friendica
/
friendica
mirror of https://github.com/friendica/friendica
7
1
Fork 1
Code Issues Packages Projects Releases Wiki Activity

Replace x() by isset(), !empty() or defaults()

Browse Source 
- Remove extraneous parentheses around empty() calls
- Remove duplicate calls to intval(), count() or strlen() after empty()
- Replace ternary operators outputting binary value with empty() return value
- Rewrite defaults() without x()
pull/6219/head
Hypolite Petovan 4 years ago
parent ea4e772b1e
commit 458981f75c
101 changed files with 919 additions and 937 deletions
Show Stats Download Patch File Download Diff File

41
boot.php
Unescape View File

@ -341,12 +341,13 @@ function get_app()
/**
* @brief Multi-purpose function to check variable state.
*
* Usage: x($var) or $x($array, 'key')
* Usage: x($var) or x($array, 'key')
*
* returns false if variable/key is not set
* if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
* e.g. x('') or x(0) returns 0;
*
* @deprecated since version 2018.12
* @param string|array $s variable to check
* @param string $k key inside the array to check
*
@ -383,13 +384,12 @@ function x($s, $k = null)
* - defaults($var, $default)
* - defaults($array, 'key', $default)
*
* @param array $args
* @brief Returns a defaut value if the provided variable or array key is falsy
* @see x()
* @return mixed
*/
function defaults() {
$args = func_get_args();
function defaults(...$args)
{
if (count($args) < 2) {
throw new BadFunctionCallException('defaults() requires at least 2 parameters');
}
@ -400,16 +400,15 @@ function defaults() {
throw new BadFunctionCallException('defaults($arr, $key, $def) $key is null');
}
$default = array_pop($args);
// The default value always is the last argument
$return = array_pop($args);
if (call_user_func_array('x', $args)) {
if (count($args) === 1) {
$return = $args[0];
} else {
$return = $args[0][$args[1]];
}
} else {
$return = $default;
if (count($args) == 2 && is_array($args[0]) && !empty($args[0][$args[1]])) {
$return = $args[0][$args[1]];
}
if (count($args) == 1 && !empty($args[0])) {
$return = $args[0];
}
return $return;
@ -446,15 +445,15 @@ function public_contact()
{
static $public_contact_id = false;
if (!$public_contact_id && x($_SESSION, 'authenticated')) {
if (x($_SESSION, 'my_address')) {
if (!$public_contact_id && !empty($_SESSION['authenticated'])) {
if (!empty($_SESSION['my_address'])) {
// Local user
$public_contact_id = intval(Contact::getIdForURL($_SESSION['my_address'], 0, true));
} elseif (x($_SESSION, 'visitor_home')) {
} elseif (!empty($_SESSION['visitor_home'])) {
// Remote user
$public_contact_id = intval(Contact::getIdForURL($_SESSION['visitor_home'], 0, true));
}
} elseif (!x($_SESSION, 'authenticated')) {
} elseif (empty($_SESSION['authenticated'])) {
$public_contact_id = false;
}
@ -479,7 +478,7 @@ function remote_user()
return false;
}
if (x($_SESSION, 'authenticated') && x($_SESSION, 'visitor_id')) {
if (!empty($_SESSION['authenticated']) && !empty($_SESSION['visitor_id'])) {
return intval($_SESSION['visitor_id']);
}
return false;
@ -499,7 +498,7 @@ function notice($s)
}
$a = get_app();
if (!x($_SESSION, 'sysmsg')) {
if (empty($_SESSION['sysmsg'])) {
$_SESSION['sysmsg'] = [];
}
if ($a->interactive) {
@ -522,7 +521,7 @@ function info($s)
return;
}
if (!x($_SESSION, 'sysmsg_info')) {
if (empty($_SESSION['sysmsg_info'])) {
$_SESSION['sysmsg_info'] = [];
}
if ($a->interactive) {

10
doc/themes.md
Unescape View File

@ -181,13 +181,13 @@ Next take the default.php file found in the /view direcotry and exchange the asi
So the central part of the file now looks like this:
<body>
<?php if(x($page,'nav')) echo $page['nav']; ?>
<aside><?php if(x($page,'right_aside')) echo $page['right_aside']; ?></aside>
<section><?php if(x($page,'content')) echo $page['content']; ?>
<?php if(!empty($page['nav'])) echo $page['nav']; ?>
<aside><?php if(!empty($page['right_aside'])) echo $page['right_aside']; ?></aside>
<section><?php if(!empty($page['content'])) echo $page['content']; ?>
<div id="page-footer"></div>
</section>
<right_aside><?php if(x($page,'aside')) echo $page['aside']; ?></right_aside>
<footer><?php if(x($page,'footer')) echo $page['footer']; ?></footer>
<right_aside><?php if(!empty($page['aside'])) echo $page['aside']; ?></right_aside>
<footer><?php if(!empty($page['footer'])) echo $page['footer']; ?></footer>
</body>
Finally we need a style.css file, inheriting the definitions from the parent theme and containing out changes for the new theme.

