Some more "escapeTags" removed
This commit is contained in:
parent
8e65bdd011
commit
359dad4244
17 changed files with 76 additions and 89 deletions
|
|
@ -70,10 +70,10 @@ function message_post(App $a)
|
|||
return;
|
||||
}
|
||||
|
||||
$replyto = !empty($_REQUEST['replyto']) ? Strings::escapeTags(trim($_REQUEST['replyto'])) : '';
|
||||
$subject = !empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '';
|
||||
$body = !empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
|
||||
$recipient = !empty($_REQUEST['recipient']) ? intval($_REQUEST['recipient']) : 0;
|
||||
$replyto = !empty($_REQUEST['replyto']) ? trim($_REQUEST['replyto']) : '';
|
||||
$subject = !empty($_REQUEST['subject']) ? trim($_REQUEST['subject']) : '';
|
||||
$body = !empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
|
||||
$recipient = !empty($_REQUEST['recipient']) ? intval($_REQUEST['recipient']) : 0;
|
||||
|
||||
$ret = Mail::send($recipient, $body, $subject, $replyto);
|
||||
$norecip = false;
|
||||
|
|
|
|||
|
|
@ -291,11 +291,11 @@ function photos_post(App $a)
|
|||
}
|
||||
|
||||
if (DI::args()->getArgc() > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) {
|
||||
$desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : '';
|
||||
$rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : '';
|
||||
$item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
|
||||
$albname = !empty($_POST['albname']) ? trim($_POST['albname']) : '';
|
||||
$origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : '';
|
||||
$desc = !empty($_POST['desc']) ? trim($_POST['desc']) : '';
|
||||
$rawtags = !empty($_POST['newtag']) ? trim($_POST['newtag']) : '';
|
||||
$item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
|
||||
$albname = !empty($_POST['albname']) ? trim($_POST['albname']) : '';
|
||||
$origaname = !empty($_POST['origaname']) ? trim($_POST['origaname']) : '';
|
||||
|
||||
$resource_id = DI::args()->getArgv()[3];
|
||||
|
||||
|
|
|
|||
|
|
@ -37,7 +37,6 @@ use Friendica\Model\User;
|
|||
use Friendica\Module\BaseSettings;
|
||||
use Friendica\Module\Security\Login;
|
||||
use Friendica\Protocol\Email;
|
||||
use Friendica\Util\Strings;
|
||||
use Friendica\Util\Temporal;
|
||||
use Friendica\Worker\Delivery;
|
||||
|
||||
|
|
@ -216,14 +215,14 @@ function settings_post(App $a)
|
|||
}
|
||||
}
|
||||
|
||||
$username = (!empty($_POST['username']) ? Strings::escapeTags(trim($_POST['username'])) : '');
|
||||
$email = (!empty($_POST['email']) ? Strings::escapeTags(trim($_POST['email'])) : '');
|
||||
$timezone = (!empty($_POST['timezone']) ? Strings::escapeTags(trim($_POST['timezone'])) : '');
|
||||
$language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
|
||||
$username = (!empty($_POST['username']) ? trim($_POST['username']) : '');
|
||||
$email = (!empty($_POST['email']) ? trim($_POST['email']) : '');
|
||||
$timezone = (!empty($_POST['timezone']) ? trim($_POST['timezone']) : '');
|
||||
$language = (!empty($_POST['language']) ? trim($_POST['language']) : '');
|
||||
|
||||
$defloc = (!empty($_POST['defloc']) ? Strings::escapeTags(trim($_POST['defloc'])) : '');
|
||||
$maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
|
||||
$expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
|
||||
$defloc = (!empty($_POST['defloc']) ? trim($_POST['defloc']) : '');
|
||||
$maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
|
||||
$expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
|
||||
$def_gid = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -37,10 +37,10 @@ function wallmessage_post(App $a) {
|
|||
return;
|
||||
}
|
||||
|
||||
$subject = (!empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '');
|
||||
$body = (!empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '');
|
||||
$subject = trim($_REQUEST['subject'] ?? '');
|
||||
$body = Strings::escapeHtml(trim($_REQUEST['body'] ?? ''));
|
||||
|
||||
$recipient = ((DI::args()->getArgc() > 1) ? Strings::escapeTags(DI::args()->getArgv()[1]) : '');
|
||||
$recipient = ((DI::args()->getArgc() > 1) ? DI::args()->getArgv()[1] : '');
|
||||
if ((! $recipient) || (! $body)) {
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue