/profile/{$which}",
|
||||||
'comm' => ($a->profile['account-type'] == Contact::ACCOUNT_TYPE_COMMUNITY),
|
'comm' => ($a->profile['account-type'] == Contact::ACCOUNT_TYPE_COMMUNITY),
|
||||||
|
'account-type' => $a->profile['account-type'],
|
||||||
];
|
];
|
||||||
|
|
||||||
if (!$a->profile['net-publish'] || $a->profile['hidewall']) {
|
if (!$a->profile['net-publish'] || $a->profile['hidewall']) {
|
||||||
|
@ -51,6 +52,7 @@ function noscrape_init(App $a)
|
||||||
$json_info['fn'] = $a->profile['name'];
|
$json_info['fn'] = $a->profile['name'];
|
||||||
$json_info['photo'] = $contactPhoto["photo"];
|
$json_info['photo'] = $contactPhoto["photo"];
|
||||||
$json_info['tags'] = $keywords;
|
$json_info['tags'] = $keywords;
|
||||||
|
$json_info['language'] = $a->profile['language'];
|
||||||
|
|
||||||
if (is_array($a->profile) && !$a->profile['hide-friends']) {
|
if (is_array($a->profile) && !$a->profile['hide-friends']) {
|
||||||
/// @todo What should this value tell us?
|
/// @todo What should this value tell us?
|
||||||
|
|
|
@ -30,6 +30,7 @@ use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Map;
|
use Friendica\Util\Map;
|
||||||
use Friendica\Util\Security;
|
use Friendica\Util\Security;
|
||||||
use Friendica\Util\Temporal;
|
use Friendica\Util\Temporal;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
|
||||||
|
@ -682,15 +683,15 @@ function photos_post(App $a)
|
||||||
$arr['body'] .= "\n\n" . '[url=' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . System::baseUrl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n" ;
|
$arr['body'] .= "\n\n" . '[url=' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . System::baseUrl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n" ;
|
||||||
|
|
||||||
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $tagged[0] . '</title><id>' . $tagged[1] . '/' . $tagged[0] . '</id>';
|
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $tagged[0] . '</title><id>' . $tagged[1] . '/' . $tagged[0] . '</id>';
|
||||||
$arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $tagged[1] . '" />' . "\n");
|
$arr['object'] .= '<link>' . XML::escape('<link rel="alternate" type="text/html" href="' . $tagged[1] . '" />' . "\n");
|
||||||
if ($tagged[3]) {
|
if ($tagged[3]) {
|
||||||
$arr['object'] .= xmlify('<link rel="photo" type="'.$p[0]['type'].'" href="' . $tagged[3]['photo'] . '" />' . "\n");
|
$arr['object'] .= XML::escape('<link rel="photo" type="'.$p[0]['type'].'" href="' . $tagged[3]['photo'] . '" />' . "\n");
|
||||||
}
|
}
|
||||||
$arr['object'] .= '</link></object>' . "\n";
|
$arr['object'] .= '</link></object>' . "\n";
|
||||||
|
|
||||||
$arr['target'] = '<target><type>' . ACTIVITY_OBJ_IMAGE . '</type><title>' . $p[0]['desc'] . '</title><id>'
|
$arr['target'] = '<target><type>' . ACTIVITY_OBJ_IMAGE . '</type><title>' . $p[0]['desc'] . '</title><id>'
|
||||||
. System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '</id>';
|
. System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '</id>';
|
||||||
$arr['target'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '" />' . "\n" . '<link rel="preview" type="'.$p[0]['type'].'" href="' . System::baseUrl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '" />') . '</link></target>';
|
$arr['target'] .= '<link>' . XML::escape('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '" />' . "\n" . '<link rel="preview" type="'.$p[0]['type'].'" href="' . System::baseUrl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '" />') . '</link></target>';
|
||||||
|
|
||||||
$item_id = Item::insert($arr);
|
$item_id = Item::insert($arr);
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,6 +15,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Protocol\PortableContact;
|
use Friendica\Protocol\PortableContact;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
function poco_init(App $a) {
|
function poco_init(App $a) {
|
||||||
$system_mode = false;
|
$system_mode = false;
|
||||||
|
@ -375,7 +376,7 @@ function poco_init(App $a) {
|
||||||
|
|
||||||
if ($format === 'xml') {
|
if ($format === 'xml') {
|
||||||
header('Content-type: text/xml');
|
header('Content-type: text/xml');
|
||||||
echo Renderer::replaceMacros(Renderer::getMarkupTemplate('poco_xml.tpl'), array_xmlify(['$response' => $ret]));
|
echo Renderer::replaceMacros(Renderer::getMarkupTemplate('poco_xml.tpl'), XML::arrayEscape(['$response' => $ret]));
|
||||||
killme();
|
killme();
|
||||||
}
|
}
|
||||||
if ($format === 'json') {
|
if ($format === 'json') {
|
||||||
|
|
|
@ -22,6 +22,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Core\Worker;
|
use Friendica\Core\Worker;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
|
||||||
|
@ -124,9 +125,9 @@ function poke_init(App $a)
|
||||||
$arr['body'] = '[url=' . $poster['url'] . ']' . $poster['name'] . '[/url]' . ' ' . L10n::t($verbs[$verb][0]) . ' ' . '[url=' . $target['url'] . ']' . $target['name'] . '[/url]';
|
$arr['body'] = '[url=' . $poster['url'] . ']' . $poster['name'] . '[/url]' . ' ' . L10n::t($verbs[$verb][0]) . ' ' . '[url=' . $target['url'] . ']' . $target['name'] . '[/url]';
|
||||||
|
|
||||||
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $target['name'] . '</title><id>' . $target['url'] . '</id>';
|
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $target['name'] . '</title><id>' . $target['url'] . '</id>';
|
||||||
$arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $target['url'] . '" />' . "\n");