221
include/api.php
Unescape View File

@ -68,7 +68,7 @@ $called_api = [];
*/
function api_user()
{
if (x($_SESSION, 'allow_api')) {
if (!empty($_SESSION['allow_api'])) {
return local_user();
}
@ -186,8 +186,8 @@ function api_login(App $a)
}
// workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
@ -195,7 +195,7 @@ function api_login(App $a)
}
}
if (!x($_SERVER, 'PHP_AUTH_USER')) {
if (empty($_SERVER['PHP_AUTH_USER'])) {
Logger::log('API_login: ' . print_r($_SERVER, true), Logger::DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
throw new UnauthorizedException("This API requires login");
@ -396,7 +396,7 @@ function api_call(App $a)
case "json":
header("Content-Type: application/json");
$json = json_encode(end($return));
if (x($_GET, 'callback')) {
if (!empty($_GET['callback'])) {
$json = $_GET['callback'] . "(" . $json . ")";
}
$return = $json;
@ -550,7 +550,7 @@ function api_get_user(App $a, $contact_id = null)
}
}
if (is_null($user) && x($_GET, 'user_id')) {
if (is_null($user) && !empty($_GET['user_id'])) {
$user = DBA::escape(api_unique_id_to_nurl($_GET['user_id']));
if ($user == "") {
@ -563,7 +563,7 @@ function api_get_user(App $a, $contact_id = null)
$extra_query .= "AND `contact`.`uid`=" . intval(api_user());
}
}
if (is_null($user) && x($_GET, 'screen_name')) {
if (is_null($user) && !empty($_GET['screen_name'])) {
$user = DBA::escape($_GET['screen_name']);
$extra_query = "AND `contact`.`nick` = '%s' ";
if (api_user() !== false) {
@ -571,7 +571,7 @@ function api_get_user(App $a, $contact_id = null)
}
}
if (is_null($user) && x($_GET, 'profileurl')) {
if (is_null($user) && !empty($_GET['profileurl'])) {
$user = DBA::escape(Strings::normaliseLink($_GET['profileurl']));
$extra_query = "AND `contact`.`nurl` = '%s' ";
if (api_user() !== false) {
@ -980,7 +980,7 @@ function api_account_verify_credentials($type)
unset($_REQUEST["screen_name"]);
unset($_GET["screen_name"]);
$skip_status = (x($_REQUEST, 'skip_status')?$_REQUEST['skip_status'] : false);
$skip_status = defaults($_REQUEST, 'skip_status', false);
$user_info = api_get_user($a);
@ -1014,10 +1014,10 @@ api_register_func('api/account/verify_credentials', 'api_account_verify_credenti
*/
function requestdata($k)
{
if (x($_POST, $k)) {
if (!empty($_POST[$k])) {
return $_POST[$k];
}
if (x($_GET, $k)) {
if (!empty($_GET[$k])) {
return $_GET[$k];
}
return null;
@ -1172,7 +1172,7 @@ function api_statuses_update($type)
}
}
if (x($_FILES, 'media')) {
if (!empty($_FILES['media'])) {
// upload the image if we have one
$picture = wall_upload_post($a, false);
if (is_array($picture)) {
@ -1199,7 +1199,7 @@ function api_statuses_update($type)
$_REQUEST['api_source'] = true;
if (!x($_REQUEST, "source")) {
if (empty($_REQUEST['source'])) {
$_REQUEST["source"] = api_source();
}
@ -1231,7 +1231,7 @@ function api_media_upload()
api_get_user($a);
if (!x($_FILES, 'media')) {
if (empty($_FILES['media'])) {
// Output error
throw new BadRequestException("No media.");
}
@ -1445,7 +1445,7 @@ function api_users_search($type)
$userlist = [];
if (x($_GET, 'q')) {
if (!empty($_GET['q'])) {
$r = q("SELECT id FROM `contact` WHERE `uid` = 0 AND `name` = '%s'", DBA::escape($_GET["q"]));
if (!DBA::isResult($r)) {
@ -1530,21 +1530,21 @@ function api_search($type)
$data = [];
if (!x($_REQUEST, 'q')) {
if (empty($_REQUEST['q'])) {
throw new BadRequestException("q parameter is required.");
}
if (x($_REQUEST, 'rpp')) {
if (!empty($_REQUEST['rpp'])) {
$count = $_REQUEST['rpp'];
} elseif (x($_REQUEST, 'count')) {
} elseif (!empty($_REQUEST['count'])) {
$count = $_REQUEST['count'];
} else {
$count = 15;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
$start = $page * $count;
@ -1598,16 +1598,15 @@ function api_statuses_home_timeline($type)
// get last network messages
// params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0);
$count = defaults($_REQUEST, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
if ($page < 0) {
$page = 0;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = !empty($_REQUEST['exclude_replies']);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count;
@ -1618,7 +1617,7 @@ function api_statuses_home_timeline($type)
$condition[0] .= " AND `item`.`id` <= ?";
$condition[] = $max_id;
}
if ($exclude_replies > 0) {
if ($exclude_replies) {
$condition[0] .= ' AND `item`.`parent` = `item`.`id`';
}
if ($conversation_id > 0) {
@ -1681,19 +1680,17 @@ function api_statuses_public_timeline($type)
// get last network messages
// params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] -1 : 0);
$count = defaults($_REQUEST, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] -1 : 0);
if ($page < 0) {
$page = 0;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = (!empty($_REQUEST['exclude_replies']) ? 1 : 0);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count;
$sql_extra = '';
if ($exclude_replies && !$conversation_id) {
$condition = ["`gravity` IN (?, ?) AND `iid` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall`",
@ -1762,12 +1759,12 @@ function api_statuses_networkpublic_timeline($type)
throw new ForbiddenException();
}
$since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0;
$max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0;
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
// pagination
$count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 20;
$page = x($_REQUEST, 'page') ? $_REQUEST['page'] : 1;
$count = defaults($_REQUEST, 'count', 20);
$page = defaults($_REQUEST, 'page', 1);
if ($page < 1) {
$page = 1;
}
@ -2001,7 +1998,7 @@ function api_statuses_repeat($type)
$_REQUEST['profile_uid'] = api_user();
$_REQUEST['api_source'] = true;
if (!x($_REQUEST, "source")) {
if (empty($_REQUEST['source'])) {
$_REQUEST["source"] = api_source();
}
@ -2150,14 +2147,14 @@ function api_statuses_user_timeline($type)
Logger::DEBUG
);
$since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0;
$max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0;
$exclude_replies = x($_REQUEST, 'exclude_replies') ? 1 : 0;
$conversation_id = x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0;
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = !empty($_REQUEST['exclude_replies']);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
// pagination
$count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 20;
$page = x($_REQUEST, 'page') ? $_REQUEST['page'] : 1;
$count = defaults($_REQUEST, 'count', 20);
$page = defaults($_REQUEST, 'page', 1);
if ($page < 1) {
$page = 1;
}
@ -2170,7 +2167,7 @@ function api_statuses_user_timeline($type)
$condition[0] .= ' AND `item`.`wall` ';
}
if ($exclude_replies > 0) {
if ($exclude_replies) {
$condition[0] .= ' AND `item`.`parent` = `item`.`id`';
}
@ -2309,10 +2306,10 @@ function api_favorites($type)
$ret = [];
} else {
// params
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$count = (x($_GET, 'count') ? $_GET['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] -1 : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$count = defaults($_GET, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] -1 : 0);
if ($page < 0) {
$page = 0;
}
@ -2390,7 +2387,7 @@ function api_format_messages($item, $recipient, $sender)
}
//don't send title to regular StatusNET requests to avoid confusing these apps
if (x($_GET, 'getText')) {
if (!empty($_GET['getText'])) {
$ret['title'] = $item['title'];
if ($_GET['getText'] == 'html') {
$ret['text'] = BBCode::convert($item['body'], false);
@ -2400,7 +2397,7 @@ function api_format_messages($item, $recipient, $sender)
} else {
$ret['text'] = $item['title'] . "\n" . HTML::toPlaintext(BBCode::convert(api_clean_plain_items($item['body']), false, 2, true), 0);
}
if (x($_GET, 'getUserObjects') && $_GET['getUserObjects'] == 'false') {
if (!empty($_GET['getUserObjects']) && $_GET['getUserObjects'] == 'false') {
unset($ret['sender']);
unset($ret['recipient']);
}
@ -2530,7 +2527,7 @@ function api_get_attachments(&$body)
*/
function api_get_entitities(&$text, $bbcode)
{
$include_entities = strtolower(x($_REQUEST, 'include_entities') ? $_REQUEST['include_entities'] : "false");
$include_entities = strtolower(defaults($_REQUEST, 'include_entities', "false"));
if ($include_entities != "true") {
preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images);
@ -3119,15 +3116,15 @@ function api_lists_statuses($type)
}
// params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0);
$count = defaults($_REQUEST, 'count', 20);
$page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
if ($page < 0) {
$page = 0;
}
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = (!empty($_REQUEST['exclude_replies']) ? 1 : 0);
$conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count;
@ -3185,8 +3182,8 @@ function api_statuses_f($qtype)
}
// pagination
$count = x($_GET, 'count') ? $_GET['count'] : 20;
$page = x($_GET, 'page') ? $_GET['page'] : 1;
$count = defaults($_GET, 'count', 20);
$page = defaults($_GET, 'page', 1);
if ($page < 1) {
$page = 1;
}
@ -3194,7 +3191,7 @@ function api_statuses_f($qtype)
$user_info = api_get_user($a);
if (x($_GET, 'cursor') && $_GET['cursor'] == 'undefined') {
if (!empty($_GET['cursor']) && $_GET['cursor'] == 'undefined') {
/* this is to stop Hotot to load friends multiple times
* I'm not sure if I'm missing return something or
* is a bug in hotot. Workaround, meantime
@ -3522,7 +3519,7 @@ function api_direct_messages_new($type)
$replyto = '';
$sub = '';
if (x($_REQUEST, 'replyto')) {
if (!empty($_REQUEST['replyto'])) {
$r = q(
'SELECT `parent-uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d',
intval(api_user()),
@ -3531,7 +3528,7 @@ function api_direct_messages_new($type)
$replyto = $r[0]['parent-uri'];
$sub = $r[0]['title'];
} else {
if (x($_REQUEST, 'title')) {
if (!empty($_REQUEST['title'])) {
$sub = $_REQUEST['title'];
} else {
$sub = ((strlen($_POST['text'])>10) ? substr($_POST['text'], 0, 10)."...":$_POST['text']);
@ -3583,10 +3580,10 @@ function api_direct_messages_destroy($type)
// params
$user_info = api_get_user($a);
//required
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0);
$id = defaults($_REQUEST, 'id', 0);
// optional
$parenturi = (x($_REQUEST, 'friendica_parenturi') ? $_REQUEST['friendica_parenturi'] : "");
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$parenturi = defaults($_REQUEST, 'friendica_parenturi', "");
$verbose = (!empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false");
/// @todo optional parameter 'include_entities' from Twitter API not yet implemented
$uid = $user_info['uid'];
@ -3838,7 +3835,7 @@ function api_direct_messages_box($type, $box, $verbose)
*/
function api_direct_messages_sentbox($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "sentbox", $verbose);
}
@ -3852,7 +3849,7 @@ function api_direct_messages_sentbox($type)
*/
function api_direct_messages_inbox($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "inbox", $verbose);
}
@ -3864,7 +3861,7 @@ function api_direct_messages_inbox($type)
*/
function api_direct_messages_all($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "all", $verbose);
}
@ -3876,7 +3873,7 @@ function api_direct_messages_all($type)
*/
function api_direct_messages_conversation($type)
{
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false");
$verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "conversation", $verbose);
}
@ -3940,7 +3937,7 @@ function api_fr_photoalbum_delete($type)
throw new ForbiddenException();
}
// input params
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : "");
$album = defaults($_REQUEST, 'album', "");
// we do not allow calls without album string
if ($album == "") {
@ -3992,8 +3989,8 @@ function api_fr_photoalbum_update($type)
throw new ForbiddenException();
}
// input params
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : "");
$album_new = (x($_REQUEST, 'album_new') ? $_REQUEST['album_new'] : "");
$album = defaults($_REQUEST, 'album', "");
$album_new = defaults($_REQUEST, 'album_new', "");
// we do not allow calls without album string
if ($album == "") {
@ -4077,15 +4074,15 @@ function api_fr_photo_create_update($type)
throw new ForbiddenException();
}
// input params
$photo_id = (x($_REQUEST, 'photo_id') ? $_REQUEST['photo_id'] : null);
$desc = (x($_REQUEST, 'desc') ? $_REQUEST['desc'] : (array_key_exists('desc', $_REQUEST) ? "" : null)); // extra check necessary to distinguish between 'not provided' and 'empty string'
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : null);
$album_new = (x($_REQUEST, 'album_new') ? $_REQUEST['album_new'] : null);
$allow_cid = (x($_REQUEST, 'allow_cid') ? $_REQUEST['allow_cid'] : (array_key_exists('allow_cid', $_REQUEST) ? " " : null));
$deny_cid = (x($_REQUEST, 'deny_cid') ? $_REQUEST['deny_cid'] : (array_key_exists('deny_cid', $_REQUEST) ? " " : null));
$allow_gid = (x($_REQUEST, 'allow_gid') ? $_REQUEST['allow_gid'] : (array_key_exists('allow_gid', $_REQUEST) ? " " : null));
$deny_gid = (x($_REQUEST, 'deny_gid') ? $_REQUEST['deny_gid'] : (array_key_exists('deny_gid', $_REQUEST) ? " " : null));
$visibility = (x($_REQUEST, 'visibility') ? (($_REQUEST['visibility'] == "true" || $_REQUEST['visibility'] == 1) ? true : false) : false);
$photo_id = defaults($_REQUEST, 'photo_id', null);
$desc = defaults($_REQUEST, 'desc', (array_key_exists('desc', $_REQUEST) ? "" : null)) ; // extra check necessary to distinguish between 'not provided' and 'empty string'
$album = defaults($_REQUEST, 'album', null);
$album_new = defaults($_REQUEST, 'album_new', null);
$allow_cid = defaults($_REQUEST, 'allow_cid', (array_key_exists('allow_cid', $_REQUEST) ? " " : null));
$deny_cid = defaults($_REQUEST, 'deny_cid' , (array_key_exists('deny_cid' , $_REQUEST) ? " " : null));
