Adam Magness
parent
1ac32c622e
commit
4a667f640f
|
|
@ -84,8 +84,8 @@ function buffer_addon_admin(App $a, &$o)
|
|||
|
||||
function buffer_addon_admin_post(App $a)
|
||||
{
|
||||
$client_id = ((!empty($_POST['client_id'])) ? Strings::removeTags(trim($_POST['client_id'])) : '');
|
||||
$client_secret = ((!empty($_POST['client_secret'])) ? Strings::removeTags(trim($_POST['client_secret'])) : '');
|
||||
$client_id = ((!empty($_POST['client_id'])) ? Strings::escapeTags(trim($_POST['client_id'])) : '');
|
||||
$client_secret = ((!empty($_POST['client_secret'])) ? Strings::escapeTags(trim($_POST['client_secret'])) : '');
|
||||
|
||||
Config::set('buffer', 'client_id' , $client_id);
|
||||
Config::set('buffer', 'client_secret', $client_secret);
|
||||
|
|
|
|||
|
|
@ -73,9 +73,9 @@ function forumdirectory_content(App $a)
|
|||
Nav::setSelected('directory');
|
||||
|
||||
if (!empty($a->data['search'])) {
|
||||
$search = Strings::removeTags(trim($a->data['search']));
|
||||
$search = Strings::escapeTags(trim($a->data['search']));
|
||||
} else {
|
||||
$search = ((!empty($_GET['search'])) ? Strings::removeTags(trim(rawurldecode($_GET['search']))) : '');
|
||||
$search = ((!empty($_GET['search'])) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
|
||||
}
|
||||
|
||||
$tpl = Renderer::getMarkupTemplate('directory_header.tpl');
|
||||
|
|
|
|||
|
|
@ -100,10 +100,10 @@ function geocoordinates_addon_admin(&$a, &$o)
|
|||
|
||||
function geocoordinates_addon_admin_post(&$a)
|
||||
{
|
||||
$api_key = ((x($_POST, 'api_key')) ? Strings::removeTags(trim($_POST['api_key'])) : '');
|
||||
$api_key = ((x($_POST, 'api_key')) ? Strings::escapeTags(trim($_POST['api_key'])) : '');
|
||||
Config::set('geocoordinates', 'api_key', $api_key);
|
||||
|
||||
$language = ((x($_POST, 'language')) ? Strings::removeTags(trim($_POST['language'])) : '');
|
||||
$language = ((x($_POST, 'language')) ? Strings::escapeTags(trim($_POST['language'])) : '');
|
||||
Config::set('geocoordinates', 'language', $language);
|
||||
info(L10n::t('Settings updated.'). EOL);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -122,8 +122,8 @@ function gravatar_addon_admin (&$a, &$o) {
|
|||
function gravatar_addon_admin_post (&$a) {
|
||||
BaseModule::checkFormSecurityToken('gravatarsave');
|
||||
|
||||
$default_avatar = ((x($_POST, 'avatar')) ? Strings::removeTags(trim($_POST['avatar'])) : 'identicon');
|
||||
$rating = ((x($_POST, 'rating')) ? Strings::removeTags(trim($_POST['rating'])) : 'g');
|
||||
$default_avatar = ((x($_POST, 'avatar')) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon');
|
||||
$rating = ((x($_POST, 'rating')) ? Strings::escapeTags(trim($_POST['rating'])) : 'g');
|
||||
Config::set('gravatar', 'default_avatar', $default_avatar);
|
||||
Config::set('gravatar', 'rating', $rating);
|
||||
info(L10n::t('Gravatar settings updated.') .EOL);
|
||||
|
|
|
|||
|
|
@ -87,11 +87,11 @@ function impressum_show($a,&$b) {
|
|||
}
|
||||
|
||||
function impressum_addon_admin_post (&$a) {
|
||||
$owner = ((x($_POST, 'owner')) ? Strings::removeTags(trim($_POST['owner'])) : '');
|
||||
$ownerprofile = ((x($_POST, 'ownerprofile')) ? Strings::removeTags(trim($_POST['ownerprofile'])) : '');
|
||||
$owner = ((x($_POST, 'owner')) ? Strings::escapeTags(trim($_POST['owner'])) : '');
|
||||
$ownerprofile = ((x($_POST, 'ownerprofile')) ? Strings::escapeTags(trim($_POST['ownerprofile'])) : '');
|
||||
$postal = ((x($_POST, 'postal')) ? (trim($_POST['postal'])) : '');
|
||||
$notes = ((x($_POST, 'notes')) ? (trim($_POST['notes'])) : '');
|
||||
$email = ((x($_POST, 'email')) ? Strings::removeTags(trim($_POST['email'])) : '');
|
||||
$email = ((x($_POST, 'email')) ? Strings::escapeTags(trim($_POST['email'])) : '');
|
||||
$footer_text = ((x($_POST, 'footer_text')) ? (trim($_POST['footer_text'])) : '');
|
||||
Config::set('impressum','owner',strip_tags($owner));
|
||||
Config::set('impressum','ownerprofile',strip_tags($ownerprofile));
