1
1
Fork 0

Merge branch '2018.12-rc' into task/move-config-to-php-array

This commit is contained in:
Hypolite Petovan 2018-12-27 01:47:53 -05:00 committed by GitHub
commit fabc90e9dd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
420 changed files with 3127 additions and 2911 deletions

View file

@ -1 +1 @@
2018.12-dev
2018.12-rc

View file

@ -39,7 +39,7 @@ require_once 'include/text.php';
define('FRIENDICA_PLATFORM', 'Friendica');
define('FRIENDICA_CODENAME', 'The Tazmans Flax-lily');
define('FRIENDICA_VERSION', '2018.12-dev');
define('FRIENDICA_VERSION', '2018.12-rc');
define('DFRN_PROTOCOL_VERSION', '2.23');
define('NEW_UPDATE_ROUTINE_VERSION', 1170);
@ -338,41 +338,6 @@ function get_app()
return BaseObject::getApp();
}
/**
* @brief Multi-purpose function to check variable state.
*
* Usage: x($var) or $x($array, 'key')
*
* returns false if variable/key is not set
* if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
* e.g. x('') or x(0) returns 0;
*
* @param string|array $s variable to check
* @param string $k key inside the array to check
*
* @return bool|int
*/
function x($s, $k = null)
{
if ($k != null) {
if ((is_array($s)) && (array_key_exists($k, $s))) {
if ($s[$k]) {
return (int) 1;
}
return (int) 0;
}
return false;
} else {
if (isset($s)) {
if ($s) {
return (int) 1;
}
return (int) 0;
}
return false;
}
}
/**
* Return the provided variable value if it exists and is truthy or the provided
* default value instead.
@ -383,13 +348,12 @@ function x($s, $k = null)
* - defaults($var, $default)
* - defaults($array, 'key', $default)
*
* @param array $args
* @brief Returns a defaut value if the provided variable or array key is falsy
* @see x()
* @return mixed
*/
function defaults() {
$args = func_get_args();
function defaults(...$args)
{
if (count($args) < 2) {
throw new BadFunctionCallException('defaults() requires at least 2 parameters');
}
@ -400,16 +364,15 @@ function defaults() {
throw new BadFunctionCallException('defaults($arr, $key, $def) $key is null');
}
$default = array_pop($args);
// The default value always is the last argument
$return = array_pop($args);
if (call_user_func_array('x', $args)) {
if (count($args) === 1) {
$return = $args[0];
} else {
if (count($args) == 2 && is_array($args[0]) && !empty($args[0][$args[1]])) {
$return = $args[0][$args[1]];
}
} else {
$return = $default;
if (count($args) == 1 && !empty($args[0])) {
$return = $args[0];
}
return $return;
@ -446,15 +409,15 @@ function public_contact()
{
static $public_contact_id = false;
if (!$public_contact_id && x($_SESSION, 'authenticated')) {
if (x($_SESSION, 'my_address')) {
if (!$public_contact_id && !empty($_SESSION['authenticated'])) {
if (!empty($_SESSION['my_address'])) {
// Local user
$public_contact_id = intval(Contact::getIdForURL($_SESSION['my_address'], 0, true));
} elseif (x($_SESSION, 'visitor_home')) {
} elseif (!empty($_SESSION['visitor_home'])) {
// Remote user
$public_contact_id = intval(Contact::getIdForURL($_SESSION['visitor_home'], 0, true));
}
} elseif (!x($_SESSION, 'authenticated')) {
} elseif (empty($_SESSION['authenticated'])) {
$public_contact_id = false;
}
@ -479,7 +442,7 @@ function remote_user()
return false;
}
if (x($_SESSION, 'authenticated') && x($_SESSION, 'visitor_id')) {
if (!empty($_SESSION['authenticated']) && !empty($_SESSION['visitor_id'])) {
return intval($_SESSION['visitor_id']);
}
return false;
@ -499,7 +462,7 @@ function notice($s)
}
$a = get_app();
if (!x($_SESSION, 'sysmsg')) {
if (empty($_SESSION['sysmsg'])) {
$_SESSION['sysmsg'] = [];
}
if ($a->interactive) {
@ -522,7 +485,7 @@ function info($s)
return;
}
if (!x($_SESSION, 'sysmsg_info')) {
if (empty($_SESSION['sysmsg_info'])) {
$_SESSION['sysmsg_info'] = [];
}
if ($a->interactive) {
@ -891,3 +854,22 @@ function validate_include(&$file)
// Simply return flag
return $valid;
}
/**
* PHP 5 compatible dirname() with count parameter
*
* @see http://php.net/manual/en/function.dirname.php#113193
*
* @deprecated with PHP 7
* @param string $path
* @param int $levels
* @return string
*/
function rdirname($path, $levels = 1)
{
if ($levels > 1) {
return dirname(rdirname($path, --$levels));
} else {
return dirname($path);
}
}

View file

@ -34,7 +34,7 @@
use Friendica\Database\DBA;
if (!defined('DB_UPDATE_VERSION')) {
define('DB_UPDATE_VERSION', 1290);
define('DB_UPDATE_VERSION', 1291);
}
return [
@ -643,6 +643,7 @@ return [
"uid_contactid_created" => ["uid", "contact-id", "created"],
"authorid_created" => ["author-id", "created"],
"ownerid" => ["owner-id"],
"contact-id" => ["contact-id"],
"uid_uri" => ["uid", "uri(190)"],
"resource-id" => ["resource-id"],
"deleted_changed" => ["deleted", "changed"],
@ -894,7 +895,9 @@ return [
"fid" => ["type" => "int unsigned", "not null" => "1", "relation" => ["fcontact" => "id"], "comment" => ""],
],
"indexes" => [
"PRIMARY" => ["iid", "server"]
"PRIMARY" => ["iid", "server"],
"cid" => ["cid"],
"fid" => ["fid"]
]
],
"pconfig" => [

View file

@ -248,7 +248,10 @@ Friendica will not work correctly if you cannot perform this step.
If it is not possible to set up a cron job then please activate the "frontend worker" in the administration interface.
Once you have installed Friendica and created an admin account as part of the process, you can access the admin panel of your installation and do most of the server wide configuration from there
Once you have installed Friendica and created an admin account as part of the process, you can access the admin panel of your installation and do most of the server wide configuration from there.
At this point it is recommended that you set up logging and logrotation.
To do so please visit [Settings](help/Settings) and search the 'Logs' section for more information.
### Set up a backup plan

View file

@ -181,13 +181,13 @@ Next take the default.php file found in the /view direcotry and exchange the asi
So the central part of the file now looks like this:
<body>
<?php if(x($page,'nav')) echo $page['nav']; ?>
<aside><?php if(x($page,'right_aside')) echo $page['right_aside']; ?></aside>
<section><?php if(x($page,'content')) echo $page['content']; ?>
<?php if(!empty($page['nav'])) echo $page['nav']; ?>
<aside><?php if(!empty($page['right_aside'])) echo $page['right_aside']; ?></aside>
<section><?php if(!empty($page['content'])) echo $page['content']; ?>
<div id="page-footer"></div>
</section>
<right_aside><?php if(x($page,'aside')) echo $page['aside']; ?></right_aside>
<footer><?php if(x($page,'footer')) echo $page['footer']; ?></footer>
<right_aside><?php if(!empty($page['aside'])) echo $page['aside']; ?></right_aside>
<footer><?php if(!empty($page['footer'])) echo $page['footer']; ?></footer>
</body>
Finally we need a style.css file, inheriting the definitions from the parent theme and containing out changes for the new theme.

View file

@ -68,7 +68,7 @@ $called_api = [];
*/
function api_user()
{
if (x($_SESSION, 'allow_api')) {
if (!empty($_SESSION['allow_api'])) {
return local_user();
}
@ -186,7 +186,7 @@ function api_login(App $a)
}
// workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
@ -195,7 +195,7 @@ function api_login(App $a)
}
}
if (!x($_SERVER, 'PHP_AUTH_USER')) {
if (empty($_SERVER['PHP_AUTH_USER'])) {
Logger::log('API_login: ' . print_r($_SERVER, true), Logger::DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
throw new UnauthorizedException("This API requires login");
@ -396,7 +396,7 @@ function api_call(App $a)
case "json":
header("Content-Type: application/json");
$json = json_encode(end($return));
if (x($_GET, 'callback')) {
if (!empty($_GET['callback'])) {
$json = $_GET['callback'] . "(" . $json . ")";
}
$return = $json;
@ -550,7 +550,7 @@ function api_get_user(App $a, $contact_id = null)
}
}
if (is_null($user) && x($_GET, 'user_id')) {
if (is_null($user) && !empty($_GET['user_id'])) {
$user = DBA::escape(api_unique_id_to_nurl($_GET['user_id']));
if ($user == "") {
@ -563,7 +563,7 @@ function api_get_user(App $a, $contact_id = null)
$extra_query .= "AND `contact`.`uid`=" . intval(api_user());
}
}
if (is_null($user) && x($_GET, 'screen_name')) {
if (is_null($user) && !empty($_GET['screen_name'])) {
$user = DBA::escape($_GET['screen_name']);
$extra_query = "AND `contact`.`nick` = '%s' ";
if (api_user() !== false) {
@ -571,7 +571,7 @@ function api_get_user(App $a, $contact_id = null)
}
}
if (is_null($user) && x($_GET, 'profileurl')) {
if (is_null($user) && !empty($_GET['profileurl'])) {
$user = DBA::escape(Strings::normaliseLink($_GET['profileurl']));
$extra_query = "AND `contact`.`nurl` = '%s' ";
if (api_user() !== false) {
@ -643,8 +643,6 @@ function api_get_user(App $a, $contact_id = null)
$contact = DBA::selectFirst('contact', [], ['uid' => 0, 'nurl' => Strings::normaliseLink($url)]);
if (DBA::isResult($contact)) {
$network_name = ContactSelector::networkToName($contact['network'], $contact['url']);
// If no nick where given, extract it from the address
if (($contact['nick'] == "") || ($contact['name'] == $contact['nick'])) {
$contact['nick'] = api_get_nick($contact["url"]);
@ -655,7 +653,7 @@ function api_get_user(App $a, $contact_id = null)
'id_str' => (string) $contact["id"],
'name' => $contact["name"],
'screen_name' => (($contact['nick']) ? $contact['nick'] : $contact['name']),
'location' => ($contact["location"] != "") ? $contact["location"] : $network_name,
'location' => ($contact["location"] != "") ? $contact["location"] : ContactSelector::networkToName($contact['network'], $contact['url']),
'description' => $contact["about"],
'profile_image_url' => $contact["micro"],
'profile_image_url_https' => $contact["micro"],
@ -713,8 +711,6 @@ function api_get_user(App $a, $contact_id = null)
$uinfo[0]['nick'] = api_get_nick($uinfo[0]["url"]);
}
$network_name = ContactSelector::networkToName($uinfo[0]['network'], $uinfo[0]['url']);
$pcontact_id = Contact::getIdForURL($uinfo[0]['url'], 0, true);
if (!empty($profile['about'])) {
@ -728,7 +724,7 @@ function api_get_user(App $a, $contact_id = null)
} elseif (!empty($uinfo[0]["location"])) {
$location = $uinfo[0]["location"];
} else {
$location = $network_name;
$location = ContactSelector::networkToName($uinfo[0]['network'], $uinfo[0]['url']);
}
$ret = [
@ -980,7 +976,7 @@ function api_account_verify_credentials($type)
unset($_REQUEST["screen_name"]);
unset($_GET["screen_name"]);
$skip_status = (x($_REQUEST, 'skip_status')?$_REQUEST['skip_status'] : false);
$skip_status = defaults($_REQUEST, 'skip_status', false);
$user_info = api_get_user($a);
@ -1014,10 +1010,10 @@ api_register_func('api/account/verify_credentials', 'api_account_verify_credenti
*/
function requestdata($k)
{
if (x($_POST, $k)) {
if (!empty($_POST[$k])) {
return $_POST[$k];
}
if (x($_GET, $k)) {
if (!empty($_GET[$k])) {
return $_GET[$k];
}
return null;
@ -1172,7 +1168,7 @@ function api_statuses_update($type)
}
}
if (x($_FILES, 'media')) {
if (!empty($_FILES['media'])) {
// upload the image if we have one
$picture = wall_upload_post($a, false);
if (is_array($picture)) {
@ -1199,7 +1195,7 @@ function api_statuses_update($type)
$_REQUEST['api_source'] = true;
if (!x($_REQUEST, "source")) {
if (empty($_REQUEST['source'])) {
$_REQUEST["source"] = api_source();
}
@ -1231,7 +1227,7 @@ function api_media_upload()
api_get_user($a);
if (!x($_FILES, 'media')) {
if (empty($_FILES['media'])) {
// Output error
throw new BadRequestException("No media.");
}
@ -1445,7 +1441,7 @@ function api_users_search($type)
$userlist = [];
if (x($_GET, 'q')) {
if (!empty($_GET['q'])) {
$r = q("SELECT id FROM `contact` WHERE `uid` = 0 AND `name` = '%s'", DBA::escape($_GET["q"]));
if (!DBA::isResult($r)) {
@ -1530,21 +1526,21 @@ function api_search($type)
$data = [];
if (!x($_REQUEST, 'q')) {
if (empty($_REQUEST['q'])) {
throw new BadRequestException("q parameter is required.");
}
if (x($_REQUEST, 'rpp')) {
if (!empty($_REQUEST['rpp'])) {
$count = $_REQUEST['rpp'];
} elseif (x($_REQUEST, 'count')) {
} elseif (!empty($_REQUEST['count'])) {
$count = $_REQUEST['count'];
} else {
$count = 15;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
$start = $page * $count;
@ -1598,16 +1594,15 @@ function api_statuses_home_timeline($type)
// get last network messages
// params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0);
$count = defaults($_REQUEST, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
if ($page < 0) {
$page = 0;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = !empty($_REQUEST['exclude_replies']);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count;
@ -1618,7 +1613,7 @@ function api_statuses_home_timeline($type)
$condition[0] .= " AND `item`.`id` <= ?";
$condition[] = $max_id;
}
if ($exclude_replies > 0) {
if ($exclude_replies) {
$condition[0] .= ' AND `item`.`parent` = `item`.`id`';
}
if ($conversation_id > 0) {
@ -1681,19 +1676,17 @@ function api_statuses_public_timeline($type)
// get last network messages
// params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] -1 : 0);
$count = defaults($_REQUEST, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] -1 : 0);
if ($page < 0) {
$page = 0;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = (!empty($_REQUEST['exclude_replies']) ? 1 : 0);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count;
$sql_extra = '';
if ($exclude_replies && !$conversation_id) {
$condition = ["`gravity` IN (?, ?) AND `iid` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall`",
@ -1762,12 +1755,12 @@ function api_statuses_networkpublic_timeline($type)
throw new ForbiddenException();
}
$since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0;
$max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0;
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
// pagination
$count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 20;
$page = x($_REQUEST, 'page') ? $_REQUEST['page'] : 1;
$count = defaults($_REQUEST, 'count', 20);
$page = defaults($_REQUEST, 'page', 1);
if ($page < 1) {
$page = 1;
}
@ -2001,7 +1994,7 @@ function api_statuses_repeat($type)
$_REQUEST['profile_uid'] = api_user();
$_REQUEST['api_source'] = true;
if (!x($_REQUEST, "source")) {
if (empty($_REQUEST['source'])) {
$_REQUEST["source"] = api_source();
}
@ -2150,14 +2143,14 @@ function api_statuses_user_timeline($type)
Logger::DEBUG
);
$since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0;
$max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0;
$exclude_replies = x($_REQUEST, 'exclude_replies') ? 1 : 0;
$conversation_id = x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0;
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = !empty($_REQUEST['exclude_replies']);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
// pagination
$count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 20;
$page = x($_REQUEST, 'page') ? $_REQUEST['page'] : 1;
$count = defaults($_REQUEST, 'count', 20);
$page = defaults($_REQUEST, 'page', 1);
if ($page < 1) {
$page = 1;
}
@ -2170,7 +2163,7 @@ function api_statuses_user_timeline($type)
$condition[0] .= ' AND `item`.`wall` ';
}
if ($exclude_replies > 0) {
if ($exclude_replies) {
$condition[0] .= ' AND `item`.`parent` = `item`.`id`';
}
@ -2309,10 +2302,10 @@ function api_favorites($type)
$ret = [];
} else {
// params
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$count = (x($_GET, 'count') ? $_GET['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] -1 : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$count = defaults($_GET, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] -1 : 0);
if ($page < 0) {
$page = 0;
}
@ -2390,7 +2383,7 @@ function api_format_messages($item, $recipient, $sender)
}
//don't send title to regular StatusNET requests to avoid confusing these apps
if (x($_GET, 'getText')) {
if (!empty($_GET['getText'])) {
$ret['title'] = $item['title'];
if ($_GET['getText'] == 'html') {
$ret['text'] = BBCode::convert($item['body'], false);
@ -2400,7 +2393,7 @@ function api_format_messages($item, $recipient, $sender)
} else {
$ret['text'] = $item['title'] . "\n" . HTML::toPlaintext(BBCode::convert(api_clean_plain_items($item['body']), false, 2, true), 0);
}
if (x($_GET, 'getUserObjects') && $_GET['getUserObjects'] == 'false') {
if (!empty($_GET['getUserObjects']) && $_GET['getUserObjects'] == 'false') {
unset($ret['sender']);
unset($ret['recipient']);
}
@ -2530,7 +2523,7 @@ function api_get_attachments(&$body)
*/
function api_get_entitities(&$text, $bbcode)
{
$include_entities = strtolower(x($_REQUEST, 'include_entities') ? $_REQUEST['include_entities'] : "false");
$include_entities = strtolower(defaults($_REQUEST, 'include_entities', "false"));
if ($include_entities != "true") {
preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images);
@ -3119,15 +3112,15 @@ function api_lists_statuses($type)
}
// params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0);
$count = defaults($_REQUEST, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
if ($page < 0) {
$page = 0;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = (!empty($_REQUEST['exclude_replies']) ? 1 : 0);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count;
@ -3185,8 +3178,8 @@ function api_statuses_f($qtype)
}
// pagination
$count = x($_GET, 'count') ? $_GET['count'] : 20;
$page = x($_GET, 'page') ? $_GET['page'] : 1;
$count = defaults($_GET, 'count', 20);
$page = defaults($_GET, 'page', 1);
if ($page < 1) {
$page = 1;
}
@ -3194,7 +3187,7 @@ function api_statuses_f($qtype)
$user_info = api_get_user($a);
if (x($_GET, 'cursor') && $_GET['cursor'] == 'undefined') {
if (!empty($_GET['cursor']) && $_GET['cursor'] == 'undefined') {
/* this is to stop Hotot to load friends multiple times
* I'm not sure if I'm missing return something or
* is a bug in hotot. Workaround, meantime
@ -3522,7 +3515,7 @@ function api_direct_messages_new($type)
$replyto = '';
$sub = '';
if (x($_REQUEST, 'replyto')) {
if (!empty($_REQUEST['replyto'])) {
$r = q(
'SELECT `parent-uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d',
intval(api_user()),
@ -3531,7 +3524,7 @@ function api_direct_messages_new($type)
$replyto = $r[0]['parent-uri'];
$sub = $r[0]['title'];
} else {
if (x($_REQUEST, 'title')) {
if (!empty($_REQUEST['title'])) {
$sub = $_REQUEST['title'];
} else {
$sub = ((strlen($_POST['text'])>10) ? substr($_POST['text'], 0, 10)."...":$_POST['text']);
@ -3583,10 +3576,10 @@ function api_direct_messages_destroy($type)
// params
$user_info = api_get_user($a);
//required
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0);
$id = defaults($_REQUEST, 'id', 0);
// optional
$parenturi = (x($_REQUEST, 'friendica_parenturi') ? $_REQUEST['friendica_parenturi'] : "");
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$parenturi = defaults($_REQUEST, 'friendica_parenturi', "");
$verbose = (!empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false");
/// @todo optional parameter 'include_entities' from Twitter API not yet implemented
$uid = $user_info['uid'];
@ -3838,7 +3831,7 @@ function api_direct_messages_box($type, $box, $verbose)
*/
function api_direct_messages_sentbox($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "sentbox", $verbose);
}
@ -3852,7 +3845,7 @@ function api_direct_messages_sentbox($type)
*/
function api_direct_messages_inbox($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "inbox", $verbose);
}
@ -3864,7 +3857,7 @@ function api_direct_messages_inbox($type)
*/
function api_direct_messages_all($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "all", $verbose);
}
@ -3876,7 +3869,7 @@ function api_direct_messages_all($type)
*/
function api_direct_messages_conversation($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "conversation", $verbose);
}
@ -3940,7 +3933,7 @@ function api_fr_photoalbum_delete($type)
throw new ForbiddenException();
}
// input params
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : "");
$album = defaults($_REQUEST, 'album', "");
// we do not allow calls without album string
if ($album == "") {
@ -3992,8 +3985,8 @@ function api_fr_photoalbum_update($type)
throw new ForbiddenException();
}
// input params
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : "");
$album_new = (x($_REQUEST, 'album_new') ? $_REQUEST['album_new'] : "");
$album = defaults($_REQUEST, 'album', "");
$album_new = defaults($_REQUEST, 'album_new', "");
// we do not allow calls without album string
if ($album == "") {
@ -4077,15 +4070,15 @@ function api_fr_photo_create_update($type)
throw new ForbiddenException();
}
// input params
$photo_id = (x($_REQUEST, 'photo_id') ? $_REQUEST['photo_id'] : null);
$desc = (x($_REQUEST, 'desc') ? $_REQUEST['desc'] : (array_key_exists('desc', $_REQUEST) ? "" : null)); // extra check necessary to distinguish between 'not provided' and 'empty string'
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : null);
$album_new = (x($_REQUEST, 'album_new') ? $_REQUEST['album_new'] : null);
$allow_cid = (x($_REQUEST, 'allow_cid') ? $_REQUEST['allow_cid'] : (array_key_exists('allow_cid', $_REQUEST) ? " " : null));
$deny_cid = (x($_REQUEST, 'deny_cid') ? $_REQUEST['deny_cid'] : (array_key_exists('deny_cid', $_REQUEST) ? " " : null));
$allow_gid = (x($_REQUEST, 'allow_gid') ? $_REQUEST['allow_gid'] : (array_key_exists('allow_gid', $_REQUEST) ? " " : null));
$deny_gid = (x($_REQUEST, 'deny_gid') ? $_REQUEST['deny_gid'] : (array_key_exists('deny_gid', $_REQUEST) ? " " : null));
$visibility = (x($_REQUEST, 'visibility') ? (($_REQUEST['visibility'] == "true" || $_REQUEST['visibility'] == 1) ? true : false) : false);
$photo_id = defaults($_REQUEST, 'photo_id', null);
$desc = defaults($_REQUEST, 'desc', (array_key_exists('desc', $_REQUEST) ? "" : null)) ; // extra check necessary to distinguish between 'not provided' and 'empty string'
$album = defaults($_REQUEST, 'album', null);
$album_new = defaults($_REQUEST, 'album_new', null);
$allow_cid = defaults($_REQUEST, 'allow_cid', (array_key_exists('allow_cid', $_REQUEST) ? " " : null));
$deny_cid = defaults($_REQUEST, 'deny_cid' , (array_key_exists('deny_cid' , $_REQUEST) ? " " : null));
$allow_gid = defaults($_REQUEST, 'allow_gid', (array_key_exists('allow_gid', $_REQUEST) ? " " : null));
$deny_gid = defaults($_REQUEST, 'deny_gid' , (array_key_exists('deny_gid' , $_REQUEST) ? " " : null));
$visibility = !empty($_REQUEST['visibility']) && $_REQUEST['visibility'] !== "false";
// do several checks on input parameters
// we do not allow calls without album string
@ -4097,7 +4090,7 @@ function api_fr_photo_create_update($type)
$mode = "create";
// error if no media posted in create-mode
if (!x($_FILES, 'media')) {
if (empty($_FILES['media'])) {
// Output error
throw new BadRequestException("no media data submitted");
}
@ -4188,7 +4181,7 @@ function api_fr_photo_create_update($type)
$nothingtodo = true;
}
if (x($_FILES, 'media')) {
if (!empty($_FILES['media'])) {
$nothingtodo = false;
$media = $_FILES['media'];
$data = save_media_to_database("photo", $media, $type, $album, $allow_cid, $deny_cid, $allow_gid, $deny_gid, $desc, 0, $visibility, $photo_id);
@ -4224,7 +4217,7 @@ function api_fr_photo_delete($type)
throw new ForbiddenException();
}
// input params
$photo_id = (x($_REQUEST, 'photo_id') ? $_REQUEST['photo_id'] : null);
$photo_id = defaults($_REQUEST, 'photo_id', null);
// do several checks on input parameters
// we do not allow calls without photo id
@ -4275,11 +4268,11 @@ function api_fr_photo_detail($type)
if (api_user() === false) {
throw new ForbiddenException();
}
if (!x($_REQUEST, 'photo_id')) {
if (empty($_REQUEST['photo_id'])) {
throw new BadRequestException("No photo id.");
}
$scale = (x($_REQUEST, 'scale') ? intval($_REQUEST['scale']) : false);
$scale = (!empty($_REQUEST['scale']) ? intval($_REQUEST['scale']) : false);
$photo_id = $_REQUEST['photo_id'];
// prepare json/xml output with data from database for the requested photo
@ -4308,7 +4301,7 @@ function api_account_update_profile_image($type)
$profile_id = defaults($_REQUEST, 'profile_id', 0);
// error if image data is missing
if (!x($_FILES, 'image')) {
if (empty($_FILES['image'])) {
throw new BadRequestException("no media data submitted");
}
@ -4326,9 +4319,9 @@ function api_account_update_profile_image($type)
// get mediadata from image or media (Twitter call api/account/update_profile_image provides image)
$media = null;
if (x($_FILES, 'image')) {
if (!empty($_FILES['image'])) {
$media = $_FILES['image'];
} elseif (x($_FILES, 'media')) {
} elseif (!empty($_FILES['media'])) {
$media = $_FILES['media'];
}
// save new profile image
@ -4788,8 +4781,8 @@ function prepare_photo_data($type, $scale, $photo_id)
*/
function api_friendica_remoteauth()
{
$url = (x($_GET, 'url') ? $_GET['url'] : '');
$c_url = (x($_GET, 'c_url') ? $_GET['c_url'] : '');
$url = defaults($_GET, 'url', '');
$c_url = defaults($_GET, 'c_url', '');
if ($url === '' || $c_url === '') {
throw new BadRequestException("Wrong parameters.");
@ -4935,6 +4928,7 @@ function api_share_as_retweet(&$item)
}
$reshared_item["body"] = $shared_body;
$reshared_item["author-id"] = Contact::getIdForURL($profile, 0, true);
$reshared_item["author-name"] = $author;
$reshared_item["author-link"] = $profile;
$reshared_item["author-avatar"] = $avatar;
@ -5092,7 +5086,7 @@ function api_in_reply_to($item)
*/
function api_clean_plain_items($text)
{
$include_entities = strtolower(x($_REQUEST, 'include_entities') ? $_REQUEST['include_entities'] : "false");
$include_entities = strtolower(defaults($_REQUEST, 'include_entities', "false"));
$text = BBCode::cleanPictureLinks($text);
$URLSearchString = "^\[\]";
@ -5224,7 +5218,7 @@ function api_friendica_group_show($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0);
$gid = defaults($_REQUEST, 'gid', 0);
$uid = $user_info['uid'];
// get data of the specified group id or all groups if not specified
@ -5289,8 +5283,8 @@ function api_friendica_group_delete($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$gid = defaults($_REQUEST, 'gid', 0);
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
// error if no gid specified
@ -5351,7 +5345,7 @@ function api_lists_destroy($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'list_id') ? $_REQUEST['list_id'] : 0);
$gid = defaults($_REQUEST, 'list_id', 0);
$uid = $user_info['uid'];
// error if no gid specified
@ -5467,7 +5461,7 @@ function api_friendica_group_create($type)
// params
$user_info = api_get_user($a);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
$json = json_decode($_POST['json'], true);
$users = $json['user'];
@ -5496,7 +5490,7 @@ function api_lists_create($type)
// params
$user_info = api_get_user($a);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
$success = group_create($name, $uid);
@ -5531,8 +5525,8 @@ function api_friendica_group_update($type)
// params
$user_info = api_get_user($a);
$uid = $user_info['uid'];
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$gid = defaults($_REQUEST, 'gid', 0);
$name = defaults($_REQUEST, 'name', "");
$json = json_decode($_POST['json'], true);
$users = $json['user'];
@ -5604,8 +5598,8 @@ function api_lists_update($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'list_id') ? $_REQUEST['list_id'] : 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$gid = defaults($_REQUEST, 'list_id', 0);
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
// error if no gid specified
@ -5650,7 +5644,7 @@ function api_friendica_activity($type)
$verb = strtolower($a->argv[3]);
$verb = preg_replace("|\..*$|", "", $verb);
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0);
$id = defaults($_REQUEST, 'id', 0);
$res = Item::performLike($id, $verb);
@ -5732,7 +5726,7 @@ function api_friendica_notification_seen($type)
throw new BadRequestException("Invalid argument count");
}
$id = (x($_REQUEST, 'id') ? intval($_REQUEST['id']) : 0);
$id = (!empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0);
$nm = new NotificationsManager();
$note = $nm->getByID($id);
@ -5775,7 +5769,7 @@ function api_friendica_direct_messages_setseen($type)
// params
$user_info = api_get_user($a);
$uid = $user_info['uid'];
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0);
$id = defaults($_REQUEST, 'id', 0);
// return error if id is zero
if ($id == "") {
@ -5824,7 +5818,7 @@ function api_friendica_direct_messages_search($type, $box = "")
// params
$user_info = api_get_user($a);
$searchstring = (x($_REQUEST, 'searchstring') ? $_REQUEST['searchstring'] : "");
$searchstring = defaults($_REQUEST, 'searchstring', "");
$uid = $user_info['uid'];
// error if no searchstring specified
@ -5886,7 +5880,7 @@ function api_friendica_profile_show($type)
}
// input params
$profile_id = (x($_REQUEST, 'profile_id') ? $_REQUEST['profile_id'] : 0);
$profile_id = defaults($_REQUEST, 'profile_id', 0);
// retrieve general information about profiles for user
$multi_profiles = Feature::isEnabled(api_user(), 'multi_profiles');

