friendica
/
friendica
mirror of https://github.com/friendica/friendica.git
5
7
Fork 5
Code Issues Releases 16 Wiki Activity
Browse Source

Replace x() by isset(), !empty() or defaults() 

- Remove extraneous parentheses around empty() calls
- Remove duplicate calls to intval(), count() or strlen() after empty()
- Replace ternary operators outputting binary value with empty() return value
- Rewrite defaults() without x()
pull/6219/head
Hypolite Petovan 4 years ago
parent
ea4e772b1e
commit
458981f75c
101 changed files with 919 additions and 937 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 41
      boot.php
  2. 10
      doc/themes.md
  3. 221
      include/api.php
  4. 36
      include/conversation.php
  5. 637
      mod/admin.php
  6. 4
      mod/api.php
  7. 16
      mod/cal.php
  8. 2
      mod/common.php
  9. 2
      mod/contactgroup.php
  10. 2
      mod/crepair.php
  11. 6
      mod/delegate.php
  12. 6
      mod/dfrn_confirm.php
  13. 26
      mod/dfrn_notify.php
  14. 37
      mod/dfrn_poll.php
  15. 48
      mod/dfrn_request.php
  16. 26
      mod/directory.php
  17. 2
      mod/dirfind.php
  18. 4
      mod/display.php
  19. 4
      mod/fbrowser.php
  20. 4
      mod/friendica.php
  21. 14
      mod/hcard.php
  22. 4
      mod/home.php
  23. 6
      mod/item.php
  24. 2
      mod/like.php
  25. 2
      mod/localtime.php
  26. 10
      mod/manage.php
  27. 12
      mod/message.php
  28. 2
      mod/modexp.php
  29. 56
      mod/network.php
  30. 2
      mod/noscrape.php
  31. 8
      mod/oexchange.php
  32. 2
      mod/openid.php
  33. 4
      mod/parse_url.php
  34. 12
      mod/photos.php
  35. 8
      mod/ping.php
  36. 12
      mod/poco.php
  37. 6
      mod/poke.php
  38. 2
      mod/profile.php
  39. 2
      mod/profiles.php
  40. 2
      mod/pubsubhubbub.php
  41. 2
      mod/redir.php
  42. 20
      mod/register.php
  43. 6
      mod/removeme.php
  44. 28
      mod/search.php
  45. 140
      mod/settings.php
  46. 2
      mod/starred.php
  47. 2
      mod/subthread.php
  48. 2
      mod/suggest.php
  49. 2
      mod/tagger.php
  50. 2
      mod/tagrm.php
  51. 4
      mod/uimport.php
  52. 10
      mod/wall_attach.php
  53. 12
      mod/wall_upload.php
  54. 8
      mod/wallmessage.php
  55. 2
      mod/webfinger.php
  56. 4
      spec/dfrn2_contact_request.svg
  57. 4
      src/App.php
  58. 4
      src/Content/Nav.php
  59. 6
      src/Content/OEmbed.php
  60. 24
      src/Content/Text/BBCode.php
  61. 4
      src/Content/Text/HTML.php
  62. 2
      src/Core/Authentication.php
  63. 12
      src/Core/Console/AutomaticInstallation.php
  64. 4
      src/Core/NotificationsManager.php
  65. 2
      src/Core/Session/DatabaseSessionHandler.php
  66. 2
      src/Core/UserImport.php
  67. 2
      src/Database/DBStructure.php
  68. 13
      src/Model/Contact.php
  69. 4
      src/Model/FileTag.php
  70. 4
      src/Model/Group.php
  71. 18
      src/Model/Item.php
  72. 2
      src/Model/Photo.php
  73. 36
      src/Model/Profile.php
  74. 8
      src/Model/User.php
  75. 2
      src/Module/Contact.php
  76. 4
      src/Module/Feed.php
  77. 14
      src/Module/Login.php
  78. 8
      src/Module/Magic.php
  79. 4
      src/Network/Probe.php
  80. 6
      src/Object/Post.php
  81. 8
      src/Protocol/DFRN.php
  82. 2
      src/Protocol/PortableContact.php
  83. 2
      src/Render/FriendicaSmarty.php
  84. 2
      src/Render/FriendicaSmartyEngine.php
  85. 2
      src/Util/Emailer.php
  86. 12
      src/Util/Network.php
  87. 2
      src/Util/Temporal.php
  88. 2
      src/Worker/OnePoll.php
  89. 2
      tests/src/Core/Console/AutomaticInstallationConsoleTest.php
  90. 14
      view/php/default.php
  91. 6
      view/php/minimal.php
  92. 2
      view/php/none.php
  93. 2
      view/theme/duepuntozero/style.php
  94. 2
      view/theme/frio/php/PHPColors/Color.php
  95. 16
      view/theme/frio/php/default.php
  96. 2
      view/theme/frio/php/frio_boot.php
  97. 12
      view/theme/frio/php/standard.php
  98. 2
      view/theme/frio/style.php
  99. 2
      view/theme/frio/theme.php
  100. 20
      view/theme/smoothly/php/default.php
  101. Some files were not shown because too many files have changed in this diff Show More

41
boot.php
Unescape View File

@ -341,12 +341,13 @@ function get_app()
/**
* @brief Multi-purpose function to check variable state.
*
* Usage: x($var) or $x($array, 'key')
* Usage: x($var) or x($array, 'key')
*
* returns false if variable/key is not set
* if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
* e.g. x('') or x(0) returns 0;
*
* @deprecated since version 2018.12
* @param string|array $s variable to check
* @param string $k key inside the array to check
*
@ -383,13 +384,12 @@ function x($s, $k = null)
* - defaults($var, $default)
* - defaults($array, 'key', $default)
*
* @param array $args
* @brief Returns a defaut value if the provided variable or array key is falsy
* @see x()
* @return mixed
*/
function defaults() {
$args = func_get_args();
function defaults(...$args)
{
if (count($args) < 2) {
throw new BadFunctionCallException('defaults() requires at least 2 parameters');
}
@ -400,16 +400,15 @@ function defaults() {
throw new BadFunctionCallException('defaults($arr, $key, $def) $key is null');
}
$default = array_pop($args);
// The default value always is the last argument
$return = array_pop($args);
if (call_user_func_array('x', $args)) {
if (count($args) === 1) {
$return = $args[0];
} else {
$return = $args[0][$args[1]];
}
} else {
$return = $default;
if (count($args) == 2 && is_array($args[0]) && !empty($args[0][$args[1]])) {
$return = $args[0][$args[1]];
}
if (count($args) == 1 && !empty($args[0])) {
$return = $args[0];
}
return $return;
@ -446,15 +445,15 @@ function public_contact()
{
static $public_contact_id = false;
if (!$public_contact_id && x($_SESSION, 'authenticated')) {
if (x($_SESSION, 'my_address')) {
if (!$public_contact_id && !empty($_SESSION['authenticated'])) {
if (!empty($_SESSION['my_address'])) {
// Local user
$public_contact_id = intval(Contact::getIdForURL($_SESSION['my_address'], 0, true));
} elseif (x($_SESSION, 'visitor_home')) {
} elseif (!empty($_SESSION['visitor_home'])) {
// Remote user
$public_contact_id = intval(Contact::getIdForURL($_SESSION['visitor_home'], 0, true));
}
} elseif (!x($_SESSION, 'authenticated')) {
} elseif (empty($_SESSION['authenticated'])) {
$public_contact_id = false;
}
@ -479,7 +478,7 @@ function remote_user()
return false;
}
if (x($_SESSION, 'authenticated') && x($_SESSION, 'visitor_id')) {
if (!empty($_SESSION['authenticated']) && !empty($_SESSION['visitor_id'])) {
return intval($_SESSION['visitor_id']);
}
return false;
@ -499,7 +498,7 @@ function notice($s)
}
$a = get_app();
if (!x($_SESSION, 'sysmsg')) {
if (empty($_SESSION['sysmsg'])) {
$_SESSION['sysmsg'] = [];
}
if ($a->interactive) {
@ -522,7 +521,7 @@ function info($s)
return;
}
if (!x($_SESSION, 'sysmsg_info')) {
if (empty($_SESSION['sysmsg_info'])) {
$_SESSION['sysmsg_info'] = [];
}
if ($a->interactive) {

10
doc/themes.md
Unescape View File

@ -181,13 +181,13 @@ Next take the default.php file found in the /view direcotry and exchange the asi
So the central part of the file now looks like this:
<body>
<?php if(x($page,'nav')) echo $page['nav']; ?>
<aside><?php if(x($page,'right_aside')) echo $page['right_aside']; ?></aside>
<section><?php if(x($page,'content')) echo $page['content']; ?>
<?php if(!empty($page['nav'])) echo $page['nav']; ?>
<aside><?php if(!empty($page['right_aside'])) echo $page['right_aside']; ?></aside>
<section><?php if(!empty($page['content'])) echo $page['content']; ?>
<div id="page-footer"></div>
</section>
<right_aside><?php if(x($page,'aside')) echo $page['aside']; ?></right_aside>
<footer><?php if(x($page,'footer')) echo $page['footer']; ?></footer>
<right_aside><?php if(!empty($page['aside'])) echo $page['aside']; ?></right_aside>
<footer><?php if(!empty($page['footer'])) echo $page['footer']; ?></footer>
</body>
Finally we need a style.css file, inheriting the definitions from the parent theme and containing out changes for the new theme.