|
||||
|
|
|
|||
|
|
@ -125,7 +125,7 @@ function libravatar_addon_admin_post(&$a)
|
|||
{
|
||||
BaseModule::checkFormSecurityToken('libravatarrsave');
|
||||
|
||||
$default_avatar = ((x($_POST, 'avatar')) ? Strings::removeTags(trim($_POST['avatar'])) : 'identicon');
|
||||
$default_avatar = ((x($_POST, 'avatar')) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon');
|
||||
Config::set('libravatar', 'default_avatar', $default_avatar);
|
||||
info(L10n::t('Libravatar settings updated.') .EOL);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ function newmemberwidget_network_mod_init ($a, $b)
|
|||
function newmemberwidget_addon_admin_post(&$a)
|
||||
{
|
||||
$ft = ((x($_POST, 'freetext')) ? trim($_POST['freetext']) : "");
|
||||
$lsn = ((x($_POST, 'localsupportname')) ? Strings::removeTags(trim($_POST['localsupportname'])) : "");
|
||||
$lsn = ((x($_POST, 'localsupportname')) ? Strings::escapeTags(trim($_POST['localsupportname'])) : "");
|
||||
$gs = intval($_POST['linkglobalsupport']);
|
||||
$ls = intval($_POST['linklocalsupport']);
|
||||
Config::set('newmemberwidget', 'freetext', trim($ft));
|
||||
|
|
|
|||
|
|
@ -177,7 +177,7 @@ function openstreetmap_generate_map(&$a, &$b)
|
|||
$cardlink .= '?mlat=' . $lat . '&mlon=' . $lon;
|
||||
}
|
||||
|
||||
$cardlink .= '#map=' . $zoom . '/' . $lat . '/' . $lon . '">' . ($b['location'] ? Strings::escapeTags($b['location']) : L10n::t('View Larger')) . '</a>';
|
||||
$cardlink .= '#map=' . $zoom . '/' . $lat . '/' . $lon . '">' . ($b['location'] ? Strings::escapeHtml($b['location']) : L10n::t('View Larger')) . '</a>';
|
||||
if (empty($b['mode'])) {
|
||||
$b['html'] = '<iframe style="width:100%; height:300px; border:1px solid #ccc" src="' . $tmsserver .
|
||||
'/export/embed.html?bbox=' . ($lon - 0.01) . '%2C' . ($lat - 0.01) . '%2C' . ($lon + 0.01) . '%2C' . ($lat + 0.01) .
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ function piwik_addon_admin (&$a, &$o) {
|
|||
]);
|
||||
}
|
||||
function piwik_addon_admin_post (&$a) {
|
||||
$url = ((x($_POST, 'baseurl')) ? Strings::removeTags(trim($_POST['baseurl'])) : '');
|
||||
$url = ((x($_POST, 'baseurl')) ? Strings::escapeTags(trim($_POST['baseurl'])) : '');
|
||||
$id = ((x($_POST, 'siteid')) ? trim($_POST['siteid']) : '');
|
||||
$optout = ((x($_POST, 'optout')) ? trim($_POST['optout']) : '');
|
||||
$async = ((x($_POST, 'async')) ? trim($_POST['async']) : '');
|
||||
|
|
|
|||
|
|
@ -148,12 +148,12 @@ function public_server_login($a, $b)
|
|||
function public_server_addon_admin_post(&$a)
|
||||
{
|
||||
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/addons/publicserver', 'publicserver');
|
||||
$expiredays = (x($_POST, 'expiredays') ? Strings::removeTags(trim($_POST['expiredays'])) : '');
|
||||
$expireposts = (x($_POST, 'expireposts') ? Strings::removeTags(trim($_POST['expireposts'])) : '');
|
||||
$nologin = (x($_POST, 'nologin') ? Strings::removeTags(trim($_POST['nologin'])) : '');
|
||||
$flagusers = (x($_POST, 'flagusers') ? Strings::removeTags(trim($_POST['flagusers'])) : '');
|
||||
$flagposts = (x($_POST, 'flagposts') ? Strings::removeTags(trim($_POST['flagposts'])) : '');
|
||||
$flagpostsexpire = (x($_POST, 'flagpostsexpire') ? Strings::removeTags(trim($_POST['flagpostsexpire'])) : '');
|
||||
$expiredays = (x($_POST, 'expiredays') ? Strings::escapeTags(trim($_POST['expiredays'])) : '');
|
||||
$expireposts = (x($_POST, 'expireposts') ? Strings::escapeTags(trim($_POST['expireposts'])) : '');
|
||||
$nologin = (x($_POST, 'nologin') ? Strings::escapeTags(trim($_POST['nologin'])) : '');
|
||||
$flagusers = (x($_POST, 'flagusers') ? Strings::escapeTags(trim($_POST['flagusers'])) : '');
|
||||
$flagposts = (x($_POST, 'flagposts') ? Strings::escapeTags(trim($_POST['flagposts'])) : '');
|
||||
$flagpostsexpire = (x($_POST, 'flagpostsexpire') ? Strings::escapeTags(trim($_POST['flagpostsexpire'])) : '');
|
||||
Config::set('public_server', 'expiredays', $expiredays);
|
||||
Config::set('public_server', 'expireposts', $expireposts);
|
||||
Config::set('public_server', 'nologin', $nologin);
|
||||
|
|
|
|||
|
|
@ -207,7 +207,7 @@ function remote_permissions_addon_admin(&$a, &$o){
|
|||
}
|
||||
|
||||
function remote_permissions_addon_admin_post(&$a){
|
||||
$choice = ((x($_POST,'remotepermschoice')) ? Strings::removeTags(trim($_POST['remotepermschoice'])) : '');
|
||||
$choice = ((x($_POST,'remotepermschoice')) ? Strings::escapeTags(trim($_POST['remotepermschoice'])) : '');
|
||||
Config::set('remote_perms','global',($choice == 1 ? 1 : 0));
|
||||
info(L10n::t('Settings updated.'). EOL);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -624,7 +624,7 @@ function statusnet_addon_admin_post(App $a)
|
|||
}
|
||||
$secret = trim($_POST['secret'][$id]);
|
||||
$key = trim($_POST['key'][$id]);
|
||||
//$applicationname = ((x($_POST, 'applicationname')) ? Strings::removeTags(trim($_POST['applicationname'][$id])):'');
|
||||
//$applicationname = ((x($_POST, 'applicationname')) ? Strings::escapeTags(trim($_POST['applicationname'][$id])):'');
|
||||
if ($sitename != "" &&
|
||||
$apiurl != "" &&
|
||||
$secret != "" &&
|
||||
|
|
|
|||
|
|
@ -84,8 +84,8 @@ function tumblr_addon_admin(App $a, &$o)
|
|||
|
||||
function tumblr_addon_admin_post(App $a)
|
||||
{
|
||||
$consumer_key = ((!empty($_POST['consumer_key'])) ? Strings::removeTags(trim($_POST['consumer_key'])) : '');
|
||||
$consumer_secret = ((!empty($_POST['consumer_secret'])) ? Strings::removeTags(trim($_POST['consumer_secret'])): '');
|
||||
$consumer_key = ((!empty($_POST['consumer_key'])) ? Strings::escapeTags(trim($_POST['consumer_key'])) : '');
|
||||
$consumer_secret = ((!empty($_POST['consumer_secret'])) ? Strings::escapeTags(trim($_POST['consumer_secret'])): '');
|
||||
|
||||
Config::set('tumblr', 'consumer_key',$consumer_key);
|
||||
Config::set('tumblr', 'consumer_secret',$consumer_secret);
|
||||
|
|
|
|||
|
|
@ -658,8 +658,8 @@ function twitter_post_hook(App $a, array &$b)
|
|||
|
||||
function twitter_addon_admin_post(App $a)
|
||||
{
|
||||
$consumerkey = x($_POST, 'consumerkey') ? Strings::removeTags(trim($_POST['consumerkey'])) : '';
|
||||
$consumersecret = x($_POST, 'consumersecret') ? Strings::removeTags(trim($_POST['consumersecret'])) : '';
|
||||
$consumerkey = x($_POST, 'consumerkey') ? Strings::escapeTags(trim($_POST['consumerkey'])) : '';
|
||||
$consumersecret = x($_POST, 'consumersecret') ? Strings::escapeTags(trim($_POST['consumersecret'])) : '';
|
||||
Config::set('twitter', 'consumerkey', $consumerkey);
|
||||
Config::set('twitter', 'consumersecret', $consumersecret);
|
||||
info(L10n::t('Settings updated.') . EOL);
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ function webrtc_addon_admin (&$a, &$o) {
|
|||
]);
|
||||
}
|
||||
function webrtc_addon_admin_post (&$a) {
|
||||
$url = ((x($_POST, 'webrtcurl')) ? Strings::removeTags(trim($_POST['webrtcurl'])) : '');
|
||||
$url = ((x($_POST, 'webrtcurl')) ? Strings::escapeTags(trim($_POST['webrtcurl'])) : '');
|
||||
Config::set('webrtc', 'webrtcurl', $url);
|
||||
info(L10n::t('Settings updated.'). EOL);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -150,7 +150,7 @@ function wppost_settings_post(&$a,&$b) {
|
|||
PConfig::set(local_user(),'wppost','wp_blog',trim($_POST['wp_blog']));
|
||||
PConfig::set(local_user(),'wppost','backlink',trim($_POST['wp_backlink']));
|
||||
PConfig::set(local_user(),'wppost','shortcheck',trim($_POST['wp_shortcheck']));
|
||||
$wp_backlink_text = Strings::removeTags(trim($_POST['wp_backlink_text']));
|
||||
$wp_backlink_text = Strings::escapeTags(trim($_POST['wp_backlink_text']));
|
||||
$wp_backlink_text = BBCode::convert($wp_backlink_text, false, 8);
|
||||
$wp_backlink_text = HTML::toPlaintext($wp_backlink_text, 0, true);
|
||||
PConfig::set(local_user(),'wppost','wp_backlink_text', $wp_backlink_text);
|
||||
|
|
|
|||
Loading…
Reference in New Issue