View file

@ -389,7 +389,7 @@ function visible_activity($item) {
* likes (etc.) can apply to other things besides posts. Check if they are post children,
* in which case we handle them specially
*/
$hidden_activities = [ACTIVITY_LIKE, ACTIVITY_DISLIKE, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE];
$hidden_activities = [ACTIVITY_LIKE, ACTIVITY_DISLIKE, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE, ACTIVITY_FOLLOW];
foreach ($hidden_activities as $act) {
if (activity_match($item['verb'], $act)) {
return false;
@ -462,17 +462,17 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
. "<script> var profile_uid = " . $_SESSION['uid']
. "; var netargs = '" . substr($a->cmd, 8)
. '?f='
. ((x($_GET, 'cid')) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. ((x($_GET, 'search')) ? '&search=' . rawurlencode($_GET['search']) : '')
. ((x($_GET, 'star')) ? '&star=' . rawurlencode($_GET['star']) : '')
. ((x($_GET, 'order')) ? '&order=' . rawurlencode($_GET['order']) : '')
. ((x($_GET, 'bmark')) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. ((x($_GET, 'liked')) ? '&liked=' . rawurlencode($_GET['liked']) : '')
. ((x($_GET, 'conv')) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. ((x($_GET, 'nets')) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. ((x($_GET, 'cmin')) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. ((x($_GET, 'cmax')) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. ((x($_GET, 'file')) ? '&file=' . rawurlencode($_GET['file']) : '')
. (!empty($_GET['cid']) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. (!empty($_GET['search']) ? '&search=' . rawurlencode($_GET['search']) : '')
. (!empty($_GET['star']) ? '&star=' . rawurlencode($_GET['star']) : '')
. (!empty($_GET['order']) ? '&order=' . rawurlencode($_GET['order']) : '')
. (!empty($_GET['bmark']) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. (!empty($_GET['liked']) ? '&liked=' . rawurlencode($_GET['liked']) : '')
. (!empty($_GET['conv']) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. (!empty($_GET['nets']) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. (!empty($_GET['cmin']) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. (!empty($_GET['cmax']) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. (!empty($_GET['file']) ? '&file=' . rawurlencode($_GET['file']) : '')
. "'; var profile_page = " . $pager->getPage() . "; </script>\r\n";
}
@ -482,7 +482,7 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
if (!$update) {
$tab = 'posts';
if (x($_GET, 'tab')) {
if (!empty($_GET['tab'])) {
$tab = Strings::escapeTags(trim($_GET['tab']));
}
if ($tab === 'posts') {
@ -497,7 +497,7 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
}
}
} elseif ($mode === 'notes') {
$items = conversation_add_children($items, false, $order, $uid);
$items = conversation_add_children($items, false, $order, local_user());
$profile_owner = local_user();
if (!$update) {
@ -798,7 +798,7 @@ function conversation_add_children(array $parents, $block_authors, $order, $uid)
foreach ($parents AS $parent) {
$condition = ["`item`.`parent-uri` = ? AND `item`.`uid` IN (0, ?) ",
$parent['uri'], local_user()];
$parent['uri'], $uid];
if ($block_authors) {
$condition[0] .= "AND NOT `author`.`hidden`";
}
@ -951,7 +951,7 @@ function builtin_activity_puller($item, &$conv_responses) {
$url = '<a href="'. $url . '"'. $sparkle .'>' . htmlentities($item['author-name']) . '</a>';
if (!x($item, 'thr-parent')) {
if (empty($item['thr-parent'])) {
$item['thr-parent'] = $item['parent-uri'];
}
@ -994,6 +994,7 @@ function builtin_activity_puller($item, &$conv_responses) {
function format_like($cnt, array $arr, $type, $id) {
$o = '';
$expanded = '';
$phrase = '';
if ($cnt == 1) {
$likers = $arr[0];
@ -1079,7 +1080,7 @@ function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
{
$o = '';
$geotag = x($x, 'allow_location') ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : '';
$geotag = !empty($x['allow_location']) ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : '';
$tpl = Renderer::getMarkupTemplate('jot-header.tpl');
$a->page['htmlhead'] .= Renderer::replaceMacros($tpl, [
@ -1100,7 +1101,7 @@ function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
// Private/public post links for the non-JS ACL form
$private_post = 1;
if (x($_REQUEST, 'public')) {
if (!empty($_REQUEST['public'])) {
$private_post = 0;
}
@ -1432,11 +1433,11 @@ function sort_thr_commented(array $a, array $b)
}
function render_location_dummy(array $item) {
if (x($item, 'location') && !empty($item['location'])) {
if (!empty($item['location']) && !empty($item['location'])) {
return $item['location'];
}
if (x($item, 'coord') && !empty($item['coord'])) {
if (!empty($item['coord']) && !empty($item['coord'])) {
return $item['coord'];
}
}

View file

@ -58,7 +58,7 @@ function admin_post(App $a)
// do not allow a page manager to access the admin panel at all.
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
return;
}
@ -167,7 +167,7 @@ function admin_content(App $a)
return Login::form();
}
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
return "";
}
@ -329,6 +329,7 @@ function admin_page_tos(App $a)
'$submit' => L10n::t('Save Settings'),
]);
}
/**
* @brief Process send data from Admin TOS Page
*
@ -338,13 +339,13 @@ function admin_page_tos_post(App $a)
{
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/tos', 'admin_tos');
if (!x($_POST, "page_tos")) {
if (empty($_POST['page_tos'])) {
return;
}
$displaytos = ((x($_POST, 'displaytos')) ? True : False);
$displayprivstatement = ((x($_POST, 'displayprivstatement')) ? True : False);
$tostext = ((x($_POST, 'tostext')) ? strip_tags(trim($_POST['tostext'])) : '');
$displaytos = !empty($_POST['displaytos']);
$displayprivstatement = !empty($_POST['displayprivstatement']);
$tostext = (!empty($_POST['tostext']) ? strip_tags(trim($_POST['tostext'])) : '');
Config::set('system', 'tosdisplay', $displaytos);
Config::set('system', 'tosprivstatement', $displayprivstatement);
@ -354,6 +355,7 @@ function admin_page_tos_post(App $a)
return; // NOTREACHED
}
/**
* @brief Subpage to modify the server wide block list via the admin panel.
*
@ -407,13 +409,13 @@ function admin_page_blocklist(App $a)
*/
function admin_page_blocklist_post(App $a)
{
if (!x($_POST, "page_blocklist_save") && (!x($_POST['page_blocklist_edit']))) {
if (empty($_POST['page_blocklist_save']) && empty($_POST['page_blocklist_edit'])) {
return;
}
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/blocklist', 'admin_blocklist');
if (x($_POST['page_blocklist_save'])) {
if (!empty($_POST['page_blocklist_save'])) {
// Add new item to blocklist
$blocklist = Config::get('system', 'blocklist');
$blocklist[] = [
@ -429,7 +431,7 @@ function admin_page_blocklist_post(App $a)
// Trimming whitespaces as well as any lingering slashes
$domain = Strings::escapeTags(trim($domain, "\x00..\x1F/"));
$reason = Strings::escapeTags(trim($_POST['reason'][$id]));
if (!x($_POST['delete'][$id])) {
if (empty($_POST['delete'][$id])) {
$blocklist[] = [
'domain' => $domain,
'reason' => $reason
@ -451,12 +453,12 @@ function admin_page_blocklist_post(App $a)
*/
function admin_page_contactblock_post(App $a)
{
$contact_url = x($_POST, 'contact_url') ? $_POST['contact_url'] : '';
$contacts = x($_POST, 'contacts') ? $_POST['contacts'] : [];
$contact_url = defaults($_POST, 'contact_url', '');
$contacts = defaults($_POST, 'contacts', []);
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/contactblock', 'admin_contactblock');
if (x($_POST, 'page_contactblock_block')) {
if (!empty($_POST['page_contactblock_block'])) {
$contact_id = Contact::getIdForURL($contact_url);
if ($contact_id) {
Contact::block($contact_id);
@ -465,7 +467,7 @@ function admin_page_contactblock_post(App $a)
notice(L10n::t("Could not find any contact entry for this URL \x28%s\x29", $contact_url));
}
}
if (x($_POST, 'page_contactblock_unblock')) {
if (!empty($_POST['page_contactblock_unblock'])) {
foreach ($contacts as $uid) {
Contact::unblock($uid);
}
@ -559,13 +561,13 @@ function admin_page_deleteitem(App $a)
*/
function admin_page_deleteitem_post(App $a)
{
if (!x($_POST['page_deleteitem_submit'])) {
if (empty($_POST['page_deleteitem_submit'])) {
return;
}
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/deleteitem/', 'admin_deleteitem');
if (x($_POST['page_deleteitem_submit'])) {
if (!empty($_POST['page_deleteitem_submit'])) {
$guid = trim(Strings::escapeTags($_POST['deleteitemguid']));
// The GUID should not include a "/", so if there is one, we got an URL
// and the last part of it is most likely the GUID.
@ -1001,17 +1003,17 @@ function admin_page_site_post(App $a)
return;
}
if (!x($_POST, "page_site")) {
if (empty($_POST['page_site'])) {
return;
}
// relocate
if (x($_POST, 'relocate') && x($_POST, 'relocate_url') && $_POST['relocate_url'] != "") {
if (!empty($_POST['relocate']) && !empty($_POST['relocate_url']) && $_POST['relocate_url'] != "") {
$new_url = $_POST['relocate_url'];
$new_url = rtrim($new_url, "/");
$parsed = @parse_url($new_url);
if (!is_array($parsed) || !x($parsed, 'host') || !x($parsed, 'scheme')) {
if (!is_array($parsed) || empty($parsed['host']) || empty($parsed['scheme'])) {
notice(L10n::t("Can not parse base url. Must have at least <scheme>://<domain>"));
$a->internalRedirect('admin/site');
}
@ -1046,6 +1048,7 @@ function admin_page_site_post(App $a)
$a->internalRedirect('admin/site');
}
}
// update tables
// update profile links in the format "http://server.tld"
update_table($a, "profile", ['photo', 'thumb'], $old_url, $new_url);
@ -1076,98 +1079,97 @@ function admin_page_site_post(App $a)
}
// end relocate
$sitename = ((x($_POST,'sitename')) ? Strings::escapeTags(trim($_POST['sitename'])) : '');
$hostname = ((x($_POST,'hostname')) ? Strings::escapeTags(trim($_POST['hostname'])) : '');
$sender_email = ((x($_POST,'sender_email')) ? Strings::escapeTags(trim($_POST['sender_email'])) : '');
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
$shortcut_icon = ((x($_POST,'shortcut_icon')) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : '');
$touch_icon = ((x($_POST,'touch_icon')) ? Strings::escapeTags(trim($_POST['touch_icon'])) : '');
$info = ((x($_POST,'info')) ? trim($_POST['info']) : false);
$language = ((x($_POST,'language')) ? Strings::escapeTags(trim($_POST['language'])) : '');
$theme = ((x($_POST,'theme')) ? Strings::escapeTags(trim($_POST['theme'])) : '');
$theme_mobile = ((x($_POST,'theme_mobile')) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : '');
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
$maximagelength = ((x($_POST,'maximagelength')) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH);
$jpegimagequality = ((x($_POST,'jpegimagequality')) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY);
$sitename = (!empty($_POST['sitename']) ? Strings::escapeTags(trim($_POST['sitename'])) : '');
$hostname = (!empty($_POST['hostname']) ? Strings::escapeTags(trim($_POST['hostname'])) : '');
$sender_email = (!empty($_POST['sender_email']) ? Strings::escapeTags(trim($_POST['sender_email'])) : '');
$banner = (!empty($_POST['banner']) ? trim($_POST['banner']) : false);
$shortcut_icon = (!empty($_POST['shortcut_icon']) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : '');
$touch_icon = (!empty($_POST['touch_icon']) ? Strings::escapeTags(trim($_POST['touch_icon'])) : '');
$info = (!empty($_POST['info']) ? trim($_POST['info']) : false);
$language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
$theme = (!empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : '');
$theme_mobile = (!empty($_POST['theme_mobile']) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : '');
$maximagesize = (!empty($_POST['maximagesize']) ? intval(trim($_POST['maximagesize'])) : 0);
$maximagelength = (!empty($_POST['maximagelength']) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH);
$jpegimagequality = (!empty($_POST['jpegimagequality']) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY);
$register_policy = (!empty($_POST['register_policy']) ? intval(trim($_POST['register_policy'])) : 0);
$daily_registrations = (!empty($_POST['max_daily_registrations']) ? intval(trim($_POST['max_daily_registrations'])) : 0);
$abandon_days = (!empty($_POST['abandon_days']) ? intval(trim($_POST['abandon_days'])) : 0);
$register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
$daily_registrations = ((x($_POST,'max_daily_registrations')) ? intval(trim($_POST['max_daily_registrations'])) :0);
$abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
$register_text = (!empty($_POST['register_text']) ? strip_tags(trim($_POST['register_text'])) : '');
$register_text = ((x($_POST,'register_text')) ? strip_tags(trim($_POST['register_text'])) : '');
$allowed_sites = (!empty($_POST['allowed_sites']) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : '');
$allowed_email = (!empty($_POST['allowed_email']) ? Strings::escapeTags(trim($_POST['allowed_email'])) : '');
$forbidden_nicknames = (!empty($_POST['forbidden_nicknames']) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : '');
$no_oembed_rich_content = !empty($_POST['no_oembed_rich_content']);
$allowed_oembed = (!empty($_POST['allowed_oembed']) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : '');
$block_public = !empty($_POST['block_public']);
$force_publish = !empty($_POST['publish_all']);
$global_directory = (!empty($_POST['directory']) ? Strings::escapeTags(trim($_POST['directory'])) : '');
$newuser_private = !empty($_POST['newuser_private']);
$enotify_no_content = !empty($_POST['enotify_no_content']);
$private_addons = !empty($_POST['private_addons']);
$disable_embedded = !empty($_POST['disable_embedded']);
$allow_users_remote_self = !empty($_POST['allow_users_remote_self']);
$explicit_content = !empty($_POST['explicit_content']);
$allowed_sites = ((x($_POST,'allowed_sites')) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : '');
$allowed_email = ((x($_POST,'allowed_email')) ? Strings::escapeTags(trim($_POST['allowed_email'])) : '');
$forbidden_nicknames = ((x($_POST,'forbidden_nicknames')) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : '');
$no_oembed_rich_content = x($_POST,'no_oembed_rich_content');
$allowed_oembed = ((x($_POST,'allowed_oembed')) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : '');
$block_public = ((x($_POST,'block_public')) ? True : False);
$force_publish = ((x($_POST,'publish_all')) ? True : False);
$global_directory = ((x($_POST,'directory')) ? Strings::escapeTags(trim($_POST['directory'])) : '');
$newuser_private = ((x($_POST,'newuser_private')) ? True : False);
$enotify_no_content = ((x($_POST,'enotify_no_content')) ? True : False);
$private_addons = ((x($_POST,'private_addons')) ? True : False);
$disable_embedded = ((x($_POST,'disable_embedded')) ? True : False);
$allow_users_remote_self = ((x($_POST,'allow_users_remote_self')) ? True : False);
$explicit_content = ((x($_POST,'explicit_content')) ? True : False);
$no_multi_reg = !empty($_POST['no_multi_reg']);
$no_openid = !empty($_POST['no_openid']);
$no_regfullname = !empty($_POST['no_regfullname']);
$community_page_style = (!empty($_POST['community_page_style']) ? intval(trim($_POST['community_page_style'])) : 0);
$max_author_posts_community_page = (!empty($_POST['max_author_posts_community_page']) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
$no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False);
$no_openid = !((x($_POST,'no_openid')) ? True : False);
$no_regfullname = !((x($_POST,'no_regfullname')) ? True : False);
$community_page_style = ((x($_POST,'community_page_style')) ? intval(trim($_POST['community_page_style'])) : 0);
$max_author_posts_community_page = ((x($_POST,'max_author_posts_community_page')) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
$verifyssl = !empty($_POST['verifyssl']);
$proxyuser = (!empty($_POST['proxyuser']) ? Strings::escapeTags(trim($_POST['proxyuser'])) : '');
$proxy = (!empty($_POST['proxy']) ? Strings::escapeTags(trim($_POST['proxy'])) : '');
$timeout = (!empty($_POST['timeout']) ? intval(trim($_POST['timeout'])) : 60);
$maxloadavg = (!empty($_POST['maxloadavg']) ? intval(trim($_POST['maxloadavg'])) : 50);
$maxloadavg_frontend = (!empty($_POST['maxloadavg_frontend']) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
$min_memory = (!empty($_POST['min_memory']) ? intval(trim($_POST['min_memory'])) : 0);
$optimize_max_tablesize = (!empty($_POST['optimize_max_tablesize']) ? intval(trim($_POST['optimize_max_tablesize'])) : 100);
$optimize_fragmentation = (!empty($_POST['optimize_fragmentation']) ? intval(trim($_POST['optimize_fragmentation'])) : 30);
$poco_completion = (!empty($_POST['poco_completion']) ? intval(trim($_POST['poco_completion'])) : false);
$poco_requery_days = (!empty($_POST['poco_requery_days']) ? intval(trim($_POST['poco_requery_days'])) : 7);
$poco_discovery = (!empty($_POST['poco_discovery']) ? intval(trim($_POST['poco_discovery'])) : 0);
$poco_discovery_since = (!empty($_POST['poco_discovery_since']) ? intval(trim($_POST['poco_discovery_since'])) : 30);
$poco_local_search = !empty($_POST['poco_local_search']);
$nodeinfo = !empty($_POST['nodeinfo']);
$dfrn_only = !empty($_POST['dfrn_only']);
$ostatus_disabled = !empty($_POST['ostatus_disabled']);
$ostatus_full_threads = !empty($_POST['ostatus_full_threads']);
$diaspora_enabled = !empty($_POST['diaspora_enabled']);
$ssl_policy = (!empty($_POST['ssl_policy']) ? intval($_POST['ssl_policy']) : 0);
$force_ssl = !empty($_POST['force_ssl']);
$hide_help = !empty($_POST['hide_help']);
$dbclean = !empty($_POST['dbclean']);
$dbclean_expire_days = (!empty($_POST['dbclean_expire_days']) ? intval($_POST['dbclean_expire_days']) : 0);
$dbclean_unclaimed = (!empty($_POST['dbclean_unclaimed']) ? intval($_POST['dbclean_unclaimed']) : 0);
$dbclean_expire_conv = (!empty($_POST['dbclean_expire_conv']) ? intval($_POST['dbclean_expire_conv']) : 0);
$suppress_tags = !empty($_POST['suppress_tags']);
$itemcache = (!empty($_POST['itemcache']) ? Strings::escapeTags(trim($_POST['itemcache'])) : '');
$itemcache_duration = (!empty($_POST['itemcache_duration']) ? intval($_POST['itemcache_duration']) : 0);
$max_comments = (!empty($_POST['max_comments']) ? intval($_POST['max_comments']) : 0);
$temppath = (!empty($_POST['temppath']) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
$basepath = (!empty($_POST['basepath']) ? Strings::escapeTags(trim($_POST['basepath'])) : '');
$singleuser = (!empty($_POST['singleuser']) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
$proxy_disabled = !empty($_POST['proxy_disabled']);
$only_tag_search = !empty($_POST['only_tag_search']);
$rino = (!empty($_POST['rino']) ? intval($_POST['rino']) : 0);
$check_new_version_url = (!empty($_POST['check_new_version_url']) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
$verifyssl = ((x($_POST,'verifyssl')) ? True : False);
$proxyuser = ((x($_POST,'proxyuser')) ? Strings::escapeTags(trim($_POST['proxyuser'])) : '');
$proxy = ((x($_POST,'proxy')) ? Strings::escapeTags(trim($_POST['proxy'])) : '');
$timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
$maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50);
$maxloadavg_frontend = ((x($_POST,'maxloadavg_frontend')) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
$min_memory = ((x($_POST,'min_memory')) ? intval(trim($_POST['min_memory'])) : 0);
$optimize_max_tablesize = ((x($_POST,'optimize_max_tablesize')) ? intval(trim($_POST['optimize_max_tablesize'])): 100);
$optimize_fragmentation = ((x($_POST,'optimize_fragmentation')) ? intval(trim($_POST['optimize_fragmentation'])): 30);
$poco_completion = ((x($_POST,'poco_completion')) ? intval(trim($_POST['poco_completion'])) : false);
$poco_requery_days = ((x($_POST,'poco_requery_days')) ? intval(trim($_POST['poco_requery_days'])) : 7);
$poco_discovery = ((x($_POST,'poco_discovery')) ? intval(trim($_POST['poco_discovery'])) : 0);
$poco_discovery_since = ((x($_POST,'poco_discovery_since')) ? intval(trim($_POST['poco_discovery_since'])) : 30);
$poco_local_search = ((x($_POST,'poco_local_search')) ? intval(trim($_POST['poco_local_search'])) : false);
$nodeinfo = ((x($_POST,'nodeinfo')) ? intval(trim($_POST['nodeinfo'])) : false);
$dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
$ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
$ostatus_full_threads = ((x($_POST,'ostatus_full_threads')) ? True : False);
$diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
$ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
$force_ssl = ((x($_POST,'force_ssl')) ? True : False);
$hide_help = ((x($_POST,'hide_help')) ? True : False);
$dbclean = ((x($_POST,'dbclean')) ? True : False);
$dbclean_expire_days = ((x($_POST,'dbclean_expire_days')) ? intval($_POST['dbclean_expire_days']) : 0);
$dbclean_unclaimed = ((x($_POST,'dbclean_unclaimed')) ? intval($_POST['dbclean_unclaimed']) : 0);
$dbclean_expire_conv = ((x($_POST,'dbclean_expire_conv')) ? intval($_POST['dbclean_expire_conv']) : 0);
$suppress_tags = ((x($_POST,'suppress_tags')) ? True : False);
$itemcache = ((x($_POST,'itemcache')) ? Strings::escapeTags(trim($_POST['itemcache'])) : '');
$itemcache_duration = ((x($_POST,'itemcache_duration')) ? intval($_POST['itemcache_duration']) : 0);
$max_comments = ((x($_POST,'max_comments')) ? intval($_POST['max_comments']) : 0);
$temppath = ((x($_POST,'temppath')) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
$basepath = ((x($_POST,'basepath')) ? Strings::escapeTags(trim($_POST['basepath'])) : '');
$singleuser = ((x($_POST,'singleuser')) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
$proxy_disabled = ((x($_POST,'proxy_disabled')) ? True : False);
$only_tag_search = ((x($_POST,'only_tag_search')) ? True : False);
$rino = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
$check_new_version_url = ((x($_POST, 'check_new_version_url')) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
$worker_queues = (!empty($_POST['worker_queues']) ? intval($_POST['worker_queues']) : 10);
$worker_dont_fork = !empty($_POST['worker_dont_fork']);
$worker_fastlane = !empty($_POST['worker_fastlane']);
$worker_frontend = !empty($_POST['worker_frontend']);
$worker_queues = ((x($_POST,'worker_queues')) ? intval($_POST['worker_queues']) : 10);
$worker_dont_fork = ((x($_POST,'worker_dont_fork')) ? True : False);
$worker_fastlane = ((x($_POST,'worker_fastlane')) ? True : False);
$worker_frontend = ((x($_POST,'worker_frontend')) ? True : False);
$relay_directly = ((x($_POST,'relay_directly')) ? True : False);
$relay_server = ((x($_POST,'relay_server')) ? Strings::escapeTags(trim($_POST['relay_server'])) : '');
$relay_subscribe = ((x($_POST,'relay_subscribe')) ? True : False);
$relay_scope = ((x($_POST,'relay_scope')) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
$relay_server_tags = ((x($_POST,'relay_server_tags')) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
$relay_user_tags = ((x($_POST,'relay_user_tags')) ? True : False);
$active_panel = (defaults($_POST, 'active_panel', '') ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
$relay_directly = !empty($_POST['relay_directly']);
$relay_server = (!empty($_POST['relay_server']) ? Strings::escapeTags(trim($_POST['relay_server'])) : '');
$relay_subscribe = !empty($_POST['relay_subscribe']);
$relay_scope = (!empty($_POST['relay_scope']) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
$relay_server_tags = (!empty($_POST['relay_server_tags']) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
$relay_user_tags = !empty($_POST['relay_user_tags']);
$active_panel = (!empty($_POST['active_panel']) ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
// Has the directory url changed? If yes, then resubmit the existing profiles there
if ($global_directory != Config::get('system', 'directory') && ($global_directory != '')) {
@ -1442,9 +1444,7 @@ function admin_page_site(App $a)
$banner = '<a href="https://friendi.ca"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="https://friendi.ca">Friendica</a></span>';
}
$banner = htmlspecialchars($banner);
$info = Config::get('config', 'info');
$info = htmlspecialchars($info);
// Automatically create temporary paths
get_temppath();
@ -1499,6 +1499,7 @@ function admin_page_site(App $a)
'$relocate' => L10n::t('Relocate Instance'),
'$relocate_warning' => L10n::t('Warning! Advanced function. Could make this server unreachable.'),
'$baseurl' => System::baseUrl(true),
// name, label, value, help string, extra data...
'$sitename' => ['sitename', L10n::t("Site name"), Config::get('config', 'sitename'), ''],
'$hostname' => ['hostname', L10n::t("Host name"), Config::get('config', 'hostname'), ""],
@ -1534,14 +1535,14 @@ function admin_page_site(App $a)
'$enotify_no_content' => ['enotify_no_content', L10n::t("Don't include post content in email notifications"), Config::get('system', 'enotify_no_content'), L10n::t("Don't include the content of a post/comment/private message/etc. in the email notifications that are sent out from this site, as a privacy measure.")],
'$private_addons' => ['private_addons', L10n::t("Disallow public access to addons listed in the apps menu."), Config::get('config', 'private_addons'), L10n::t("Checking this box will restrict addons listed in the apps menu to members only.")],
'$disable_embedded' => ['disable_embedded', L10n::t("Don't embed private images in posts"), Config::get('system', 'disable_embedded'), L10n::t("Don't replace locally-hosted private photos in posts with an embedded copy of the image. This means that contacts who receive posts containing private photos will have to authenticate and load each image, which may take a while.")],
'$explicit_content' => ['explicit_content', L10n::t('Explicit Content'), Config::get('system', 'explicit_content', False), L10n::t('Set this to announce that your node is used mostly for explicit content that might not be suited for minors. This information will be published in the node information and might be used, e.g. by the global directory, to filter your node from listings of nodes to join. Additionally a note about this will be shown at the user registration page.')],
'$explicit_content' => ['explicit_content', L10n::t('Explicit Content'), Config::get('system', 'explicit_content', false), L10n::t('Set this to announce that your node is used mostly for explicit content that might not be suited for minors. This information will be published in the node information and might be used, e.g. by the global directory, to filter your node from listings of nodes to join. Additionally a note about this will be shown at the user registration page.')],
'$allow_users_remote_self'=> ['allow_users_remote_self', L10n::t('Allow Users to set remote_self'), Config::get('system', 'allow_users_remote_self'), L10n::t('With checking this, every user is allowed to mark every contact as a remote_self in the repair contact dialog. Setting this flag on a contact causes mirroring every posting of that contact in the users stream.')],
'$no_multi_reg' => ['no_multi_reg', L10n::t("Block multiple registrations"), Config::get('system', 'block_extended_register'), L10n::t("Disallow users to register additional accounts for use as pages.")],
'$no_openid' => ['no_openid', L10n::t("OpenID support"), !Config::get('system','no_openid'), L10n::t("OpenID support for registration and logins.")],
'$no_regfullname' => ['no_regfullname', L10n::t("Fullname check"), !Config::get('system','no_regfullname'), L10n::t("Force users to register with a space between firstname and lastname in Full name, as an antispam measure")],
'$no_openid' => ['no_openid', L10n::t("Disable OpenID"), Config::get('system', 'no_openid'), L10n::t("Disable OpenID support for registration and logins.")],
'$no_regfullname' => ['no_regfullname', L10n::t("No Fullname check"), Config::get('system', 'no_regfullname'), L10n::t("Allow users to register without a space between the first name and the last name in their full name.")],
'$community_page_style' => ['community_page_style', L10n::t("Community pages for visitors"), Config::get('system', 'community_page_style'), L10n::t("Which community pages should be available for visitors. Local users always see both pages."), $community_page_style_choices],
'$max_author_posts_community_page' => ['max_author_posts_community_page', L10n::t("Posts per user on community page"), Config::get('system', 'max_author_posts_community_page'), L10n::t("The maximum number of posts per user on the community page. \x28Not valid for 'Global Community'\x29")],
'$ostatus_disabled' => ['ostatus_disabled', L10n::t("Enable OStatus support"), !Config::get('system','ostatus_disabled'), L10n::t("Provide built-in OStatus \x28StatusNet, GNU Social etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed.")],
'$ostatus_disabled' => ['ostatus_disabled', L10n::t("Disable OStatus support"), Config::get('system', 'ostatus_disabled'), L10n::t("Disable built-in OStatus (StatusNet, GNU Social etc.) compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed.")],
'$ostatus_full_threads' => ['ostatus_full_threads', L10n::t("Only import OStatus/ActivityPub threads from our contacts"), Config::get('system', 'ostatus_full_threads'), L10n::t("Normally we import every content from our OStatus and ActivityPub contacts. With this option we only store threads that are started by a contact that is known on our system.")],
'$ostatus_not_able' => L10n::t("OStatus support can only be enabled if threading is enabled."),
'$diaspora_able' => $diaspora_able,
@ -1774,14 +1775,14 @@ function admin_page_users_post(App $a)
'body' => $body]);
}
if (x($_POST, 'page_users_block')) {
if (!empty($_POST['page_users_block'])) {
foreach ($users as $uid) {
q("UPDATE `user` SET `blocked` = 1-`blocked` WHERE `uid` = %s", intval($uid)
);
}
notice(L10n::tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)));
}
if (x($_POST, 'page_users_delete')) {
if (!empty($_POST['page_users_delete'])) {
foreach ($users as $uid) {
if (local_user() != $uid) {
User::remove($uid);
@ -1792,13 +1793,13 @@ function admin_page_users_post(App $a)
notice(L10n::tt("%s user deleted", "%s users deleted", count($users)));
}
if (x($_POST, 'page_users_approve')) {
if (!empty($_POST['page_users_approve'])) {
require_once "mod/regmod.php";
foreach ($pending as $hash) {
user_allow($hash);
}
}
if (x($_POST, 'page_users_deny')) {
if (!empty($_POST['page_users_deny'])) {
require_once "mod/regmod.php";
foreach ($pending as $hash) {
user_deny($hash);
@ -1872,7 +1873,7 @@ function admin_page_users(App $a)
$order = "contact.name";
$order_direction = "+";
if (x($_GET, 'o')) {
if (!empty($_GET['o'])) {
$new_order = $_GET['o'];
if ($new_order[0] === "-") {
$order_direction = "-";
@ -1977,7 +1978,7 @@ function admin_page_users(App $a)
'$h_users' => L10n::t('Users'),
'$h_newuser' => L10n::t('New User'),
'$th_deleted' => [L10n::t('Name'), L10n::t('Email'), L10n::t('Register date'), L10n::t('Last login'), L10n::t('Last item'), L10n::t('Delete in')],
'$th_deleted' => [L10n::t('Name'), L10n::t('Email'), L10n::t('Register date'), L10n::t('Last login'), L10n::t('Last item'), L10n::t('Permanent deletion')],
'$th_users' => $th_users,
'$order_users' => $order,
'$order_direction_users' => $order_direction,
@ -2098,7 +2099,7 @@ function admin_page_addons(App $a, array $addons_admin)
/*
* List addons
*/
if (x($_GET, "a") && $_GET['a'] == "r") {
if (!empty($_GET['a']) && $_GET['a'] == "r") {
BaseModule::checkFormSecurityTokenRedirectOnError($a->getBaseURL() . '/admin/addons', 'admin_themes', 't');
Addon::reload();
info("Addons reloaded");
@ -2276,7 +2277,7 @@ function admin_page_themes(App $a)
return '';
}
if (x($_GET, "a") && $_GET['a'] == "t") {
if (!empty($_GET['a']) && $_GET['a'] == "t") {
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/themes', 'admin_themes', 't');
// Toggle theme status
@ -2364,7 +2365,7 @@ function admin_page_themes(App $a)
}
// reload active themes
if (x($_GET, "a") && $_GET['a'] == "r") {
if (!empty($_GET['a']) && $_GET['a'] == "r") {
BaseModule::checkFormSecurityTokenRedirectOnError(System::baseUrl() . '/admin/themes', 'admin_themes', 't');
foreach ($themes as $th) {
if ($th['allowed']) {
@ -2409,12 +2410,12 @@ function admin_page_themes(App $a)
*/
function admin_page_logs_post(App $a)
{
if (x($_POST, "page_logs")) {
if (!empty($_POST['page_logs'])) {
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/logs', 'admin_logs');
$logfile = ((x($_POST,'logfile')) ? Strings::escapeTags(trim($_POST['logfile'])) : '');
$debugging = ((x($_POST,'debugging')) ? true : false);
$loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0);
$logfile = (!empty($_POST['logfile']) ? Strings::escapeTags(trim($_POST['logfile'])) : '');
$debugging = !empty($_POST['debugging']);
$loglevel = (!empty($_POST['loglevel']) ? intval(trim($_POST['loglevel'])) : 0);
Config::set('system', 'logfile', $logfile);
Config::set('system', 'debugging', $debugging);
@ -2555,14 +2556,14 @@ function admin_page_features_post(App $a)
$feature_state = 'feature_' . $feature;
$featurelock = 'featurelock_' . $feature;
if (x($_POST, $feature_state)) {
if (!empty($_POST[$feature_state])) {
$val = intval($_POST[$feature_state]);
} else {
$val = 0;
}
Config::set('feature', $feature, $val);
if (x($_POST, $featurelock)) {
if (!empty($_POST[$featurelock])) {
Config::set('feature_lock', $feature, $val);
} else {
Config::delete('feature_lock', $feature);