221
include/api.php
Unescape View File

@ -68,7 +68,7 @@ $called_api = [];
*/
function api_user()
{
if (x($_SESSION, 'allow_api')) {
if (!empty($_SESSION['allow_api'])) {
return local_user();
}
@ -186,8 +186,8 @@ function api_login(App $a)
}
// workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
@ -195,7 +195,7 @@ function api_login(App $a)
}
}
if (!x($_SERVER, 'PHP_AUTH_USER')) {
if (empty($_SERVER['PHP_AUTH_USER'])) {
Logger::log('API_login: ' . print_r($_SERVER, true), Logger::DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
throw new UnauthorizedException("This API requires login");
@ -396,7 +396,7 @@ function api_call(App $a)
case "json":
header("Content-Type: application/json");
$json = json_encode(end($return));
if (x($_GET, 'callback')) {
if (!empty($_GET['callback'])) {
$json = $_GET['callback'] . "(" . $json . ")";
}
$return = $json;
@ -550,7 +550,7 @@ function api_get_user(App $a, $contact_id = null)
}
}
if (is_null($user) && x($_GET, 'user_id')) {
if (is_null($user) && !empty($_GET['user_id'])) {
$user = DBA::escape(api_unique_id_to_nurl($_GET['user_id']));
if ($user == "") {
@ -563,7 +563,7 @@ function api_get_user(App $a, $contact_id = null)
$extra_query .= "AND `contact`.`uid`=" . intval(api_user());
}
}
if (is_null($user) && x($_GET, 'screen_name')) {
if (is_null($user) && !empty($_GET['screen_name'])) {
$user = DBA::escape($_GET['screen_name']);
$extra_query = "AND `contact`.`nick` = '%s' ";
if (api_user() !== false) {
@ -571,7 +571,7 @@ function api_get_user(App $a, $contact_id = null)
}
}
if (is_null($user) && x($_GET, 'profileurl')) {
if (is_null($user) && !empty($_GET['profileurl'])) {
$user = DBA::escape(Strings::normaliseLink($_GET['profileurl']));
$extra_query = "AND `contact`.`nurl` = '%s' ";
if (api_user() !== false) {
@ -980,7 +980,7 @@ function api_account_verify_credentials($type)
unset($_REQUEST["screen_name"]);
unset($_GET["screen_name"]);
$skip_status = (x($_REQUEST, 'skip_status')?$_REQUEST['skip_status'] : false);
$skip_status = defaults($_REQUEST, 'skip_status', false);
$user_info = api_get_user($a);
@ -1014,10 +1014,10 @@ api_register_func('api/account/verify_credentials', 'api_account_verify_credenti
*/
function requestdata($k)
{
if (x($_POST, $k)) {
if (!empty($_POST[$k])) {
return $_POST[$k];
}
if (x($_GET, $k)) {
if (!empty($_GET[$k])) {
return $_GET[$k];
}
return null;
@ -1172,7 +1172,7 @@ function api_statuses_update($type)
}
}
if (x($_FILES, 'media')) {
if (!empty($_FILES['media'])) {
// upload the image if we have one
$picture = wall_upload_post($a, false);
if (is_array($picture)) {
@ -1199,7 +1199,7 @@ function api_statuses_update($type)
$_REQUEST['api_source'] = true;
if (!x($_REQUEST, "source")) {
if (empty($_REQUEST['source'])) {
$_REQUEST["source"] = api_source();
}
@ -1231,7 +1231,7 @@ function api_media_upload()
api_get_user($a);
if (!x($_FILES, 'media')) {
if (empty($_FILES['media'])) {
// Output error
throw new BadRequestException("No media.");
}
@ -1445,7 +1445,7 @@ function api_users_search($type)
$userlist = [];
if (x($_GET, 'q')) {
if (!empty($_GET['q'])) {
$r = q("SELECT id FROM `contact` WHERE `uid` = 0 AND `name` = '%s'", DBA::escape($_GET["q"]));
if (!DBA::isResult($r)) {
@ -1530,21 +1530,21 @@ function api_search($type)
$data = [];
if (!x($_REQUEST, 'q')) {
if (empty($_REQUEST['q'])) {
throw new BadRequestException("q parameter is required.");
}
if (x($_REQUEST, 'rpp')) {
if (!empty($_REQUEST['rpp'])) {
$count = $_REQUEST['rpp'];
} elseif (x($_REQUEST, 'count')) {
} elseif (!empty($_REQUEST['count'])) {
$count = $_REQUEST['count'];
} else {
$count = 15;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
$start = $page * $count;
@ -1598,16 +1598,15 @@ function api_statuses_home_timeline($type)
// get last network messages
// params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0);
$count = defaults($_REQUEST, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
if ($page < 0) {
$page = 0;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = !empty($_REQUEST['exclude_replies']);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count;
@ -1618,7 +1617,7 @@ function api_statuses_home_timeline($type)
$condition[0] .= " AND `item`.`id` <= ?";
$condition[] = $max_id;
}
if ($exclude_replies > 0) {
if ($exclude_replies) {
$condition[0] .= ' AND `item`.`parent` = `item`.`id`';
}
if ($conversation_id > 0) {
@ -1681,19 +1680,17 @@ function api_statuses_public_timeline($type)
// get last network messages
// params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] -1 : 0);
$count = defaults($_REQUEST, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] -1 : 0);
if ($page < 0) {
$page = 0;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = (!empty($_REQUEST['exclude_replies']) ? 1 : 0);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count;
$sql_extra = '';
if ($exclude_replies && !$conversation_id) {
$condition = ["`gravity` IN (?, ?) AND `iid` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall`",
@ -1762,12 +1759,12 @@ function api_statuses_networkpublic_timeline($type)
throw new ForbiddenException();
}
$since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0;
$max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0;
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
// pagination
$count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 20;
$page = x($_REQUEST, 'page') ? $_REQUEST['page'] : 1;
$count = defaults($_REQUEST, 'count', 20);
$page = defaults($_REQUEST, 'page', 1);
if ($page < 1) {
$page = 1;
}
@ -2001,7 +1998,7 @@ function api_statuses_repeat($type)
$_REQUEST['profile_uid'] = api_user();
$_REQUEST['api_source'] = true;
if (!x($_REQUEST, "source")) {
if (empty($_REQUEST['source'])) {
$_REQUEST["source"] = api_source();
}
@ -2150,14 +2147,14 @@ function api_statuses_user_timeline($type)
Logger::DEBUG
);
$since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0;
$max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0;
$exclude_replies = x($_REQUEST, 'exclude_replies') ? 1 : 0;
$conversation_id = x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0;
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = !empty($_REQUEST['exclude_replies']);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
// pagination
$count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 20;
$page = x($_REQUEST, 'page') ? $_REQUEST['page'] : 1;
$count = defaults($_REQUEST, 'count', 20);
$page = defaults($_REQUEST, 'page', 1);
if ($page < 1) {
$page = 1;
}
@ -2170,7 +2167,7 @@ function api_statuses_user_timeline($type)
$condition[0] .= ' AND `item`.`wall` ';
}
if ($exclude_replies > 0) {
if ($exclude_replies) {
$condition[0] .= ' AND `item`.`parent` = `item`.`id`';
}
@ -2309,10 +2306,10 @@ function api_favorites($type)
$ret = [];
} else {
// params