$allow_gid = defaults($_REQUEST, 'allow_gid', (array_key_exists('allow_gid', $_REQUEST) ? " " : null));
$deny_gid = defaults($_REQUEST, 'deny_gid' , (array_key_exists('deny_gid' , $_REQUEST) ? " " : null));
$visibility = !empty($_REQUEST['visibility']) || $_REQUEST['visibility'] !== "false";
// do several checks on input parameters
// we do not allow calls without album string
@ -4097,7 +4094,7 @@ function api_fr_photo_create_update($type)
$mode = "create";
// error if no media posted in create-mode
if (!x($_FILES, 'media')) {
if (empty($_FILES['media'])) {
// Output error
throw new BadRequestException("no media data submitted");
}
@ -4188,7 +4185,7 @@ function api_fr_photo_create_update($type)
$nothingtodo = true;
}
if (x($_FILES, 'media')) {
if (!empty($_FILES['media'])) {
$nothingtodo = false;
$media = $_FILES['media'];
$data = save_media_to_database("photo", $media, $type, $album, $allow_cid, $deny_cid, $allow_gid, $deny_gid, $desc, 0, $visibility, $photo_id);
@ -4224,7 +4221,7 @@ function api_fr_photo_delete($type)
throw new ForbiddenException();
}
// input params
$photo_id = (x($_REQUEST, 'photo_id') ? $_REQUEST['photo_id'] : null);
$photo_id = defaults($_REQUEST, 'photo_id', null);
// do several checks on input parameters
// we do not allow calls without photo id
@ -4275,11 +4272,11 @@ function api_fr_photo_detail($type)
if (api_user() === false) {
throw new ForbiddenException();
}
if (!x($_REQUEST, 'photo_id')) {
if (empty($_REQUEST['photo_id'])) {
throw new BadRequestException("No photo id.");
}
$scale = (x($_REQUEST, 'scale') ? intval($_REQUEST['scale']) : false);
$scale = (!empty($_REQUEST['scale']) ? intval($_REQUEST['scale']) : false);
$photo_id = $_REQUEST['photo_id'];
// prepare json/xml output with data from database for the requested photo
@ -4308,7 +4305,7 @@ function api_account_update_profile_image($type)
$profile_id = defaults($_REQUEST, 'profile_id', 0);
// error if image data is missing
if (!x($_FILES, 'image')) {
if (empty($_FILES['image'])) {
throw new BadRequestException("no media data submitted");
}
@ -4326,9 +4323,9 @@ function api_account_update_profile_image($type)
// get mediadata from image or media (Twitter call api/account/update_profile_image provides image)
$media = null;
if (x($_FILES, 'image')) {
if (!empty($_FILES['image'])) {
$media = $_FILES['image'];
} elseif (x($_FILES, 'media')) {
} elseif (!empty($_FILES['media'])) {
$media = $_FILES['media'];
}
// save new profile image
@ -4788,8 +4785,8 @@ function prepare_photo_data($type, $scale, $photo_id)
*/
function api_friendica_remoteauth()
{
$url = (x($_GET, 'url') ? $_GET['url'] : '');
$c_url = (x($_GET, 'c_url') ? $_GET['c_url'] : '');
$url = defaults($_GET, 'url', '');
$c_url = defaults($_GET, 'c_url', '');
if ($url === '' || $c_url === '') {
throw new BadRequestException("Wrong parameters.");
@ -5092,7 +5089,7 @@ function api_in_reply_to($item)
*/
function api_clean_plain_items($text)
{
$include_entities = strtolower(x($_REQUEST, 'include_entities') ? $_REQUEST['include_entities'] : "false");
$include_entities = strtolower(defaults($_REQUEST, 'include_entities', "false"));
$text = BBCode::cleanPictureLinks($text);
$URLSearchString = "^\[\]";
@ -5224,7 +5221,7 @@ function api_friendica_group_show($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0);
$gid = defaults($_REQUEST, 'gid', 0);
$uid = $user_info['uid'];
// get data of the specified group id or all groups if not specified
@ -5289,8 +5286,8 @@ function api_friendica_group_delete($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$gid = defaults($_REQUEST, 'gid', 0);
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
// error if no gid specified
@ -5351,7 +5348,7 @@ function api_lists_destroy($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'list_id') ? $_REQUEST['list_id'] : 0);
$gid = defaults($_REQUEST, 'list_id', 0);
$uid = $user_info['uid'];
// error if no gid specified
@ -5467,7 +5464,7 @@ function api_friendica_group_create($type)
// params
$user_info = api_get_user($a);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
$json = json_decode($_POST['json'], true);
$users = $json['user'];
@ -5496,7 +5493,7 @@ function api_lists_create($type)
// params
$user_info = api_get_user($a);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
$success = group_create($name, $uid);
@ -5531,8 +5528,8 @@ function api_friendica_group_update($type)
// params
$user_info = api_get_user($a);
$uid = $user_info['uid'];
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$gid = defaults($_REQUEST, 'gid', 0);
$name = defaults($_REQUEST, 'name', "");
$json = json_decode($_POST['json'], true);
$users = $json['user'];
@ -5604,8 +5601,8 @@ function api_lists_update($type)
// params
$user_info = api_get_user($a);
$gid = (x($_REQUEST, 'list_id') ? $_REQUEST['list_id'] : 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : "");
$gid = defaults($_REQUEST, 'list_id', 0);
$name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid'];
// error if no gid specified
@ -5650,7 +5647,7 @@ function api_friendica_activity($type)
$verb = strtolower($a->argv[3]);
$verb = preg_replace("|\..*$|", "", $verb);
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0);
$id = defaults($_REQUEST, 'id', 0);
$res = Item::performLike($id, $verb);
@ -5732,7 +5729,7 @@ function api_friendica_notification_seen($type)
throw new BadRequestException("Invalid argument count");
}
$id = (x($_REQUEST, 'id') ? intval($_REQUEST['id']) : 0);
$id = (!empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0);
$nm = new NotificationsManager();
$note = $nm->getByID($id);
@ -5775,7 +5772,7 @@ function api_friendica_direct_messages_setseen($type)
// params
$user_info = api_get_user($a);
$uid = $user_info['uid'];
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0);
$id = defaults($_REQUEST, 'id', 0);
// return error if id is zero
if ($id == "") {
@ -5824,7 +5821,7 @@ function api_friendica_direct_messages_search($type, $box = "")
// params
$user_info = api_get_user($a);
$searchstring = (x($_REQUEST, 'searchstring') ? $_REQUEST['searchstring'] : "");
$searchstring = defaults($_REQUEST, 'searchstring', "");
$uid = $user_info['uid'];
// error if no searchstring specified
@ -5886,7 +5883,7 @@ function api_friendica_profile_show($type)
}
// input params
$profile_id = (x($_REQUEST, 'profile_id') ? $_REQUEST['profile_id'] : 0);
$profile_id = defaults($_REQUEST, 'profile_id', 0);
// retrieve general information about profiles for user
$multi_profiles = Feature::isEnabled(api_user(), 'multi_profiles');

36
include/conversation.php
Unescape View File

@ -462,17 +462,17 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
. "<script> var profile_uid = " . $_SESSION['uid']
. "; var netargs = '" . substr($a->cmd, 8)
. '?f='
. ((x($_GET, 'cid')) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. ((x($_GET, 'search')) ? '&search=' . rawurlencode($_GET['search']) : '')
. ((x($_GET, 'star')) ? '&star=' . rawurlencode($_GET['star']) : '')
. ((x($_GET, 'order')) ? '&order=' . rawurlencode($_GET['order']) : '')
. ((x($_GET, 'bmark')) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. ((x($_GET, 'liked')) ? '&liked=' . rawurlencode($_GET['liked']) : '')
. ((x($_GET, 'conv')) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. ((x($_GET, 'nets')) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. ((x($_GET, 'cmin')) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. ((x($_GET, 'cmax')) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. ((x($_GET, 'file')) ? '&file=' . rawurlencode($_GET['file']) : '')
. (!empty($_GET['cid']) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. (!empty($_GET['search']) ? '&search=' . rawurlencode($_GET['search']) : '')
. (!empty($_GET['star']) ? '&star=' . rawurlencode($_GET['star']) : '')
. (!empty($_GET['order']) ? '&order=' . rawurlencode($_GET['order']) : '')
. (!empty($_GET['bmark']) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. (!empty($_GET['liked']) ? '&liked=' . rawurlencode($_GET['liked']) : '')
. (!empty($_GET['conv']) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. (!empty($_GET['nets']) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. (!empty($_GET['cmin']) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. (!empty($_GET['cmax']) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. (!empty($_GET['file']) ? '&file=' . rawurlencode($_GET['file']) : '')
. "'; var profile_page = " . $pager->getPage() . "; </script>\r\n";
}
@ -482,7 +482,7 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
if (!$update) {
$tab = 'posts';
if (x($_GET, 'tab')) {
if (!empty($_GET['tab'])) {
$tab = Strings::escapeTags(trim($_GET['tab']));
}
if ($tab === 'posts') {
@ -951,7 +951,7 @@ function builtin_activity_puller($item, &$conv_responses) {
$url = '<a href="'. $url . '"'. $sparkle .'>' . htmlentities($item['author-name']) . '</a>';
if (!x($item, 'thr-parent')) {
if (empty($item['thr-parent'])) {
$item['thr-parent'] = $item['parent-uri'];
}
@ -1064,7 +1064,7 @@ function format_like($cnt, array $arr, $type, $id) {
$expanded .= "\t" . '<div class="wall-item-' . $type . '-expanded" id="' . $type . 'list-' . $id . '" style="display: none;" >' . $explikers . EOL . '</div>';
}
$phrase .= EOL ;
$phrase .= EOL;
$o .= Renderer::replaceMacros(Renderer::getMarkupTemplate('voting_fakelink.tpl'), [
'$phrase' => $phrase,
'$type' => $type,
@ -1079,7 +1079,7 @@ function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
{
$o = '';
$geotag = x($x, 'allow_location') ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : '';
$geotag = !empty($x['allow_location']) ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : '';
$tpl = Renderer::getMarkupTemplate('jot-header.tpl');
$a->page['htmlhead'] .= Renderer::replaceMacros($tpl, [
@ -1100,7 +1100,7 @@ function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
// Private/public post links for the non-JS ACL form
$private_post = 1;
if (x($_REQUEST, 'public')) {
if (!empty($_REQUEST['public'])) {
$private_post = 0;
}
@ -1432,11 +1432,11 @@ function sort_thr_commented(array $a, array $b)
}
function render_location_dummy(array $item) {
if (x($item, 'location') && !empty($item['location'])) {
if (!empty($item['location']) && !empty($item['location'])) {
return $item['location'];
}
if (x($item, 'coord') && !empty($item['coord'])) {
if (!empty($item['coord']) && !empty($item['coord'])) {
return $item['coord'];
}
}

637
mod/admin.php
Unescape View File

@ -58,7 +58,7 @@ function admin_post(App $a)
// do not allow a page manager to access the admin panel at all.
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
return;
}
@ -167,14 +167,14 @@ function admin_content(App $a)
return Login::form();
}
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
if (!empty($_SESSION['submanage'])) {
return "";
}
// APC deactivated, since there are problems with PHP 5.5
//if (function_exists("apc_delete")) {
// $toDelete = new APCIterator('user', APC_ITER_VALUE);
// apc_delete($toDelete);
// $toDelete = new APCIterator('user', APC_ITER_VALUE);
// apc_delete($toDelete);
//}
// Header stuff
$a->page['htmlhead'] .= Renderer::replaceMacros(Renderer::getMarkupTemplate('admin/settings_head.tpl'), []);
@ -321,7 +321,7 @@ function admin_page_tos(App $a)
'$title' => L10n::t('Administration'),
'$page' => L10n::t('Terms of Service'),
'$displaytos' => ['displaytos', L10n::t('Display Terms of Service'), Config::get('system', 'tosdisplay'), L10n::t('Enable the Terms of Service page. If this is enabled a link to the terms will be added to the registration form and the general information page.')],
'$displayprivstatement' => ['displayprivstatement', L10n::t('Display Privacy Statement'), Config::get('system','tosprivstatement'), L10n::t('Show some informations regarding the needed information to operate the node according e.g. to <a href="%s" target="_blank">EU-GDPR</a>.','https://en.wikipedia.org/wiki/General_Data_Protection_Regulation')],
'$displayprivstatement' => ['displayprivstatement', L10n::t('Display Privacy Statement'), Config::get('system', 'tosprivstatement'), L10n::t('Show some informations regarding the needed information to operate the node according e.g. to <a href="%s" target="_blank">EU-GDPR</a>.', 'https://en.wikipedia.org/wiki/General_Data_Protection_Regulation')],
'$preview' => L10n::t('Privacy Statement Preview'),
'$privtext' => $tos->privacy_complete,
'$tostext' => ['tostext', L10n::t('The Terms of Service'), Config::get('system', 'tostext'), L10n::t('Enter the Terms of Service for your node here. You can use BBCode. Headers of sections should be [h2] and below.')],
@ -329,6 +329,7 @@ function admin_page_tos(App $a)
'$submit' => L10n::t('Save Settings'),
]);
}
/**
* @brief Process send data from Admin TOS Page
*
@ -338,13 +339,13 @@ function admin_page_tos_post(App $a)
{
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/tos', 'admin_tos');
if (!x($_POST, "page_tos")) {
if (empty($_POST['page_tos'])) {
return;
}
$displaytos = ((x($_POST, 'displaytos')) ? True : False);
$displayprivstatement = ((x($_POST, 'displayprivstatement')) ? True : False);
$tostext = ((x($_POST, 'tostext')) ? strip_tags(trim($_POST['tostext'])) : '');
$displaytos = !empty($_POST['displaytos']);
$displayprivstatement = !empty($_POST['displayprivstatement']);
$tostext = (!empty($_POST['tostext']) ? strip_tags(trim($_POST['tostext'])) : '');
Config::set('system', 'tosdisplay', $displaytos);
Config::set('system', 'tosprivstatement', $displayprivstatement);
@ -354,6 +355,7 @@ function admin_page_tos_post(App $a)
return; // NOTREACHED
}
/**
* @brief Subpage to modify the server wide block list via the admin panel.