View file

@ -81,9 +81,9 @@ function allfriends_content(App $a)
$entry = [
'url' => $rr['url'],
'itemurl' => defaults($contact_details, 'addr', $rr['url']),
'name' => htmlentities($contact_details['name']),
'name' => $contact_details['name'],
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
'img_hover' => htmlentities($contact_details['name']),
'img_hover' => $contact_details['name'],
'details' => $contact_details['location'],
'tags' => $contact_details['keywords'],
'about' => $contact_details['about'],
@ -100,9 +100,7 @@ function allfriends_content(App $a)
$tab_str = Module\Contact::getTabsHTML($a, $contact, 4);
$tpl = Renderer::getMarkupTemplate('viewcontact_template.tpl');
$o .= Renderer::replaceMacros($tpl, [
//'$title' => L10n::t('Friends of %s', htmlentities($c[0]['name'])),
'$tab_str' => $tab_str,
'$contacts' => $entries,
'$paginate' => $pager->renderFull($total),

View file

@ -38,7 +38,7 @@ function api_post(App $a)
return;
}
if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) {
if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
notice(L10n::t('Permission denied.') . EOL);
return;
}
@ -62,7 +62,7 @@ function api_content(App $a)
killme();
}
if (x($_POST, 'oauth_yes')) {
if (!empty($_POST['oauth_yes'])) {
$app = oauth_get_client($request);
if (is_null($app)) {
return "Invalid request. Unknown token.";

View file

@ -142,7 +142,7 @@ function babel_content()
$tpl = Renderer::getMarkupTemplate('babel.tpl');
$o = Renderer::replaceMacros($tpl, [
'$text' => ['text', L10n::t('Source text'), htmlentities(defaults($_REQUEST, 'text', '')), ''],
'$text' => ['text', L10n::t('Source text'), defaults($_REQUEST, 'text', ''), ''],
'$type_bbcode' => ['type', L10n::t('BBCode'), 'bbcode', '', defaults($_REQUEST, 'type', 'bbcode') == 'bbcode'],
'$type_markdown' => ['type', L10n::t('Markdown'), 'markdown', '', defaults($_REQUEST, 'type', 'bbcode') == 'markdown'],
'$type_html' => ['type', L10n::t('HTML'), 'html', '', defaults($_REQUEST, 'type', 'bbcode') == 'html'],

View file

@ -72,7 +72,7 @@ function cal_init(App $a)
$cal_widget = Widget\CalendarExport::getHTML();
if (!x($a->page, 'aside')) {
if (empty($a->page['aside'])) {
$a->page['aside'] = '';
}
@ -100,7 +100,7 @@ function cal_content(App $a)
$mode = 'view';
$y = 0;
$m = 0;
$ignored = (x($_REQUEST, 'ignored') ? intval($_REQUEST['ignored']) : 0);
$ignored = (!empty($_REQUEST['ignored']) ? intval($_REQUEST['ignored']) : 0);
$format = 'ical';
if ($a->argc == 4 && $a->argv[2] == 'export') {
@ -115,7 +115,7 @@ function cal_content(App $a)
$owner_uid = $a->data['user']['uid'];
$nick = $a->data['user']['nickname'];
if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) {
if (!empty($_SESSION['remote']) && is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $a->profile['profile_uid']) {
$contact_id = $v['cid'];
@ -195,11 +195,11 @@ function cal_content(App $a)
if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) {
if (x($_GET, 'start')) {
if (!empty($_GET['start'])) {
$start = $_GET['start'];
}
if (x($_GET, 'end')) {
if (!empty($_GET['end'])) {
$finish = $_GET['end'];
}
}
@ -233,7 +233,7 @@ function cal_content(App $a)
$r = Event::sortByDate($r);
foreach ($r as $rr) {
$j = $rr['adjust'] ? DateTimeFormat::local($rr['start'], 'j') : DateTimeFormat::utc($rr['start'], 'j');
if (!x($links, $j)) {
if (empty($links[$j])) {
$links[$j] = System::baseUrl() . '/' . $a->cmd . '#link-' . $j;
}
}
@ -248,7 +248,7 @@ function cal_content(App $a)
}
// links: array('href', 'text', 'extra css classes', 'title')
if (x($_GET, 'id')) {
if (!empty($_GET['id'])) {
$tpl = Renderer::getMarkupTemplate("event.tpl");
} else {
// if (Config::get('experimentals','new_calendar')==1){
@ -284,7 +284,7 @@ function cal_content(App $a)
"list" => L10n::t("list"),
]);
if (x($_GET, 'id')) {
if (!empty($_GET['id'])) {
echo $o;
killme();
}

View file

@ -50,12 +50,12 @@ function common_content(App $a)
if (DBA::isResult($contact)) {
$vcard_widget = Renderer::replaceMacros(Renderer::getMarkupTemplate("vcard-widget.tpl"), [
'$name' => htmlentities($contact['name']),
'$name' => $contact['name'],
'$photo' => $contact['photo'],
'url' => 'contact/' . $cid
]);
if (!x($a->page, 'aside')) {
if (empty($a->page['aside'])) {
$a->page['aside'] = '';
}
$a->page['aside'] .= $vcard_widget;
@ -123,7 +123,7 @@ function common_content(App $a)
'itemurl' => defaults($contact_details, 'addr', $common_friend['url']),
'name' => $contact_details['name'],
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
'img_hover' => htmlentities($contact_details['name']),
'img_hover' => $contact_details['name'],
'details' => $contact_details['location'],
'tags' => $contact_details['keywords'],
'about' => $contact_details['about'],

View file

@ -40,7 +40,7 @@ function contactgroup_content(App $a)
}
}
if (x($change)) {
if (!empty($change)) {
if (in_array($change, $preselected)) {
Group::removeMember($group['id'], $change);
} else {

View file

@ -13,7 +13,7 @@ function credits_content()
{
/* fill the page with credits */
$credits_string = file_get_contents('CREDITS.txt');
$names = explode("\n", htmlspecialchars($credits_string));
$names = explode("\n", $credits_string);
$tpl = Renderer::getMarkupTemplate('credits.tpl');
return Renderer::replaceMacros($tpl, [
'$title' => L10n::t('Credits'),

View file

@ -25,7 +25,7 @@ function crepair_init(App $a)
$contact = DBA::selectFirst('contact', [], ['uid' => local_user(), 'id' => $a->argv[1]]);
}
if (!x($a->page, 'aside')) {
if (empty($a->page['aside'])) {
$a->page['aside'] = '';
}
@ -158,8 +158,8 @@ function crepair_content(App $a)
$remote_self_options
],
'$name' => ['name', L10n::t('Name') , htmlentities($contact['name'])],
'$nick' => ['nick', L10n::t('Account Nickname'), htmlentities($contact['nick'])],
'$name' => ['name', L10n::t('Name') , $contact['name']],
'$nick' => ['nick', L10n::t('Account Nickname'), $contact['nick']],
'$attag' => ['attag', L10n::t('@Tagname - overrides Name/Nickname'), $contact['attag']],
'$url' => ['url', L10n::t('Account URL'), $contact['url']],
'$request' => ['request', L10n::t('Friend Request URL'), $contact['request']],

View file

@ -27,7 +27,7 @@ function delegate_post(App $a)
return;
}
if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) {
if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
notice(L10n::t('Permission denied.') . EOL);
return;
}
@ -63,7 +63,7 @@ function delegate_content(App $a)
if ($a->argc > 2 && $a->argv[1] === 'add' && intval($a->argv[2])) {
// delegated admins can view but not change delegation permissions
if (x($_SESSION, 'submanage')) {
if (!empty($_SESSION['submanage'])) {
$a->internalRedirect('delegate');
}
@ -84,7 +84,7 @@ function delegate_content(App $a)
if ($a->argc > 2 && $a->argv[1] === 'remove' && intval($a->argv[2])) {
// delegated admins can view but not change delegation permissions
if (x($_SESSION, 'submanage')) {
if (!empty($_SESSION['submanage'])) {
$a->internalRedirect('delegate');
}
@ -163,6 +163,8 @@ function delegate_content(App $a)
if (!is_null($parent_user)) {
$parent_password = ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')];
} else {
$parent_password = '';
}
$o = Renderer::replaceMacros(Renderer::getMarkupTemplate('delegate.tpl'), [

View file

@ -63,7 +63,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
* this being a page type which supports automatic friend acceptance. That is also Scenario 1
* since we are operating on behalf of our registered user to approve a friendship.
*/
if (!x($_POST, 'source_url')) {
if (empty($_POST['source_url'])) {
$uid = defaults($handsfree, 'uid', local_user());
if (!$uid) {
notice(L10n::t('Permission denied.') . EOL);
@ -417,7 +417,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
* In the section above where the confirming party makes a POST and
* retrieves xml status information, they are communicating with the following code.
*/
if (x($_POST, 'source_url')) {
if (!empty($_POST['source_url'])) {
// We are processing an external confirmation to an introduction created by our user.
$public_key = defaults($_POST, 'public_key', '');
$dfrn_id = hex2bin(defaults($_POST, 'dfrn_id' , ''));
@ -435,7 +435,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
// If $aes_key is set, both of these items require unpacking from the hex transport encoding.
if (x($aes_key)) {
if (!empty($aes_key)) {
$aes_key = hex2bin($aes_key);
$public_key = hex2bin($public_key);
}

View file

@ -39,16 +39,16 @@ function dfrn_notify_post(App $a) {
}
}
$dfrn_id = ((x($_POST,'dfrn_id')) ? Strings::escapeTags(trim($_POST['dfrn_id'])) : '');
$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
$challenge = ((x($_POST,'challenge')) ? Strings::escapeTags(trim($_POST['challenge'])) : '');
$data = ((x($_POST,'data')) ? $_POST['data'] : '');
$key = ((x($_POST,'key')) ? $_POST['key'] : '');
$rino_remote = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
$dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0);
$perm = ((x($_POST,'perm')) ? Strings::escapeTags(trim($_POST['perm'])) : 'r');
$ssl_policy = ((x($_POST,'ssl_policy')) ? Strings::escapeTags(trim($_POST['ssl_policy'])): 'none');
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0);
$dfrn_id = (!empty($_POST['dfrn_id']) ? Strings::escapeTags(trim($_POST['dfrn_id'])) : '');
$dfrn_version = (!empty($_POST['dfrn_version']) ? (float) $_POST['dfrn_version'] : 2.0);
$challenge = (!empty($_POST['challenge']) ? Strings::escapeTags(trim($_POST['challenge'])) : '');
$data = defaults($_POST, 'data', '');
$key = defaults($_POST, 'key', '');
$rino_remote = (!empty($_POST['rino']) ? intval($_POST['rino']) : 0);
$dissolve = (!empty($_POST['dissolve']) ? intval($_POST['dissolve']) : 0);
$perm = (!empty($_POST['perm']) ? Strings::escapeTags(trim($_POST['perm'])) : 'r');
$ssl_policy = (!empty($_POST['ssl_policy']) ? Strings::escapeTags(trim($_POST['ssl_policy'])): 'none');
$page = (!empty($_POST['page']) ? intval($_POST['page']) : 0);
$forum = (($page == 1) ? 1 : 0);
$prv = (($page == 2) ? 1 : 0);
@ -247,7 +247,7 @@ function dfrn_dispatch_private($user, $postdata)
function dfrn_notify_content(App $a) {
if (x($_GET,'dfrn_id')) {
if (!empty($_GET['dfrn_id'])) {
/*
* initial communication from external contact, $direction is their direction.
@ -256,7 +256,7 @@ function dfrn_notify_content(App $a) {
$dfrn_id = Strings::escapeTags(trim($_GET['dfrn_id']));
$dfrn_version = (float) $_GET['dfrn_version'];
$rino_remote = ((x($_GET,'rino')) ? intval($_GET['rino']) : 0);
$rino_remote = (!empty($_GET['rino']) ? intval($_GET['rino']) : 0);
$type = "";
$last_update = "";

View file

@ -31,7 +31,7 @@ function dfrn_poll_init(App $a)
$sec = defaults($_GET, 'sec' , '');
$dfrn_version = (float) defaults($_GET, 'dfrn_version' , 2.0);
$perm = defaults($_GET, 'perm' , 'r');
$quiet = x($_GET, 'quiet');
$quiet = !empty($_GET['quiet']);
// Possibly it is an OStatus compatible server that requests a user feed
$user_agent = defaults($_SERVER, 'HTTP_USER_AGENT', '');
@ -51,7 +51,7 @@ function dfrn_poll_init(App $a)
$hidewall = false;
if (($dfrn_id === '') && (!x($_POST, 'dfrn_id'))) {
if (($dfrn_id === '') && empty($_POST['dfrn_id'])) {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
System::httpExit(403);
}
@ -113,7 +113,7 @@ function dfrn_poll_init(App $a)
if ((int)$xml->status === 1) {
$_SESSION['authenticated'] = 1;
if (!x($_SESSION, 'remote')) {
if (empty($_SESSION['remote'])) {
$_SESSION['remote'] = [];
}
@ -230,13 +230,13 @@ function dfrn_poll_init(App $a)
function dfrn_poll_post(App $a)
{
$dfrn_id = x($_POST,'dfrn_id') ? $_POST['dfrn_id'] : '';
$challenge = x($_POST,'challenge') ? $_POST['challenge'] : '';
$url = x($_POST,'url') ? $_POST['url'] : '';
$sec = x($_POST,'sec') ? $_POST['sec'] : '';
$ptype = x($_POST,'type') ? $_POST['type'] : '';
$dfrn_version = x($_POST,'dfrn_version') ? (float) $_POST['dfrn_version'] : 2.0;
$perm = x($_POST,'perm') ? $_POST['perm'] : 'r';
$dfrn_id = defaults($_POST, 'dfrn_id' , '');
$challenge = defaults($_POST, 'challenge', '');
$url = defaults($_POST, 'url' , '');
$sec = defaults($_POST, 'sec' , '');
$ptype = defaults($_POST, 'type' , '');
$perm = defaults($_POST, 'perm' , 'r');
$dfrn_version = !empty($_POST['dfrn_version']) ? (float) $_POST['dfrn_version'] : 2.0;
if ($ptype === 'profile-check') {
if (strlen($challenge) && strlen($sec)) {
@ -399,14 +399,13 @@ function dfrn_poll_post(App $a)
function dfrn_poll_content(App $a)
{
$dfrn_id = x($_GET,'dfrn_id') ? $_GET['dfrn_id'] : '';
$type = x($_GET,'type') ? $_GET['type'] : 'data';
$last_update = x($_GET,'last_update') ? $_GET['last_update'] : '';
$destination_url = x($_GET,'destination_url') ? $_GET['destination_url'] : '';
$sec = x($_GET,'sec') ? $_GET['sec'] : '';
$dfrn_version = x($_GET,'dfrn_version') ? (float) $_GET['dfrn_version'] : 2.0;
$perm = x($_GET,'perm') ? $_GET['perm'] : 'r';
$quiet = x($_GET,'quiet') ? true : false;
$dfrn_id = defaults($_GET, 'dfrn_id' , '');
$type = defaults($_GET, 'type' , 'data');
$last_update = defaults($_GET, 'last_update' , '');
$destination_url = defaults($_GET, 'destination_url', '');
$sec = defaults($_GET, 'sec' , '');
$dfrn_version = !empty($_GET['dfrn_version']) ? (float) $_GET['dfrn_version'] : 2.0;
$quiet = !empty($_GET['quiet']);
$direction = -1;
if (strpos($dfrn_id, ':') == 1) {
@ -524,7 +523,7 @@ function dfrn_poll_content(App $a)
if (((int) $xml->status == 0) && ($xml->challenge == $hash) && ($xml->sec == $sec)) {
$_SESSION['authenticated'] = 1;
if (!x($_SESSION, 'remote')) {
if (empty($_SESSION['remote'])) {
$_SESSION['remote'] = [];
}
@ -562,11 +561,7 @@ function dfrn_poll_content(App $a)
break;
default:
$appendix = (strstr($destination_url, '?') ? '&f=&redir=1' : '?f=&redir=1');
if (filter_var($url, FILTER_VALIDATE_URL)) {
System::externalRedirect($destination_url . $appendix);
} else {
$a->internalRedirect($destination_url . $appendix);
}
$a->redirect($destination_url . $appendix);
break;
}
// NOTREACHED