|
$arr['object'] .= '<link>' . XML::escape('<link rel="alternate" type="text/html" href="' . $target['url'] . '" />' . "\n");
|
||||||
|
|
||||||
$arr['object'] .= xmlify('<link rel="photo" type="image/jpeg" href="' . $target['photo'] . '" />' . "\n");
|
$arr['object'] .= XML::escape('<link rel="photo" type="image/jpeg" href="' . $target['photo'] . '" />' . "\n");
|
||||||
$arr['object'] .= '</link></object>' . "\n";
|
$arr['object'] .= '</link></object>' . "\n";
|
||||||
|
|
||||||
$item_id = Item::insert($arr);
|
$item_id = Item::insert($arr);
|
||||||
|
|
|
@ -24,6 +24,7 @@ use Friendica\Protocol\ActivityPub;
|
||||||
use Friendica\Protocol\DFRN;
|
use Friendica\Protocol\DFRN;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Security;
|
use Friendica\Util\Security;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
function profile_init(App $a)
|
function profile_init(App $a)
|
||||||
{
|
{
|
||||||
|
@ -209,7 +210,7 @@ function profile_content(App $a, $update = 0)
|
||||||
$commvisitor = $commpage && $remote_contact;
|
$commvisitor = $commpage && $remote_contact;
|
||||||
|
|
||||||
$a->page['aside'] .= posted_date_widget(System::baseUrl(true) . '/profile/' . $a->profile['nickname'], $a->profile['profile_uid'], true);
|
$a->page['aside'] .= posted_date_widget(System::baseUrl(true) . '/profile/' . $a->profile['nickname'], $a->profile['profile_uid'], true);
|
||||||
$a->page['aside'] .= Widget::categories(System::baseUrl(true) . '/profile/' . $a->profile['nickname'], (!empty($category) ? xmlify($category) : ''));
|
$a->page['aside'] .= Widget::categories(System::baseUrl(true) . '/profile/' . $a->profile['nickname'], (!empty($category) ? XML::escape($category) : ''));
|
||||||
$a->page['aside'] .= Widget::tagCloud();
|
$a->page['aside'] .= Widget::tagCloud();
|
||||||
|
|
||||||
if (Security::canWriteToUserWall($a->profile['profile_uid'])) {
|
if (Security::canWriteToUserWall($a->profile['profile_uid'])) {
|
||||||
|
|
|
@ -10,6 +10,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
use Friendica\Util\Security;
|
use Friendica\Util\Security;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
|
||||||
|
@ -87,7 +88,7 @@ function subthread_content(App $a) {
|
||||||
|
|
||||||
$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
|
$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
|
||||||
$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
|
$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
|
||||||
$link = xmlify('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
|
$link = XML::escape('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
|
||||||
$body = $item['body'];
|
$body = $item['body'];
|
||||||
|
|
||||||
$obj = <<< EOT
|
$obj = <<< EOT
|
||||||
|
|
|
@ -10,6 +10,7 @@ use Friendica\Core\System;
|
||||||
use Friendica\Core\Worker;
|
use Friendica\Core\Worker;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Item;
|
use Friendica\Model\Item;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'include/items.php';
|
require_once 'include/items.php';
|
||||||
|
|
||||||
|
@ -66,7 +67,7 @@ function tagger_content(App $a) {
|
||||||
}
|
}
|
||||||
|
|
||||||
$uri = Item::newURI($owner_uid);
|
$uri = Item::newURI($owner_uid);
|
||||||
$xterm = xmlify($term);
|
$xterm = XML::escape($term);
|
||||||
$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
|
$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
|
||||||
$targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
|
$targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
|
||||||
|
|
||||||
|
@ -76,9 +77,9 @@ function tagger_content(App $a) {
|
||||||
$href = System::baseUrl() . '/display/' . $item['guid'];
|
$href = System::baseUrl() . '/display/' . $item['guid'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$link = xmlify('<link rel="alternate" type="text/html" href="'. $href . '" />' . "\n") ;
|
$link = XML::escape('<link rel="alternate" type="text/html" href="'. $href . '" />' . "\n") ;
|
||||||
|
|
||||||
$body = xmlify($item['body']);
|
$body = XML::escape($item['body']);
|
||||||
|
|
||||||
$target = <<< EOT
|
$target = <<< EOT
|
||||||
<target>
|
<target>
|
||||||
|
|
|
@ -18,6 +18,7 @@ use Friendica\Model\Contact;
|
||||||
use Friendica\Model\FileTag;
|
use Friendica\Model\FileTag;
|
||||||
use Friendica\Model\GContact;
|
use Friendica\Model\GContact;
|
||||||
use Friendica\Model\Profile;
|
use Friendica\Model\Profile;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'boot.php';
|
require_once 'boot.php';
|
||||||
require_once 'include/dba.php';
|
require_once 'include/dba.php';
|
||||||
|
@ -189,7 +190,7 @@ class Widget
|
||||||
if ($cnt) {
|
if ($cnt) {
|
||||||
foreach ($matches as $mtch)
|
foreach ($matches as $mtch)
|
||||||
{
|
{
|
||||||
$unescaped = xmlify(FileTag::decode($mtch[1]));
|
$unescaped = XML::escape(FileTag::decode($mtch[1]));
|
||||||
$terms[] = array('name' => $unescaped, 'selected' => (($selected == $unescaped) ? 'selected' : ''));
|
$terms[] = array('name' => $unescaped, 'selected' => (($selected == $unescaped) ? 'selected' : ''));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -229,7 +230,7 @@ class Widget
|
||||||
|
|
||||||
if ($cnt) {
|
if ($cnt) {
|
||||||
foreach ($matches as $mtch) {
|
foreach ($matches as $mtch) {
|
||||||
$unescaped = xmlify(FileTag::decode($mtch[1]));
|
$unescaped = XML::escape(FileTag::decode($mtch[1]));
|
||||||
$terms[] = array('name' => $unescaped, 'selected' => (($selected == $unescaped) ? 'selected' : ''));
|
$terms[] = array('name' => $unescaped, 'selected' => (($selected == $unescaped) ? 'selected' : ''));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,6 +17,7 @@ use Friendica\Database\DBA;
|
||||||
use Friendica\Model\Contact;
|
use Friendica\Model\Contact;
|
||||||
use Friendica\Util\DateTimeFormat;
|
use Friendica\Util\DateTimeFormat;
|
||||||
use Friendica\Util\Map;
|
use Friendica\Util\Map;
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
|
||||||
require_once 'boot.php';
|
require_once 'boot.php';
|
||||||
require_once 'include/dba.php';
|
require_once 'include/dba.php';
|
||||||
|
@ -302,8 +303,8 @@ class Event extends BaseObject
|
||||||
|
|
||||||
$item = Item::selectFirst(['id'], ['event-id' => $event['id'], 'uid' => $event['uid']]);
|
$item = Item::selectFirst(['id'], ['event-id' => $event['id'], 'uid' => $event['uid']]);
|
||||||
if (DBA::isResult($item)) {
|
if (DBA::isResult($item)) {
|
||||||
$object = '<object><type>' . xmlify(ACTIVITY_OBJ_EVENT) . '</type><title></title><id>' . xmlify($event['uri']) . '</id>';
|
$object = '<object><type>' . XML::escape(ACTIVITY_OBJ_EVENT) . '</type><title></title><id>' . XML::escape($event['uri']) . '</id>';
|
||||||
$object .= '<content>' . xmlify(self::getBBCode($event)) . '</content>';
|
$object .= '<content>' . XML::escape(self::getBBCode($event)) . '</content>';
|
||||||
$object .= '</object>' . "\n";
|
$object .= '</object>' . "\n";
|
||||||
|
|
||||||
$fields = ['body' => self::getBBCode($event), 'object' => $object, 'edited' => $event['edited']];
|
$fields = ['body' => self::getBBCode($event), 'object' => $object, 'edited' => $event['edited']];
|
||||||
|
@ -353,8 +354,8 @@ class Event extends BaseObject
|
||||||
$item_arr['body'] = self::getBBCode($event);
|
$item_arr['body'] = self::getBBCode($event);
|
||||||
$item_arr['event-id'] = $event['id'];
|
$item_arr['event-id'] = $event['id'];
|
||||||
|
|
||||||
$item_arr['object'] = '<object><type>' . xmlify(ACTIVITY_OBJ_EVENT) . '</type><title></title><id>' . xmlify($event['uri']) . '</id>';
|
$item_arr['object'] = '<object><type>' . XML::escape(ACTIVITY_OBJ_EVENT) . '</type><title></title><id>' . XML::escape($event['uri']) . '</id>';
|
||||||
$item_arr['object'] .= '<content>' . xmlify(self::getBBCode($event)) . '</content>';
|
$item_arr['object'] .= '<content>' . XML::escape(self::getBBCode($event)) . '</content>';
|
||||||
$item_arr['object'] .= '</object>' . "\n";
|
$item_arr['object'] .= '</object>' . "\n";
|
||||||
|
|
||||||
$item_id = Item::insert($item_arr);
|
$item_id = Item::insert($item_arr);
|
||||||
|
|
|
@ -2547,7 +2547,7 @@ class DFRN
|
||||||
$item["guid"] = XML::getFirstNodeValue($xpath, "dfrn:diaspora_guid/text()", $entry);
|
$item["guid"] = XML::getFirstNodeValue($xpath, "dfrn:diaspora_guid/text()", $entry);
|
||||||
|
|
||||||
// We store the data from "dfrn:diaspora_signature" in a different table, this is done in "Item::insert"
|
// We store the data from "dfrn:diaspora_signature" in a different table, this is done in "Item::insert"
|
||||||
$dsprsig = unxmlify(XML::getFirstNodeValue($xpath, "dfrn:diaspora_signature/text()", $entry));
|
$dsprsig = XML::unescape(XML::getFirstNodeValue($xpath, "dfrn:diaspora_signature/text()", $entry));
|
||||||
if ($dsprsig != "") {
|
if ($dsprsig != "") {
|
||||||
$item["dsprsig"] = $dsprsig;
|
$item["dsprsig"] = $dsprsig;
|
||||||
}
|
}
|
||||||
|
|
|
@ -463,7 +463,7 @@ class Diaspora
|
||||||
}
|
}
|
||||||
|
|
||||||
return ['message' => (string)base64url_decode($base->data),
|
return ['message' => (string)base64url_decode($base->data),
|
||||||
'author' => unxmlify($author_addr),
|
'author' => XML::unescape($author_addr),
|
||||||
'key' => (string)$key];
|
'key' => (string)$key];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -603,7 +603,7 @@ class Diaspora
|
||||||
Logger::log('Message verified.');
|
Logger::log('Message verified.');
|
||||||
|
|
||||||
return ['message' => (string)$inner_decrypted,
|
return ['message' => (string)$inner_decrypted,
|
||||||
'author' => unxmlify($author_link),
|
'author' => XML::unescape($author_link),
|
||||||
'key' => (string)$key];
|
'key' => (string)$key];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1505,9 +1505,9 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveAccountMigration(array $importer, $data)
|
private static function receiveAccountMigration(array $importer, $data)
|
||||||
{
|
{
|
||||||
$old_handle = notags(unxmlify($data->author));
|
$old_handle = notags(XML::unescape($data->author));
|
||||||
$new_handle = notags(unxmlify($data->profile->author));
|
$new_handle = notags(XML::unescape($data->profile->author));
|
||||||
$signature = notags(unxmlify($data->signature));
|
$signature = notags(XML::unescape($data->signature));
|
||||||
|
|
||||||
$contact = self::contactByHandle($importer["uid"], $old_handle);
|
$contact = self::contactByHandle($importer["uid"], $old_handle);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
|
@ -1565,7 +1565,7 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveAccountDeletion($data)
|
private static function receiveAccountDeletion($data)
|
||||||
{
|
{
|
||||||
$author = notags(unxmlify($data->author));
|
$author = notags(XML::unescape($data->author));
|
||||||
|
|
||||||
$contacts = DBA::select('contact', ['id'], ['addr' => $author]);
|
$contacts = DBA::select('contact', ['id'], ['addr' => $author]);
|
||||||
while ($contact = DBA::fetch($contacts)) {
|