*
@ -407,13 +409,13 @@ function admin_page_blocklist(App $a)
*/
function admin_page_blocklist_post(App $a)
{
if (!x($_POST, "page_blocklist_save") && (!x($_POST['page_blocklist_edit']))) {
if (empty($_POST['page_blocklist_save']) && empty($_POST['page_blocklist_edit'])) {
return;
}
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/blocklist', 'admin_blocklist');
if (x($_POST['page_blocklist_save'])) {
if (!empty($_POST['page_blocklist_save'])) {
// Add new item to blocklist
$blocklist = Config::get('system', 'blocklist');
$blocklist[] = [
@ -429,7 +431,7 @@ function admin_page_blocklist_post(App $a)
// Trimming whitespaces as well as any lingering slashes
$domain = Strings::escapeTags(trim($domain, "\x00..\x1F/"));
$reason = Strings::escapeTags(trim($_POST['reason'][$id]));
if (!x($_POST['delete'][$id])) {
if (empty($_POST['delete'][$id])) {
$blocklist[] = [
'domain' => $domain,
'reason' => $reason
@ -451,12 +453,12 @@ function admin_page_blocklist_post(App $a)
*/
function admin_page_contactblock_post(App $a)
{
$contact_url = x($_POST, 'contact_url') ? $_POST['contact_url'] : '';
$contacts = x($_POST, 'contacts') ? $_POST['contacts'] : [];
$contact_url = defaults($_POST, 'contact_url', '');
$contacts = defaults($_POST, 'contacts', []);
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/contactblock', 'admin_contactblock');
if (x($_POST, 'page_contactblock_block')) {
if (!empty($_POST['page_contactblock_block'])) {
$contact_id = Contact::getIdForURL($contact_url);
if ($contact_id) {
Contact::block($contact_id);
@ -465,7 +467,7 @@ function admin_page_contactblock_post(App $a)
notice(L10n::t("Could not find any contact entry for this URL \x28%s\x29", $contact_url));
}
}
if (x($_POST, 'page_contactblock_unblock')) {
if (!empty($_POST['page_contactblock_unblock'])) {
foreach ($contacts as $uid) {
Contact::unblock($uid);
}
@ -559,13 +561,13 @@ function admin_page_deleteitem(App $a)
*/
function admin_page_deleteitem_post(App $a)
{
if (!x($_POST['page_deleteitem_submit'])) {
if (empty($_POST['page_deleteitem_submit'])) {
return;
}
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/deleteitem/', 'admin_deleteitem');
if (x($_POST['page_deleteitem_submit'])) {
if (!empty($_POST['page_deleteitem_submit'])) {
$guid = trim(Strings::escapeTags($_POST['deleteitemguid']));
// The GUID should not include a "/", so if there is one, we got an URL
// and the last part of it is most likely the GUID.
@ -838,7 +840,7 @@ function admin_page_workerqueue(App $a, $deferred)
$info = L10n::t('This page lists the currently queued worker jobs. These jobs are handled by the worker cronjob you\'ve set up during install.');
}
$entries = DBA::select('workerqueue', ['id', 'parameter', 'created', 'priority'], $condition, ['order'=> ['priority']]);
$entries = DBA::select('workerqueue', ['id', 'parameter', 'created', 'priority'], $condition, ['order' => ['priority']]);
$r = [];
while ($entry = DBA::fetch($entries)) {
@ -938,7 +940,7 @@ function admin_page_summary(App $a)
$users = 0;
foreach ($r as $u) {
$accounts[$u['page-flags']][1] = $u['count'];
$users+= $u['count'];
$users += $u['count'];
}
Logger::log('accounts: ' . print_r($accounts, true), Logger::DATA);
@ -962,10 +964,10 @@ function admin_page_summary(App $a)
$max_allowed_packet = (($r) ? $r[0]['Value'] : 0);
$server_settings = ['label' => L10n::t('Server Settings'),
'php' => ['upload_max_filesize' => ini_get('upload_max_filesize'),
'post_max_size' => ini_get('post_max_size'),
'memory_limit' => ini_get('memory_limit')],
'mysql' => ['max_allowed_packet' => $max_allowed_packet]];
'php' => ['upload_max_filesize' => ini_get('upload_max_filesize'),
'post_max_size' => ini_get('post_max_size'),
'memory_limit' => ini_get('memory_limit')],
'mysql' => ['max_allowed_packet' => $max_allowed_packet]];
$t = Renderer::getMarkupTemplate('admin/summary.tpl');
return Renderer::replaceMacros($t, [
@ -1001,17 +1003,17 @@ function admin_page_site_post(App $a)
return;
}
if (!x($_POST, "page_site")) {
if (empty($_POST['page_site'])) {
return;
}
// relocate
if (x($_POST, 'relocate') && x($_POST, 'relocate_url') && $_POST['relocate_url'] != "") {
if (!empty($_POST['relocate']) && !empty($_POST['relocate_url']) && $_POST['relocate_url'] != "") {
$new_url = $_POST['relocate_url'];
$new_url = rtrim($new_url, "/");
$parsed = @parse_url($new_url);
if (!is_array($parsed) || !x($parsed, 'host') || !x($parsed, 'scheme')) {
if (!is_array($parsed) || empty($parsed['host']) || empty($parsed['scheme'])) {
notice(L10n::t("Can not parse base url. Must have at least <scheme>://<domain>"));
$a->internalRedirect('admin/site');
}
@ -1046,6 +1048,7 @@ function admin_page_site_post(App $a)
$a->internalRedirect('admin/site');
}
}
// update tables
// update profile links in the format "http://server.tld"
update_table($a, "profile", ['photo', 'thumb'], $old_url, $new_url);
@ -1059,7 +1062,7 @@ function admin_page_site_post(App $a)
update_table($a, "gcontact", ['connect', 'addr'], $old_host, $new_host);
// update config
Config::set('system', 'hostname', parse_url($new_url, PHP_URL_HOST));
Config::set('system', 'hostname', parse_url($new_url, PHP_URL_HOST));
Config::set('system', 'url', $new_url);
$a->setBaseURL($new_url);
@ -1076,98 +1079,97 @@ function admin_page_site_post(App $a)
}
// end relocate
$sitename = ((x($_POST,'sitename')) ? Strings::escapeTags(trim($_POST['sitename'])) : '');
$hostname = ((x($_POST,'hostname')) ? Strings::escapeTags(trim($_POST['hostname'])) : '');
$sender_email = ((x($_POST,'sender_email')) ? Strings::escapeTags(trim($_POST['sender_email'])) : '');
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