View file

@ -64,7 +64,7 @@ function dfrn_request_post(App $a)
return;
}
if (x($_POST, 'cancel')) {
if (!empty($_POST['cancel'])) {
$a->internalRedirect();
}
@ -73,18 +73,18 @@ function dfrn_request_post(App $a)
* to confirm the request, and then we've clicked submit (perhaps after logging in).
* That brings us here:
*/
if ((x($_POST, 'localconfirm')) && ($_POST['localconfirm'] == 1)) {
if (!empty($_POST['localconfirm']) && ($_POST['localconfirm'] == 1)) {
// Ensure this is a valid request
if (local_user() && ($a->user['nickname'] == $a->argv[1]) && (x($_POST, 'dfrn_url'))) {
if (local_user() && ($a->user['nickname'] == $a->argv[1]) && !empty($_POST['dfrn_url'])) {
$dfrn_url = Strings::escapeTags(trim($_POST['dfrn_url']));
$aes_allow = (((x($_POST, 'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0);
$confirm_key = ((x($_POST, 'confirm_key')) ? $_POST['confirm_key'] : "");
$hidden = ((x($_POST, 'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
$aes_allow = !empty($_POST['aes_allow']);
$confirm_key = defaults($_POST, 'confirm_key', "");
$hidden = (!empty($_POST['hidden-contact']) ? intval($_POST['hidden-contact']) : 0);
$contact_record = null;
$blocked = 1;
$pending = 1;
if (x($dfrn_url)) {
if (!empty($dfrn_url)) {
// Lookup the contact based on their URL (which is the only unique thing we have at the moment)
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `nurl` = '%s' AND NOT `self` LIMIT 1",
intval(local_user()),
@ -115,10 +115,10 @@ function dfrn_request_post(App $a)
notice(L10n::t('Profile location is not valid or does not contain profile information.') . EOL);
return;
} else {
if (!x($parms, 'fn')) {
if (empty($parms['fn'])) {
notice(L10n::t('Warning: profile location has no identifiable owner name.') . EOL);
}
if (!x($parms, 'photo')) {
if (empty($parms['photo'])) {
notice(L10n::t('Warning: profile location has no profile photo.') . EOL);
}
$invalid = Probe::validDfrn($parms);
@ -238,7 +238,7 @@ function dfrn_request_post(App $a)
$blocked = 1;
$pending = 1;
if (x($_POST, 'dfrn_url')) {
if (!empty($_POST['dfrn_url'])) {
// Block friend request spam
if ($maxreq) {
$r = q("SELECT * FROM `intro` WHERE `datetime` > '%s' AND `uid` = %d",
@ -270,7 +270,7 @@ function dfrn_request_post(App $a)
}
}
$real_name = x($_POST, 'realname') ? Strings::escapeTags(trim($_POST['realname'])) : '';
$real_name = !empty($_POST['realname']) ? Strings::escapeTags(trim($_POST['realname'])) : '';
$url = trim($_POST['dfrn_url']);
if (!strlen($url)) {
@ -356,10 +356,10 @@ function dfrn_request_post(App $a)
notice(L10n::t('Profile location is not valid or does not contain profile information.') . EOL);
$a->internalRedirect($a->cmd);
} else {
if (!x($parms, 'fn')) {
if (empty($parms['fn'])) {
notice(L10n::t('Warning: profile location has no identifiable owner name.') . EOL);
}
if (!x($parms, 'photo')) {
if (empty($parms['photo'])) {
notice(L10n::t('Warning: profile location has no profile photo.') . EOL);
}
$invalid = Probe::validDfrn($parms);
@ -423,7 +423,7 @@ function dfrn_request_post(App $a)
VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )",
intval($uid),
intval($contact_record['id']),
((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0),
intval(!empty($_POST['knowyou'])),
DBA::escape(Strings::escapeTags(trim(defaults($_POST, 'dfrn-request-message', '')))),
DBA::escape($hash),
DBA::escape(DateTimeFormat::utcNow())
@ -484,7 +484,7 @@ function dfrn_request_content(App $a)
// "Homecoming". Make sure we're logged in to this site as the correct user. Then offer a confirm button
// to send us to the post section to record the introduction.
if (x($_GET, 'dfrn_url')) {
if (!empty($_GET['dfrn_url'])) {
if (!local_user()) {
info(L10n::t("Please login to confirm introduction.") . EOL);
/* setup the return URL to come back to this page if they use openid */
@ -499,11 +499,11 @@ function dfrn_request_content(App $a)
}
$dfrn_url = Strings::escapeTags(trim(hex2bin($_GET['dfrn_url'])));
$aes_allow = x($_GET, 'aes_allow') && $_GET['aes_allow'] == 1 ? 1 : 0;
$confirm_key = x($_GET, 'confirm_key') ? $_GET['confirm_key'] : "";
$aes_allow = !empty($_GET['aes_allow']);
$confirm_key = defaults($_GET, 'confirm_key', "");
// Checking fastlane for validity
if (x($_SESSION, "fastlane") && (Strings::normaliseLink($_SESSION["fastlane"]) == Strings::normaliseLink($dfrn_url))) {
if (!empty($_SESSION['fastlane']) && (Strings::normaliseLink($_SESSION["fastlane"]) == Strings::normaliseLink($dfrn_url))) {
$_POST["dfrn_url"] = $dfrn_url;
$_POST["confirm_key"] = $confirm_key;
$_POST["localconfirm"] = 1;
@ -512,8 +512,7 @@ function dfrn_request_content(App $a)
dfrn_request_post($a);
killme();
return; // NOTREACHED
exit();
}
$tpl = Renderer::getMarkupTemplate("dfrn_req_confirm.tpl");
@ -521,7 +520,6 @@ function dfrn_request_content(App $a)
'$dfrn_url' => $dfrn_url,
'$aes_allow' => (($aes_allow) ? '<input type="hidden" name="aes_allow" value="1" />' : "" ),
'$hidethem' => L10n::t('Hide this contact'),
'$hidechecked' => '',
'$confirm_key' => $confirm_key,
'$welcome' => L10n::t('Welcome home %s.', $a->user['username']),
'$please' => L10n::t('Please confirm your introduction/connection request to %s.', $dfrn_url),
@ -531,7 +529,7 @@ function dfrn_request_content(App $a)
'dfrn_rawurl' => $_GET['dfrn_url']
]);
return $o;
} elseif ((x($_GET, 'confirm_key')) && strlen($_GET['confirm_key'])) {
} elseif (!empty($_GET['confirm_key'])) {
// we are the requestee and it is now safe to send our user their introduction,
// We could just unblock it, but first we have to jump through a few hoops to
// send an email, or even to find out if we need to send an email.
@ -607,9 +605,9 @@ function dfrn_request_content(App $a)
// Try to auto-fill the profile address
// At first look if an address was provided
// Otherwise take the local address
if (x($_GET, 'addr') && ($_GET['addr'] != "")) {
if (!empty($_GET['addr'])) {
$myaddr = hex2bin($_GET['addr']);
} elseif (x($_GET, 'address') && ($_GET['address'] != "")) {
} elseif (!empty($_GET['address'])) {
$myaddr = $_GET['address'];
} elseif (local_user()) {
if (strlen($a->getURLPath())) {

View file

@ -30,7 +30,7 @@ function directory_init(App $a)
function directory_post(App $a)
{
if (x($_POST, 'search')) {
if (!empty($_POST['search'])) {
$a->data['search'] = $_POST['search'];
}
}
@ -47,10 +47,10 @@ function directory_content(App $a)
$o = '';
Nav::setSelected('directory');
if (x($a->data, 'search')) {
if (!empty($a->data['search'])) {
$search = Strings::escapeTags(trim($a->data['search']));
} else {
$search = ((x($_GET, 'search')) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
$search = (!empty($_GET['search']) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
}
$gdirpath = '';
@ -145,21 +145,21 @@ function directory_content(App $a)
$profile = $rr;
if ((x($profile, 'address') == 1)
|| (x($profile, 'locality') == 1)
|| (x($profile, 'region') == 1)
|| (x($profile, 'postal-code') == 1)
|| (x($profile, 'country-name') == 1)
if (!empty($profile['address'])
|| !empty($profile['locality'])
|| !empty($profile['region'])
|| !empty($profile['postal-code'])
|| !empty($profile['country-name'])
) {
$location = L10n::t('Location:');
} else {
$location = '';
}
$gender = ((x($profile, 'gender') == 1) ? L10n::t('Gender:') : false);
$marital = ((x($profile, 'marital') == 1) ? L10n::t('Status:') : false);
$homepage = ((x($profile, 'homepage') == 1) ? L10n::t('Homepage:') : false);
$about = ((x($profile, 'about') == 1) ? L10n::t('About:') : false);
$gender = (!empty($profile['gender']) ? L10n::t('Gender:') : false);
$marital = (!empty($profile['marital']) ? L10n::t('Status:') : false);
$homepage = (!empty($profile['homepage']) ? L10n::t('Homepage:') : false);
$about = (!empty($profile['about']) ? L10n::t('About:') : false);
$location_e = $location;

View file

@ -30,7 +30,7 @@ function dirfind_init(App $a) {
return;
}
if (! x($a->page,'aside')) {
if (empty($a->page['aside'])) {
$a->page['aside'] = '';
}

View file

@ -22,9 +22,14 @@ use Friendica\Model\Profile;
use Friendica\Protocol\ActivityPub;
use Friendica\Protocol\DFRN;
use Friendica\Util\Strings;
use Friendica\Module\Objects;
function display_init(App $a)
{
if (ActivityPub::isRequest()) {
Objects::rawContent();
}
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
return;
}
@ -47,6 +52,7 @@ function display_init(App $a)
}
$item = null;
$item_user = local_user();
$fields = ['id', 'parent', 'author-id', 'body', 'uid', 'guid'];
@ -60,6 +66,16 @@ function display_init(App $a)
if (DBA::isResult($item)) {
$nick = $a->user["nickname"];
}
// Is this item private but could be visible to the remove visitor?
} elseif (remote_user()) {
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
if (DBA::isResult($item)) {
if (!Contact::isFollower(remote_user(), $item['uid'])) {
$item = null;
} else {
$item_user = $item['uid'];
}
}
}
// Is it an item with uid=0?
@ -71,9 +87,7 @@ function display_init(App $a)
}
if (!DBA::isResult($item)) {
$a->error = 404;
notice(L10n::t('Item not found.') . EOL);
return;
System::httpExit(404);
}
if (!empty($_SERVER['HTTP_ACCEPT']) && strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) {
@ -81,10 +95,6 @@ function display_init(App $a)
displayShowFeed($item["id"], false);
}
if (ActivityPub::isRequest()) {
$a->internalRedirect(str_replace('display/', 'objects/', $a->query_string));
}
if ($item["id"] != $item["parent"]) {
$item = Item::selectFirstForUser(local_user(), $fields, ['id' => $item["parent"]]);
}
@ -224,7 +234,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
if ($a->argc == 2) {
$item_parent = 0;
$fields = ['id', 'parent', 'parent-uri'];
$fields = ['id', 'parent', 'parent-uri', 'uid'];
if (local_user()) {
$condition = ['guid' => $a->argv[1], 'uid' => local_user()];
@ -234,6 +244,13 @@ function display_content(App $a, $update = false, $update_uid = 0)
$item_parent = $item["parent"];
$item_parent_uri = $item['parent-uri'];
}
} elseif (remote_user()) {
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
if (DBA::isResult($item) && Contact::isFollower(remote_user(), $item['uid'])) {
$item_id = $item["id"];
$item_parent = $item["parent"];
$item_parent_uri = $item['parent-uri'];
}
}
if ($item_parent == 0) {
@ -249,9 +266,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
}
if (!$item_id) {
$a->error = 404;
notice(L10n::t('Item not found.').EOL);
return;
System::httpExit(404);
}
// We are displaying an "alternate" link if that post was public. See issue 2864
@ -270,34 +285,23 @@ function display_content(App $a, $update = false, $update_uid = 0)
'$conversation' => $conversation]);
$groups = [];
$contact = null;
$remote_cid = null;
$is_remote_contact = false;
$item_uid = local_user();
$contact_id = 0;
if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $a->profile['uid']) {
$contact_id = $v['cid'];
break;
}
}
$parent = Item::selectFirst(['uid'], ['uri' => $item_parent_uri, 'wall' => true]);
if (DBA::isResult($parent)) {
$a->profile['uid'] = $parent['uid'];
$a->profile['profile_uid'] = $parent['uid'];
$is_remote_contact = Contact::isFollower(remote_user(), $a->profile['profile_uid']);
}
if ($contact_id) {
$groups = Group::getIdsByContactId($contact_id);
$remote_contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $a->profile['uid']]);
if (DBA::isResult($remote_contact)) {
$contact = $remote_contact;
$is_remote_contact = true;
}
}
if (!$is_remote_contact) {
if (local_user()) {
$contact_id = $_SESSION['cid'];
$contact = $a->contact;
if ($is_remote_contact) {
$cdata = Contact::getPublicAndUserContacID(remote_user(), $a->profile['profile_uid']);
if (!empty($cdata['user'])) {
$groups = Group::getIdsByContactId($cdata['user']);
$remote_cid = $cdata['user'];
$item_uid = $parent['uid'];
}
}
@ -307,7 +311,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
}
$is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false);
if (x($a->profile, 'hidewall') && !$is_owner && !$is_remote_contact) {
if (!empty($a->profile['hidewall']) && !$is_owner && !$is_remote_contact) {
notice(L10n::t('Access to this profile has been restricted.') . EOL);
return;
}
@ -327,10 +331,9 @@ function display_content(App $a, $update = false, $update_uid = 0)
];
$o .= status_editor($a, $x, 0, true);
}
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $is_remote_contact, $groups, $remote_cid);
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['uid'], $is_remote_contact, $groups);
if (local_user() && (local_user() == $a->profile['uid'])) {
if (local_user() && (local_user() == $a->profile['profile_uid'])) {
$condition = ['parent-uri' => $item_parent_uri, 'uid' => local_user(), 'unseen' => true];
$unseen = Item::exists($condition);
} else {
@ -341,13 +344,12 @@ function display_content(App $a, $update = false, $update_uid = 0)
return '';
}
$condition = ["`id` = ? AND `item`.`uid` IN (0, ?) " . $sql_extra, $item_id, local_user()];
$condition = ["`id` = ? AND `item`.`uid` IN (0, ?) " . $sql_extra, $item_id, $item_uid];
$fields = ['parent-uri', 'body', 'title', 'author-name', 'author-avatar', 'plink'];
$item = Item::selectFirstForUser(local_user(), $fields, $condition);
if (!DBA::isResult($item)) {
notice(L10n::t('Item not found.') . EOL);
return $o;
System::httpExit(404);
}
$item['uri'] = $item['parent-uri'];
@ -361,7 +363,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
$o .= "<script> var netargs = '?f=&item_id=" . $item_id . "'; </script>";
}
$o .= conversation($a, [$item], new Pager($a->query_string), 'display', $update_uid, false, 'commented', local_user());
$o .= conversation($a, [$item], new Pager($a->query_string), 'display', $update_uid, false, 'commented', $item_uid);
// Preparing the meta header
$description = trim(HTML::toPlaintext(BBCode::convert($item["body"], false), 0, true));

View file

@ -6,6 +6,7 @@ use Friendica\App;
use Friendica\Content\Feature;
use Friendica\Core\Addon;
use Friendica\Core\Config;
use Friendica\Core\Hook;
use Friendica\Core\L10n;
use Friendica\Core\Renderer;
use Friendica\Core\System;
@ -54,8 +55,6 @@ function editpost_content(App $a)
'$nickname' => $a->user['nickname']
]);
$tpl = Renderer::getMarkupTemplate("jot.tpl");
if (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) {
$lockstate = 'lock';
} else {
@ -84,9 +83,9 @@ function editpost_content(App $a)
}
}
Addon::callHooks('jot_tool', $jotplugins);
//Addon::callHooks('jot_networks', $jotnets);
Hook::callAll('jot_tool', $jotplugins);
$tpl = Renderer::getMarkupTemplate("jot.tpl");
$o .= Renderer::replaceMacros($tpl, [
'$is_edit' => true,
'$return_path' => '/display/' . $item['guid'],
@ -119,7 +118,7 @@ function editpost_content(App $a)
'$emailcc' => L10n::t('CC: email addresses'),
'$public' => L10n::t('Public post'),
'$jotnets' => $jotnets,
'$title' => htmlspecialchars($item['title']),
'$title' => $item['title'],
'$placeholdertitle' => L10n::t('Set title'),
'$category' => FileTag::fileToList($item['file'], 'category'),
'$placeholdercategory' => (Feature::isEnabled(local_user(),'categories') ? L10n::t("Categories \x28comma-separated list\x29") : ''),

View file

@ -97,13 +97,23 @@ function events_post(App $a)
// and we'll waste a bunch of time responding to it. Time that
// could've been spent doing something else.
$summary = Strings::escapeHtml(trim(defaults($_POST, 'summary', '')));
$desc = Strings::escapeHtml(trim(defaults($_POST, 'desc', '')));
$location = Strings::escapeHtml(trim(defaults($_POST, 'location', '')));
$summary = trim(defaults($_POST, 'summary' , ''));
$desc = trim(defaults($_POST, 'desc' , ''));
$location = trim(defaults($_POST, 'location', ''));
$type = 'event';
$action = ($event_id == '') ? 'new' : "event/" . $event_id;
$onerror_path = "events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish";
$params = [
'summary' => $summary,
'description' => $desc,
'location' => $location,
'start' => $start_text,
'finish' => $finish_text,
'adjust' => $adjust,
'nofinish' => $nofinish,
];
$action = ($event_id == '') ? 'new' : 'event/' . $event_id;
$onerror_path = 'events/' . $action . '?' . http_build_query($params, null, null, PHP_QUERY_RFC3986);
if (strcmp($finish, $start) < 0 && !$nofinish) {
notice(L10n::t('Event can not end before it has started.') . EOL);
@ -137,10 +147,10 @@ function events_post(App $a)
if ($share) {
$str_group_allow = !empty($_POST['group_allow']) ? perms2str($_POST['group_allow']) : '';
$str_contact_allow = !empty($_POST['contact_allow']) ? perms2str($_POST['contact_allow']) : '';
$str_group_deny = !empty($_POST['group_deny']) ? perms2str($_POST['group_deny']) : '';
$str_contact_deny = !empty($_POST['contact_deny']) ? perms2str($_POST['contact_deny']) : '';
$str_group_allow = perms2str(defaults($_POST, 'group_allow' , ''));
$str_contact_allow = perms2str(defaults($_POST, 'contact_allow', ''));
$str_group_deny = perms2str(defaults($_POST, 'group_deny' , ''));
$str_contact_deny = perms2str(defaults($_POST, 'contact_deny' , ''));
// Undo the pseudo-contact of self, since there are real contacts now
if (strpos($str_contact_allow, '<' . $self . '>') !== false) {
@ -181,7 +191,7 @@ function events_post(App $a)
if (intval($_REQUEST['preview'])) {
$html = Event::getHTML($datarray);
echo $html;
killme();
exit();
}
$item_id = Event::store($datarray);
@ -364,8 +374,9 @@ function events_content(App $a)
}
if ($a->argc > 1 && $a->argv[1] === 'json') {
header('Content-Type: application/json');
echo json_encode($events);
killme();
exit();
}
if (!empty($_GET['id'])) {

View file

@ -27,7 +27,7 @@ function fbrowser_content(App $a)
$template_file = "filebrowser.tpl";
$mode = "";
if (x($_GET, 'mode')) {
if (!empty($_GET['mode'])) {
$mode = "?mode=".$_GET['mode'];
}
@ -142,7 +142,7 @@ function fbrowser_content(App $a)
break;
}
if (x($_GET, 'mode')) {
if (!empty($_GET['mode'])) {
return $o;
} else {
echo $o;

View file

@ -18,8 +18,7 @@ function fetch_init(App $a)
{
if (($a->argc != 3) || (!in_array($a->argv[1], ["post", "status_message", "reshare"]))) {
header($_SERVER["SERVER_PROTOCOL"].' 404 '.L10n::t('Not Found'));
killme();
System::httpExit(404);
}
$guid = $a->argv[2];
@ -45,15 +44,13 @@ function fetch_init(App $a)
}
}
header($_SERVER["SERVER_PROTOCOL"].' 404 '.L10n::t('Not Found'));
killme();
System::httpExit(404);
}
// Fetch some data from the author (We could combine both queries - but I think this is more readable)
$user = User::getOwnerDataById($item["uid"]);
if (!$user) {
header($_SERVER["SERVER_PROTOCOL"].' 404 '.L10n::t('Not Found'));
killme();
System::httpExit(404);
}
$status = Diaspora::buildStatus($item, $user);

View file

@ -144,11 +144,8 @@ function follow_content(App $a)
$r[0]['about'] = '';
}
$header = L10n::t('Connect/Follow');
$o = Renderer::replaceMacros($tpl, [
'$header' => htmlentities($header),
//'$photo' => ProxyUtils::proxifyUrl($ret['photo'], false, ProxyUtils::SIZE_SMALL),
'$header' => L10n::t('Connect/Follow'),
'$desc' => '',
'$pls_answer' => L10n::t('Please answer the following:'),
'$does_know_you' => ['knowyou', L10n::t('Does %s know you?', $ret['name']), false, '', [L10n::t('No'), L10n::t('Yes')]],
@ -170,13 +167,6 @@ function follow_content(App $a)
'$url_label' => L10n::t('Profile URL'),
'$myaddr' => $myaddr,
'$request' => $request,
/*
* @TODO commented out?
'$location' => Friendica\Content\Text\BBCode::::convert($r[0]['location']),
'$location_label'=> L10n::t('Location:'),
'$about' => Friendica\Content\Text\BBCode::::convert($r[0]['about'], false, false),
'$about_label' => L10n::t('About:'),
*/
'$keywords' => $r[0]['keywords'],
'$keywords_label'=> L10n::t('Tags:')
]);

View file

@ -22,7 +22,7 @@ function friendica_init(App $a)
}
$sql_extra = '';
if (x($a->config, 'admin_nickname')) {
if (!empty($a->config['admin_nickname'])) {
$sql_extra = sprintf(" AND `nickname` = '%s' ", DBA::escape(Config::get('config', 'admin_nickname')));
}
if (!empty(Config::get('config', 'admin_email'))) {
@ -41,7 +41,7 @@ function friendica_init(App $a)
Config::load('feature_lock');
$locked_features = [];
if (!empty($a->config['feature_lock']) && count($a->config['feature_lock'])) {
if (!empty($a->config['feature_lock'])) {
foreach ($a->config['feature_lock'] as $k => $v) {
if ($k === 'config_loaded') {
continue;

View file

@ -29,19 +29,19 @@ function hcard_init(App $a)
Profile::load($a, $which, $profile);
if ((x($a->profile, 'page-flags')) && ($a->profile['page-flags'] == Contact::PAGE_COMMUNITY)) {
if (!empty($a->profile['page-flags']) && ($a->profile['page-flags'] == Contact::PAGE_COMMUNITY)) {
$a->page['htmlhead'] .= '<meta name="friendica.community" content="true" />';
}
if (x($a->profile, 'openidserver')) {
if (!empty($a->profile['openidserver'])) {
$a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n";
}
if (x($a->profile, 'openid')) {
if (!empty($a->profile['openid'])) {
$delegate = ((strstr($a->profile['openid'], '://')) ? $a->profile['openid'] : 'http://' . $a->profile['openid']);
$a->page['htmlhead'] .= '<link rel="openid.delegate" href="' . $delegate . '" />' . "\r\n";
}
if (!$blocked) {
$keywords = ((x($a->profile, 'pub_keywords')) ? $a->profile['pub_keywords'] : '');
$keywords = defaults($a->profile, 'pub_keywords', '');
$keywords = str_replace([',',' ',',,'], [' ',',',','], $keywords);
if (strlen($keywords)) {
$a->page['htmlhead'] .= '<meta name="keywords" content="' . $keywords . '" />' . "\r\n";

View file

@ -29,10 +29,10 @@ function home_init(App $a) {
if(! function_exists('home_content')) {
function home_content(App $a) {
if (x($_SESSION,'theme')) {
if (!empty($_SESSION['theme'])) {
unset($_SESSION['theme']);
}
if (x($_SESSION,'mobile-theme')) {
if (!empty($_SESSION['mobile-theme'])) {
unset($_SESSION['mobile-theme']);
}

View file

@ -105,7 +105,7 @@ function hovercard_content()
'location' => $contact['location'],
'gender' => $contact['gender'],
'about' => $contact['about'],
'network' => Strings::formatNetworkName($contact['network'], $contact['url']),
'network_link' => Strings::formatNetworkName($contact['network'], $contact['url']),
'tags' => $contact['keywords'],
'bd' => $contact['birthday'] <= DBA::NULL_DATE ? '' : $contact['birthday'],
'account_type' => Contact::getAccountType($contact),

View file

@ -690,7 +690,7 @@ function item_post(App $a) {
}
$json = ['cancel' => 1];
if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) {
if (!empty($_REQUEST['jsreload'])) {
$json['reload'] = System::baseUrl() . '/' . $_REQUEST['jsreload'];
}
@ -869,7 +869,7 @@ function item_post_return($baseurl, $api_source, $return_path)
}
$json = ['success' => 1];
if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) {
if (!empty($_REQUEST['jsreload'])) {
$json['reload'] = $baseurl . '/' . $_REQUEST['jsreload'];
}

View file

@ -27,7 +27,7 @@ function like_content(App $a) {
}
// See if we've been passed a return path to redirect to
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
$return_path = defaults($_REQUEST, 'return', '');
like_content_return($a, $return_path);
killme(); // NOTREACHED

View file

@ -42,7 +42,7 @@ function localtime_content(App $a)
$o .= '<p>' . L10n::t('Current timezone: %s', $_REQUEST['timezone']) . '</p>';
}
if (x($a->data, 'mod-localtime')) {
if (!empty($a->data['mod-localtime'])) {
$o .= '<p>' . L10n::t('Converted localtime: %s', $a->data['mod-localtime']) . '</p>';
}

View file

@ -21,7 +21,7 @@ function manage_post(App $a) {
$uid = local_user();
$orig_record = $a->user;
if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
if(!empty($_SESSION['submanage'])) {
$r = q("select * from user where uid = %d limit 1",
intval($_SESSION['submanage'])
);
@ -37,7 +37,7 @@ function manage_post(App $a) {
$submanage = $r;
$identity = (x($_POST['identity']) ? intval($_POST['identity']) : 0);
$identity = (!empty($_POST['identity']) ? intval($_POST['identity']) : 0);
if (!$identity) {
return;
}
@ -101,13 +101,13 @@ function manage_post(App $a) {
unset($_SESSION['mobile-theme']);
unset($_SESSION['page_flags']);
unset($_SESSION['return_path']);
if (x($_SESSION, 'submanage')) {
if (!empty($_SESSION['submanage'])) {
unset($_SESSION['submanage']);
}
if (x($_SESSION, 'sysmsg')) {
if (!empty($_SESSION['sysmsg'])) {
unset($_SESSION['sysmsg']);
}
if (x($_SESSION, 'sysmsg_info')) {
if (!empty($_SESSION['sysmsg_info'])) {
unset($_SESSION['sysmsg_info']);
}