while ($contact = DBA::fetch($contacts)) {
|
||||||
|
@ -1656,19 +1656,19 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveComment(array $importer, $sender, $data, $xml)
|
private static function receiveComment(array $importer, $sender, $data, $xml)
|
||||||
{
|
{
|
||||||
$author = notags(unxmlify($data->author));
|
$author = notags(XML::unescape($data->author));
|
||||||
$guid = notags(unxmlify($data->guid));
|
$guid = notags(XML::unescape($data->guid));
|
||||||
$parent_guid = notags(unxmlify($data->parent_guid));
|
$parent_guid = notags(XML::unescape($data->parent_guid));
|
||||||
$text = unxmlify($data->text);
|
$text = XML::unescape($data->text);
|
||||||
|
|
||||||
if (isset($data->created_at)) {
|
if (isset($data->created_at)) {
|
||||||
$created_at = DateTimeFormat::utc(notags(unxmlify($data->created_at)));
|
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
||||||
} else {
|
} else {
|
||||||
$created_at = DateTimeFormat::utcNow();
|
$created_at = DateTimeFormat::utcNow();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($data->thread_parent_guid)) {
|
if (isset($data->thread_parent_guid)) {
|
||||||
$thread_parent_guid = notags(unxmlify($data->thread_parent_guid));
|
$thread_parent_guid = notags(XML::unescape($data->thread_parent_guid));
|
||||||
$thr_uri = self::getUriFromGuid("", $thread_parent_guid, true);
|
$thr_uri = self::getUriFromGuid("", $thread_parent_guid, true);
|
||||||
} else {
|
} else {
|
||||||
$thr_uri = "";
|
$thr_uri = "";
|
||||||
|
@ -1773,24 +1773,24 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveConversationMessage(array $importer, array $contact, $data, $msg, $mesg, $conversation)
|
private static function receiveConversationMessage(array $importer, array $contact, $data, $msg, $mesg, $conversation)
|
||||||
{
|
{
|
||||||
$author = notags(unxmlify($data->author));
|
$author = notags(XML::unescape($data->author));
|
||||||
$guid = notags(unxmlify($data->guid));
|
$guid = notags(XML::unescape($data->guid));
|
||||||
$subject = notags(unxmlify($data->subject));
|
$subject = notags(XML::unescape($data->subject));
|
||||||
|
|
||||||
// "diaspora_handle" is the element name from the old version
|
// "diaspora_handle" is the element name from the old version
|
||||||
// "author" is the element name from the new version
|
// "author" is the element name from the new version
|
||||||
if ($mesg->author) {
|
if ($mesg->author) {
|
||||||
$msg_author = notags(unxmlify($mesg->author));
|
$msg_author = notags(XML::unescape($mesg->author));
|
||||||
} elseif ($mesg->diaspora_handle) {
|
} elseif ($mesg->diaspora_handle) {
|
||||||
$msg_author = notags(unxmlify($mesg->diaspora_handle));
|
$msg_author = notags(XML::unescape($mesg->diaspora_handle));
|
||||||
} else {
|
} else {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$msg_guid = notags(unxmlify($mesg->guid));
|
$msg_guid = notags(XML::unescape($mesg->guid));
|
||||||
$msg_conversation_guid = notags(unxmlify($mesg->conversation_guid));
|
$msg_conversation_guid = notags(XML::unescape($mesg->conversation_guid));
|
||||||
$msg_text = unxmlify($mesg->text);
|
$msg_text = XML::unescape($mesg->text);
|
||||||
$msg_created_at = DateTimeFormat::utc(notags(unxmlify($mesg->created_at)));
|
$msg_created_at = DateTimeFormat::utc(notags(XML::unescape($mesg->created_at)));
|
||||||
|
|
||||||
if ($msg_conversation_guid != $guid) {
|
if ($msg_conversation_guid != $guid) {
|
||||||
Logger::log("message conversation guid does not belong to the current conversation.");
|
Logger::log("message conversation guid does not belong to the current conversation.");
|
||||||
|
@ -1861,11 +1861,11 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveConversation(array $importer, $msg, $data)
|
private static function receiveConversation(array $importer, $msg, $data)
|
||||||
{
|
{
|
||||||
$author = notags(unxmlify($data->author));
|
$author = notags(XML::unescape($data->author));
|
||||||
$guid = notags(unxmlify($data->guid));
|
$guid = notags(XML::unescape($data->guid));
|
||||||
$subject = notags(unxmlify($data->subject));
|
$subject = notags(XML::unescape($data->subject));
|
||||||
$created_at = DateTimeFormat::utc(notags(unxmlify($data->created_at)));
|
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
||||||
$participants = notags(unxmlify($data->participants));
|
$participants = notags(XML::unescape($data->participants));
|
||||||
|
|
||||||
$messages = $data->message;
|
$messages = $data->message;
|
||||||
|
|
||||||
|
@ -1919,11 +1919,11 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveLike(array $importer, $sender, $data)
|
private static function receiveLike(array $importer, $sender, $data)
|
||||||
{
|
{
|
||||||
$author = notags(unxmlify($data->author));
|
$author = notags(XML::unescape($data->author));
|
||||||
$guid = notags(unxmlify($data->guid));
|
$guid = notags(XML::unescape($data->guid));
|
||||||
$parent_guid = notags(unxmlify($data->parent_guid));
|
$parent_guid = notags(XML::unescape($data->parent_guid));
|
||||||
$parent_type = notags(unxmlify($data->parent_type));
|
$parent_type = notags(XML::unescape($data->parent_type));
|
||||||
$positive = notags(unxmlify($data->positive));
|
$positive = notags(XML::unescape($data->positive));
|
||||||
|
|
||||||
// likes on comments aren't supported by Diaspora - only on posts
|
// likes on comments aren't supported by Diaspora - only on posts
|
||||||
// But maybe this will be supported in the future, so we will accept it.
|
// But maybe this will be supported in the future, so we will accept it.
|
||||||
|
@ -2028,11 +2028,11 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveMessage(array $importer, $data)
|
private static function receiveMessage(array $importer, $data)
|
||||||
{
|
{
|
||||||
$author = notags(unxmlify($data->author));
|
$author = notags(XML::unescape($data->author));
|
||||||
$guid = notags(unxmlify($data->guid));
|
$guid = notags(XML::unescape($data->guid));
|
||||||
$conversation_guid = notags(unxmlify($data->conversation_guid));
|
$conversation_guid = notags(XML::unescape($data->conversation_guid));
|
||||||
$text = unxmlify($data->text);
|
$text = XML::unescape($data->text);
|
||||||
$created_at = DateTimeFormat::utc(notags(unxmlify($data->created_at)));
|
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
||||||
|
|
||||||
$contact = self::allowedContactByHandle($importer, $author, true);
|
$contact = self::allowedContactByHandle($importer, $author, true);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
|
@ -2103,8 +2103,8 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveParticipation(array $importer, $data)
|
private static function receiveParticipation(array $importer, $data)
|
||||||
{
|
{
|
||||||
$author = strtolower(notags(unxmlify($data->author)));
|
$author = strtolower(notags(XML::unescape($data->author)));
|
||||||
$parent_guid = notags(unxmlify($data->parent_guid));
|
$parent_guid = notags(XML::unescape($data->parent_guid));
|
||||||
|
|
||||||
$contact_id = Contact::getIdForURL($author);
|
$contact_id = Contact::getIdForURL($author);
|
||||||
if (!$contact_id) {
|
if (!$contact_id) {
|
||||||
|
@ -2196,22 +2196,22 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveProfile(array $importer, $data)
|
private static function receiveProfile(array $importer, $data)
|
||||||
{
|
{
|
||||||
$author = strtolower(notags(unxmlify($data->author)));
|
$author = strtolower(notags(XML::unescape($data->author)));
|
||||||
|
|
||||||
$contact = self::contactByHandle($importer["uid"], $author);
|
$contact = self::contactByHandle($importer["uid"], $author);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$name = unxmlify($data->first_name).((strlen($data->last_name)) ? " ".unxmlify($data->last_name) : "");
|
$name = XML::unescape($data->first_name).((strlen($data->last_name)) ? " ".XML::unescape($data->last_name) : "");
|
||||||
$image_url = unxmlify($data->image_url);
|
$image_url = XML::unescape($data->image_url);
|
||||||
$birthday = unxmlify($data->birthday);
|
$birthday = XML::unescape($data->birthday);
|
||||||
$gender = unxmlify($data->gender);
|
$gender = XML::unescape($data->gender);
|
||||||
$about = Markdown::toBBCode(unxmlify($data->bio));
|
$about = Markdown::toBBCode(XML::unescape($data->bio));
|
||||||
$location = Markdown::toBBCode(unxmlify($data->location));
|
$location = Markdown::toBBCode(XML::unescape($data->location));
|
||||||
$searchable = (unxmlify($data->searchable) == "true");
|
$searchable = (XML::unescape($data->searchable) == "true");
|
||||||
$nsfw = (unxmlify($data->nsfw) == "true");
|
$nsfw = (XML::unescape($data->nsfw) == "true");
|
||||||
$tags = unxmlify($data->tag_string);
|
$tags = XML::unescape($data->tag_string);
|
||||||
|
|
||||||
$tags = explode("#", $tags);
|
$tags = explode("#", $tags);
|
||||||
|
|
||||||
|
@ -2310,8 +2310,8 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveContactRequest(array $importer, $data)
|
private static function receiveContactRequest(array $importer, $data)
|
||||||
{
|
{
|
||||||
$author = unxmlify($data->author);
|
$author = XML::unescape($data->author);
|
||||||
$recipient = unxmlify($data->recipient);
|
$recipient = XML::unescape($data->recipient);
|
||||||
|
|
||||||
if (!$author || !$recipient) {
|
if (!$author || !$recipient) {
|
||||||
return false;
|
return false;
|
||||||
|
@ -2320,13 +2320,13 @@ class Diaspora
|
||||||
// the current protocol version doesn't know these fields
|
// the current protocol version doesn't know these fields
|
||||||
// That means that we will assume their existance
|
// That means that we will assume their existance
|
||||||
if (isset($data->following)) {
|
if (isset($data->following)) {
|
||||||
$following = (unxmlify($data->following) == "true");
|
$following = (XML::unescape($data->following) == "true");
|
||||||
} else {
|
} else {
|
||||||
$following = true;
|
$following = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($data->sharing)) {
|
if (isset($data->sharing)) {
|
||||||
$sharing = (unxmlify($data->sharing) == "true");
|
$sharing = (XML::unescape($data->sharing) == "true");
|
||||||
} else {
|
} else {
|
||||||