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$count = (x($_GET, 'count') ? $_GET['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] -1 : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$count = defaults($_GET, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] -1 : 0);
if ($page < 0) {
$page = 0;
}
@ -2390,7 +2387,7 @@ function api_format_messages($item, $recipient, $sender)
}
//don't send title to regular StatusNET requests to avoid confusing these apps
if (x($_GET, 'getText')) {
if (!empty($_GET['getText'])) {
$ret['title'] = $item['title'];
if ($_GET['getText'] == 'html') {
$ret['text'] = BBCode::convert($item['body'], false);
@ -2400,7 +2397,7 @@ function api_format_messages($item, $recipient, $sender)
} else {
$ret['text'] = $item['title'] . "\n" . HTML::toPlaintext(BBCode::convert(api_clean_plain_items($item['body']), false, 2, true), 0);
}
if (x($_GET, 'getUserObjects') && $_GET['getUserObjects'] == 'false') {
if (!empty($_GET['getUserObjects']) && $_GET['getUserObjects'] == 'false') {
unset($ret['sender']);
unset($ret['recipient']);
}
@ -2530,7 +2527,7 @@ function api_get_attachments(&$body)
*/
function api_get_entitities(&$text, $bbcode)
{
$include_entities = strtolower(x($_REQUEST, 'include_entities') ? $_REQUEST['include_entities'] : "false");
$include_entities = strtolower(defaults($_REQUEST, 'include_entities', "false"));
if ($include_entities != "true") {
preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images);
@ -3119,15 +3116,15 @@ function api_lists_statuses($type)
}
// params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0);
$count = defaults($_REQUEST, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
if ($page < 0) {
$page = 0;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = (!empty($_REQUEST['exclude_replies']) ? 1 : 0);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count;
@ -3185,8 +3182,8 @@ function api_statuses_f($qtype)
}
// pagination
$count = x($_GET, 'count') ? $_GET['count'] : 20;
$page = x($_GET, 'page') ? $_GET['page'] : 1;
$count = defaults($_GET, 'count', 20);
$page = defaults($_GET, 'page', 1);
if ($page < 1) {
$page = 1;
}
@ -3194,7 +3191,7 @@ function api_statuses_f($qtype)
$user_info = api_get_user($a);
if (x($_GET, 'cursor') && $_GET['cursor'] == 'undefined') {
if (!empty($_GET['cursor']) && $_GET['cursor'] == 'undefined') {
/* this is to stop Hotot to load friends multiple times
* I'm not sure if I'm missing return something or
* is a bug in hotot. Workaround, meantime
@ -3522,7 +3519,7 @@ function api_direct_messages_new($type)
$replyto = '';
$sub = '';
if (x($_REQUEST, 'replyto')) {
if (!empty($_REQUEST['replyto'])) {
$r = q(
'SELECT `parent-uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d',
intval(api_user()),
@ -3531,7 +3528,7 @@ function api_direct_messages_new($type)
$replyto = $r[0]['parent-uri'];
$sub = $r[0]['title'];
} else {
if (x($_REQUEST, 'title')) {
if (!empty($_REQUEST['title'])) {
$sub = $_REQUEST['title'];
} else {
$sub = ((strlen($_POST['text'])>10) ? substr($_POST['text'], 0, 10)."...":$_POST['text']);
@ -3583,10 +3580,10 @@ function api_direct_messages_destroy($type)
// params
$user_info = api_get_user($a);
//required
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0);
$id = defaults($_REQUEST, 'id', 0);
// optional
$parenturi = (x($_REQUEST, 'friendica_parenturi') ? $_REQUEST['friendica_parenturi'] : "");
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$parenturi = defaults($_REQUEST, 'friendica_parenturi', "");
$verbose = (!empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false");
/// @todo optional parameter 'include_entities' from Twitter API not yet implemented
$uid = $user_info['uid'];
@ -3838,7 +3835,7 @@ function api_direct_messages_box($type, $box, $verbose)
*/
function api_direct_messages_sentbox($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "sentbox", $verbose);
}
@ -3852,7 +3849,7 @@ function api_direct_messages_sentbox($type)
*/
function api_direct_messages_inbox($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "inbox", $verbose);
}
@ -3864,7 +3861,7 @@ function api_direct_messages_inbox($type)
*/
function api_direct_messages_all($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "all", $verbose);
}
@ -3876,7 +3873,7 @@ function api_direct_messages_all($type)
*/
function api_direct_messages_conversation($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "conversation", $verbose);
}
@ -3940,7 +3937,7 @@ function api_fr_photoalbum_delete($type)
throw new ForbiddenException();
}
// input params
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : "");
$album = defaults($_REQUEST, 'album', "");
// we do not allow calls without album string
if ($album == "") {
@ -3992,8 +3989,8 @@ function api_fr_photoalbum_update($type)
throw new ForbiddenException();
}
// input params
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : "");
$album_new = (x($_REQUEST, 'album_new') ? $_REQUEST['album_new'] : "");
$album = defaults($_REQUEST, 'album', "");
$album_new = defaults($_REQUEST, 'album_new', "");
// we do not allow calls without album string
if ($album == "") {
@ -4077,15 +4074,15 @@ function api_fr_photo_create_update($type)
throw new ForbiddenException();
}
// input params
$photo_id = (x($_REQUEST, 'photo_id') ? $_REQUEST['photo_id'] : null);
$desc = (x($_REQUEST, 'desc') ? $_REQUEST['desc'] : (array_key_exists('desc', $_REQUEST) ? "" : null)); // extra check necessary to distinguish between 'not provided' and 'empty string'
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : null);
$album_new = (x($_REQUEST, 'album_new') ? $_REQUEST['album_new'] : null);
$allow_cid = (x($_REQUEST, 'allow_cid') ? $_REQUEST['allow_cid'] : (array_key_exists('allow_cid', $_REQUEST) ? " " : null));
$deny_cid = (x($_REQUEST, 'deny_cid') ? $_REQUEST['deny_cid'] : (array_key_exists('deny_cid', $_REQUEST) ? " " : null));
$allow_gid = (x($_REQUEST, 'allow_gid') ? $_REQUEST['allow_gid'] : (array_key_exists('allow_gid', $_REQUEST) ? " " : null));
$deny_gid = (x($_REQUEST, 'deny_gid') ? $_REQUEST['deny_gid'] : (array_key_exists('deny_gid', $_REQUEST) ? " " : null));
$visibility = (x($_REQUEST, 'visibility') ? (($_REQUEST['visibility'] == "true" || $_REQUEST['visibility'] == 1) ? true : false) : false);
$photo_id = defaults($_REQUEST, 'photo_id', null);
$desc = defaults($_REQUEST, 'desc', (array_key_exists('desc', $_REQUEST) ? "" : null)) ; // extra check necessary to distinguish between 'not provided' and 'empty string'
$album = defaults($_REQUEST, 'album', null);
$album_new = defaults($_REQUEST, 'album_new', null);
$allow_cid = defaults($_REQUEST, 'allow_cid', (array_key_exists('allow_cid', $_REQUEST) ? " " : null));
$deny_cid = defaults($_REQUEST, 'deny_cid' , (array_key_exists('deny_cid' , $_REQUEST) ? " " : null));