View file

@ -59,10 +59,10 @@ function message_post(App $a)
return;
}
$replyto = x($_REQUEST, 'replyto') ? Strings::escapeTags(trim($_REQUEST['replyto'])) : '';
$subject = x($_REQUEST, 'subject') ? Strings::escapeTags(trim($_REQUEST['subject'])) : '';
$body = x($_REQUEST, 'body') ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
$recipient = x($_REQUEST, 'messageto') ? intval($_REQUEST['messageto']) : 0;
$replyto = !empty($_REQUEST['replyto']) ? Strings::escapeTags(trim($_REQUEST['replyto'])) : '';
$subject = !empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '';
$body = !empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
$recipient = !empty($_REQUEST['messageto']) ? intval($_REQUEST['messageto']) : 0;
$ret = Mail::send($recipient, $body, $subject, $replyto);
$norecip = false;
@ -253,8 +253,8 @@ function message_content(App $a)
'$prefill' => $prefill,
'$preid' => $preid,
'$subject' => L10n::t('Subject:'),
'$subjtxt' => x($_REQUEST, 'subject') ? strip_tags($_REQUEST['subject']) : '',
'$text' => x($_REQUEST, 'body') ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : '',
'$subjtxt' => defaults($_REQUEST, 'subject', ''),
'$text' => defaults($_REQUEST, 'body', ''),
'$readonly' => '',
'$yourmessage'=> L10n::t('Your message:'),
'$select' => $select,
@ -431,24 +431,56 @@ function message_content(App $a)
}
}
function get_messages($user, $lstart, $lend)
/**
* @param int $uid
* @param int $start
* @param int $limit
* @return array
*/
function get_messages($uid, $start, $limit)
{
//TODO: rewritte with a sub-query to get the first message of each private thread with certainty
return q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`,
ANY_VALUE(`mail`.`id`) AS `id`, ANY_VALUE(`mail`.`uid`) AS `uid`, ANY_VALUE(`mail`.`guid`) AS `guid`,
ANY_VALUE(`mail`.`from-name`) AS `from-name`, ANY_VALUE(`mail`.`from-photo`) AS `from-photo`,
ANY_VALUE(`mail`.`from-url`) AS `from-url`, ANY_VALUE(`mail`.`contact-id`) AS `contact-id`,
ANY_VALUE(`mail`.`convid`) AS `convid`, ANY_VALUE(`mail`.`title`) AS `title`, ANY_VALUE(`mail`.`body`) AS `body`,
ANY_VALUE(`mail`.`seen`) AS `seen`, ANY_VALUE(`mail`.`reply`) AS `reply`, ANY_VALUE(`mail`.`replied`) AS `replied`,
ANY_VALUE(`mail`.`unknown`) AS `unknown`, ANY_VALUE(`mail`.`uri`) AS `uri`,
`mail`.`parent-uri`,
ANY_VALUE(`mail`.`created`) AS `created`, ANY_VALUE(`contact`.`name`) AS `name`, ANY_VALUE(`contact`.`url`) AS `url`,
ANY_VALUE(`contact`.`thumb`) AS `thumb`, ANY_VALUE(`contact`.`network`) AS `network`,
count( * ) as `count`
FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
WHERE `mail`.`uid` = %d GROUP BY `parent-uri` ORDER BY `mailcreated` DESC LIMIT %d , %d ",
intval($user), intval($lstart), intval($lend)
);
return DBA::toArray(DBA::p('SELECT
m.`id`,
m.`uid`,
m.`guid`,
m.`from-name`,
m.`from-photo`,
m.`from-url`,
m.`contact-id`,
m.`convid`,
m.`title`,
m.`body`,
m.`seen`,
m.`reply`,
m.`replied`,
m.`unknown`,
m.`uri`,
m.`parent-uri`,
m.`created`,
c.`name`,
c.`url`,
c.`thumb`,
c.`network`,
m2.`count`,
m2.`mailcreated`,
m2.`mailseen`
FROM `mail` m
JOIN (
SELECT
`parent-uri`,
MIN(`id`) AS `id`,
COUNT(*) AS `count`,
MAX(`created`) AS `mailcreated`,
MIN(`seen`) AS `mailseen`
FROM `mail`
WHERE `uid` = ?
GROUP BY `parent-uri`
) m2 ON m.`parent-uri` = m2.`parent-uri` AND m.`id` = m2.`id`
LEFT JOIN `contact` c ON m.`contact-id` = c.`id`
WHERE m.`uid` = ?
ORDER BY m2.`mailcreated` DESC
LIMIT ?, ?'
, $uid, $uid, $start, $limit));
}
function render_messages(array $msg, $t)

View file

@ -42,19 +42,19 @@ function network_init(App $a)
Hook::add('head', __FILE__, 'network_infinite_scroll_head');
$search = (x($_GET, 'search') ? Strings::escapeHtml($_GET['search']) : '');
$search = (!empty($_GET['search']) ? Strings::escapeHtml($_GET['search']) : '');
if (($search != '') && !empty($_GET['submit'])) {
$a->internalRedirect('search?search=' . urlencode($search));
}
if (x($_GET, 'save')) {
if (!empty($_GET['save'])) {
$exists = DBA::exists('search', ['uid' => local_user(), 'term' => $search]);
if (!$exists) {
DBA::insert('search', ['uid' => local_user(), 'term' => $search]);
}
}
if (x($_GET, 'remove')) {
if (!empty($_GET['remove'])) {
DBA::delete('search', ['uid' => local_user(), 'term' => $search]);
}
@ -63,9 +63,9 @@ function network_init(App $a)
$group_id = (($a->argc > 1 && is_numeric($a->argv[1])) ? intval($a->argv[1]) : 0);
$cid = 0;
if (x($_GET, 'cid') && intval($_GET['cid']) != 0) {
if (!empty($_GET['cid'])) {
$cid = $_GET['cid'];
$_GET['nets'] = 'all';
$_GET['nets'] = '';
$group_id = 0;
}
@ -86,7 +86,7 @@ function network_init(App $a)
// fetch last used network view and redirect if needed
if (!$is_a_date_query) {
$sel_nets = defaults($_GET, 'nets', false);
$sel_nets = defaults($_GET, 'nets', '');
$sel_tabs = network_query_get_sel_tab($a);
$sel_groups = network_query_get_sel_group($a);
$last_sel_tabs = PConfig::get(local_user(), 'network.view', 'tab.selected');
@ -137,7 +137,7 @@ function network_init(App $a)
}
}
if ($sel_nets !== false) {
if ($sel_nets) {
$net_args['nets'] = $sel_nets;
}
@ -151,34 +151,29 @@ function network_init(App $a)
}
}
// If nets is set to all, unset it
if (x($_GET, 'nets') && $_GET['nets'] === 'all') {
unset($_GET['nets']);
}
if (!x($a->page, 'aside')) {
if (empty($a->page['aside'])) {
$a->page['aside'] = '';
}
$a->page['aside'] .= Group::sidebarWidget('network/0', 'network', 'standard', $group_id);
$a->page['aside'] .= ForumManager::widget(local_user(), $cid);
$a->page['aside'] .= posted_date_widget('network', local_user(), false);
$a->page['aside'] .= Widget::networks('network', (x($_GET, 'nets') ? $_GET['nets'] : ''));
$a->page['aside'] .= Widget::networks('network', defaults($_GET, 'nets', '') );
$a->page['aside'] .= saved_searches($search);
$a->page['aside'] .= Widget::fileAs('network', (x($_GET, 'file') ? $_GET['file'] : ''));
$a->page['aside'] .= Widget::fileAs('network', defaults($_GET, 'file', '') );
}
function saved_searches($search)
{
$srchurl = '/network?f='
. ((x($_GET, 'cid')) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. ((x($_GET, 'star')) ? '&star=' . rawurlencode($_GET['star']) : '')
. ((x($_GET, 'bmark')) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. ((x($_GET, 'conv')) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. ((x($_GET, 'nets')) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. ((x($_GET, 'cmin')) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. ((x($_GET, 'cmax')) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. ((x($_GET, 'file')) ? '&file=' . rawurlencode($_GET['file']) : '');
. (!empty($_GET['cid']) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. (!empty($_GET['star']) ? '&star=' . rawurlencode($_GET['star']) : '')
. (!empty($_GET['bmark']) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. (!empty($_GET['conv']) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. (!empty($_GET['nets']) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. (!empty($_GET['cmin']) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. (!empty($_GET['cmax']) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. (!empty($_GET['file']) ? '&file=' . rawurlencode($_GET['file']) : '');
;
$terms = DBA::select('search', ['id', 'term'], ['uid' => local_user()]);
@ -233,15 +228,15 @@ function network_query_get_sel_tab(App $a)
$new_active = 'active';
}
if (x($_GET, 'star')) {
if (!empty($_GET['star'])) {
$starred_active = 'active';
}
if (x($_GET, 'bmark')) {
if (!empty($_GET['bmark'])) {
$bookmarked_active = 'active';
}
if (x($_GET, 'conv')) {
if (!empty($_GET['conv'])) {
$conv_active = 'active';
}
@ -249,7 +244,7 @@ function network_query_get_sel_tab(App $a)
$no_active = 'active';
}
if ($no_active == 'active' && x($_GET, 'order')) {
if ($no_active == 'active' && !empty($_GET['order'])) {
switch($_GET['order']) {
case 'post' : $postord_active = 'active'; $no_active=''; break;
case 'comment' : $all_active = 'active'; $no_active=''; break;
@ -672,7 +667,7 @@ function networkThreadedView(App $a, $update, $parent)
$entries[0] = [
'id' => 'network',
'name' => htmlentities($contact['name']),
'name' => $contact['name'],
'itemurl' => defaults($contact, 'addr', $contact['nurl']),
'thumb' => ProxyUtils::proxifyUrl($contact['thumb'], false, ProxyUtils::SIZE_THUMB),
'details' => $contact['location'],
@ -914,7 +909,7 @@ function networkThreadedView(App $a, $update, $parent)
$parents_str = implode(', ', $parents_arr);
}
if (x($_GET, 'offset')) {
if (!empty($_GET['offset'])) {
$date_offset = $_GET['offset'];
}
@ -968,7 +963,7 @@ function network_tabs(App $a)
$tabs = [
[
'label' => L10n::t('Commented Order'),
'url' => str_replace('/new', '', $cmd) . '?f=&order=comment' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
'url' => str_replace('/new', '', $cmd) . '?f=&order=comment' . (!empty($_GET['cid']) ? '&cid=' . $_GET['cid'] : ''),
'sel' => $all_active,
'title' => L10n::t('Sort by Comment Date'),
'id' => 'commented-order-tab',
@ -976,7 +971,7 @@ function network_tabs(App $a)
],
[
'label' => L10n::t('Posted Order'),
'url' => str_replace('/new', '', $cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
'url' => str_replace('/new', '', $cmd) . '?f=&order=post' . (!empty($_GET['cid']) ? '&cid=' . $_GET['cid'] : ''),
'sel' => $postord_active,
'title' => L10n::t('Sort by Post Date'),
'id' => 'posted-order-tab',
@ -986,7 +981,7 @@ function network_tabs(App $a)
$tabs[] = [
'label' => L10n::t('Personal'),
'url' => str_replace('/new', '', $cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&conv=1',
'url' => str_replace('/new', '', $cmd) . (!empty($_GET['cid']) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&conv=1',
'sel' => $conv_active,
'title' => L10n::t('Posts that mention or involve you'),
'id' => 'personal-tab',
@ -996,7 +991,7 @@ function network_tabs(App $a)
if (Feature::isEnabled(local_user(), 'new_tab')) {
$tabs[] = [
'label' => L10n::t('New'),
'url' => 'network/new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''),
'url' => 'network/new' . (!empty($_GET['cid']) ? '/?f=&cid=' . $_GET['cid'] : ''),
'sel' => $new_active,
'title' => L10n::t('Activity Stream - by date'),
'id' => 'activitiy-by-date-tab',
@ -1007,7 +1002,7 @@ function network_tabs(App $a)
if (Feature::isEnabled(local_user(), 'link_tab')) {
$tabs[] = [
'label' => L10n::t('Shared Links'),
'url' => str_replace('/new', '', $cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&bmark=1',
'url' => str_replace('/new', '', $cmd) . (!empty($_GET['cid']) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&bmark=1',
'sel' => $bookmarked_active,
'title' => L10n::t('Interesting Links'),
'id' => 'shared-links-tab',
@ -1017,7 +1012,7 @@ function network_tabs(App $a)
$tabs[] = [
'label' => L10n::t('Starred'),
'url' => str_replace('/new', '', $cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&star=1',
'url' => str_replace('/new', '', $cmd) . (!empty($_GET['cid']) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&star=1',
'sel' => $starred_active,
'title' => L10n::t('Favourite Posts'),
'id' => 'starred-posts-tab',
@ -1025,7 +1020,7 @@ function network_tabs(App $a)
];
// save selected tab, but only if not in file mode
if (!x($_GET, 'file')) {
if (empty($_GET['file'])) {
PConfig::set(local_user(), 'network.view', 'tab.selected', [
$all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active
]);

View file

@ -8,7 +8,8 @@ use Friendica\Core\L10n;
function newmember_content(App $a)
{
$o = '<h1>' . L10n::t('Welcome to Friendica') . '</h1>';
$o = '<div class="generic-page-wrapper">';
$o .= '<h1>' . L10n::t('Welcome to Friendica') . '</h1>';
$o .= '<h3>' . L10n::t('New Member Checklist') . '</h3>';
$o .= '<div style="font-size: 120%;">';
$o .= L10n::t('We would like to offer some tips and links to help make your experience enjoyable. Click any item to visit the relevant page. A link to this page will be visible from your home page for two weeks after your initial registration and then will quietly disappear.');
@ -54,6 +55,7 @@ function newmember_content(App $a)
$o .= '<li>' . '<a target="newmember" href="help">' . L10n::t('Go to the Help Section') . '</a><br />' . L10n::t('Our <strong>help</strong> pages may be consulted for detail on other program features and resources.') . '</li>' . EOL;
$o .= '</ul>';
$o .= '</div>';
$o .= '</div>';
return $o;
}

View file

@ -48,7 +48,7 @@ function noscrape_init(App $a)
exit;
}
$keywords = ((x($a->profile, 'pub_keywords')) ? $a->profile['pub_keywords'] : '');
$keywords = defaults($a->profile, 'pub_keywords', '');
$keywords = str_replace(['#',',',' ',',,'], ['',' ',',',','], $keywords);
$keywords = explode(',', $keywords);

View file

@ -59,7 +59,7 @@ function notes_content(App $a, $update = false)
}
$condition = ['uid' => local_user(), 'post-type' => Item::PT_PERSONAL_NOTE, 'gravity' => GRAVITY_PARENT,
'wall' => false, 'contact-id'=> $a->contact['id']];
'contact-id'=> $a->contact['id']];
$pager = new Pager($a->query_string, 40);
@ -70,7 +70,7 @@ function notes_content(App $a, $update = false)
$count = 0;
if (DBA::isResult($r)) {
$notes = DBA::toArray($r);
$notes = Item::inArray($r);
$count = count($notes);

View file

@ -237,7 +237,7 @@ function notifications_content(App $a)
$notif_content[] = Renderer::replaceMacros($tpl, [
'$type' => $notif['label'],
'$header' => htmlentities($header),
'$header' => $header,
'$str_notifytype' => L10n::t('Notification type:'),
'$notify_type' => $notif['notify_type'],
'$dfrn_text' => $dfrn_text,

View file

@ -33,13 +33,13 @@ function oexchange_content(App $a) {
return;
}
$url = ((x($_REQUEST,'url') && strlen($_REQUEST['url']))
$url = ((!empty($_REQUEST['url']))
? urlencode(Strings::escapeTags(trim($_REQUEST['url']))) : '');
$title = ((x($_REQUEST,'title') && strlen($_REQUEST['title']))
$title = ((!empty($_REQUEST['title']))
? '&title=' . urlencode(Strings::escapeTags(trim($_REQUEST['title']))) : '');
$description = ((x($_REQUEST,'description') && strlen($_REQUEST['description']))
$description = ((!empty($_REQUEST['description']))
? '&description=' . urlencode(Strings::escapeTags(trim($_REQUEST['description']))) : '');
$tags = ((x($_REQUEST,'tags') && strlen($_REQUEST['tags']))
$tags = ((!empty($_REQUEST['tags']))
? '&tags=' . urlencode(Strings::escapeTags(trim($_REQUEST['tags']))) : '');
$s = Network::fetchUrl(System::baseUrl() . '/parse_url?f=&url=' . $url . $title . $description . $tags);

View file

@ -20,7 +20,7 @@ function openid_content(App $a) {
Logger::log('mod_openid ' . print_r($_REQUEST,true), Logger::DATA);
if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
if(!empty($_GET['openid_mode']) && !empty($_SESSION['openid'])) {
$openid = new LightOpenID($a->getHostName());

View file

@ -77,8 +77,8 @@ function ostatus_subscribe_content(App $a)
$o .= '<p>' . $counter . '/' . $total . ': ' . $url;
$curlResult = Probe::uri($url);
if ($curlResult['network'] == Protocol::OSTATUS) {
$probed = Probe::uri($url);
if ($probed['network'] == Protocol::OSTATUS) {
$result = Contact::createFromProbe($uid, $url, true, Protocol::OSTATUS);
if ($result['success']) {
$o .= ' - ' . L10n::t('success');

View file

@ -47,8 +47,8 @@ function parse_url_content(App $a)
// Add url scheme if it is missing
$arrurl = parse_url($url);
if (!x($arrurl, 'scheme')) {
if (x($arrurl, 'host')) {
if (empty($arrurl['scheme'])) {
if (!empty($arrurl['host'])) {
$url = 'http:' . $url;
} else {
$url = 'http://' . $url;

View file

@ -365,7 +365,7 @@ function photos_post(App $a)
return; // NOTREACHED
}
if ($a->argc > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || !empty($_POST['albname']) !== false)) {
if ($a->argc > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) {
$desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : '';
$rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : '';
$item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;

View file

@ -373,12 +373,12 @@ function ping_init(App $a)
$sysmsgs = [];
$sysmsgs_info = [];
if (x($_SESSION, 'sysmsg')) {
if (!empty($_SESSION['sysmsg'])) {
$sysmsgs = $_SESSION['sysmsg'];
unset($_SESSION['sysmsg']);
}
if (x($_SESSION, 'sysmsg_info')) {
if (!empty($_SESSION['sysmsg_info'])) {
$sysmsgs_info = $_SESSION['sysmsg_info'];
unset($_SESSION['sysmsg_info']);
}
@ -483,7 +483,7 @@ function ping_get_notifications($uid)
if ($notification["visible"]
&& !$notification["deleted"]
&& !(x($result, $notification["parent"]) && !empty($result[$notification["parent"]]))
&& empty($result[$notification["parent"]])
) {
// Should we condense the notifications or show them all?
if (PConfig::get(local_user(), 'system', 'detailed_notif')) {

View file

@ -88,7 +88,7 @@ function poco_init(App $a) {
if (!empty($cid)) {
$sql_extra = sprintf(" AND `contact`.`id` = %d ", intval($cid));
}
if (x($_GET, 'updatedSince')) {
if (!empty($_GET['updatedSince'])) {
$update_limit = date(DateTimeFormat::MYSQL, strtotime($_GET['updatedSince']));
}
if ($global) {
@ -122,7 +122,7 @@ function poco_init(App $a) {
} else {
$startIndex = 0;
}
$itemsPerPage = ((x($_GET, 'count') && intval($_GET['count'])) ? intval($_GET['count']) : $totalResults);
$itemsPerPage = ((!empty($_GET['count'])) ? intval($_GET['count']) : $totalResults);
if ($global) {
Logger::log("Start global query", Logger::DEBUG);
@ -164,13 +164,13 @@ function poco_init(App $a) {
Logger::log("Query done", Logger::DEBUG);
$ret = [];
if (x($_GET, 'sorted')) {
if (!empty($_GET['sorted'])) {
$ret['sorted'] = false;
}
if (x($_GET, 'filtered')) {
if (!empty($_GET['filtered'])) {
$ret['filtered'] = false;
}
if (x($_GET, 'updatedSince') && ! $global) {
if (!empty($_GET['updatedSince']) && ! $global) {
$ret['updatedSince'] = false;
}
$ret['startIndex'] = (int) $startIndex;
@ -196,7 +196,7 @@ function poco_init(App $a) {
'generation' => false
];
if ((! x($_GET, 'fields')) || ($_GET['fields'] === '@all')) {
if (empty($_GET['fields']) || ($_GET['fields'] === '@all')) {
foreach ($fields_ret as $k => $v) {
$fields_ret[$k] = true;
}

View file

@ -54,7 +54,7 @@ function poke_init(App $a)
return;
}
$parent = (x($_GET,'parent') ? intval($_GET['parent']) : 0);
$parent = (!empty($_GET['parent']) ? intval($_GET['parent']) : 0);
Logger::log('poke: verb ' . $verb . ' contact ' . $contact_id, Logger::DEBUG);
@ -86,7 +86,7 @@ function poke_init(App $a)
$deny_gid = $item['deny_gid'];
}
} else {
$private = (x($_GET,'private') ? intval($_GET['private']) : 0);
$private = (!empty($_GET['private']) ? intval($_GET['private']) : 0);
$allow_cid = ($private ? '<' . $target['id']. '>' : $a->user['allow_cid']);
$allow_gid = ($private ? '' : $a->user['allow_gid']);
@ -169,7 +169,7 @@ function poke_content(App $a)
]);
$parent = (x($_GET,'parent') ? intval($_GET['parent']) : '0');
$parent = (!empty($_GET['parent']) ? intval($_GET['parent']) : '0');
$verbs = L10n::getPokeVerbs();

View file

@ -15,7 +15,8 @@ function probe_content(App $a)
killme();
}
$o = '<h3>Probe Diagnostic</h3>';
$o = '<div class="generic-page-wrapper">';
$o .= '<h3>Probe Diagnostic</h3>';
$o .= '<form action="probe" method="get">';
$o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . defaults($_GET, 'addr', '') . '" />';
@ -30,6 +31,7 @@ function probe_content(App $a)
$o .= str_replace("\n", '<br />', print_r($res, true));
$o .= '</pre>';
}
$o .= '</div>';
return $o;
}

View file

@ -33,24 +33,16 @@ function profile_init(App $a)
$a->page['aside'] = '';
}
if ($a->argc > 1) {
$which = htmlspecialchars($a->argv[1]);
} else {
$r = q("SELECT `nickname` FROM `user` WHERE `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 ORDER BY RAND() LIMIT 1");
if (DBA::isResult($r)) {
$a->internalRedirect('profile/' . $r[0]['nickname']);
} else {
Logger::log('profile error: mod_profile ' . $a->query_string, Logger::DEBUG);
notice(L10n::t('Requested profile is not available.') . EOL);
$a->error = 404;
return;
}
if ($a->argc < 2) {
System::httpExit(400);
}
$which = filter_var($a->argv[1], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_STRIP_BACKTICK);
$profile = 0;
if (local_user() && $a->argc > 2 && $a->argv[2] === 'view') {
$which = $a->user['nickname'];
$profile = htmlspecialchars($a->argv[1]);
$profile = filter_var($a->argv[1], FILTER_SANITIZE_NUMBER_INT);
} else {
DFRN::autoRedir($a, $which);
}
@ -139,6 +131,7 @@ function profile_content(App $a, $update = 0)
require_once 'include/items.php';
$groups = [];
$remote_cid = null;
$tab = 'posts';
$o = '';
@ -150,42 +143,18 @@ function profile_content(App $a, $update = 0)
Nav::setSelected('home');
}
$contact = null;
$remote_contact = false;
$contact_id = 0;
if (!empty($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $a->profile['profile_uid']) {
$contact_id = $v['cid'];
break;
}
}
}
if ($contact_id) {
$groups = Group::getIdsByContactId($contact_id);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($contact_id),
intval($a->profile['profile_uid'])
);
if (DBA::isResult($r)) {
$contact = $r[0];
$remote_contact = true;
}
}
if (!$remote_contact) {
if (local_user()) {
$contact_id = $_SESSION['cid'];
$contact = $a->contact;
}
}
$remote_contact = Contact::isFollower(remote_user(), $a->profile['profile_uid']);
$is_owner = local_user() == $a->profile['profile_uid'];
$last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . remote_user();
if ($remote_contact) {
$cdata = Contact::getPublicAndUserContacID(remote_user(), $a->profile['profile_uid']);
if (!empty($cdata['user'])) {
$groups = Group::getIdsByContactId($cdata['user']);
$remote_cid = $cdata['user'];
}
}
if (!empty($a->profile['hidewall']) && !$is_owner && !$remote_contact) {
notice(L10n::t('Access to this profile has been restricted.') . EOL);
return;
@ -236,13 +205,12 @@ function profile_content(App $a, $update = 0)
}
}
// Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $remote_contact, $groups);
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $remote_contact, $groups, $remote_cid);
$sql_extra2 = '';
if ($update) {
$last_updated = (!empty($_SESSION['last_updated'][$last_updated_key]) ? $_SESSION['last_updated'][$last_updated_key] : 0);
$last_updated = (defaults($_SESSION['last_updated'], $last_updated_key, 0));
// If the page user is the owner of the page we should query for unseen
// items. Otherwise use a timestamp of the last succesful update request.
@ -350,7 +318,7 @@ function profile_content(App $a, $update = 0)
}
}
$o .= conversation($a, $items, $pager, 'profile', $update, false, 'created', local_user());
$o .= conversation($a, $items, $pager, 'profile', $update, false, 'created', $a->profile['profile_uid']);
if (!$update) {
$o .= $pager->renderMinimal(count($items));

View file

@ -251,7 +251,7 @@ function profiles_post(App $a) {
$marital = Strings::escapeTags(trim($_POST['marital']));
$howlong = Strings::escapeTags(trim($_POST['howlong']));
$with = ((x($_POST,'with')) ? Strings::escapeTags(trim($_POST['with'])) : '');
$with = (!empty($_POST['with']) ? Strings::escapeTags(trim($_POST['with'])) : '');
if (! strlen($howlong)) {
$howlong = DBA::NULL_DATETIME;

View file

@ -7,6 +7,7 @@ use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Protocol\OStatus;
use Friendica\Util\Strings;
use Friendica\Core\System;
require_once 'include/items.php';
@ -16,7 +17,7 @@ function hub_return($valid, $body)
header($_SERVER["SERVER_PROTOCOL"] . ' 200 OK');
echo $body;
} else {
header($_SERVER["SERVER_PROTOCOL"] . ' 404 Not Found');
System::httpExit(404);
}
killme();
}
@ -25,8 +26,7 @@ function hub_return($valid, $body)
function hub_post_return()
{
header($_SERVER["SERVER_PROTOCOL"] . ' 200 OK');
killme();
System::httpExit(200);
}
function pubsub_init(App $a)

View file

@ -10,7 +10,7 @@ use Friendica\Util\Network;
use Friendica\Util\Strings;
function post_var($name) {
return (x($_POST, $name)) ? Strings::escapeTags(trim($_POST[$name])) : '';
return !empty($_POST[$name]) ? Strings::escapeTags(trim($_POST[$name])) : '';
}
function pubsubhubbub_init(App $a) {