$sharing = true;
|
$sharing = true;
|
||||||
}
|
}
|
||||||
|
@ -2573,13 +2573,13 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveReshare(array $importer, $data, $xml)
|
private static function receiveReshare(array $importer, $data, $xml)
|
||||||
{
|
{
|
||||||
$author = notags(unxmlify($data->author));
|
$author = notags(XML::unescape($data->author));
|
||||||
$guid = notags(unxmlify($data->guid));
|
$guid = notags(XML::unescape($data->guid));
|
||||||
$created_at = DateTimeFormat::utc(notags(unxmlify($data->created_at)));
|
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
||||||
$root_author = notags(unxmlify($data->root_author));
|
$root_author = notags(XML::unescape($data->root_author));
|
||||||
$root_guid = notags(unxmlify($data->root_guid));
|
$root_guid = notags(XML::unescape($data->root_guid));
|
||||||
/// @todo handle unprocessed property "provider_display_name"
|
/// @todo handle unprocessed property "provider_display_name"
|
||||||
$public = notags(unxmlify($data->public));
|
$public = notags(XML::unescape($data->public));
|
||||||
|
|
||||||
$contact = self::allowedContactByHandle($importer, $author, false);
|
$contact = self::allowedContactByHandle($importer, $author, false);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
|
@ -2665,9 +2665,9 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function itemRetraction(array $importer, array $contact, $data)
|
private static function itemRetraction(array $importer, array $contact, $data)
|
||||||
{
|
{
|
||||||
$author = notags(unxmlify($data->author));
|
$author = notags(XML::unescape($data->author));
|
||||||
$target_guid = notags(unxmlify($data->target_guid));
|
$target_guid = notags(XML::unescape($data->target_guid));
|
||||||
$target_type = notags(unxmlify($data->target_type));
|
$target_type = notags(XML::unescape($data->target_type));
|
||||||
|
|
||||||
$person = self::personByHandle($author);
|
$person = self::personByHandle($author);
|
||||||
if (!is_array($person)) {
|
if (!is_array($person)) {
|
||||||
|
@ -2729,7 +2729,7 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveRetraction(array $importer, $sender, $data)
|
private static function receiveRetraction(array $importer, $sender, $data)
|
||||||
{
|
{
|
||||||
$target_type = notags(unxmlify($data->target_type));
|
$target_type = notags(XML::unescape($data->target_type));
|
||||||
|
|
||||||
$contact = self::contactByHandle($importer["uid"], $sender);
|
$contact = self::contactByHandle($importer["uid"], $sender);
|
||||||
if (!$contact && (in_array($target_type, ["Contact", "Person"]))) {
|
if (!$contact && (in_array($target_type, ["Contact", "Person"]))) {
|
||||||
|
@ -2774,12 +2774,12 @@ class Diaspora
|
||||||
*/
|
*/
|
||||||
private static function receiveStatusMessage(array $importer, SimpleXMLElement $data, $xml)
|
private static function receiveStatusMessage(array $importer, SimpleXMLElement $data, $xml)
|
||||||
{
|
{
|
||||||
$author = notags(unxmlify($data->author));
|
$author = notags(XML::unescape($data->author));
|
||||||
$guid = notags(unxmlify($data->guid));
|
$guid = notags(XML::unescape($data->guid));
|
||||||
$created_at = DateTimeFormat::utc(notags(unxmlify($data->created_at)));
|
$created_at = DateTimeFormat::utc(notags(XML::unescape($data->created_at)));
|
||||||
$public = notags(unxmlify($data->public));
|
$public = notags(XML::unescape($data->public));
|
||||||
$text = unxmlify($data->text);
|
$text = XML::unescape($data->text);
|
||||||
$provider_display_name = notags(unxmlify($data->provider_display_name));
|
$provider_display_name = notags(XML::unescape($data->provider_display_name));
|
||||||
|
|
||||||
$contact = self::allowedContactByHandle($importer, $author, false);
|
$contact = self::allowedContactByHandle($importer, $author, false);
|
||||||
if (!$contact) {
|
if (!$contact) {
|
||||||
|
@ -2794,7 +2794,7 @@ class Diaspora
|
||||||
$address = [];
|
$address = [];
|
||||||
if ($data->location) {
|
if ($data->location) {
|
||||||
foreach ($data->location->children() as $fieldname => $data) {
|
foreach ($data->location->children() as $fieldname => $data) {
|
||||||
$address[$fieldname] = notags(unxmlify($data));
|
$address[$fieldname] = notags(XML::unescape($data));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2805,8 +2805,8 @@ class Diaspora
|
||||||
// Attach embedded pictures to the body
|
// Attach embedded pictures to the body
|
||||||
if ($data->photo) {
|
if ($data->photo) {
|
||||||
foreach ($data->photo as $photo) {
|
foreach ($data->photo as $photo) {
|
||||||
$body = "[img]".unxmlify($photo->remote_photo_path).
|
$body = "[img]".XML::unescape($photo->remote_photo_path).