$allow_gid = defaults($_REQUEST, 'allow_gid', (array_key_exists('allow_gid', $_REQUEST) ? " " : null));
$deny_gid = defaults($_REQUEST, 'deny_gid' , (array_key_exists('deny_gid' , $_REQUEST) ? " " : null));
$visibility = !empty($_REQUEST['visibility']) || $_REQUEST['visibility'] !== "false";
// do several checks on input parameters
// we do not allow calls without album string
@ -4097,7 +4094,7 @@ function api_fr_photo_create_update($type)
$mode = "create";
// error if no media posted in create-mode
if (!x($_FILES, 'media')) {
if (empty($_FILES['media'])) {
// Output error
throw new BadRequestException("no media data submitted");
}
@ -4188,7 +4185,7 @@ function api_fr_photo_create_update($type)
$nothingtodo = true;
}
if (x($_FILES, 'media')) {
if (!empty($_FILES['media'])) {
$nothingtodo = false;
$media = $_FILES['media'];
$data = save_media_to_database("photo", $media, $type, $album, $allow_cid, $deny_cid, $allow_gid, $deny_gid, $desc, 0, $visibility, $photo_id);
@ -4224,7 +4221,7 @@ function api_fr_photo_delete($type)
throw new ForbiddenException();
}
// input params
$photo_id = (x($_REQUEST, 'photo_id') ? $_REQUEST['photo_id'] : null);
$photo_id = defaults($_REQUEST, 'photo_id', null);
// do several checks on input parameters
// we do not allow calls without photo id
@ -4275,11 +4272,11 @@ function api_fr_photo_detail($type)
if (api_user() === false) {
throw new ForbiddenException();
}
if (!x($_REQUEST, 'photo_id')) {
if (empty($_REQUEST['photo_id'])) {
throw new BadRequestException("No photo id.");
}
$scale = (x($_REQUEST, 'scale') ? intval($_REQUEST['scale']) : false);
$scale = (!empty($_REQUEST['scale']) ? intval($_REQUEST['scale']) : false);
$photo_id = $_REQUEST['photo_id'];
// prepare json/xml output with data from database for the requested photo
@ -4308,7 +4305,7 @@ function api_account_update_profile_image($type)
$profile_id = defaults($_REQUEST, 'profile_id', 0);
// error if image data is missing
if (!x($_FILES, 'image')) {
if (empty($_FILES['image'])) {
throw new BadRequestException("no media data submitted");
}
@ -4326,9 +4323,9 @@ function api_account_update_profile_image($type)
// get mediadata from image or media (Twitter call api/account/update_profile_image provides image)
$media = null;
if (x($_FILES, 'image')) {
if (!empty($_FILES['image'])) {
$media = $_FILES['image'];
} elseif (x($_FILES, 'media')) {
} elseif (!empty($_FILES['media'])) {
$media = $_FILES['media'];
}
// save new profile image
@ -4788,8 +4785,8 @@ function prepare_photo_data($type, $scale, $photo_id)
*/
function api_friendica_remoteauth()
{
$url = (x($_GET, 'url') ? $_GET['url'] : '');
$c_url = (x($_GET, 'c_url') ? $_GET['c_url'] : '');
$url = defaults($_GET, 'url', '');
$c_url = defaults($_GET, 'c_url', '');
if ($url === '' || $c_url === '') {
throw new BadRequestException("Wrong parameters.");
@ -5092,7 +5089,7 @@ function api_in_reply_to($item)
*/
function api_clean_plain_items($text)
{
$include_entities = strtolower(x($_REQUEST, 'include_entities') ? $_REQUEST['include_entities'] : "false");
$include_entities = strtolower(defaults($_REQUEST, 'include_entities', "false"));
$text = BBCode::cleanPictureLinks($text);
$URLSearchString = "^\[\]";
@ -5224,7 +5221,7 @@ function api_friendica_group_show($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0);
$gid = defaults($_REQUEST, 'gid', 0);
$uid = $user_info['uid'];
// get data of the specified group id or all groups if not specified
@ -5289,8 +5286,8 @@ function api_friendica_group_delete($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$gid = defaults($_REQUEST, 'gid', 0);
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
// error if no gid specified
@ -5351,7 +5348,7 @@ function api_lists_destroy($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'list_id') ? $_REQUEST['list_id'] : 0);
$gid = defaults($_REQUEST, 'list_id', 0);
$uid = $user_info['uid'];
// error if no gid specified
@ -5467,7 +5464,7 @@ function api_friendica_group_create($type)
// params
$user_info = api_get_user($a);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
$json = json_decode($_POST['json'], true);
$users = $json['user'];
@ -5496,7 +5493,7 @@ function api_lists_create($type)
// params
$user_info = api_get_user($a);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
$success = group_create($name, $uid);
@ -5531,8 +5528,8 @@ function api_friendica_group_update($type)
// params
$user_info = api_get_user($a);
$uid = $user_info['uid'];
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$gid = defaults($_REQUEST, 'gid', 0);
$name = defaults($_REQUEST, 'name', "");
$json = json_decode($_POST['json'], true);
$users = $json['user'];
@ -5604,8 +5601,8 @@ function api_lists_update($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'list_id') ? $_REQUEST['list_id'] : 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$gid = defaults($_REQUEST, 'list_id', 0);
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
// error if no gid specified
@ -5650,7 +5647,7 @@ function api_friendica_activity($type)
$verb = strtolower($a->argv[3]);
$verb = preg_replace("|\..*$|", "", $verb);
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0);
$id = defaults($_REQUEST, 'id', 0);
$res = Item::performLike($id, $verb);
@ -5732,7 +5729,7 @@ function api_friendica_notification_seen($type)
throw new BadRequestException("Invalid argument count");
}
$id = (x($_REQUEST, 'id') ? intval($_REQUEST['id']) : 0);
$id = (!empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0);
$nm = new NotificationsManager();
$note = $nm->getByID($id);
@ -5775,7 +5772,7 @@ function api_friendica_direct_messages_setseen($type)
// params
$user_info = api_get_user($a);
$uid = $user_info['uid'];
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0);
$id = defaults($_REQUEST, 'id', 0);
// return error if id is zero
if ($id == "") {
@ -5824,7 +5821,7 @@ function api_friendica_direct_messages_search($type, $box = "")
// params
$user_info = api_get_user($a);
$searchstring = (x($_REQUEST, 'searchstring') ? $_REQUEST['searchstring'] : "");
$searchstring = defaults($_REQUEST, 'searchstring', "");
$uid = $user_info['uid'];
// error if no searchstring specified
@ -5886,7 +5883,7 @@ function api_friendica_profile_show($type)
}
// input params
$profile_id = (x($_REQUEST, 'profile_id') ? $_REQUEST['profile_id'] : 0);
$profile_id = defaults($_REQUEST, 'profile_id', 0);
// retrieve general information about profiles for user
$multi_profiles = Feature::isEnabled(api_user(), 'multi_profiles');

36
include/conversation.php
Unescape View File

@ -462,17 +462,17 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
. "<script> var profile_uid = " . $_SESSION['uid']
. "; var netargs = '" . substr($a->cmd, 8)
. '?f='