View file

@ -9,6 +9,7 @@ use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Model\Profile;
use Friendica\Util\Strings;
use Friendica\Util\Network;
function redir_init(App $a) {
@ -34,8 +35,7 @@ function redir_init(App $a) {
$contact_url = $contact['url'];
if ($contact['network'] !== Protocol::DFRN // Authentication isn't supported for non DFRN contacts.
|| (!local_user() && !remote_user()) // Visitors (not logged in or not remotes) can't authenticate.
if ((!local_user() && !remote_user()) // Visitors (not logged in or not remotes) can't authenticate.
|| (!empty($a->contact['id']) && $a->contact['id'] == $cid)) // Local user is already authenticated.
{
$a->redirect(defaults($url, $contact_url));
@ -67,7 +67,7 @@ function redir_init(App $a) {
// for authentification everytime he/she is visiting a profile page of the local
// contact.
if ($host == $remotehost
&& x($_SESSION, 'remote')
&& !empty($_SESSION['remote'])
&& is_array($_SESSION['remote']))
{
foreach ($_SESSION['remote'] as $v) {
@ -81,8 +81,17 @@ function redir_init(App $a) {
}
}
// When the remote page does support OWA, then we enforce the use of it
$basepath = Contact::getBasepath($contact_url);
if ($basepath == System::baseUrl()) {
$use_magic = true;
} else {
$serverret = Network::curl($basepath . '/magic');
$use_magic = $serverret->isSuccess();
}
// Doing remote auth with dfrn.
if (local_user() && (!empty($contact['dfrn-id']) || !empty($contact['issued-id'])) && empty($contact['pending'])) {
if (local_user() && !$use_magic && (!empty($contact['dfrn-id']) || !empty($contact['issued-id'])) && empty($contact['pending'])) {
$dfrn_id = $orig_id = (($contact['issued-id']) ? $contact['issued-id'] : $contact['dfrn-id']);
if ($contact['duplex'] && $contact['issued-id']) {

View file

@ -84,7 +84,7 @@ function register_post(App $a)
$using_invites = Config::get('system', 'invitation_only');
$num_invites = Config::get('system', 'number_invites');
$invite_id = ((x($_POST, 'invite_id')) ? Strings::escapeTags(trim($_POST['invite_id'])) : '');
$invite_id = (!empty($_POST['invite_id']) ? Strings::escapeTags(trim($_POST['invite_id'])) : '');
if (intval(Config::get('config', 'register_policy')) === REGISTER_OPEN) {
if ($using_invites && $invite_id) {
@ -93,7 +93,7 @@ function register_post(App $a)
}
// Only send a password mail when the password wasn't manually provided
if (!x($_POST, 'password1') || !x($_POST, 'confirm')) {
if (empty($_POST['password1']) || empty($_POST['confirm'])) {
$res = Model\User::sendRegisterOpenEmail(
$user,
Config::get('config', 'sitename'),
@ -195,38 +195,33 @@ function register_content(App $a)
}
}
if (x($_SESSION, 'theme')) {
if (!empty($_SESSION['theme'])) {
unset($_SESSION['theme']);
}
if (x($_SESSION, 'mobile-theme')) {
if (!empty($_SESSION['mobile-theme'])) {
unset($_SESSION['mobile-theme']);
}
$username = x($_REQUEST, 'username') ? $_REQUEST['username'] : '';
$email = x($_REQUEST, 'email') ? $_REQUEST['email'] : '';
$openid_url = x($_REQUEST, 'openid_url') ? $_REQUEST['openid_url'] : '';
$nickname = x($_REQUEST, 'nickname') ? $_REQUEST['nickname'] : '';
$photo = x($_REQUEST, 'photo') ? $_REQUEST['photo'] : '';
$invite_id = x($_REQUEST, 'invite_id') ? $_REQUEST['invite_id'] : '';
$username = defaults($_REQUEST, 'username' , '');
$email = defaults($_REQUEST, 'email' , '');
$openid_url = defaults($_REQUEST, 'openid_url', '');
$nickname = defaults($_REQUEST, 'nickname' , '');
$photo = defaults($_REQUEST, 'photo' , '');
$invite_id = defaults($_REQUEST, 'invite_id' , '');
$noid = Config::get('system', 'no_openid');
if ($noid) {
$oidhtml = '';
$fillwith = '';
$fillext = '';
$oidlabel = '';
} else {
$oidhtml = '<label for="register-openid" id="label-register-openid" >$oidlabel</label><input type="text" maxlength="60" size="32" name="openid_url" class="openid" id="register-openid" value="$openid" >';
$fillwith = L10n::t("You may \x28optionally\x29 fill in this form via OpenID by supplying your OpenID and clicking 'Register'.");
$fillext = L10n::t('If you are not familiar with OpenID, please leave that field blank and fill in the rest of the items.');
$oidlabel = L10n::t("Your OpenID \x28optional\x29: ");
}
// I set this and got even more fake names than before...
$realpeople = ''; // L10n::t('Members of this network prefer to communicate with real people who use their real names.');
if (Config::get('system', 'publish_all')) {
$profile_publish = '<input type="hidden" name="profile_publish_reg" value="1" />';
} else {
@ -244,8 +239,6 @@ function register_content(App $a)
$r = q("SELECT COUNT(*) AS `contacts` FROM `contact`");
$passwords = !$r[0]["contacts"];
$license = '';
$tpl = Renderer::getMarkupTemplate("register.tpl");
$arr = ['template' => $tpl];
@ -257,14 +250,12 @@ function register_content(App $a)
$tos = new Tos();
$o = Renderer::replaceMacros($tpl, [
'$oidhtml' => $oidhtml,
'$invitations' => Config::get('system', 'invitation_only'),
'$permonly' => intval(Config::get('config', 'register_policy')) === REGISTER_APPROVE,
'$permonlybox' => ['permonlybox', L10n::t('Note for the admin'), '', L10n::t('Leave a message for the admin, why you want to join this node')],
'$invite_desc' => L10n::t('Membership on this site is by invitation only.'),
'$invite_label' => L10n::t('Your invitation code: '),
'$invite_id' => $invite_id,
'$realpeople' => $realpeople,
'$regtitle' => L10n::t('Registration'),
'$registertext' => BBCode::convert(Config::get('config', 'register_text', '')),
'$fillwith' => $fillwith,
@ -284,7 +275,6 @@ function register_content(App $a)
'$username' => $username,
'$email' => $email,
'$nickname' => $nickname,
'$license' => $license,
'$sitename' => $a->getHostName(),
'$importh' => L10n::t('Import'),
'$importt' => L10n::t('Import your profile to this friendica instance'),

View file

@ -20,15 +20,15 @@ function removeme_post(App $a)
return;
}
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
return;
}
if ((!x($_POST, 'qxz_password')) || (!strlen(trim($_POST['qxz_password'])))) {
if (empty($_POST['qxz_password'])) {
return;
}
if ((!x($_POST, 'verify')) || (!strlen(trim($_POST['verify'])))) {
if (empty($_POST['verify'])) {
return;
}

View file

@ -24,7 +24,7 @@ require_once 'mod/dirfind.php';
function search_saved_searches() {
$o = '';
$search = ((x($_GET,'search')) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
$search = (!empty($_GET['search']) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
$r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d",
intval(local_user())
@ -60,10 +60,10 @@ function search_saved_searches() {
function search_init(App $a) {
$search = ((x($_GET,'search')) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
$search = (!empty($_GET['search']) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
if (local_user()) {
if (x($_GET,'save') && $search) {
if (!empty($_GET['save']) && $search) {
$r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1",
intval(local_user()),
DBA::escape($search)
@ -72,7 +72,7 @@ function search_init(App $a) {
DBA::insert('search', ['uid' => local_user(), 'term' => $search]);
}
}
if (x($_GET,'remove') && $search) {
if (!empty($_GET['remove']) && $search) {
DBA::delete('search', ['uid' => local_user(), 'term' => $search]);
}
@ -92,14 +92,6 @@ function search_init(App $a) {
}
function search_post(App $a) {
if (x($_POST,'search'))
$a->data['search'] = $_POST['search'];
}
function search_content(App $a) {
if (Config::get('system','block_public') && !local_user() && !remote_user()) {
@ -145,16 +137,12 @@ function search_content(App $a) {
Nav::setSelected('search');
$search = '';
if (x($a->data,'search'))
$search = Strings::escapeTags(trim($a->data['search']));
else
$search = ((x($_GET,'search')) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
$search = (!empty($_REQUEST['search']) ? Strings::escapeTags(trim(rawurldecode($_REQUEST['search']))) : '');
$tag = false;
if (x($_GET,'tag')) {
if (!empty($_GET['tag'])) {
$tag = true;
$search = (x($_GET,'tag') ? '#' . Strings::escapeTags(trim(rawurldecode($_GET['tag']))) : '');
$search = (!empty($_GET['tag']) ? '#' . Strings::escapeTags(trim(rawurldecode($_GET['tag']))) : '');
}
// contruct a wrapper for the search header
@ -176,7 +164,7 @@ function search_content(App $a) {
return dirfind_content($a);
}
if (x($_GET,'search-option'))
if (!empty($_GET['search-option']))
switch($_GET['search-option']) {
case 'fulltext':
break;

View file

@ -146,18 +146,18 @@ function settings_post(App $a)
return;
}
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
return;
}
if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) {
if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
notice(L10n::t('Permission denied.') . EOL);
return;
}
$old_page_flags = $a->user['page-flags'];
if (($a->argc > 1) && ($a->argv[1] === 'oauth') && x($_POST, 'remove')) {
if (($a->argc > 1) && ($a->argv[1] === 'oauth') && !empty($_POST['remove'])) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/oauth', 'settings_oauth');
$key = $_POST['remove'];
@ -166,7 +166,7 @@ function settings_post(App $a)
return;
}
if (($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit'||($a->argv[2] === 'add')) && x($_POST, 'submit')) {
if (($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit'||($a->argv[2] === 'add')) && !empty($_POST['submit'])) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/oauth', 'settings_oauth');
$name = defaults($_POST, 'name' , '');
@ -222,23 +222,23 @@ function settings_post(App $a)
if (($a->argc > 1) && ($a->argv[1] == 'connectors')) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/connectors', 'settings_connectors');
if (x($_POST, 'general-submit')) {
if (!empty($_POST['general-submit'])) {
PConfig::set(local_user(), 'system', 'disable_cw', intval($_POST['disable_cw']));
PConfig::set(local_user(), 'system', 'no_intelligent_shortening', intval($_POST['no_intelligent_shortening']));
PConfig::set(local_user(), 'system', 'ostatus_autofriend', intval($_POST['snautofollow']));
PConfig::set(local_user(), 'ostatus', 'default_group', $_POST['group-selection']);
PConfig::set(local_user(), 'ostatus', 'legacy_contact', $_POST['legacy_contact']);
} elseif (x($_POST, 'imap-submit')) {
} elseif (!empty($_POST['imap-submit'])) {
$mail_server = ((x($_POST, 'mail_server')) ? $_POST['mail_server'] : '');
$mail_port = ((x($_POST, 'mail_port')) ? $_POST['mail_port'] : '');
$mail_ssl = ((x($_POST, 'mail_ssl')) ? strtolower(trim($_POST['mail_ssl'])) : '');
$mail_user = ((x($_POST, 'mail_user')) ? $_POST['mail_user'] : '');
$mail_pass = ((x($_POST, 'mail_pass')) ? trim($_POST['mail_pass']) : '');
$mail_action = ((x($_POST, 'mail_action')) ? trim($_POST['mail_action']) : '');
$mail_movetofolder = ((x($_POST, 'mail_movetofolder')) ? trim($_POST['mail_movetofolder']) : '');
$mail_replyto = ((x($_POST, 'mail_replyto')) ? $_POST['mail_replyto'] : '');
$mail_pubmail = ((x($_POST, 'mail_pubmail')) ? $_POST['mail_pubmail'] : '');
$mail_server = defaults($_POST, 'mail_server', '');
$mail_port = defaults($_POST, 'mail_port', '');
$mail_ssl = (!empty($_POST['mail_ssl']) ? strtolower(trim($_POST['mail_ssl'])) : '');
$mail_user = defaults($_POST, 'mail_user', '');
$mail_pass = (!empty($_POST['mail_pass']) ? trim($_POST['mail_pass']) : '');
$mail_action = (!empty($_POST['mail_action']) ? trim($_POST['mail_action']) : '');
$mail_movetofolder = (!empty($_POST['mail_movetofolder']) ? trim($_POST['mail_movetofolder']) : '');
$mail_replyto = defaults($_POST, 'mail_replyto', '');
$mail_pubmail = defaults($_POST, 'mail_pubmail', '');
$mail_disabled = ((function_exists('imap_open') && (!Config::get('system', 'imap_disabled'))) ? 0 : 1);
@ -315,17 +315,17 @@ function settings_post(App $a)
if (($a->argc > 1) && ($a->argv[1] === 'display')) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/display', 'settings_display');
$theme = x($_POST, 'theme') ? Strings::escapeTags(trim($_POST['theme'])) : $a->user['theme'];
$mobile_theme = x($_POST, 'mobile_theme') ? Strings::escapeTags(trim($_POST['mobile_theme'])) : '';
$nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0;
$first_day_of_week = x($_POST, 'first_day_of_week') ? intval($_POST['first_day_of_week']) : 0;
$noinfo = x($_POST, 'noinfo') ? intval($_POST['noinfo']) : 0;
$infinite_scroll = x($_POST, 'infinite_scroll') ? intval($_POST['infinite_scroll']) : 0;
$no_auto_update = x($_POST, 'no_auto_update') ? intval($_POST['no_auto_update']) : 0;
$bandwidth_saver = x($_POST, 'bandwidth_saver') ? intval($_POST['bandwidth_saver']) : 0;
$smart_threading = x($_POST, 'smart_threading') ? intval($_POST['smart_threading']) : 0;
$nowarn_insecure = x($_POST, 'nowarn_insecure') ? intval($_POST['nowarn_insecure']) : 0;
$browser_update = x($_POST, 'browser_update') ? intval($_POST['browser_update']) : 0;
$theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : $a->user['theme'];
$mobile_theme = !empty($_POST['mobile_theme']) ? Strings::escapeTags(trim($_POST['mobile_theme'])) : '';
$nosmile = !empty($_POST['nosmile']) ? intval($_POST['nosmile']) : 0;
$first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0;
$noinfo = !empty($_POST['noinfo']) ? intval($_POST['noinfo']) : 0;
$infinite_scroll = !empty($_POST['infinite_scroll']) ? intval($_POST['infinite_scroll']) : 0;
$no_auto_update = !empty($_POST['no_auto_update']) ? intval($_POST['no_auto_update']) : 0;
$bandwidth_saver = !empty($_POST['bandwidth_saver']) ? intval($_POST['bandwidth_saver']) : 0;
$smart_threading = !empty($_POST['smart_threading']) ? intval($_POST['smart_threading']) : 0;
$nowarn_insecure = !empty($_POST['nowarn_insecure']) ? intval($_POST['nowarn_insecure']) : 0;
$browser_update = !empty($_POST['browser_update']) ? intval($_POST['browser_update']) : 0;
if ($browser_update != -1) {
$browser_update = $browser_update * 1000;
if ($browser_update < 10000) {
@ -333,11 +333,11 @@ function settings_post(App $a)
}
}
$itemspage_network = x($_POST, 'itemspage_network') ? intval($_POST['itemspage_network']) : 40;
$itemspage_network = !empty($_POST['itemspage_network']) ? intval($_POST['itemspage_network']) : 40;
if ($itemspage_network > 100) {
$itemspage_network = 100;
}
$itemspage_mobile_network = x($_POST, 'itemspage_mobile_network') ? intval($_POST['itemspage_mobile_network']) : 20;
$itemspage_mobile_network = !empty($_POST['itemspage_mobile_network']) ? intval($_POST['itemspage_mobile_network']) : 20;
if ($itemspage_mobile_network > 100) {
$itemspage_mobile_network = 100;
}
@ -379,7 +379,7 @@ function settings_post(App $a)
BaseModule::checkFormSecurityTokenRedirectOnError('/settings', 'settings');
if (x($_POST,'resend_relocate')) {
if (!empty($_POST['resend_relocate'])) {
Worker::add(PRIORITY_HIGH, 'Notifier', 'relocate', local_user());
info(L10n::t("Relocate message has been send to your contacts"));
$a->internalRedirect('settings');
@ -387,7 +387,7 @@ function settings_post(App $a)
Addon::callHooks('settings_post', $_POST);
if (x($_POST, 'password') || x($_POST, 'confirm')) {
if (!empty($_POST['password']) || !empty($_POST['confirm'])) {
$newpass = $_POST['password'];
$confirm = $_POST['confirm'];
@ -397,7 +397,7 @@ function settings_post(App $a)
$err = true;
}
if (!x($newpass) || !x($confirm)) {
if (empty($newpass) || empty($confirm)) {
notice(L10n::t('Empty passwords are not allowed. Password unchanged.') . EOL);
$err = true;
}
@ -423,35 +423,35 @@ function settings_post(App $a)
}
}
$username = ((x($_POST, 'username')) ? Strings::escapeTags(trim($_POST['username'])) : '');
$email = ((x($_POST, 'email')) ? Strings::escapeTags(trim($_POST['email'])) : '');
$timezone = ((x($_POST, 'timezone')) ? Strings::escapeTags(trim($_POST['timezone'])) : '');
$language = ((x($_POST, 'language')) ? Strings::escapeTags(trim($_POST['language'])) : '');
$username = (!empty($_POST['username']) ? Strings::escapeTags(trim($_POST['username'])) : '');
$email = (!empty($_POST['email']) ? Strings::escapeTags(trim($_POST['email'])) : '');
$timezone = (!empty($_POST['timezone']) ? Strings::escapeTags(trim($_POST['timezone'])) : '');
$language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
$defloc = ((x($_POST, 'defloc')) ? Strings::escapeTags(trim($_POST['defloc'])) : '');
$openid = ((x($_POST, 'openid_url')) ? Strings::escapeTags(trim($_POST['openid_url'])) : '');
$maxreq = ((x($_POST, 'maxreq')) ? intval($_POST['maxreq']) : 0);
$expire = ((x($_POST, 'expire')) ? intval($_POST['expire']) : 0);
$def_gid = ((x($_POST, 'group-selection')) ? intval($_POST['group-selection']) : 0);
$defloc = (!empty($_POST['defloc']) ? Strings::escapeTags(trim($_POST['defloc'])) : '');
$openid = (!empty($_POST['openid_url']) ? Strings::escapeTags(trim($_POST['openid_url'])) : '');
$maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
$expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
$def_gid = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
$expire_items = ((x($_POST, 'expire_items')) ? intval($_POST['expire_items']) : 0);
$expire_notes = ((x($_POST, 'expire_notes')) ? intval($_POST['expire_notes']) : 0);
$expire_starred = ((x($_POST, 'expire_starred')) ? intval($_POST['expire_starred']) : 0);
$expire_photos = ((x($_POST, 'expire_photos'))? intval($_POST['expire_photos']) : 0);
$expire_network_only = ((x($_POST, 'expire_network_only'))? intval($_POST['expire_network_only']) : 0);
$expire_items = (!empty($_POST['expire_items']) ? intval($_POST['expire_items']) : 0);
$expire_notes = (!empty($_POST['expire_notes']) ? intval($_POST['expire_notes']) : 0);
$expire_starred = (!empty($_POST['expire_starred']) ? intval($_POST['expire_starred']) : 0);
$expire_photos = (!empty($_POST['expire_photos'])? intval($_POST['expire_photos']) : 0);
$expire_network_only = (!empty($_POST['expire_network_only'])? intval($_POST['expire_network_only']) : 0);
$allow_location = (((x($_POST, 'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
$publish = (((x($_POST, 'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
$net_publish = (((x($_POST, 'profile_in_netdirectory')) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0);
$old_visibility = (((x($_POST, 'visibility')) && (intval($_POST['visibility']) == 1)) ? 1 : 0);
$account_type = (((x($_POST, 'account-type')) && (intval($_POST['account-type']))) ? intval($_POST['account-type']) : 0);
$page_flags = (((x($_POST, 'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0);
$blockwall = (((x($_POST, 'blockwall')) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted!
$blocktags = (((x($_POST, 'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted!
$unkmail = (((x($_POST, 'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0);
$cntunkmail = ((x($_POST, 'cntunkmail')) ? intval($_POST['cntunkmail']) : 0);
$suggestme = ((x($_POST, 'suggestme')) ? intval($_POST['suggestme']) : 0);
$allow_location = ((!empty($_POST['allow_location']) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
$publish = ((!empty($_POST['profile_in_directory']) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
$net_publish = ((!empty($_POST['profile_in_netdirectory']) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0);
$old_visibility = ((!empty($_POST['visibility']) && (intval($_POST['visibility']) == 1)) ? 1 : 0);
$account_type = ((!empty($_POST['account-type']) && (intval($_POST['account-type']))) ? intval($_POST['account-type']) : 0);
$page_flags = ((!empty($_POST['page-flags']) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0);
$blockwall = ((!empty($_POST['blockwall']) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted!
$blocktags = ((!empty($_POST['blocktags']) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted!
$unkmail = ((!empty($_POST['unkmail']) && (intval($_POST['unkmail']) == 1)) ? 1: 0);
$cntunkmail = (!empty($_POST['cntunkmail']) ? intval($_POST['cntunkmail']) : 0);
$suggestme = (!empty($_POST['suggestme']) ? intval($_POST['suggestme']) : 0);
$hide_friends = (($_POST['hide-friends'] == 1) ? 1: 0);
$hidewall = (($_POST['hidewall'] == 1) ? 1: 0);
@ -460,28 +460,28 @@ function settings_post(App $a)
$notify = 0;
if (x($_POST, 'notify1')) {
if (!empty($_POST['notify1'])) {
$notify += intval($_POST['notify1']);
}
if (x($_POST, 'notify2')) {
if (!empty($_POST['notify2'])) {
$notify += intval($_POST['notify2']);
}
if (x($_POST, 'notify3')) {
if (!empty($_POST['notify3'])) {
$notify += intval($_POST['notify3']);
}
if (x($_POST, 'notify4')) {
if (!empty($_POST['notify4'])) {
$notify += intval($_POST['notify4']);
}
if (x($_POST, 'notify5')) {
if (!empty($_POST['notify5'])) {
$notify += intval($_POST['notify5']);
}
if (x($_POST, 'notify6')) {
if (!empty($_POST['notify6'])) {
$notify += intval($_POST['notify6']);
}
if (x($_POST, 'notify7')) {
if (!empty($_POST['notify7'])) {
$notify += intval($_POST['notify7']);
}
if (x($_POST, 'notify8')) {
if (!empty($_POST['notify8'])) {
$notify += intval($_POST['notify8']);
}
@ -666,7 +666,7 @@ function settings_content(App $a)
return Login::form();
}
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
notice(L10n::t('Permission denied.') . EOL);
return;
}
@ -796,7 +796,7 @@ function settings_content(App $a)
$default_group = PConfig::get(local_user(), 'ostatus', 'default_group');
$legacy_contact = PConfig::get(local_user(), 'ostatus', 'legacy_contact');
if (x($legacy_contact)) {
if (!empty($legacy_contact)) {
/// @todo Isn't it supposed to be a $a->internalRedirect() call?
$a->page['htmlhead'] = '<meta http-equiv="refresh" content="0; URL=' . System::baseUrl().'/ostatus_subscribe?url=' . urlencode($legacy_contact) . '">';
}

View file

@ -33,7 +33,7 @@ function starred_init(App $a) {
Item::update(['starred' => $starred], ['id' => $message_id]);
// See if we've been passed a return path to redirect to
$return_path = (x($_REQUEST,'return') ? $_REQUEST['return'] : '');
$return_path = defaults($_REQUEST, 'return', '');
if ($return_path) {
$rand = '_=' . time();
if (strpos($return_path, '?')) {

View file

@ -20,7 +20,7 @@ function suggest_init(App $a)
return;
}
if (x($_GET,'ignore') && intval($_GET['ignore'])) {
if (!empty($_GET['ignore'])) {
// Check if we should do HTML-based delete confirmation
if ($_REQUEST['confirm']) {
// <form> can't take arguments in its "action" parameter

View file

@ -17,7 +17,7 @@ function tagrm_post(App $a)
$a->internalRedirect($_SESSION['photo_return']);
}
if (x($_POST,'submit') && ($_POST['submit'] === L10n::t('Cancel'))) {
if (!empty($_POST['submit']) && ($_POST['submit'] === L10n::t('Cancel'))) {
$a->internalRedirect($_SESSION['photo_return']);
}

View file

@ -42,10 +42,10 @@ function uimport_content(App $a)
}
if (x($_SESSION, 'theme')) {
if (!empty($_SESSION['theme'])) {
unset($_SESSION['theme']);
}
if (x($_SESSION, 'mobile-theme')) {
if (!empty($_SESSION['mobile-theme'])) {
unset($_SESSION['mobile-theme']);
}

View file

@ -114,10 +114,8 @@ function unfollow_content(App $a)
// Makes the connection request for friendica contacts easier
$_SESSION['fastlane'] = $contact['url'];
$header = L10n::t('Disconnect/Unfollow');
$o = Renderer::replaceMacros($tpl, [
'$header' => htmlentities($header),
'$header' => L10n::t('Disconnect/Unfollow'),
'$desc' => '',
'$pls_answer' => '',
'$does_know_you' => '',