|
||||||
unxmlify($photo->remote_photo_name)."[/img]\n".$body;
|
XML::unescape($photo->remote_photo_name)."[/img]\n".$body;
|
||||||
}
|
}
|
||||||
|
|
||||||
$datarray["object-type"] = ACTIVITY_OBJ_IMAGE;
|
$datarray["object-type"] = ACTIVITY_OBJ_IMAGE;
|
||||||
|
|
|
@ -36,7 +36,7 @@ class XML
|
||||||
$root = new SimpleXMLElement("<".$key."/>");
|
$root = new SimpleXMLElement("<".$key."/>");
|
||||||
self::fromArray($value, $root, $remove_header, $namespaces, false);
|
self::fromArray($value, $root, $remove_header, $namespaces, false);
|
||||||
} else {
|
} else {
|
||||||
$root = new SimpleXMLElement("<".$key.">".xmlify($value)."</".$key.">");
|
$root = new SimpleXMLElement("<".$key.">".self::escape($value)."</".$key.">");
|
||||||
}
|
}
|
||||||
|
|
||||||
$dom = dom_import_simplexml($root)->ownerDocument;
|
$dom = dom_import_simplexml($root)->ownerDocument;
|
||||||
|
@ -104,7 +104,7 @@ class XML
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_array($value)) {
|
if (!is_array($value)) {
|
||||||
$element = $xml->addChild($key, xmlify($value), $namespace);
|
$element = $xml->addChild($key, self::escape($value), $namespace);
|
||||||
} elseif (is_array($value)) {
|
} elseif (is_array($value)) {
|
||||||
$element = $xml->addChild($key, null, $namespace);
|
$element = $xml->addChild($key, null, $namespace);
|
||||||
self::fromArray($value, $element, $remove_header, $namespaces, false);
|
self::fromArray($value, $element, $remove_header, $namespaces, false);
|
||||||
|
@ -123,7 +123,7 @@ class XML
|
||||||
public static function copy(&$source, &$target, $elementname)
|
public static function copy(&$source, &$target, $elementname)
|
||||||
{
|
{
|
||||||
if (count($source->children()) == 0) {
|
if (count($source->children()) == 0) {
|
||||||
$target->addChild($elementname, xmlify($source));
|
$target->addChild($elementname, self::escape($source));
|
||||||
} else {
|
} else {
|
||||||
$child = $target->addChild($elementname);
|
$child = $target->addChild($elementname);
|
||||||
foreach ($source->children() as $childfield => $childentry) {
|
foreach ($source->children() as $childfield => $childentry) {
|
||||||
|
@ -144,11 +144,11 @@ class XML
|
||||||
*/
|
*/
|
||||||
public static function createElement($doc, $element, $value = "", $attributes = [])
|
public static function createElement($doc, $element, $value = "", $attributes = [])
|
||||||
{
|
{
|
||||||
$element = $doc->createElement($element, xmlify($value));
|
$element = $doc->createElement($element, self::escape($value));
|
||||||
|
|
||||||
foreach ($attributes as $key => $value) {
|
foreach ($attributes as $key => $value) {
|
||||||
$attribute = $doc->createAttribute($key);
|
$attribute = $doc->createAttribute($key);
|
||||||
$attribute->value = xmlify($value);
|
$attribute->value = self::escape($value);
|
||||||
$element->appendChild($attribute);
|
$element->appendChild($attribute);
|
||||||
}
|
}
|
||||||
return $element;
|
return $element;
|
||||||
|
@ -462,4 +462,43 @@ class XML
|
||||||
|
|
||||||
return $first_item->attributes;
|
return $first_item->attributes;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* escape text ($str) for XML transport
|
||||||
|
* @param string $str
|
||||||
|
* @return string Escaped text.
|
||||||
|
*/
|
||||||
|
public static function escape($str)
|
||||||
|
{
|
||||||
|
$buffer = htmlspecialchars($str, ENT_QUOTES, "UTF-8");
|
||||||
|
$buffer = trim($buffer);
|
||||||
|
|
||||||
|
return $buffer;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* undo an escape
|
||||||
|
* @param string $s xml escaped text
|
||||||
|
* @return string unescaped text
|
||||||
|
*/
|
||||||
|
public static function unescape($s)
|
||||||
|
{
|
||||||
|
$ret = htmlspecialchars_decode($s, ENT_QUOTES);
|
||||||
|
return $ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* apply escape() to all values of array $val, recursively
|
||||||
|
* @param array $val
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public static function arrayEscape($val)
|
||||||
|
{
|
||||||
|
if (is_bool($val)) {
|
||||||
|
return $val?"true":"false";
|
||||||
|
} elseif (is_array($val)) {
|
||||||
|
return array_map('XML::arrayEscape', $val);
|
||||||
|
}
|
||||||
|
return self::escape((string) $val);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -249,45 +249,6 @@ class TextTest extends TestCase
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
*xmlify and unxmlify
|
|
||||||
*/
|
|
||||||
public function testXmlify()
|
|
||||||
{
|
|
||||||
$text="<tag>I want to break\n this!11!<?hard?></tag>";
|
|
||||||
$xml=xmlify($text);
|
|
||||||
$retext=unxmlify($text);
|
|
||||||
|
|
||||||
$this->assertEquals($text, $retext);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* xmlify and put in a document
|
|
||||||
*/
|
|
||||||
public function testXmlifyDocument()
|
|
||||||
{
|
|
||||||
$tag="<tag>I want to break</tag>";
|
|
||||||
$xml=xmlify($tag);
|
|
||||||
$text='<text>'.$xml.'</text>';
|
|
||||||
|
|
||||||
$xml_parser=xml_parser_create();
|
|
||||||
//should be possible to parse it
|
|
||||||
$values=array();
|
|
||||||
$index=array();
|
|
||||||
$this->assertEquals(1, xml_parse_into_struct($xml_parser, $text, $values, $index));
|
|
||||||
|
|
||||||
$this->assertEquals(
|
|
||||||
array('TEXT'=>array(0)),
|
|
||||||
$index
|
|
||||||
);
|
|
||||||
$this->assertEquals(
|
|
||||||
array(array('tag'=>'TEXT', 'type'=>'complete', 'level'=>1, 'value'=>$tag)),
|
|
||||||
$values
|
|
||||||
);
|
|
||||||
|
|
||||||
xml_parser_free($xml_parser);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* test hex2bin and reverse
|
* test hex2bin and reverse
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -5,6 +5,10 @@ namespace Friendica\Test\src\Core\Cache;
|
||||||
|
|
||||||
use Friendica\Core\Cache\ArrayCache;
|
use Friendica\Core\Cache\ArrayCache;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