. ((x($_GET, 'cid')) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. ((x($_GET, 'search')) ? '&search=' . rawurlencode($_GET['search']) : '')
. ((x($_GET, 'star')) ? '&star=' . rawurlencode($_GET['star']) : '')
. ((x($_GET, 'order')) ? '&order=' . rawurlencode($_GET['order']) : '')
. ((x($_GET, 'bmark')) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. ((x($_GET, 'liked')) ? '&liked=' . rawurlencode($_GET['liked']) : '')
. ((x($_GET, 'conv')) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. ((x($_GET, 'nets')) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. ((x($_GET, 'cmin')) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. ((x($_GET, 'cmax')) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. ((x($_GET, 'file')) ? '&file=' . rawurlencode($_GET['file']) : '')
. (!empty($_GET['cid']) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. (!empty($_GET['search']) ? '&search=' . rawurlencode($_GET['search']) : '')
. (!empty($_GET['star']) ? '&star=' . rawurlencode($_GET['star']) : '')
. (!empty($_GET['order']) ? '&order=' . rawurlencode($_GET['order']) : '')
. (!empty($_GET['bmark']) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. (!empty($_GET['liked']) ? '&liked=' . rawurlencode($_GET['liked']) : '')
. (!empty($_GET['conv']) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. (!empty($_GET['nets']) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. (!empty($_GET['cmin']) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. (!empty($_GET['cmax']) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. (!empty($_GET['file']) ? '&file=' . rawurlencode($_GET['file']) : '')
. "'; var profile_page = " . $pager->getPage() . "; </script>\r\n";
}
@ -482,7 +482,7 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
if (!$update) {
$tab = 'posts';
if (x($_GET, 'tab')) {
if (!empty($_GET['tab'])) {
$tab = Strings::escapeTags(trim($_GET['tab']));
}
if ($tab === 'posts') {
@ -951,7 +951,7 @@ function builtin_activity_puller($item, &$conv_responses) {
$url = '<a href="'. $url . '"'. $sparkle .'>' . htmlentities($item['author-name']) . '</a>';
if (!x($item, 'thr-parent')) {
if (empty($item['thr-parent'])) {
$item['thr-parent'] = $item['parent-uri'];
}
@ -1064,7 +1064,7 @@ function format_like($cnt, array $arr, $type, $id) {
$expanded .= "\t" . '<div class="wall-item-' . $type . '-expanded" id="' . $type . 'list-' . $id . '" style="display: none;" >' . $explikers . EOL . '</div>';
}
$phrase .= EOL ;
$phrase .= EOL;
$o .= Renderer::replaceMacros(Renderer::getMarkupTemplate('voting_fakelink.tpl'), [
'$phrase' => $phrase,
'$type' => $type,
@ -1079,7 +1079,7 @@ function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
{
$o = '';
$geotag = x($x, 'allow_location') ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : '';
$geotag = !empty($x['allow_location']) ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : '';
$tpl = Renderer::getMarkupTemplate('jot-header.tpl');
$a->page['htmlhead'] .= Renderer::replaceMacros($tpl, [
@ -1100,7 +1100,7 @@ function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
// Private/public post links for the non-JS ACL form
$private_post = 1;
if (x($_REQUEST, 'public')) {
if (!empty($_REQUEST['public'])) {
$private_post = 0;
}
@ -1432,11 +1432,11 @@ function sort_thr_commented(array $a, array $b)
}
function render_location_dummy(array $item) {
if (x($item, 'location') && !empty($item['location'])) {
if (!empty($item['location']) && !empty($item['location'])) {
return $item['location'];
}
if (x($item, 'coord') && !empty($item['coord'])) {
if (!empty($item['coord']) && !empty($item['coord'])) {
return $item['coord'];
}
}

637
mod/admin.php
Unescape View File

@ -58,7 +58,7 @@ function admin_post(App $a)
// do not allow a page manager to access the admin panel at all.
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
return;
}
@ -167,14 +167,14 @@ function admin_content(App $a)
return Login::form();
}
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
return "";
}
// APC deactivated, since there are problems with PHP 5.5
//if (function_exists("apc_delete")) {
// $toDelete = new APCIterator('user', APC_ITER_VALUE);
// apc_delete($toDelete);
// $toDelete = new APCIterator('user', APC_ITER_VALUE);
// apc_delete($toDelete);
//}
// Header stuff
$a->page['htmlhead'] .= Renderer::replaceMacros(Renderer::getMarkupTemplate('admin/settings_head.tpl'), []);
@ -321,7 +321,7 @@ function admin_page_tos(App $a)
'$title' => L10n::t('Administration'),
'$page' => L10n::t('Terms of Service'),
'$displaytos' => ['displaytos', L10n::t('Display Terms of Service'), Config::get('system', 'tosdisplay'), L10n::t('Enable the Terms of Service page. If this is enabled a link to the terms will be added to the registration form and the general information page.')],
'$displayprivstatement' => ['displayprivstatement', L10n::t('Display Privacy Statement'), Config::get('system','tosprivstatement'), L10n::t('Show some informations regarding the needed information to operate the node according e.g. to <a href="%s" target="_blank">EU-GDPR</a>.','https://en.wikipedia.org/wiki/General_Data_Protection_Regulation')],
'$displayprivstatement' => ['displayprivstatement', L10n::t('Display Privacy Statement'), Config::get('system', 'tosprivstatement'), L10n::t('Show some informations regarding the needed information to operate the node according e.g. to <a href="%s" target="_blank">EU-GDPR</a>.', 'https://en.wikipedia.org/wiki/General_Data_Protection_Regulation')],
'$preview' => L10n::t('Privacy Statement Preview'),
'$privtext' => $tos->privacy_complete,
'$tostext' => ['tostext', L10n::t('The Terms of Service'), Config::get('system', 'tostext'), L10n::t('Enter the Terms of Service for your node here. You can use BBCode. Headers of sections should be [h2] and below.')],
@ -329,6 +329,7 @@ function admin_page_tos(App $a)
'$submit' => L10n::t('Save Settings'),
]);
}
/**
* @brief Process send data from Admin TOS Page
*
@ -338,13 +339,13 @@ function admin_page_tos_post(App $a)
{
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/tos', 'admin_tos');
if (!x($_POST, "page_tos")) {
if (empty($_POST['page_tos'])) {
return;
}
$displaytos = ((x($_POST, 'displaytos')) ? True : False);
$displayprivstatement = ((x($_POST, 'displayprivstatement')) ? True : False);
$tostext = ((x($_POST, 'tostext')) ? strip_tags(trim($_POST['tostext'])) : '');
$displaytos = !empty($_POST['displaytos']);
$displayprivstatement = !empty($_POST['displayprivstatement']);
$tostext = (!empty($_POST['tostext']) ? strip_tags(trim($_POST['tostext'])) : '');
Config::set('system', 'tosdisplay', $displaytos);
Config::set('system', 'tosprivstatement', $displayprivstatement);
@ -354,6 +355,7 @@ function admin_page_tos_post(App $a)
return; // NOTREACHED
}
/**
* @brief Subpage to modify the server wide block list via the admin panel.
*
@ -407,13 +409,13 @@ function admin_page_blocklist(App $a)
*/
function admin_page_blocklist_post(App $a)
{
if (!x($_POST, "page_blocklist_save") && (!x($_POST['page_blocklist_edit']))) {
if (empty($_POST['page_blocklist_save']) && empty($_POST['page_blocklist_edit'])) {
return;
}
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/blocklist', 'admin_blocklist');
if (x($_POST['page_blocklist_save'])) {
if (!empty($_POST['page_blocklist_save'])) {
// Add new item to blocklist
$blocklist = Config::get('system', 'blocklist');
$blocklist[] = [
@ -429,7 +431,7 @@ function admin_page_blocklist_post(App $a)
// Trimming whitespaces as well as any lingering slashes
$domain = Strings::escapeTags(trim($domain, "\x00..\x1F/"));
$reason = Strings::escapeTags(trim($_POST['reason'][$id]));
if (!x($_POST['delete'][$id])) {
if (empty($_POST['delete'][$id])) {
$blocklist[] = [
'domain' => $domain,
'reason' => $reason
@ -451,12 +453,12 @@ function admin_page_blocklist_post(App $a)
*/
function admin_page_contactblock_post(App $a)
{
$contact_url = x($_POST, 'contact_url') ? $_POST['contact_url'] : '';
$contacts = x($_POST, 'contacts') ? $_POST['contacts'] : [];
$contact_url = defaults($_POST, 'contact_url', '');
$contacts = defaults($_POST, 'contacts', []);
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/contactblock', 'admin_contactblock');
if (x($_POST, 'page_contactblock_block')) {
if (!empty($_POST['page_contactblock_block'])) {
$contact_id = Contact::getIdForURL($contact_url);
if ($contact_id) {
Contact::block($contact_id);
@ -465,7 +467,7 @@ function admin_page_contactblock_post(App $a)
notice(L10n::t("Could not find any contact entry for this URL \x28%s\x29", $contact_url));
}
}
if (x($_POST, 'page_contactblock_unblock')) {
if (!empty($_POST['page_contactblock_unblock'])) {
foreach ($contacts as $uid) {
Contact::unblock($uid);
}
@ -559,13 +561,13 @@ function admin_page_deleteitem(App $a)
*/
function admin_page_deleteitem_post(App $a)
{
if (!x($_POST['page_deleteitem_submit'])) {
if (empty($_POST['page_deleteitem_submit'])) {
return;
}
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/deleteitem/', 'admin_deleteitem');
if (x($_POST['page_deleteitem_submit'])) {
if (!empty($_POST['page_deleteitem_submit'])) {
$guid = trim(Strings::escapeTags($_POST['deleteitemguid']));
// The GUID should not include a "/", so if there is one, we got an URL
// and the last part of it is most likely the GUID.
@ -838,7 +840,7 @@ function admin_page_workerqueue(App $a, $deferred)
$info = L10n::t('This page lists the currently queued worker jobs. These jobs are handled by the worker cronjob you\'ve set up during install.');
}
$entries = DBA::select('workerqueue', ['id', 'parameter', 'created', 'priority'], $condition, ['order'=> ['priority']]);
$entries = DBA::select('workerqueue', ['id', 'parameter', 'created', 'priority'], $condition, ['order' => ['priority']]);
$r = [];
while ($entry = DBA::fetch($entries)) {
@ -938,7 +940,7 @@ function admin_page_summary(App $a)
$users = 0;
foreach ($r as $u) {
$accounts[$u['page-flags']][1] = $u['count'];
$users+= $u['count'];
$users += $u['count'];
}
Logger::log('accounts: ' . print_r($accounts, true), Logger::DATA);
@ -962,10 +964,10 @@ function admin_page_summary(App $a)
$max_allowed_packet = (($r) ? $r[0]['Value'] : 0);
$server_settings = ['label' => L10n::t('Server Settings'),
'php' => ['upload_max_filesize' => ini_get('upload_max_filesize'),
'post_max_size' => ini_get('post_max_size'),
'memory_limit' => ini_get('memory_limit')],
'mysql' => ['max_allowed_packet' => $max_allowed_packet]];
'php' => ['upload_max_filesize' => ini_get('upload_max_filesize'),
'post_max_size' => ini_get('post_max_size'),
'memory_limit' => ini_get('memory_limit')],
'mysql' => ['max_allowed_packet' => $max_allowed_packet]];
$t = Renderer::getMarkupTemplate('admin/summary.tpl');
return Renderer::replaceMacros($t, [
@ -1001,17 +1003,17 @@ function admin_page_site_post(App $a)
return;
}
if (!x($_POST, "page_site")) {
if (empty($_POST['page_site'])) {
return;
}
// relocate
if (x($_POST, 'relocate') && x($_POST, 'relocate_url') && $_POST['relocate_url'] != "") {
if (!empty($_POST['relocate']) && !empty($_POST['relocate_url']) && $_POST['relocate_url'] != "") {
$new_url = $_POST['relocate_url'];
$new_url = rtrim($new_url, "/");
$parsed = @parse_url($new_url);
if (!is_array($parsed) || !x($parsed, 'host') || !x($parsed, 'scheme')) {
if (!is_array($parsed) || empty($parsed['host']) || empty($parsed['scheme'])) {
notice(L10n::t("Can not parse base url. Must have at least <scheme>://<domain>"));
$a->internalRedirect('admin/site');
}
@ -1046,6 +1048,7 @@ function admin_page_site_post(App $a)
$a->internalRedirect('admin/site');
}
}
// update tables
// update profile links in the format "http://server.tld"
update_table($a, "profile", ['photo', 'thumb'], $old_url, $new_url);
@ -1059,7 +1062,7 @@ function admin_page_site_post(App $a)
update_table($a, "gcontact", ['connect', 'addr'], $old_host, $new_host);
// update config
Config::set('system', 'hostname', parse_url($new_url, PHP_URL_HOST));
Config::set('system', 'hostname', parse_url($new_url, PHP_URL_HOST));
Config::set('system', 'url', $new_url);
$a->setBaseURL($new_url);
@ -1076,98 +1079,97 @@ function admin_page_site_post(App $a)
}
// end relocate
$sitename = ((x($_POST,'sitename')) ? Strings::escapeTags(trim($_POST['sitename'])) : '');
$hostname = ((x($_POST,'hostname')) ? Strings::escapeTags(trim($_POST['hostname'])) : '');
$sender_email = ((x($_POST,'sender_email')) ? Strings::escapeTags(trim($_POST['sender_email'])) : '');
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
$shortcut_icon = ((x($_POST,'shortcut_icon')) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : '');
$touch_icon = ((x($_POST,'touch_icon')) ? Strings::escapeTags(trim($_POST['touch_icon'])) : '');
$info = ((x($_POST,'info')) ? trim($_POST['info']) : false);
$language = ((x($_POST,'language')) ? Strings::escapeTags(trim($_POST['language'])) : '');
$theme = ((x($_POST,'theme')) ? Strings::escapeTags(trim($_POST['theme'])) : '');
$theme_mobile = ((x($_POST,'theme_mobile')) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : '');
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
$maximagelength = ((x($_POST,'maximagelength')) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH);
$jpegimagequality = ((x($_POST,'jpegimagequality')) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY);
$register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
$daily_registrations = ((x($_POST,'max_daily_registrations')) ? intval(trim($_POST['max_daily_registrations'])) :0);
$abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
$register_text = ((x($_POST,'register_text')) ? strip_tags(trim($_POST['register_text'])) : '');
$allowed_sites = ((x($_POST,'allowed_sites')) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : '');
$allowed_email = ((x($_POST,'allowed_email')) ? Strings::escapeTags(trim($_POST['allowed_email'])) : '');
$forbidden_nicknames = ((x($_POST,'forbidden_nicknames')) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : '');
$no_oembed_rich_content = x($_POST,'no_oembed_rich_content');
$allowed_oembed = ((x($_POST,'allowed_oembed')) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : '');
$block_public = ((x($_POST,'block_public')) ? True : False);
$force_publish = ((x($_POST,'publish_all')) ? True : False);
$global_directory = ((x($_POST,'directory')) ? Strings::escapeTags(trim($_POST['directory'])) : '');
$newuser_private = ((x($_POST,'newuser_private')) ? True : False);
$enotify_no_content = ((x($_POST,'enotify_no_content')) ? True : False);
$private_addons = ((x($_POST,'private_addons')) ? True : False);
$disable_embedded = ((x($_POST,'disable_embedded')) ? True : False);
$allow_users_remote_self = ((x($_POST,'allow_users_remote_self')) ? True : False);
$explicit_content = ((x($_POST,'explicit_content')) ? True : False);
$no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False);
$no_openid = !((x($_POST,'no_openid')) ? True : False);
$no_regfullname = !((x($_POST,'no_regfullname')) ? True : False);
$community_page_style = ((x($_POST,'community_page_style')) ? intval(trim($_POST['community_page_style'])) : 0);
$max_author_posts_community_page = ((x($_POST,'max_author_posts_community_page')) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
$verifyssl = ((x($_POST,'verifyssl')) ? True : False);
$proxyuser = ((x($_POST,'proxyuser')) ? Strings::escapeTags(trim($_POST['proxyuser'])) : '');
$proxy = ((x($_POST,'proxy')) ? Strings::escapeTags(trim($_POST['proxy'])) : '');
$timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
$maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50);
$maxloadavg_frontend = ((x($_POST,'maxloadavg_frontend')) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
$min_memory = ((x($_POST,'min_memory')) ? intval(trim($_POST['min_memory'])) : 0);
$optimize_max_tablesize = ((x($_POST,'optimize_max_tablesize')) ? intval(trim($_POST['optimize_max_tablesize'])): 100);
$optimize_fragmentation = ((x($_POST,'optimize_fragmentation')) ? intval(trim($_POST['optimize_fragmentation'])): 30);
$poco_completion = ((x($_POST,'poco_completion')) ? intval(trim($_POST['poco_completion'])) : false);
$poco_requery_days = ((x($_POST,'poco_requery_days')) ? intval(trim($_POST['poco_requery_days'])) : 7);
$poco_discovery = ((x($_POST,'poco_discovery')) ? intval(trim($_POST['poco_discovery'])) : 0);
$poco_discovery_since = ((x($_POST,'poco_discovery_since')) ? intval(trim($_POST['poco_discovery_since'])) : 30);
$poco_local_search = ((x($_POST,'poco_local_search')) ? intval(trim($_POST['poco_local_search'])) : false);
$nodeinfo = ((x($_POST,'nodeinfo')) ? intval(trim($_POST['nodeinfo'])) : false);
$dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
$ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
$ostatus_full_threads = ((x($_POST,'ostatus_full_threads')) ? True : False);
$diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
$ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
$force_ssl = ((x($_POST,'force_ssl')) ? True : False);
$hide_help = ((x($_POST,'hide_help')) ? True : False);
$dbclean = ((x($_POST,'dbclean')) ? True : False);
$dbclean_expire_days = ((x($_POST,'dbclean_expire_days')) ? intval($_POST['dbclean_expire_days']) : 0);
$dbclean_unclaimed = ((x($_POST,'dbclean_unclaimed')) ? intval($_POST['dbclean_unclaimed']) : 0);
$dbclean_expire_conv = ((x($_POST,'dbclean_expire_conv')) ? intval($_POST['dbclean_expire_conv']) : 0);
$suppress_tags = ((x($_POST,'suppress_tags')) ? True : False);
$itemcache = ((x($_POST,'itemcache')) ? Strings::escapeTags(trim($_POST['itemcache'])) : '');
$itemcache_duration = ((x($_POST,'itemcache_duration')) ? intval($_POST['itemcache_duration']) : 0);
$max_comments = ((x($_POST,'max_comments')) ? intval($_POST['max_comments']) : 0);
$temppath = ((x($_POST,'temppath')) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
$basepath = ((x($_POST,'basepath')) ? Strings::escapeTags(trim($_POST['basepath'])) : '');
$singleuser = ((x($_POST,'singleuser')) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
$proxy_disabled = ((x($_POST,'proxy_disabled')) ? True : False);
$only_tag_search = ((x($_POST,'only_tag_search')) ? True : False);
$rino = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
$check_new_version_url = ((x($_POST, 'check_new_version_url')) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
$worker_queues = ((x($_POST,'worker_queues')) ? intval($_POST['worker_queues']) : 10);
$worker_dont_fork = ((x($_POST,'worker_dont_fork')) ? True : False);
$worker_fastlane = ((x($_POST,'worker_fastlane')) ? True : False);
$worker_frontend = ((x($_POST,'worker_frontend')) ? True : False);
$relay_directly = ((x($_POST,'relay_directly')) ? True : False);
$relay_server = ((x($_POST,'relay_server')) ? Strings::escapeTags(trim($_POST['relay_server'])) : '');
$relay_subscribe = ((x($_POST,'relay_subscribe')) ? True : False);
$relay_scope = ((x($_POST,'relay_scope')) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
$relay_server_tags = ((x($_POST,'relay_server_tags')) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
$relay_user_tags = ((x($_POST,'relay_user_tags')) ? True : False);
$active_panel = (defaults($_POST, 'active_panel', '') ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
$sitename = (!empty($_POST['sitename']) ? Strings::escapeTags(trim($_POST['sitename'])) : '');
$hostname = (!empty($_POST['hostname']) ? Strings::escapeTags(trim($_POST['hostname'])) : '');
$sender_email = (!empty($_POST['sender_email']) ? Strings::escapeTags(trim($_POST['sender_email'])) : '');
$banner = (!empty($_POST['banner']) ? trim($_POST['banner']) : false);
$shortcut_icon = (!empty($_POST['shortcut_icon']) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : '');
$touch_icon = (!empty($_POST['touch_icon']) ? Strings::escapeTags(trim($_POST['touch_icon'])) : '');
$info = (!empty($_POST['info']) ? trim($_POST['info']) : false);
$language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
$theme = (!empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : '');
$theme_mobile = (!empty($_POST['theme_mobile']) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : '');
$maximagesize = (!empty($_POST['maximagesize']) ? intval(trim($_POST['maximagesize'])) : 0);
$maximagelength = (!empty($_POST['maximagelength']) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH);
$jpegimagequality = (!empty($_POST['jpegimagequality']) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY);
$register_policy = (!empty($_POST['register_policy']) ? intval(trim($_POST['register_policy'])) : 0);
$daily_registrations = (!empty($_POST['max_daily_registrations']) ? intval(trim($_POST['max_daily_registrations'])) : 0);
$abandon_days = (!empty($_POST['abandon_days']) ? intval(trim($_POST['abandon_days'])) : 0);
$register_text = (!empty($_POST['register_text']) ? strip_tags(trim($_POST['register_text'])) : '');
$allowed_sites = (!empty($_POST['allowed_sites']) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : '');
$allowed_email = (!empty($_POST['allowed_email']) ? Strings::escapeTags(trim($_POST['allowed_email'])) : '');
$forbidden_nicknames = (!empty($_POST['forbidden_nicknames']) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : '');
$no_oembed_rich_content = !empty($_POST['no_oembed_rich_content']);
$allowed_oembed = (!empty($_POST['allowed_oembed']) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : '');
$block_public = !empty($_POST['block_public']);
$force_publish = !empty($_POST['publish_all']);
$global_directory = (!empty($_POST['directory']) ? Strings::escapeTags(trim($_POST['directory'])) : '');
$newuser_private = !empty($_POST['newuser_private']);
$enotify_no_content = !empty($_POST['enotify_no_content']);
$private_addons = !empty($_POST['private_addons']);
$disable_embedded = !empty($_POST['disable_embedded']);
$allow_users_remote_self = !empty($_POST['allow_users_remote_self']);
$explicit_content = !empty($_POST['explicit_content']);
$no_multi_reg = !empty($_POST['no_multi_reg']);
$no_openid = !empty($_POST['no_openid']);
$no_regfullname = !empty($_POST['no_regfullname']);
$community_page_style = (!empty($_POST['community_page_style']) ? intval(trim($_POST['community_page_style'])) : 0);
$max_author_posts_community_page = (!empty($_POST['max_author_posts_community_page']) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
$verifyssl = !empty($_POST['verifyssl']);
$proxyuser = (!empty($_POST['proxyuser']) ? Strings::escapeTags(trim($_POST['proxyuser'])) : '');
$proxy = (!empty($_POST['proxy']) ? Strings::escapeTags(trim($_POST['proxy'])) : '');
$timeout = (!empty($_POST['timeout']) ? intval(trim($_POST['timeout'])) : 60);
$maxloadavg = (!empty($_POST['maxloadavg']) ? intval(trim($_POST['maxloadavg'])) : 50);
$maxloadavg_frontend = (!empty($_POST['maxloadavg_frontend']) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
$min_memory = (!empty($_POST['min_memory']) ? intval(trim($_POST['min_memory'])) : 0);
$optimize_max_tablesize = (!empty($_POST['optimize_max_tablesize']) ? intval(trim($_POST['optimize_max_tablesize'])) : 100);
$optimize_fragmentation = (!empty($_POST['optimize_fragmentation']) ? intval(trim($_POST['optimize_fragmentation'])) : 30);
$poco_completion = (!empty($_POST['poco_completion']) ? intval(trim($_POST['poco_completion'])) : false);
$poco_requery_days = (!empty($_POST['poco_requery_days']) ? intval(trim($_POST['poco_requery_days'])) : 7);
$poco_discovery = (!empty($_POST['poco_discovery']) ? intval(trim($_POST['poco_discovery'])) : 0);
$poco_discovery_since = (!empty($_POST['poco_discovery_since']) ? intval(trim($_POST['poco_discovery_since'])) : 30);
$poco_local_search = !empty($_POST['poco_local_search']);
$nodeinfo = !empty($_POST['nodeinfo']);
$dfrn_only = !empty($_POST['dfrn_only']);
$ostatus_disabled = !empty($_POST['ostatus_disabled']);
$ostatus_full_threads = !empty($_POST['ostatus_full_threads']);
$diaspora_enabled = !empty($_POST['diaspora_enabled']);
$ssl_policy = (!empty($_POST['ssl_policy']) ? intval($_POST['ssl_policy']) : 0);
$force_ssl = !empty($_POST['force_ssl']);
$hide_help = !empty($_POST['hide_help']);
$dbclean = !empty($_POST['dbclean']);
$dbclean_expire_days = (!empty($_POST['dbclean_expire_days']) ? intval($_POST['dbclean_expire_days']) : 0);
$dbclean_unclaimed = (!empty($_POST['dbclean_unclaimed']) ? intval($_POST['dbclean_unclaimed']) : 0);
$dbclean_expire_conv = (!empty($_POST['dbclean_expire_conv']) ? intval($_POST['dbclean_expire_conv']) : 0);
$suppress_tags = !empty($_POST['suppress_tags']);
$itemcache = (!empty($_POST['itemcache']) ? Strings::escapeTags(trim($_POST['itemcache'])) : '');
$itemcache_duration = (!empty($_POST['itemcache_duration']) ? intval($_POST['itemcache_duration']) : 0);
$max_comments = (!empty($_POST['max_comments']) ? intval($_POST['max_comments']) : 0);
$temppath = (!empty($_POST['temppath']) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
$basepath = (!empty($_POST['basepath']) ? Strings::escapeTags(trim($_POST['basepath'])) : '');
$singleuser = (!empty($_POST['singleuser']) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
$proxy_disabled = !empty($_POST['proxy_disabled']);
$only_tag_search = !empty($_POST['only_tag_search']);
$rino = (!empty($_POST['rino']) ? intval($_POST['rino']) : 0);
$check_new_version_url = (!empty($_POST['check_new_version_url']) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
$worker_queues = (!empty($_POST['worker_queues']) ? intval($_POST['worker_queues']) : 10);
$worker_dont_fork = !empty($_POST['worker_dont_fork']);
$worker_fastlane = !empty($_POST['worker_fastlane']);
$worker_frontend = !empty($_POST['worker_frontend']);
$relay_directly = !empty($_POST['relay_directly']);
$relay_server = (!empty($_POST['relay_server']) ? Strings::escapeTags(trim($_POST['relay_server'])) : '');
$relay_subscribe = !empty($_POST['relay_subscribe']);
$relay_scope = (!empty($_POST['relay_scope']) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
$relay_server_tags = (!empty($_POST['relay_server_tags']) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
$relay_user_tags = !empty($_POST['relay_user_tags']);
$active_panel = (!empty($_POST['active_panel']) ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
// Has the directory url changed? If yes, then resubmit the existing profiles there
if ($global_directory != Config::get('system', 'directory') && ($global_directory != '')) {
@ -1217,24 +1219,24 @@ function admin_page_site_post(App $a)
);
}
}
Config::set('system', 'ssl_policy', $ssl_policy);
Config::set('system',