View file

@ -29,18 +29,13 @@ function viewcontacts_init(App $a)
Nav::setSelected('home');
$nick = $a->argv[1];
$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1",
DBA::escape($nick)
);
if (!DBA::isResult($r)) {
$user = DBA::selectFirst('user', [], ['nickname' => $a->argv[1], 'blocked' => false]);
if (!DBA::isResult($user)) {
System::httpExit(404, ["title" => L10n::t('Page not found.')]);
}
$a->data['user'] = $r[0];
$a->profile_uid = $r[0]['uid'];
$is_owner = (local_user() && (local_user() == $a->profile_uid));
$a->data['user'] = $user;
$a->profile_uid = $user['uid'];
Profile::load($a, $a->argv[1]);
}
@ -54,78 +49,65 @@ function viewcontacts_content(App $a)
$is_owner = $a->profile['profile_uid'] == local_user();
$o = "";
// tabs
$o .= Profile::getTabs($a, $is_owner, $a->data['user']['nickname']);
$o = Profile::getTabs($a, $is_owner, $a->data['user']['nickname']);
if (!count($a->profile) || $a->profile['hide-friends']) {
notice(L10n::t('Permission denied.') . EOL);
return $o;
}
$total = 0;
$r = q("SELECT COUNT(*) AS `total` FROM `contact`
WHERE `uid` = %d AND NOT `blocked` AND NOT `pending`
AND NOT `hidden` AND NOT `archive`
AND `network` IN ('%s', '%s', '%s', '%s')",
intval($a->profile['uid']),
DBA::escape(Protocol::ACTIVITYPUB),
DBA::escape(Protocol::DFRN),
DBA::escape(Protocol::DIASPORA),
DBA::escape(Protocol::OSTATUS)
);
if (DBA::isResult($r)) {
$total = $r[0]['total'];
}
$condition = [
'uid' => $a->profile['uid'],
'blocked' => false,
'pending' => false,
'hidden' => false,
'archive' => false,
'network' => [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::DIASPORA, Protocol::OSTATUS]
];
$total = DBA::count('count', $condition);
$pager = new Pager($a->query_string);
$r = q("SELECT * FROM `contact`
WHERE `uid` = %d AND NOT `blocked` AND NOT `pending`
AND NOT `hidden` AND NOT `archive`
AND `network` IN ('%s', '%s', '%s', '%s')
ORDER BY `name` ASC LIMIT %d, %d",
intval($a->profile['uid']),
DBA::escape(Protocol::ACTIVITYPUB),
DBA::escape(Protocol::DFRN),
DBA::escape(Protocol::DIASPORA),
DBA::escape(Protocol::OSTATUS),
$pager->getStart(),
$pager->getItemsPerPage()
);
if (!DBA::isResult($r)) {
$params = ['order' => ['name' => false], 'limit' => [$pager->getStart(), $pager->getItemsPerPage()]];
$contacts_stmt = DBA::select('contact', [], $condition, $params);
if (!DBA::isResult($contacts_stmt)) {
info(L10n::t('No contacts.') . EOL);
return $o;
}
$contacts = [];
foreach ($r as $rr) {
while ($contact = DBA::fetch($contacts_stmt)) {
/// @TODO This triggers an E_NOTICE if 'self' is not there
if ($rr['self']) {
if ($contact['self']) {
continue;
}
$contact_details = Contact::getDetailsByURL($rr['url'], $a->profile['uid'], $rr);
$contact_details = Contact::getDetailsByURL($contact['url'], $a->profile['uid'], $contact);
$contacts[] = [
'id' => $rr['id'],
'img_hover' => L10n::t('Visit %s\'s profile [%s]', $contact_details['name'], $rr['url']),
'photo_menu' => Contact::photoMenu($rr),
'id' => $contact['id'],
'img_hover' => L10n::t('Visit %s\'s profile [%s]', $contact_details['name'], $contact['url']),
'photo_menu' => Contact::photoMenu($contact),
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
'name' => htmlentities(substr($contact_details['name'], 0, 20)),
'username' => htmlentities($contact_details['name']),
'name' => substr($contact_details['name'], 0, 20),
'username' => $contact_details['name'],
'details' => $contact_details['location'],
'tags' => $contact_details['keywords'],
'about' => $contact_details['about'],
'account_type' => Contact::getAccountType($contact_details),
'url' => Contact::magicLink($rr['url']),
'url' => Contact::magicLink($contact['url']),
'sparkle' => '',
'itemurl' => (($contact_details['addr'] != "") ? $contact_details['addr'] : $rr['url']),
'network' => ContactSelector::networkToName($rr['network'], $rr['url']),
'itemurl' => (($contact_details['addr'] != "") ? $contact_details['addr'] : $contact['url']),
'network' => ContactSelector::networkToName($contact['network'], $contact['url']),
];
}
DBA::close($contacts_stmt);
$tpl = Renderer::getMarkupTemplate("viewcontact_template.tpl");
$o .= Renderer::replaceMacros($tpl, [

View file

@ -15,7 +15,7 @@ use Friendica\Util\Strings;
function wall_attach_post(App $a) {
$r_json = (x($_GET,'response') && $_GET['response']=='json');
$r_json = (!empty($_GET['response']) && $_GET['response']=='json');
if ($a->argc > 1) {
$nick = $a->argv[1];
@ -85,7 +85,7 @@ function wall_attach_post(App $a) {
killme();
}
if (! x($_FILES,'userfile')) {
if (empty($_FILES['userfile'])) {
if ($r_json) {
echo json_encode(['error' => L10n::t('Invalid request.')]);
}

View file

@ -23,11 +23,11 @@ function wall_upload_post(App $a, $desktopmode = true)
{
Logger::log("wall upload: starting new upload", Logger::DEBUG);
$r_json = (x($_GET, 'response') && $_GET['response'] == 'json');
$album = (x($_GET, 'album') ? Strings::escapeTags(trim($_GET['album'])) : '');
$r_json = (!empty($_GET['response']) && $_GET['response'] == 'json');
$album = (!empty($_GET['album']) ? Strings::escapeTags(trim($_GET['album'])) : '');
if ($a->argc > 1) {
if (!x($_FILES, 'media')) {
if (empty($_FILES['media'])) {
$nick = $a->argv[1];
$r = q("SELECT `user`.*, `contact`.`id` FROM `user`
INNER JOIN `contact` on `user`.`uid` = `contact`.`uid`
@ -110,7 +110,7 @@ function wall_upload_post(App $a, $desktopmode = true)
killme();
}
if (!x($_FILES, 'userfile') && !x($_FILES, 'media')) {
if (empty($_FILES['userfile']) && empty($_FILES['media'])) {
if ($r_json) {
echo json_encode(['error' => L10n::t('Invalid request.')]);
}
@ -121,13 +121,13 @@ function wall_upload_post(App $a, $desktopmode = true)
$filename = '';
$filesize = 0;
$filetype = '';
if (x($_FILES, 'userfile')) {
if (!empty($_FILES['userfile'])) {
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$filetype = $_FILES['userfile']['type'];
} elseif (x($_FILES, 'media')) {
} elseif (!empty($_FILES['media'])) {
if (!empty($_FILES['media']['tmp_name'])) {
if (is_array($_FILES['media']['tmp_name'])) {
$src = $_FILES['media']['tmp_name'][0];

View file

@ -20,8 +20,8 @@ function wallmessage_post(App $a) {
return;
}
$subject = ((x($_REQUEST,'subject')) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '');
$body = ((x($_REQUEST,'body')) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '');
$subject = (!empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '');
$body = (!empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '');
$recipient = (($a->argc > 1) ? Strings::escapeTags($a->argv[1]) : '');
if ((! $recipient) || (! $body)) {
@ -131,8 +131,8 @@ function wallmessage_content(App $a) {
'$subject' => L10n::t('Subject:'),
'$recipname' => $user['username'],
'$nickname' => $user['nickname'],
'$subjtxt' => ((x($_REQUEST, 'subject')) ? strip_tags($_REQUEST['subject']) : ''),
'$text' => ((x($_REQUEST, 'body')) ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : ''),
'$subjtxt' => defaults($_REQUEST, 'subject', ''),
'$text' => defaults($_REQUEST, 'body', ''),
'$readonly' => '',
'$yourmessage'=> L10n::t('Your message:'),
'$parent' => '',

View file

@ -20,7 +20,8 @@ function webfinger_content(App $a)
killme();
}
$o = '<h3>Webfinger Diagnostic</h3>';
$o = '<div class="generic-page-wrapper">';
$o .= '<h3>Webfinger Diagnostic</h3>';
$o .= '<form action="webfinger" method="get">';
$o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . defaults($_GET, 'addr', '') .'" />';
@ -28,12 +29,14 @@ function webfinger_content(App $a)
$o .= '<br /><br />';
if (x($_GET, 'addr')) {
if (!empty($_GET['addr'])) {
$addr = trim($_GET['addr']);
$res = Probe::lrdd($addr);
$o .= '<pre>';
$o .= str_replace("\n", '<br />', print_r($res, true));
$o .= '</pre>';
}
$o .= '</div>';
return $o;
}

View file

@ -91,7 +91,7 @@ server {
# by denying dot files and rewrite request to the front controller
location ^~ /.well-known/ {
allow all;
try_files $uri /index.php?pagename=$uri&$args;
rewrite ^ /index.php?pagename=$uri;
}
include mime.types;

View file

@ -80,7 +80,7 @@ text { font:12px Dialog; }
<text x="149" y="1721" style="font:13px Open Sans">($_POST['localconfirm'] == 1)</text>
<text x="149" y="1744" style="font:13px Open Sans">-----------------------------------------------------------------------</text>
<text x="149" y="1767" style="font:13px Open Sans">- if(local_user() &amp;&amp; ($a-&gt;user['nickname'] == $a-</text>
<text x="149" y="1790" style="font:13px Open Sans">&gt;argv[1]) &amp;&amp; (x($_POST,'dfrn_url')))</text>
<text x="149" y="1790" style="font:13px Open Sans">&gt;argv[1]) &amp;&amp; !empty($_POST['dfrn_url']))</text>
<text x="149" y="1813" style="font:13px Open Sans">-&gt;</text>
<text x="149" y="1859" style="font:13px Open Sans">- $confirm_key comes from $_POST</text>
<text x="149" y="1905" style="font:13px Open Sans">- get data for contact Karen (contact table) by </text>
@ -104,7 +104,7 @@ text { font:12px Dialog; }
<path d="M866,2206 C861.5820313,2206 858,2209.5820313 858,2214 L858,2444 C858,2448.4179688 861.5820313,2452 866,2452 L1434,2452 C1438.4179688,2452 1442,2448.4179688 1442,2444 L1442,2214 C1442,2209.5820313 1438.4179688,2206 1434,2206 Z" style="fill:rgb(255,255,3);stroke:none" clip-path="url(#clip14)" />
<text x="871" y="2228" style="font:13px Open Sans">http://karenhomepage.com/dfrn_request?confirm_key=”ABC123”</text>
<text x="871" y="2274" style="font:13px Open Sans">dfrn_request_content() -</text>
<text x="871" y="2297" style="font:13px Open Sans">(elseif((x($_GET,'confirm_key')) &amp;&amp; strlen($_GET['confirm_key'])) )</text>
<text x="871" y="2297" style="font:13px Open Sans">elseif (!empty($_GET['confirm_key']))</text>
<text x="871" y="2320" style="font:13px Open Sans">----------------------------------------------------------------------------------------------</text>
<text x="871" y="2366" style="font:13px Open Sans">- select the intro by confirm_key (intro table) -&gt; get contact id</text>
<text x="871" y="2389" style="font:13px Open Sans">- use the intro contact id to get the contact in the contact table</text>

Before

Width:  |  Height:  |  Size: 33 KiB

After

Width:  |  Height:  |  Size: 33 KiB

View file

@ -523,7 +523,7 @@ class App
if (!empty($relative_script_path)) {
// Module
if (!empty($_SERVER['QUERY_STRING'])) {
$path = trim(dirname($relative_script_path, substr_count(trim($_SERVER['QUERY_STRING'], '/'), '/') + 1), '/');
$path = trim(rdirname($relative_script_path, substr_count(trim($_SERVER['QUERY_STRING'], '/'), '/') + 1), '/');
} else {
// Root page
$path = trim($relative_script_path, '/');
@ -549,7 +549,7 @@ class App
// Use environment variables for mysql if they are set beforehand
if (!empty(getenv('MYSQL_HOST'))
&& (!empty(getenv('MYSQL_USERNAME')) || !empty(getenv('MYSQL_USER')))
&& !empty(getenv('MYSQL_USERNAME') || !empty(getenv('MYSQL_USER')))
&& getenv('MYSQL_PASSWORD') !== false
&& !empty(getenv('MYSQL_DATABASE')))
{
@ -668,7 +668,7 @@ class App
$this->hostname = Core\Config::get('config', 'hostname');
}
return $scheme . '://' . $this->hostname . (!empty($this->getURLPath()) ? '/' . $this->getURLPath() : '' );
return $scheme . '://' . $this->hostname . !empty($this->getURLPath() ? '/' . $this->getURLPath() : '' );
}
/**
@ -1880,7 +1880,7 @@ class App
*/
public function internalRedirect($toUrl = '', $ssl = false)
{
if (filter_var($toUrl, FILTER_VALIDATE_URL)) {
if (!empty(parse_url($toUrl, PHP_URL_SCHEME))) {
throw new InternalServerErrorException("'$toUrl is not a relative path, please use System::externalRedirectTo");
}
@ -1897,7 +1897,7 @@ class App
*/
public function redirect($toUrl)
{
if (filter_var($toUrl, FILTER_VALIDATE_URL)) {
if (!empty(parse_url($toUrl, PHP_URL_SCHEME))) {
Core\System::externalRedirect($toUrl);
} else {
$this->internalRedirect($toUrl);

View file

@ -170,7 +170,7 @@ class Nav
// "Home" should also take you home from an authenticated remote profile connection
$homelink = Profile::getMyURL();
if (! $homelink) {
$homelink = ((x($_SESSION, 'visitor_home')) ? $_SESSION['visitor_home'] : '');
$homelink = defaults($_SESSION, 'visitor_home', '');
}
if (($a->module != 'home') && (! (local_user()))) {
@ -234,7 +234,7 @@ class Nav
// The following nav links are only show to logged in users
if (local_user()) {
$nav['network'] = ['network', L10n::t('Network'), '', L10n::t('Conversations from your friends')];
$nav['net_reset'] = ['network/0?f=&order=comment&nets=all', L10n::t('Network Reset'), '', L10n::t('Load Network page with no filters')];
$nav['net_reset'] = ['network/?f=', L10n::t('Network Reset'), '', L10n::t('Load Network page with no filters')];
$nav['home'] = ['profile/' . $a->user['nickname'], L10n::t('Home'), '', L10n::t('Your posts and conversations')];

View file

@ -308,12 +308,12 @@ class OEmbed
}
$domain = parse_url($url, PHP_URL_HOST);
if (!x($domain)) {
if (empty($domain)) {
return false;
}
$str_allowed = Config::get('system', 'allowed_oembed', '');
if (!x($str_allowed)) {
if (empty($str_allowed)) {
return false;
}
@ -334,7 +334,7 @@ class OEmbed
throw new Exception('OEmbed failed for URL: ' . $url);
}
if (x($title)) {
if (!empty($title)) {
$o->title = $title;
}

View file

@ -130,12 +130,12 @@ class BBCode extends BaseObject
$type = "";
preg_match("/type='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$type = strtolower($matches[1]);
}
preg_match('/type="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$type = strtolower($matches[1]);
}
@ -153,12 +153,12 @@ class BBCode extends BaseObject
$url = "";
preg_match("/url='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$url = $matches[1];
}
preg_match('/url="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$url = $matches[1];
}
@ -168,12 +168,12 @@ class BBCode extends BaseObject
$title = "";
preg_match("/title='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$title = $matches[1];
}
preg_match('/title="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$title = $matches[1];
}
@ -186,12 +186,12 @@ class BBCode extends BaseObject
$image = "";
preg_match("/image='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$image = $matches[1];
}
preg_match('/image="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$image = $matches[1];
}
@ -201,12 +201,12 @@ class BBCode extends BaseObject
$preview = "";
preg_match("/preview='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$preview = $matches[1];
}
preg_match('/preview="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) {
if (!empty($matches[1])) {
$preview = $matches[1];
}
@ -234,7 +234,7 @@ class BBCode extends BaseObject
*/
$has_title = !empty($item['title']);
$plink = (!empty($item['plink']) ? $item['plink'] : '');
$plink = defaults($item, 'plink', '');
$post = self::getAttachmentData($body);
// if nothing is found, it maybe having an image.
@ -626,7 +626,7 @@ class BBCode extends BaseObject
$data["title"] = $data["url"];
}
if (($data["text"] == "") && ($data["title"] != "") && ($data["url"] == "")) {
if (empty($data["text"]) && !empty($data["title"]) && empty($data["url"])) {
return $data["title"] . $data["after"];
}
@ -1662,7 +1662,7 @@ class BBCode extends BaseObject
// Summary (e.g. title) is required, earlier revisions only required description (in addition to
// start which is always required). Allow desc with a missing summary for compatibility.
if ((x($ev, 'desc') || x($ev, 'summary')) && x($ev, 'start')) {
if ((!empty($ev['desc']) || !empty($ev['summary'])) && !empty($ev['start'])) {
$sub = Event::getHTML($ev, $simple_html);
$text = preg_replace("/\[event\-summary\](.*?)\[\/event\-summary\]/ism", '', $text);

View file

@ -908,7 +908,7 @@ class HTML
public static function micropro($contact, $redirect = false, $class = '', $textmode = false)
{
// Use the contact URL if no address is available
if (!x($contact, "addr")) {
if (empty($contact['addr'])) {
$contact["addr"] = $contact["url"];
}
@ -924,7 +924,7 @@ class HTML
}
// If there is some js available we don't need the url
if (x($contact, 'click')) {
if (!empty($contact['click'])) {
$url = '';
}
@ -961,7 +961,7 @@ class HTML
$save_label = $mode === 'text' ? L10n::t('Save') : L10n::t('Follow');
$values = [
'$s' => htmlspecialchars($s),
'$s' => $s,
'$id' => $id,
'$action_url' => $url,
'$search_label' => L10n::t('Search'),

View file

@ -106,7 +106,7 @@ class Authentication extends BaseObject
$masterUid = $user_record['uid'];
if ((x($_SESSION, 'submanage')) && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
$user = DBA::selectFirst('user', ['uid'], ['uid' => $_SESSION['submanage']]);
if (DBA::isResult($user)) {
$masterUid = $user['uid'];

View file

@ -119,11 +119,11 @@ HELP;
$db_data = $this->getOption(['d', 'dbdata'], ($save_db) ? getenv('MYSQL_DATABASE') : '');
$db_user = $this->getOption(['U', 'dbuser'], ($save_db) ? getenv('MYSQL_USER') . getenv('MYSQL_USERNAME') : '');
$db_pass = $this->getOption(['P', 'dbpass'], ($save_db) ? getenv('MYSQL_PASSWORD') : '');
$url_path = $this->getOption(['u', 'urlpath'], (!empty('FRIENDICA_URL_PATH')) ? getenv('FRIENDICA_URL_PATH') : null);
$php_path = $this->getOption(['b', 'phppath'], (!empty('FRIENDICA_PHP_PATH')) ? getenv('FRIENDICA_PHP_PATH') : null);
$admin_mail = $this->getOption(['A', 'admin'], (!empty('FRIENDICA_ADMIN_MAIL')) ? getenv('FRIENDICA_ADMIN_MAIL') : '');
$tz = $this->getOption(['T', 'tz'], (!empty('FRIENDICA_TZ')) ? getenv('FRIENDICA_TZ') : '');
$lang = $this->getOption(['L', 'lang'], (!empty('FRIENDICA_LANG')) ? getenv('FRIENDICA_LANG') : '');
$url_path = $this->getOption(['u', 'urlpath'], !empty('FRIENDICA_URL_PATH') ? getenv('FRIENDICA_URL_PATH') : null);
$php_path = $this->getOption(['b', 'phppath'], !empty('FRIENDICA_PHP_PATH') ? getenv('FRIENDICA_PHP_PATH') : null);
$admin_mail = $this->getOption(['A', 'admin'], !empty('FRIENDICA_ADMIN_MAIL') ? getenv('FRIENDICA_ADMIN_MAIL') : '');
$tz = $this->getOption(['T', 'tz'], !empty('FRIENDICA_TZ') ? getenv('FRIENDICA_TZ') : '');
$lang = $this->getOption(['L', 'lang'], !empty('FRIENDICA_LANG') ? getenv('FRIENDICA_LANG') : '');
if (empty($php_path)) {
$php_path = $installer->getPHPPath();
@ -132,7 +132,7 @@ HELP;
$installer->createConfig(
$php_path,
$url_path,
((!empty($db_port)) ? $db_host . ':' . $db_port : $db_host),
(!empty($db_port) ? $db_host . ':' . $db_port : $db_host),
$db_user,
$db_pass,
$db_data,

View file

@ -440,6 +440,13 @@ class Installer
);
$returnVal = $returnVal ? $status : false;
$status = $this->checkFunction('json_encode',
L10n::t('JSON PHP module'),
L10n::t('Error: JSON PHP module required but not installed.'),
true
);
$returnVal = $returnVal ? $status : false;
return $returnVal;
}

View file

@ -643,7 +643,7 @@ class NotificationsManager extends BaseObject
'madeby_zrl' => Contact::magicLink($it['url']),
'madeby_addr' => $it['addr'],
'contact_id' => $it['contact-id'],
'photo' => ((x($it, 'fphoto')) ? ProxyUtils::proxifyUrl($it['fphoto'], false, ProxyUtils::SIZE_SMALL) : "images/person-300.jpg"),
'photo' => (!empty($it['fphoto']) ? ProxyUtils::proxifyUrl($it['fphoto'], false, ProxyUtils::SIZE_SMALL) : "images/person-300.jpg"),
'name' => $it['fname'],
'url' => $it['furl'],
'zrl' => Contact::magicLink($it['furl']),
@ -675,7 +675,7 @@ class NotificationsManager extends BaseObject
'uid' => $_SESSION['uid'],
'intro_id' => $it['intro_id'],
'contact_id' => $it['contact-id'],
'photo' => ((x($it, 'photo')) ? ProxyUtils::proxifyUrl($it['photo'], false, ProxyUtils::SIZE_SMALL) : "images/person-300.jpg"),
'photo' => (!empty($it['photo']) ? ProxyUtils::proxifyUrl($it['photo'], false, ProxyUtils::SIZE_SMALL) : "images/person-300.jpg"),
'name' => $it['name'],
'location' => BBCode::convert($it['glocation'], false),
'about' => BBCode::convert($it['gabout'], false),

View file

@ -53,24 +53,24 @@ class Renderer extends BaseObject
* @brief This is our template processor
*
* @param string|FriendicaSmarty $s The string requiring macro substitution or an instance of FriendicaSmarty
* @param array $r key value pairs (search => replace)
* @param array $vars key value pairs (search => replace)
*
* @return string substituted string
*/
public static function replaceMacros($s, $r)
public static function replaceMacros($s, $vars)
{
$stamp1 = microtime(true);
$a = self::getApp();
// pass $baseurl to all templates
$r['$baseurl'] = System::baseUrl();
$vars['$baseurl'] = System::baseUrl();
$t = self::getTemplateEngine();
try {
$output = $t->replaceMacros($s, $r);
$output = $t->replaceMacros($s, $vars);
} catch (Exception $e) {
echo "<pre><b>" . __FUNCTION__ . "</b>: " . $e->getMessage() . "</pre>";
killme();
exit();
}
$a->saveTimestamp($stamp1, "rendering");

View file

@ -26,7 +26,7 @@ class DatabaseSessionHandler extends BaseObject implements SessionHandlerInterfa
public function read($session_id)
{
if (!x($session_id)) {
if (empty($session_id)) {
return '';
}

View file

@ -126,9 +126,33 @@ class System extends BaseObject
{
$err = '';
if ($val >= 400) {
$err = 'Error';
if (!isset($description["title"])) {
$description["title"] = $err." ".$val;
if (!empty($description['title'])) {
$err = $description['title'];
} else {
$title = [
'400' => L10n::t('Error 400 - Bad Request'),
'401' => L10n::t('Error 401 - Unauthorized'),
'403' => L10n::t('Error 403 - Forbidden'),
'404' => L10n::t('Error 404 - Not Found'),
'500' => L10n::t('Error 500 - Internal Server Error'),
'503' => L10n::t('Error 503 - Service Unavailable'),
];
$err = defaults($title, $val, 'Error ' . $val);
$description['title'] = $err;
}
if (empty($description['description'])) {
// Explanations are taken from https://en.wikipedia.org/wiki/List_of_HTTP_status_codes
$explanation = [
'400' => L10n::t('The server cannot or will not process the request due to an apparent client error.'),
'401' => L10n::t('Authentication is required and has failed or has not yet been provided.'),
'403' => L10n::t('The request was valid, but the server is refusing action. The user might not have the necessary permissions for a resource, or may need an account.'),
'404' => L10n::t('The requested resource could not be found but may be available in the future.'),
'500' => L10n::t('An unexpected condition was encountered and no more specific message is suitable.'),
'503' => L10n::t('The server is currently unavailable (because it is overloaded or down for maintenance). Please try again later.'),
];
if (!empty($explanation[$val])) {
$description['description'] = $explanation[$val];
}
}
}
@ -248,7 +272,7 @@ class System extends BaseObject
*/
public static function externalRedirect($url)
{
if (!filter_var($url, FILTER_VALIDATE_URL)) {
if (empty(parse_url($url, PHP_URL_SCHEME))) {
throw new InternalServerErrorException("'$url' is not a fully qualified URL, please use App->internalRedirect() instead");
}

View file

@ -18,6 +18,10 @@ class Update
*/
public static function check($via_worker)
{
if (!DBA::connected()) {
return;
}
$build = Config::get('system', 'build');
if (empty($build)) {
@ -118,6 +122,8 @@ class Update
Lock::release('dbupdate');
}
}
} elseif ($force) {
DBStructure::update($verbose, true);
}
return '';

View file

@ -105,7 +105,7 @@ class UserImport
}
if (!x($account, 'version')) {
if (empty($account['version'])) {
notice(L10n::t("Error! No version data in file! This is not a Friendica account file?"));
return;
}

View file

@ -1044,12 +1044,11 @@ class DBA
* @param array $options
* - cascade: If true we delete records in other tables that depend on the one we're deleting through
* relations (default: true)
* @param boolean $in_process Internal use: Only do a commit after the last delete
* @param array $callstack Internal use: prevent endless loops
*
* @return boolean|array was the delete successful? When $in_process is set: deletion data
* @return boolean was the delete successful?
*/
public static function delete($table, array $conditions, array $options = [], $in_process = false, array &$callstack = [])
public static function delete($table, array $conditions, array $options = [], array &$callstack = [])
{
if (empty($table) || empty($conditions)) {
Logger::log('Table and conditions have to be set');
@ -1098,22 +1097,18 @@ class DBA
if ((count($conditions) == 1) && ($field == array_keys($conditions)[0])) {
foreach ($rel_def AS $rel_table => $rel_fields) {
foreach ($rel_fields AS $rel_field) {
$retval = self::delete($rel_table, [$rel_field => array_values($conditions)[0]], $options, true, $callstack);
$commands = array_merge($commands, $retval);
$retval = self::delete($rel_table, [$rel_field => array_values($conditions)[0]], $options, $callstack);
}
}
// We quit when this key already exists in the callstack.
} elseif (!isset($callstack[$qkey])) {
$callstack[$qkey] = true;
// Fetch all rows that are to be deleted
$data = self::select($table, [$field], $conditions);
while ($row = self::fetch($data)) {
// Now we accumulate the delete commands
$retval = self::delete($table, [$field => $row[$field]], $options, true, $callstack);
$commands = array_merge($commands, $retval);
self::delete($table, [$field => $row[$field]], $options, $callstack);
}
self::close($data);
@ -1123,7 +1118,6 @@ class DBA
}
}
if (!$in_process) {
// Now we finalize the process
$do_transaction = !self::$in_transaction;
@ -1190,9 +1184,6 @@ class DBA
return true;
}
return $commands;
}
/**
* @brief Updates rows
*

View file

@ -538,7 +538,7 @@ class DBStructure
$primary_keys = [];
foreach ($structure["fields"] AS $fieldname => $field) {
$sql_rows[] = "`".DBA::escape($fieldname)."` ".self::FieldCommand($field);
if (x($field,'primary') && $field['primary']!='') {
if (!empty($field['primary'])) {
$primary_keys[] = $fieldname;
}
}