$shortcut_icon = ((x($_POST,'shortcut_icon')) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : '');
$touch_icon = ((x($_POST,'touch_icon')) ? Strings::escapeTags(trim($_POST['touch_icon'])) : '');
$info = ((x($_POST,'info')) ? trim($_POST['info']) : false);
$language = ((x($_POST,'language')) ? Strings::escapeTags(trim($_POST['language'])) : '');
$theme = ((x($_POST,'theme')) ? Strings::escapeTags(trim($_POST['theme'])) : '');
$theme_mobile = ((x($_POST,'theme_mobile')) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : '');
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
$maximagelength = ((x($_POST,'maximagelength')) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH);
$jpegimagequality = ((x($_POST,'jpegimagequality')) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY);
$register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
$daily_registrations = ((x($_POST,'max_daily_registrations')) ? intval(trim($_POST['max_daily_registrations'])) :0);
$abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
$register_text = ((x($_POST,'register_text')) ? strip_tags(trim($_POST['register_text'])) : '');
$allowed_sites = ((x($_POST,'allowed_sites')) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : '');
$allowed_email = ((x($_POST,'allowed_email')) ? Strings::escapeTags(trim($_POST['allowed_email'])) : '');
$forbidden_nicknames = ((x($_POST,'forbidden_nicknames')) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : '');
$no_oembed_rich_content = x($_POST,'no_oembed_rich_content');
$allowed_oembed = ((x($_POST,'allowed_oembed')) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : '');
$block_public = ((x($_POST,'block_public')) ? True : False);
$force_publish = ((x($_POST,'publish_all')) ? True : False);
$global_directory = ((x($_POST,'directory')) ? Strings::escapeTags(trim($_POST['directory'])) : '');
$newuser_private = ((x($_POST,'newuser_private')) ? True : False);
$enotify_no_content = ((x($_POST,'enotify_no_content')) ? True : False);
$private_addons = ((x($_POST,'private_addons')) ? True : False);
$disable_embedded = ((x($_POST,'disable_embedded')) ? True : False);
$allow_users_remote_self = ((x($_POST,'allow_users_remote_self')) ? True : False);
$explicit_content = ((x($_POST,'explicit_content')) ? True : False);
$no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False);
$no_openid = !((x($_POST,'no_openid')) ? True : False);
$no_regfullname = !((x($_POST,'no_regfullname')) ? True : False);
$community_page_style = ((x($_POST,'community_page_style')) ? intval(trim($_POST['community_page_style'])) : 0);
$max_author_posts_community_page = ((x($_POST,'max_author_posts_community_page')) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
$verifyssl = ((x($_POST,'verifyssl')) ? True : False);
$proxyuser = ((x($_POST,'proxyuser')) ? Strings::escapeTags(trim($_POST['proxyuser'])) : '');
$proxy = ((x($_POST,'proxy')) ? Strings::escapeTags(trim($_POST['proxy'])) : '');
$timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
$maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50);
$maxloadavg_frontend = ((x($_POST,'maxloadavg_frontend')) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
$min_memory = ((x($_POST,'min_memory')) ? intval(trim($_POST['min_memory'])) : 0);
$optimize_max_tablesize = ((x($_POST,'optimize_max_tablesize')) ? intval(trim($_POST['optimize_max_tablesize'])): 100);
$optimize_fragmentation = ((x($_POST,'optimize_fragmentation')) ? intval(trim($_POST['optimize_fragmentation'])): 30);
$poco_completion = ((x($_POST,'poco_completion')) ? intval(trim($_POST['poco_completion'])) : false);
$poco_requery_days = ((x($_POST,'poco_requery_days')) ? intval(trim($_POST['poco_requery_days'])) : 7);
$poco_discovery = ((x($_POST,'poco_discovery')) ? intval(trim($_POST['poco_discovery'])) : 0);
$poco_discovery_since = ((x($_POST,'poco_discovery_since')) ? intval(trim($_POST['poco_discovery_since'])) : 30);
$poco_local_search = ((x($_POST,'poco_local_search')) ? intval(trim($_POST['poco_local_search'])) : false);
$nodeinfo = ((x($_POST,'nodeinfo')) ? intval(trim($_POST['nodeinfo'])) : false);
$dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
$ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
$ostatus_full_threads = ((x($_POST,'ostatus_full_threads')) ? True : False);
$diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
$ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
$force_ssl = ((x($_POST,'force_ssl')) ? True : False);
$hide_help = ((x($_POST,'hide_help')) ? True : False);
$dbclean = ((x($_POST,'dbclean')) ? True : False);
$dbclean_expire_days = ((x($_POST,'dbclean_expire_days')) ? intval($_POST['dbclean_expire_days']) : 0);
$dbclean_unclaimed = ((x($_POST,'dbclean_unclaimed')) ? intval($_POST['dbclean_unclaimed']) : 0);
$dbclean_expire_conv = ((x($_POST,'dbclean_expire_conv')) ? intval($_POST['dbclean_expire_conv']) : 0);
$suppress_tags = ((x($_POST,'suppress_tags')) ? True : False);
$itemcache = ((x($_POST,'itemcache')) ? Strings::escapeTags(trim($_POST['itemcache'])) : '');
$itemcache_duration = ((x($_POST,'itemcache_duration')) ? intval($_POST['itemcache_duration']) : 0);
$max_comments = ((x($_POST,'max_comments')) ? intval($_POST['max_comments']) : 0);
$temppath = ((x($_POST,'temppath')) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
$basepath = ((x($_POST,'basepath')) ? Strings::escapeTags(trim($_POST['basepath'])) : '');
$singleuser = ((x($_POST,'singleuser')) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
$proxy_disabled = ((x($_POST,'proxy_disabled')) ? True : False);
$only_tag_search = ((x($_POST,'only_tag_search')) ? True : False);
$rino = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