|
*/
|
||||||
class ArrayCacheDriverTest extends MemoryCacheTest
|
class ArrayCacheDriverTest extends MemoryCacheTest
|
||||||
{
|
{
|
||||||
protected function getInstance()
|
protected function getInstance()
|
||||||
|
|
|
@ -4,6 +4,10 @@ namespace Friendica\Test\src\Core\Cache;
|
||||||
|
|
||||||
use Friendica\Core\Cache\CacheDriverFactory;
|
use Friendica\Core\Cache\CacheDriverFactory;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
|
*/
|
||||||
class DatabaseCacheDriverTest extends CacheTest
|
class DatabaseCacheDriverTest extends CacheTest
|
||||||
{
|
{
|
||||||
protected function getInstance()
|
protected function getInstance()
|
||||||
|
|
|
@ -3,7 +3,10 @@
|
||||||
|
|
||||||
namespace Friendica\Test\src\Core\Cache;
|
namespace Friendica\Test\src\Core\Cache;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
|
*/
|
||||||
use Friendica\Core\Cache\CacheDriverFactory;
|
use Friendica\Core\Cache\CacheDriverFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -3,7 +3,10 @@
|
||||||
|
|
||||||
namespace Friendica\Test\src\Core\Cache;
|
namespace Friendica\Test\src\Core\Cache;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
|
*/
|
||||||
use Friendica\Core\Cache\CacheDriverFactory;
|
use Friendica\Core\Cache\CacheDriverFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -3,7 +3,10 @@
|
||||||
|
|
||||||
namespace Friendica\Test\src\Core\Cache;
|
namespace Friendica\Test\src\Core\Cache;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
|
*/
|
||||||
use Friendica\Core\Cache\CacheDriverFactory;
|
use Friendica\Core\Cache\CacheDriverFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -6,6 +6,10 @@ namespace Friendica\Test\src\Core\Lock;
|
||||||
use Friendica\Core\Cache\ArrayCache;
|
use Friendica\Core\Cache\ArrayCache;
|
||||||
use Friendica\Core\Lock\CacheLockDriver;
|
use Friendica\Core\Lock\CacheLockDriver;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
|
*/
|
||||||
class ArrayCacheLockDriverTest extends LockTest
|
class ArrayCacheLockDriverTest extends LockTest
|
||||||
{
|
{
|
||||||
protected function getInstance()
|
protected function getInstance()
|
||||||
|
|
|
@ -5,6 +5,10 @@ namespace Friendica\Test\src\Core\Lock;
|
||||||
use Friendica\Core\Lock\DatabaseLockDriver;
|
use Friendica\Core\Lock\DatabaseLockDriver;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
|
*/
|
||||||
class DatabaseLockDriverTest extends LockTest
|
class DatabaseLockDriverTest extends LockTest
|
||||||
{
|
{
|
||||||
protected function getInstance()
|
protected function getInstance()
|
||||||
|
|
|
@ -8,6 +8,8 @@ use Friendica\Core\Lock\CacheLockDriver;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @requires extension Memcache
|
* @requires extension Memcache
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
*/
|
*/
|
||||||
class MemcacheCacheLockDriverTest extends LockTest
|
class MemcacheCacheLockDriverTest extends LockTest
|
||||||
{
|
{
|
||||||
|
|
|
@ -8,6 +8,8 @@ use Friendica\Core\Lock\CacheLockDriver;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @requires extension memcached
|
* @requires extension memcached
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
*/
|
*/
|
||||||
class MemcachedCacheLockDriverTest extends LockTest
|
class MemcachedCacheLockDriverTest extends LockTest
|
||||||
{
|
{
|
||||||
|
|
|
@ -8,6 +8,8 @@ use Friendica\Core\Lock\CacheLockDriver;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @requires extension redis
|
* @requires extension redis
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
*/
|
*/
|
||||||
class RedisCacheLockDriverTest extends LockTest
|
class RedisCacheLockDriverTest extends LockTest
|
||||||
{
|
{
|
||||||
|
|
|
@ -4,6 +4,10 @@ namespace Friendica\Test\src\Core\Lock;
|
||||||
|
|
||||||
use Friendica\Core\Lock\SemaphoreLockDriver;
|
use Friendica\Core\Lock\SemaphoreLockDriver;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @runTestsInSeparateProcesses
|
||||||
|
* @preserveGlobalState disabled
|
||||||
|
*/
|
||||||
class SemaphoreLockDriverTest extends LockTest
|
class SemaphoreLockDriverTest extends LockTest
|
||||||
{
|
{
|
||||||
protected function getInstance()
|
protected function getInstance()
|
||||||
|
|
49
tests/src/Util/XmlTest.php
Normal file
49
tests/src/Util/XmlTest.php
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* @file tests/src/Util/XmlTest.php
|
||||||
|
*/
|
||||||
|
namespace Friendica\Test\Util;
|
||||||
|
|
||||||
|
use Friendica\Util\XML;
|
||||||
|
use PHPUnit\Framework\TestCase;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief XML utility test class
|
||||||
|
*/
|
||||||
|
class XmlTest extends TestCase
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* escape and unescape
|
||||||
|
*/
|
||||||
|
public function testEscapeUnescape()
|
||||||
|
{
|
||||||
|
$text="<tag>I want to break\n this!11!<?hard?></tag>";
|
||||||
|
$xml=XML::escape($text);
|
||||||
|
$retext=XML::unescape($text);
|
||||||
|
$this->assertEquals($text, $retext);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* escape and put in a document
|
||||||
|
*/
|
||||||
|
public function testEscapeDocument()
|
||||||
|
{
|
||||||
|
$tag="<tag>I want to break</tag>";
|
||||||
|
$xml=XML::escape($tag);
|
||||||
|
$text='<text>'.$xml.'</text>';
|
||||||
|
$xml_parser=xml_parser_create();
|
||||||
|
//should be possible to parse it
|
||||||
|
$values=array();
|
||||||
|
$index=array();
|
||||||
|
$this->assertEquals(1, xml_parse_into_struct($xml_parser, $text, $values, $index));
|
||||||
|
$this->assertEquals(
|
||||||
|
array('TEXT'=>array(0)),
|
||||||
|
$index
|
||||||
|
);
|
||||||
|
$this->assertEquals(
|
||||||
|
array(array('tag'=>'TEXT', 'type'=>'complete', 'level'=>1, 'value'=>$tag)),
|
||||||
|
$values
|
||||||
|
);
|
||||||
|
xml_parser_free($xml_parser);
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue