friendica
/
friendica
mirror of https://github.com/friendica/friendica
6
0
Fork 1
Code Issues Packages Projects Releases 1 Wiki Activity

Contact names with ">" and "<" are a problem ...

This commit is contained in:
Michael Vogel 2015-10-09 07:39:38 +02:00
parent 26983bafff
commit 16da708e07
4 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/conversation.php
View File

@ -942,7 +942,7 @@ function like_puller($a,$item,&$arr,$mode) {
$arr[$item['thr-parent']] = 1; $arr[$item['thr-parent']] = 1;
else else
$arr[$item['thr-parent']] ++; $arr[$item['thr-parent']] ++;
$arr[$item['thr-parent'] . '-l'][] = '<a href="'. $url . '"'. $sparkle .'>' . $item['author-name'] . '</a>'; $arr[$item['thr-parent'] . '-l'][] = '<a href="'. $url . '"'. $sparkle .'>' . htmlentities($item['author-name']) . '</a>';
} }
return; return;
}} }}
@ -958,7 +958,7 @@ if(! function_exists('format_like')) {
function format_like($cnt,$arr,$type,$id) { function format_like($cnt,$arr,$type,$id) {
$o = ''; $o = '';
if($cnt == 1) if($cnt == 1)
$o .= (($type === 'like') ? sprintf( t('%s likes this.'), $arr[0]) : sprintf( t('%s doesn\'t like this.'), $arr[0])) . EOL ; $o .= (($type === 'like') ? sprintf( t('%s likes this.'), $arr[0]) : sprintf( t('%s doesn\'t like this.'), $arr[0])) . EOL;
else { else {
$spanatts = "class=\"fakelink\" onclick=\"openClose('{$type}list-$id');\""; $spanatts = "class=\"fakelink\" onclick=\"openClose('{$type}list-$id');\"";
switch($type) { switch($type) {

8
include/items.php
View File

@ -1239,10 +1239,10 @@ function item_store($arr,$force_parent = false, $notify = false, $dontcache = fa
$arr['guid'] = ((x($arr,'guid')) ? notags(trim($arr['guid'])) : get_guid(32, $guid_prefix)); $arr['guid'] = ((x($arr,'guid')) ? notags(trim($arr['guid'])) : get_guid(32, $guid_prefix));
$arr['uri'] = ((x($arr,'uri')) ? notags(trim($arr['uri'])) : $arr['guid']); $arr['uri'] = ((x($arr,'uri')) ? notags(trim($arr['uri'])) : $arr['guid']);
$arr['extid'] = ((x($arr,'extid')) ? notags(trim($arr['extid'])) : ''); $arr['extid'] = ((x($arr,'extid')) ? notags(trim($arr['extid'])) : '');
$arr['author-name'] = ((x($arr,'author-name')) ? notags(trim($arr['author-name'])) : ''); $arr['author-name'] = ((x($arr,'author-name')) ? trim($arr['author-name']) : '');
$arr['author-link'] = ((x($arr,'author-link')) ? notags(trim($arr['author-link'])) : ''); $arr['author-link'] = ((x($arr,'author-link')) ? notags(trim($arr['author-link'])) : '');
$arr['author-avatar'] = ((x($arr,'author-avatar')) ? notags(trim($arr['author-avatar'])) : ''); $arr['author-avatar'] = ((x($arr,'author-avatar')) ? notags(trim($arr['author-avatar'])) : '');
$arr['owner-name'] = ((x($arr,'owner-name')) ? notags(trim($arr['owner-name'])) : ''); $arr['owner-name'] = ((x($arr,'owner-name')) ? trim($arr['owner-name']) : '');
$arr['owner-link'] = ((x($arr,'owner-link')) ? notags(trim($arr['owner-link'])) : ''); $arr['owner-link'] = ((x($arr,'owner-link')) ? notags(trim($arr['owner-link'])) : '');
$arr['owner-avatar'] = ((x($arr,'owner-avatar')) ? notags(trim($arr['owner-avatar'])) : ''); $arr['owner-avatar'] = ((x($arr,'owner-avatar')) ? notags(trim($arr['owner-avatar'])) : '');
$arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert()); $arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert());
@ -1250,8 +1250,8 @@ function item_store($arr,$force_parent = false, $notify = false, $dontcache = fa
$arr['commented'] = ((x($arr,'commented') !== false) ? datetime_convert('UTC','UTC',$arr['commented']) : datetime_convert()); $arr['commented'] = ((x($arr,'commented') !== false) ? datetime_convert('UTC','UTC',$arr['commented']) : datetime_convert());
$arr['received'] = ((x($arr,'received') !== false) ? datetime_convert('UTC','UTC',$arr['received']) : datetime_convert()); $arr['received'] = ((x($arr,'received') !== false) ? datetime_convert('UTC','UTC',$arr['received']) : datetime_convert());
$arr['changed'] = ((x($arr,'changed') !== false) ? datetime_convert('UTC','UTC',$arr['changed']) : datetime_convert()); $arr['changed'] = ((x($arr,'changed') !== false) ? datetime_convert('UTC','UTC',$arr['changed']) : datetime_convert());
$arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : ''); $arr['title'] = ((x($arr,'title')) ? trim($arr['title']) : '');
$arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : ''); $arr['location'] = ((x($arr,'location')) ? trim($arr['location']) : '');
$arr['coord'] = ((x($arr,'coord')) ? notags(trim($arr['coord'])) : ''); $arr['coord'] = ((x($arr,'coord')) ? notags(trim($arr['coord'])) : '');
$arr['last-child'] = ((x($arr,'last-child')) ? intval($arr['last-child']) : 0 ); $arr['last-child'] = ((x($arr,'last-child')) ? intval($arr['last-child']) : 0 );
$arr['visible'] = ((x($arr,'visible') !== false) ? intval($arr['visible']) : 1 ); $arr['visible'] = ((x($arr,'visible') !== false) ? intval($arr['visible']) : 1 );

2
mod/dirfind.php
View File

@ -139,7 +139,7 @@ function dirfind_content(&$a, $prefix = "") {
$o .= replace_macros($tpl,array( $o .= replace_macros($tpl,array(
'$url' => zrl($jj->url), '$url' => zrl($jj->url),
'$name' => $jj->name, '$name' => htmlentities($jj->name),
'$photo' => proxy_url($jj->photo, false, PROXY_SIZE_THUMB), '$photo' => proxy_url($jj->photo, false, PROXY_SIZE_THUMB),
'$tags' => $jj->tags, '$tags' => $jj->tags,
'$conntxt' => $conntxt, '$conntxt' => $conntxt,

14
object/Item.php
View File

@ -235,6 +235,8 @@ class Item extends BaseObject {
if ($shareable) $buttons['share'] = array( t('Share this'), t('share')); if ($shareable) $buttons['share'] = array( t('Share this'), t('share'));
} }
$comment = $this->get_comment_box($indent);
if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0){ if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0){
$shiny = 'shiny'; $shiny = 'shiny';
} }
@ -304,6 +306,10 @@ class Item extends BaseObject {
!diaspora_is_redmatrix($item["owner-link"]) AND isset($buttons["like"])) !diaspora_is_redmatrix($item["owner-link"]) AND isset($buttons["like"]))
unset($buttons["like"]); unset($buttons["like"]);
// Diaspora doesn't has multithreaded comments
if (($item["item_network"] == NETWORK_DIASPORA) AND ($indent == 'comment'))
unset($comment);
// Facebook can like comments - but it isn't programmed in the connector yet. // Facebook can like comments - but it isn't programmed in the connector yet.
if (($item["item_network"] == NETWORK_FACEBOOK) AND ($indent == 'comment') AND isset($buttons["like"])) if (($item["item_network"] == NETWORK_FACEBOOK) AND ($indent == 'comment') AND isset($buttons["like"]))
unset($buttons["like"]); unset($buttons["like"]);
@ -326,7 +332,7 @@ class Item extends BaseObject {
'id' => $this->get_id(), 'id' => $this->get_id(),
'guid' => urlencode($item['guid']), 'guid' => urlencode($item['guid']),
'linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), 'linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])),
'olinktitle' => sprintf( t('View %s\'s profile @ %s'), $this->get_owner_name(), ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), 'olinktitle' => sprintf( t('View %s\'s profile @ %s'), htmlentities($this->get_owner_name()), ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])),
'to' => t('to'), 'to' => t('to'),
'via' => t('via'), 'via' => t('via'),
'wall' => t('Wall-to-Wall'), 'wall' => t('Wall-to-Wall'),
@ -348,7 +354,7 @@ class Item extends BaseObject {
'shiny' => $shiny, 'shiny' => $shiny,
'owner_url' => $this->get_owner_url(), 'owner_url' => $this->get_owner_url(),
'owner_photo' => proxy_url($this->get_owner_photo(), false, PROXY_SIZE_THUMB), 'owner_photo' => proxy_url($this->get_owner_photo(), false, PROXY_SIZE_THUMB),
'owner_name' => $owner_name_e, 'owner_name' => htmlentities($owner_name_e),
'plink' => get_plink($item), 'plink' => get_plink($item),
'edpost' => ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''), 'edpost' => ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''),
'isstarred' => $isstarred, 'isstarred' => $isstarred,
@ -361,7 +367,7 @@ class Item extends BaseObject {
'like' => $like, 'like' => $like,
'dislike' => $dislike, 'dislike' => $dislike,
'switchcomment' => t('Comment'), 'switchcomment' => t('Comment'),
'comment' => $this->get_comment_box($indent), 'comment' => $comment,
'previewing' => ($conv->is_preview() ? ' preview ' : ''), 'previewing' => ($conv->is_preview() ? ' preview ' : ''),
'wait' => t('Please wait'), 'wait' => t('Please wait'),
'thread_level' => $thread_level, 'thread_level' => $thread_level,
@ -523,7 +529,7 @@ class Item extends BaseObject {
*/ */
public function set_conversation($conv) { public function set_conversation($conv) {
$previous_mode = ($this->conversation ? $this->conversation->get_mode() : ''); $previous_mode = ($this->conversation ? $this->conversation->get_mode() : '');
$this->conversation = $conv; $this->conversation = $conv;
// Set it on our children too // Set it on our children too