View file

@ -98,6 +98,48 @@ class Contact extends BaseObject
* @}
*/
/**
* @brief Tests if the given contact is a follower
*
* @param int $cid Either public contact id or user's contact id
* @param int $uid User ID
*
* @return boolean is the contact id a follower?
*/
public static function isFollower($cid, $uid)
{
if (self::isBlockedByUser($cid, $uid)) {
return false;
}
$cdata = self::getPublicAndUserContacID($cid, $uid);
if (empty($cdata['user'])) {
return false;
}
$condition = ['id' => $cdata['user'], 'rel' => [self::FOLLOWER, self::FRIEND]];
return DBA::exists('contact', $condition);
}
/**
* @brief Get the basepath for a given contact link
* @todo Add functionality to store this value in the contact table
*
* @param string $url The contact link
*
* @return string basepath
*/
public static function getBasepath($url)
{
$data = Probe::uri($url);
if (!empty($data['baseurl'])) {
return $data['baseurl'];
}
// When we can't probe the server, we use some ugly function that does some pattern matching
return PortableContact::detectServer($url);
}
/**
* @brief Returns the contact id for the user and the public contact id for a given contact id
*
@ -106,7 +148,7 @@ class Contact extends BaseObject
*
* @return array with public and user's contact id
*/
private static function getPublicAndUserContacID($cid, $uid)
public static function getPublicAndUserContacID($cid, $uid)
{
if (empty($uid) || empty($cid)) {
return [];
@ -418,7 +460,8 @@ class Contact extends BaseObject
public static function updateSelfFromUserID($uid, $update_avatar = false)
{
$fields = ['id', 'name', 'nick', 'location', 'about', 'keywords', 'gender', 'avatar',
'xmpp', 'contact-type', 'forum', 'prv', 'avatar-date', 'nurl'];
'xmpp', 'contact-type', 'forum', 'prv', 'avatar-date', 'url', 'nurl',
'photo', 'thumb', 'micro', 'addr', 'request', 'notify', 'poll', 'confirm', 'poco'];
$self = DBA::selectFirst('contact', $fields, ['uid' => $uid, 'self' => true]);
if (!DBA::isResult($self)) {
return;
@ -489,7 +532,7 @@ class Contact extends BaseObject
$update = false;
foreach ($fields as $field => $content) {
if (isset($self[$field]) && $self[$field] != $content) {
if ($self[$field] != $content) {
$update = true;
}
}
@ -1061,7 +1104,7 @@ class Contact extends BaseObject
$update_contact = ($contact['avatar-date'] < DateTimeFormat::utc('now -7 days'));
// We force the update if the avatar is empty
if (!x($contact, 'avatar')) {
if (empty($contact['avatar'])) {
$update_contact = true;
}
if (!$update_contact || $no_update) {
@ -1147,7 +1190,7 @@ class Contact extends BaseObject
$url = $data["url"];
if (!$contact_id) {
DBA::insert('contact', [
$fields = [
'uid' => $uid,
'created' => DateTimeFormat::utcNow(),
'url' => $data["url"],
@ -1176,10 +1219,13 @@ class Contact extends BaseObject
'writable' => 1,
'blocked' => 0,
'readonly' => 0,
'pending' => 0]
);
'pending' => 0];
$s = DBA::select('contact', ['id'], ['nurl' => Strings::normaliseLink($data["url"]), 'uid' => $uid], ['order' => ['id'], 'limit' => 2]);
$condition = ['nurl' => Strings::normaliseLink($data["url"]), 'uid' => $uid, 'deleted' => false];
DBA::update('contact', $fields, $condition, true);
$s = DBA::select('contact', ['id'], $condition, ['order' => ['id'], 'limit' => 2]);
$contacts = DBA::toArray($s);
if (!DBA::isResult($contacts)) {
return 0;
@ -1204,8 +1250,10 @@ class Contact extends BaseObject
}
if (count($contacts) > 1 && $uid == 0 && $contact_id != 0 && $data["url"] != "") {
DBA::delete('contact', ["`nurl` = ? AND `uid` = 0 AND `id` != ? AND NOT `self`",
Strings::normaliseLink($data["url"]), $contact_id]);
$condition = ["`nurl` = ? AND `uid` = ? AND `id` != ? AND NOT `self`",
Strings::normaliseLink($data["url"]), 0, $contact_id];
Logger::log('Deleting duplicate contact ' . json_encode($condition), Logger::DEBUG);
DBA::delete('contact', $condition);
}
}
@ -1618,7 +1666,7 @@ class Contact extends BaseObject
return $result;
}
if (x($arr['contact'], 'name')) {
if (!empty($arr['contact']['name'])) {
$ret = $arr['contact'];
} else {
$ret = Probe::uri($url, $network, $uid, false);
@ -1664,16 +1712,15 @@ class Contact extends BaseObject
}
// do we have enough information?
if (!((x($ret, 'name')) && (x($ret, 'poll')) && ((x($ret, 'url')) || (x($ret, 'addr'))))) {
if (empty($ret['name']) || empty($ret['poll']) || (empty($ret['url']) && empty($ret['addr']))) {
$result['message'] .= L10n::t('The profile address specified does not provide adequate information.') . EOL;
if (!x($ret, 'poll')) {
if (empty($ret['poll'])) {
$result['message'] .= L10n::t('No compatible communication protocols or feeds were discovered.') . EOL;
}
if (!x($ret, 'name')) {
if (empty($ret['name'])) {
$result['message'] .= L10n::t('An author or name was not found.') . EOL;
}
if (!x($ret, 'url')) {
if (empty($ret['url'])) {
$result['message'] .= L10n::t('No browser URL could be matched to this address.') . EOL;
}
if (strpos($url, '@') !== false) {
@ -2031,6 +2078,10 @@ class Contact extends BaseObject
*/
public static function magicLink($contact_url, $url = '')
{
if (!local_user()) {
return $url ?: $contact_url; // Equivalent to: ($url != '') ? $url : $contact_url;
}
$cid = self::getIdForURL($contact_url, 0, true);
if (empty($cid)) {
return $url ?: $contact_url; // Equivalent to: ($url != '') ? $url : $contact_url;
@ -2064,7 +2115,7 @@ class Contact extends BaseObject
*/
public static function magicLinkbyContact($contact, $url = '')
{
if ($contact['network'] != Protocol::DFRN) {
if (!local_user() || ($contact['network'] != Protocol::DFRN)) {
return $url ?: $contact['url']; // Equivalent to ($url != '') ? $url : $contact['url'];
}

View file

@ -14,9 +14,9 @@ use Friendica\Core\PConfig;
use Friendica\Core\Renderer;
use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Map;
use Friendica\Util\Strings;
use Friendica\Util\XML;
require_once 'boot.php';
@ -53,11 +53,11 @@ class Event extends BaseObject
if ($simple) {
if (!empty($event['summary'])) {
$o = "<h3>" . BBCode::convert($event['summary'], false, $simple) . "</h3>";
$o = "<h3>" . BBCode::convert(Strings::escapeHtml($event['summary']), false, $simple) . "</h3>";
}
if (!empty($event['desc'])) {
$o .= "<div>" . BBCode::convert($event['desc'], false, $simple) . "</div>";
$o .= "<div>" . BBCode::convert(Strings::escapeHtml($event['desc']), false, $simple) . "</div>";
}
$o .= "<h4>" . L10n::t('Starts:') . "</h4><p>" . $event_start . "</p>";
@ -67,7 +67,7 @@ class Event extends BaseObject
}
if (!empty($event['location'])) {
$o .= "<h4>" . L10n::t('Location:') . "</h4><p>" . BBCode::convert($event['location'], false, $simple) . "</p>";
$o .= "<h4>" . L10n::t('Location:') . "</h4><p>" . BBCode::convert(Strings::escapeHtml($event['location']), false, $simple) . "</p>";
}
return $o;
@ -75,7 +75,7 @@ class Event extends BaseObject
$o = '<div class="vevent">' . "\r\n";
$o .= '<div class="summary event-summary">' . BBCode::convert($event['summary'], false, $simple) . '</div>' . "\r\n";
$o .= '<div class="summary event-summary">' . BBCode::convert(Strings::escapeHtml($event['summary']), false, $simple) . '</div>' . "\r\n";
$o .= '<div class="event-start"><span class="event-label">' . L10n::t('Starts:') . '</span>&nbsp;<span class="dtstart" title="'
. DateTimeFormat::utc($event['start'], (!empty($event['adjust']) ? DateTimeFormat::ATOM : 'Y-m-d\TH:i:s'))
@ -90,12 +90,12 @@ class Event extends BaseObject
}
if (!empty($event['desc'])) {
$o .= '<div class="description event-description">' . BBCode::convert($event['desc'], false, $simple) . '</div>' . "\r\n";
$o .= '<div class="description event-description">' . BBCode::convert(Strings::escapeHtml($event['desc']), false, $simple) . '</div>' . "\r\n";
}
if (!empty($event['location'])) {
$o .= '<div class="event-location"><span class="event-label">' . L10n::t('Location:') . '</span>&nbsp;<span class="location">'
. BBCode::convert($event['location'], false, $simple)
. BBCode::convert(Strings::escapeHtml($event['location']), false, $simple)
. '</span></div>' . "\r\n";
// Include a map of the location if the [map] BBCode is used.
@ -592,10 +592,9 @@ class Event extends BaseObject
$drop = [System::baseUrl() . '/events/drop/' . $event['id'] , L10n::t('Delete event') , '', ''];
}
$title = strip_tags(html_entity_decode(BBCode::convert($event['summary']), ENT_QUOTES, 'UTF-8'));
$title = BBCode::convert(Strings::escapeHtml($event['summary']));
if (!$title) {
list($title, $_trash) = explode("<br", BBCode::convert($event['desc']), 2);
$title = strip_tags(html_entity_decode($title, ENT_QUOTES, 'UTF-8'));
list($title, $_trash) = explode("<br", BBCode::convert(Strings::escapeHtml($event['desc'])), 2);
}
$author_link = $event['author-link'];
@ -605,8 +604,9 @@ class Event extends BaseObject
$event['plink'] = Contact::magicLink($author_link, $plink);
$html = self::getHTML($event);
$event['desc'] = BBCode::convert($event['desc']);
$event['location'] = BBCode::convert($event['location']);
$event['summary'] = BBCode::convert(Strings::escapeHtml($event['summary']));
$event['desc'] = BBCode::convert(Strings::escapeHtml($event['desc']));
$event['location'] = BBCode::convert(Strings::escapeHtml($event['location']));
$event_list[] = [
'id' => $event['id'],
'start' => $start,

View file

@ -966,8 +966,8 @@ class GContact
$statistics = json_decode($curlResult->getBody());
if (!empty($statistics->config)) {
if ($statistics->config->instance_with_ssl) {
if (!empty($statistics->config->instance_address)) {
if (!empty($statistics->config->instance_with_ssl)) {
$server = "https://";
} else {
$server = "http://";
@ -976,8 +976,8 @@ class GContact
$server .= $statistics->config->instance_address;
$hostname = $statistics->config->instance_address;
} elseif (!empty($statistics)) {
if ($statistics->instance_with_ssl) {
} elseif (!empty($statistics->instance_address)) {
if (!empty($statistics->instance_with_ssl)) {
$server = "https://";
} else {
$server = "http://";

View file

@ -33,7 +33,7 @@ class Group extends BaseObject
public static function create($uid, $name)
{
$return = false;
if (x($uid) && x($name)) {
if (!empty($uid) && !empty($name)) {
$gid = self::getIdByName($uid, $name); // check for dupes
if ($gid !== false) {
// This could be a problem.
@ -202,7 +202,7 @@ class Group extends BaseObject
*/
public static function removeByName($uid, $name) {
$return = false;
if (x($uid) && x($name)) {
if (!empty($uid) && !empty($name)) {
$gid = self::getIdByName($uid, $name);
$return = self::remove($gid);
@ -400,8 +400,8 @@ class Group extends BaseObject
];
}
// Don't show the groups when there is only one
if (count($display_groups) <= 2) {
// Don't show the groups on the network page when there is only one
if ((count($display_groups) <= 2) && ($each == 'network')) {
return '';
}

View file

@ -1359,15 +1359,15 @@ class Item extends BaseObject
$item['owner-name'] = trim(defaults($item, 'owner-name', ''));
$item['owner-link'] = trim(defaults($item, 'owner-link', ''));
$item['owner-avatar'] = trim(defaults($item, 'owner-avatar', ''));
$item['received'] = ((x($item, 'received') !== false) ? DateTimeFormat::utc($item['received']) : DateTimeFormat::utcNow());
$item['created'] = ((x($item, 'created') !== false) ? DateTimeFormat::utc($item['created']) : $item['received']);
$item['edited'] = ((x($item, 'edited') !== false) ? DateTimeFormat::utc($item['edited']) : $item['created']);
$item['changed'] = ((x($item, 'changed') !== false) ? DateTimeFormat::utc($item['changed']) : $item['created']);
$item['commented'] = ((x($item, 'commented') !== false) ? DateTimeFormat::utc($item['commented']) : $item['created']);
$item['received'] = (isset($item['received']) ? DateTimeFormat::utc($item['received']) : DateTimeFormat::utcNow());
$item['created'] = (isset($item['created']) ? DateTimeFormat::utc($item['created']) : $item['received']);
$item['edited'] = (isset($item['edited']) ? DateTimeFormat::utc($item['edited']) : $item['created']);
$item['changed'] = (isset($item['changed']) ? DateTimeFormat::utc($item['changed']) : $item['created']);
$item['commented'] = (isset($item['commented']) ? DateTimeFormat::utc($item['commented']) : $item['created']);
$item['title'] = trim(defaults($item, 'title', ''));
$item['location'] = trim(defaults($item, 'location', ''));
$item['coord'] = trim(defaults($item, 'coord', ''));
$item['visible'] = ((x($item, 'visible') !== false) ? intval($item['visible']) : 1);
$item['visible'] = (isset($item['visible']) ? intval($item['visible']) : 1);
$item['deleted'] = 0;
$item['parent-uri'] = trim(defaults($item, 'parent-uri', $item['uri']));
$item['post-type'] = defaults($item, 'post-type', self::PT_ARTICLE);
@ -1626,7 +1626,7 @@ class Item extends BaseObject
// It is mainly used in the "post_local" hook.
unset($item['api_source']);
if (x($item, 'cancel')) {
if (!empty($item['cancel'])) {
Logger::log('post cancelled by addon.');
return 0;
}
@ -3214,7 +3214,7 @@ class Item extends BaseObject
}
}
public static function getPermissionsSQLByUserId($owner_id, $remote_verified = false, $groups = null)
public static function getPermissionsSQLByUserId($owner_id, $remote_verified = false, $groups = null, $remote_cid = null)
{
$local_user = local_user();
$remote_user = remote_user();
@ -3237,7 +3237,7 @@ class Item extends BaseObject
* If pre-verified, the caller is expected to have already
* done this and passed the groups into this function.
*/
$set = PermissionSet::get($owner_id, $remote_user, $groups);
$set = PermissionSet::get($owner_id, $remote_cid, $groups);
if (!empty($set)) {
$sql_set = " OR (`item`.`private` IN (1,2) AND `item`.`wall` AND `item`.`psid` IN (" . implode(',', $set) . "))";
@ -3443,7 +3443,7 @@ class Item extends BaseObject
$filesubtype = 'unkn';
}
$title = Strings::escapeHtml(trim(!empty($mtch[4]) ? $mtch[4] : $mtch[1]));
$title = Strings::escapeHtml(trim(defaults($mtch, 4, $mtch[1])));
$title .= ' ' . $mtch[2] . ' ' . L10n::t('bytes');
$icon = '<div class="attachtype icon s22 type-' . $filetype . ' subtype-' . $filesubtype . '"></div>';
@ -3455,7 +3455,7 @@ class Item extends BaseObject
}
// Map.
if (strpos($s, '<div class="map">') !== false && x($item, 'coord')) {
if (strpos($s, '<div class="map">') !== false && !empty($item['coord'])) {
$x = Map::byCoordinates(trim($item['coord']));
if ($x) {
$s = preg_replace('/\<div class\=\"map\"\>/', '$0' . $x, $s);

View file

@ -22,11 +22,14 @@ class ItemURI extends BaseObject
*/
public static function insert($fields)
{
if (!DBA::exists('item-uri', ['uri' => $fields['uri']])) {
// If the URI gets too long we only take the first parts and hope for best
$uri = substr($fields['uri'], 0, 255);
if (!DBA::exists('item-uri', ['uri' => $uri])) {
DBA::insert('item-uri', $fields, true);
}
$itemuri = DBA::selectFirst('item-uri', ['id'], ['uri' => $fields['uri']]);
$itemuri = DBA::selectFirst('item-uri', ['id'], ['uri' => $uri]);
if (!DBA::isResult($itemuri)) {
// This shouldn't happen
@ -45,6 +48,9 @@ class ItemURI extends BaseObject
*/
public static function getIdByURI($uri)
{
// If the URI gets too long we only take the first parts and hope for best
$uri = substr($uri, 0, 255);
$itemuri = DBA::selectFirst('item-uri', ['id'], ['uri' => $uri]);
if (!DBA::isResult($itemuri)) {

View file

@ -97,7 +97,7 @@ class Photo
$photo = DBA::selectFirst(
'photo', ['resource-id'], ['uid' => $uid, 'contact-id' => $cid, 'scale' => 4, 'album' => 'Contact Photos']
);
if (x($photo['resource-id'])) {
if (!empty($photo['resource-id'])) {
$hash = $photo['resource-id'];
} else {
$hash = self::newResource();

View file

@ -99,7 +99,7 @@ class Profile
* load a lot of theme-specific content
*
* @brief Loads a profile into the page sidebar.
* @param object $a App
* @param App $a
* @param string $nickname string
* @param int $profile int
* @param array $profiledata array
@ -288,7 +288,7 @@ class Profile
$location = false;
// This function can also use contact information in $profile
$is_contact = x($profile, 'cid');
$is_contact = !empty($profile['cid']);
if (!is_array($profile) && !count($profile)) {
return $o;
@ -297,9 +297,9 @@ class Profile
$profile['picdate'] = urlencode(defaults($profile, 'picdate', ''));
if (($profile['network'] != '') && ($profile['network'] != Protocol::DFRN)) {
$profile['network_name'] = Strings::formatNetworkName($profile['network'], $profile['url']);
$profile['network_link'] = Strings::formatNetworkName($profile['network'], $profile['url']);
} else {
$profile['network_name'] = '';
$profile['network_link'] = '';
}
Addon::callHooks('profile_sidebar_enter', $profile);
@ -337,6 +337,11 @@ class Profile
}
}
// Is the remote user already connected to that user?
if ($connect && Contact::isFollower(remote_user(), $profile['uid'])) {
$connect = false;
}
if ($connect && ($profile['network'] != Protocol::DFRN) && !isset($profile['remoteconnect'])) {
$connect = false;
}
@ -357,7 +362,7 @@ class Profile
// See issue https://github.com/friendica/friendica/issues/3838
// Either we remove the message link for remote users or we enable creating messages from remote users
if (remote_user() || (self::getMyURL() && x($profile, 'unkmail') && ($profile['uid'] != local_user()))) {
if (remote_user() || (self::getMyURL() && !empty($profile['unkmail']) && ($profile['uid'] != local_user()))) {
$wallmessage = L10n::t('Message');
if (remote_user()) {
@ -424,23 +429,23 @@ class Profile
// Fetch the account type
$account_type = Contact::getAccountType($profile);
if (x($profile, 'address')
|| x($profile, 'location')
|| x($profile, 'locality')
|| x($profile, 'region')
|| x($profile, 'postal-code')
|| x($profile, 'country-name')
if (!empty($profile['address'])
|| !empty($profile['location'])
|| !empty($profile['locality'])
|| !empty($profile['region'])
|| !empty($profile['postal-code'])
|| !empty($profile['country-name'])
) {
$location = L10n::t('Location:');
}
$gender = x($profile, 'gender') ? L10n::t('Gender:') : false;
$marital = x($profile, 'marital') ? L10n::t('Status:') : false;
$homepage = x($profile, 'homepage') ? L10n::t('Homepage:') : false;
$about = x($profile, 'about') ? L10n::t('About:') : false;
$xmpp = x($profile, 'xmpp') ? L10n::t('XMPP:') : false;
$gender = !empty($profile['gender']) ? L10n::t('Gender:') : false;
$marital = !empty($profile['marital']) ? L10n::t('Status:') : false;
$homepage = !empty($profile['homepage']) ? L10n::t('Homepage:') : false;
$about = !empty($profile['about']) ? L10n::t('About:') : false;
$xmpp = !empty($profile['xmpp']) ? L10n::t('XMPP:') : false;
if ((x($profile, 'hidewall') || $block) && !local_user() && !remote_user()) {
if ((!empty($profile['hidewall']) || $block) && !local_user() && !remote_user()) {
$location = $gender = $marital = $homepage = $about = false;
}
@ -448,7 +453,7 @@ class Profile
$firstname = $split_name['first'];
$lastname = $split_name['last'];
if (x($profile, 'guid')) {
if (!empty($profile['guid'])) {
$diaspora = [
'guid' => $profile['guid'],
'podloc' => System::baseUrl(),
@ -507,10 +512,8 @@ class Profile
$p['about'] = BBCode::convert($p['about']);
}
if (isset($p['address'])) {
$p['address'] = BBCode::convert($p['address']);
} elseif (isset($p['location'])) {
$p['address'] = BBCode::convert($p['location']);
if (empty($p['address']) && !empty($p['location'])) {
$p['address'] = $p['location'];
}
if (isset($p['photo'])) {
@ -890,7 +893,7 @@ class Profile
}
$tab = false;
if (x($_GET, 'tab')) {
if (!empty($_GET['tab'])) {
$tab = Strings::escapeTags(trim($_GET['tab']));
}
@ -1001,7 +1004,7 @@ class Profile
*/
public static function getMyURL()
{
if (x($_SESSION, 'my_url')) {
if (!empty($_SESSION['my_url'])) {
return $_SESSION['my_url'];
}
return null;
@ -1118,6 +1121,17 @@ class Profile
$_SESSION['visitor_home'] = $visitor['url'];
$_SESSION['my_url'] = $visitor['url'];
/// @todo replace this and the query for this variable with some cleaner functionality
$_SESSION['remote'] = [];
$remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => $visitor['nurl'], 'rel' => [Contact::FOLLOWER, Contact::FRIEND]]);
while ($contact = DBA::fetch($remote_contacts)) {
if (($contact['uid'] == 0) || Contact::isBlockedByUser($visitor['id'], $contact['uid'])) {
continue;
}
$_SESSION['remote'][] = ['cid' => $contact['id'], 'uid' => $contact['uid'], 'url' => $visitor['url']];
}
$arr = [
'visitor' => $visitor,
'url' => $a->query_string
@ -1173,7 +1187,7 @@ class Profile
*/
public static function getThemeUid()
{
$uid = ((!empty($_REQUEST['puid'])) ? intval($_REQUEST['puid']) : 0);
$uid = (!empty($_REQUEST['puid']) ? intval($_REQUEST['puid']) : 0);
if ((local_user()) && ((PConfig::get(local_user(), 'system', 'always_my_theme')) || (!$uid))) {
return local_user();
}

View file

@ -156,7 +156,7 @@ class Term
$link = '';
}
if (DBA::exists('term', ['uid' => $message['uid'], 'otype' => TERM_OBJ_POST, 'oid' => $itemid, 'url' => $link])) {
if (DBA::exists('term', ['uid' => $message['uid'], 'otype' => TERM_OBJ_POST, 'oid' => $itemid, 'term' => $term])) {
continue;
}

View file

@ -98,6 +98,19 @@ class User
if (!DBA::isResult($r)) {
return false;
}
if (empty($r['nickname'])) {
return false;
}
// Check if the returned data is valid, otherwise fix it. See issue #6122
$url = System::baseUrl() . '/profile/' . $r['nickname'];
$addr = $r['nickname'] . '@' . substr(System::baseUrl(), strpos(System::baseUrl(), '://') + 3);
if (($addr != $r['addr']) || ($r['url'] != $url) || ($r['nurl'] != Strings::normaliseLink($r['url']))) {
Contact::updateSelfFromUserID($uid);
}
return $r;
}
@ -412,12 +425,12 @@ class User
$password = !empty($data['password']) ? trim($data['password']) : '';
$password1 = !empty($data['password1']) ? trim($data['password1']) : '';
$confirm = !empty($data['confirm']) ? trim($data['confirm']) : '';
$blocked = !empty($data['blocked']) ? intval($data['blocked']) : 0;
$verified = !empty($data['verified']) ? intval($data['verified']) : 0;
$blocked = !empty($data['blocked']);
$verified = !empty($data['verified']);
$language = !empty($data['language']) ? Strings::escapeTags(trim($data['language'])) : 'en';
$publish = !empty($data['profile_publish_reg']) && intval($data['profile_publish_reg']) ? 1 : 0;
$netpublish = strlen(Config::get('system', 'directory')) ? $publish : 0;
$publish = !empty($data['profile_publish_reg']);
$netpublish = $publish && Config::get('system', 'directory');
if ($password1 != $confirm) {
throw new Exception(L10n::t('Passwords do not match. Password unchanged.'));

View file

@ -40,11 +40,8 @@ class Contact extends BaseModule
}
$nets = defaults($_GET, 'nets', '');
if ($nets == 'all') {
$nets = '';
}
if (!x($a->page, 'aside')) {
if (empty($a->page['aside'])) {
$a->page['aside'] = '';
}
@ -78,18 +75,17 @@ class Contact extends BaseModule
$a->data['contact'] = $contact;
if (($contact['network'] != '') && ($contact['network'] != Protocol::DFRN)) {
$networkname = Strings::formatNetworkName($contact['network'], $contact['url']);
$network_link = Strings::formatNetworkName($contact['network'], $contact['url']);
} else {
$networkname = '';
$network_link = '';
}
/// @TODO Add nice spaces
$vcard_widget = Renderer::replaceMacros(Renderer::getMarkupTemplate('vcard-widget.tpl'), [
'$name' => $contact['name'],
'$photo' => $contact['photo'],
'$url' => Model\Contact::MagicLink($contact['url']),
'$addr' => defaults($contact, 'addr', ''),
'$network_name' => $networkname,
'$network_link' => $network_link,
'$network' => L10n::t('Network:'),
'$account_type' => Model\Contact::getAccountType($contact)
]);
@ -514,7 +510,7 @@ class Contact extends BaseModule
$relation_text = '';
}
$relation_text = sprintf($relation_text, htmlentities($contact['name']));
$relation_text = sprintf($relation_text, $contact['name']);
$url = Model\Contact::magicLink($contact['url']);
if (strpos($url, 'redir/') === 0) {
@ -646,7 +642,7 @@ class Contact extends BaseModule
'$profileurllabel'=> L10n::t('Profile URL'),
'$profileurl' => $contact['url'],
'$account_type' => Model\Contact::getAccountType($contact),
'$location' => BBCode::convert($contact['location']),
'$location' => $contact['location'],
'$location_label' => L10n::t('Location:'),
'$xmpp' => BBCode::convert($contact['xmpp']),
'$xmpp_label' => L10n::t('XMPP:'),

Some files were not shown because too many files have changed in this diff Show more