$check_new_version_url = ((x($_POST, 'check_new_version_url')) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
$worker_queues = ((x($_POST,'worker_queues')) ? intval($_POST['worker_queues']) : 10);
$worker_dont_fork = ((x($_POST,'worker_dont_fork')) ? True : False);
$worker_fastlane = ((x($_POST,'worker_fastlane')) ? True : False);
$worker_frontend = ((x($_POST,'worker_frontend')) ? True : False);
$relay_directly = ((x($_POST,'relay_directly')) ? True : False);
$relay_server = ((x($_POST,'relay_server')) ? Strings::escapeTags(trim($_POST['relay_server'])) : '');
$relay_subscribe = ((x($_POST,'relay_subscribe')) ? True : False);
$relay_scope = ((x($_POST,'relay_scope')) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
$relay_server_tags = ((x($_POST,'relay_server_tags')) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
$relay_user_tags = ((x($_POST,'relay_user_tags')) ? True : False);
$active_panel = (defaults($_POST, 'active_panel', '') ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
$sitename = (!empty($_POST['sitename']) ? Strings::escapeTags(trim($_POST['sitename'])) : '');
$hostname = (!empty($_POST['hostname']) ? Strings::escapeTags(trim($_POST['hostname'])) : '');
$sender_email = (!empty($_POST['sender_email']) ? Strings::escapeTags(trim($_POST['sender_email'])) : '');
$banner = (!empty($_POST['banner']) ? trim($_POST['banner']) : false);
$shortcut_icon = (!empty($_POST['shortcut_icon']) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : '');
$touch_icon = (!empty($_POST['touch_icon']) ? Strings::escapeTags(trim($_POST['touch_icon'])) : '');
$info = (!empty($_POST['info']) ? trim($_POST['info']) : false);
$language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
$theme = (!empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : '');
$theme_mobile = (!empty($_POST['theme_mobile']) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : '');
$maximagesize = (!empty($_POST['maximagesize']) ? intval(trim($_POST['maximagesize'])) : 0);
$maximagelength = (!empty($_POST['maximagelength']) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH);
$jpegimagequality = (!empty($_POST['jpegimagequality']) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY);
$register_policy = (!empty($_POST['register_policy']) ? intval(trim($_POST['register_policy'])) : 0);
$daily_registrations = (!empty($_POST['max_daily_registrations']) ? intval(trim($_POST['max_daily_registrations'])) : 0);
$abandon_days = (!empty($_POST['abandon_days']) ? intval(trim($_POST['abandon_days'])) : 0);
$register_text = (!empty($_POST['register_text']) ? strip_tags(trim($_POST['register_text'])) : '');
$allowed_sites = (!empty($_POST['allowed_sites']) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : '');
$allowed_email = (!empty($_POST['allowed_email']) ? Strings::escapeTags(trim($_POST['allowed_email'])) : '');
$forbidden_nicknames = (!empty($_POST['forbidden_nicknames']) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : '');
$no_oembed_rich_content = !empty($_POST['no_oembed_rich_content']);
$allowed_oembed = (!empty($_POST['allowed_oembed']) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : '');
$block_public = !empty($_POST['block_public']);
$force_publish = !empty($_POST['publish_all']);
$global_directory = (!empty($_POST['directory']) ? Strings::escapeTags(trim($_POST['directory'])) : '');
$newuser_private = !empty($_POST['newuser_private']);
$enotify_no_content = !empty($_POST['enotify_no_content']);
$private_addons = !empty($_POST['private_addons']);
$disable_embedded = !empty($_POST['disable_embedded']);
$allow_users_remote_self = !empty($_POST['allow_users_remote_self']);
$explicit_content = !empty($_POST['explicit_content']);
$no_multi_reg = !empty($_POST['no_multi_reg']);
$no_openid = !empty($_POST['no_openid']);
$no_regfullname = !empty($_POST['no_regfullname']);
$community_page_style = (!empty($_POST['community_page_style']) ? intval(trim($_POST['community_page_style'])) : 0);
$max_author_posts_community_page = (!empty($_POST['max_author_posts_community_page']) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
$verifyssl = !empty($_POST['verifyssl']);
$proxyuser = (!empty($_POST['proxyuser']) ? Strings::escapeTags(trim($_POST['proxyuser'])) : '');
$proxy = (!empty($_POST['proxy']) ? Strings::escapeTags(trim($_POST['proxy'])) : '');
$timeout = (!empty($_POST['timeout']) ? intval(trim($_POST['timeout'])) : 60);
$maxloadavg = (!empty($_POST['maxloadavg']) ? intval(trim($_POST['maxloadavg'])) : 50);
$maxloadavg_frontend = (!empty($_POST['maxloadavg_frontend']) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
$min_memory = (!empty($_POST['min_memory']) ? intval(trim($_POST['min_memory'])) : 0);
$optimize_max_tablesize = (!empty($_POST['optimize_max_tablesize']) ? intval(trim($_POST['optimize_max_tablesize'])) : 100);
$optimize_fragmentation = (!empty($_POST['optimize_fragmentation']) ? intval(trim($_POST['optimize_fragmentation'])) : 30);
$poco_completion = (!empty($_POST['poco_completion']) ? intval(trim($_POST['poco_completion'])) : false);
$poco_requery_days = (!empty($_POST['poco_requery_days']) ? intval(trim($_POST['poco_requery_days'])) : 7);
$poco_discovery = (!empty($_POST['poco_discovery']) ? intval(trim($_POST['poco_discovery'])) : 0);
$poco_discovery_since = (!empty($_POST['poco_discovery_since']) ? intval(trim($_POST['poco_discovery_since'])) : 30);
$poco_local_search = !empty($_POST['poco_local_search']);
$nodeinfo = !empty($_POST['nodeinfo']);
$dfrn_only = !empty($_POST['dfrn_only']);
$ostatus_disabled = !empty($_POST['ostatus_disabled']);
$ostatus_full_threads = !empty($_POST['ostatus_full_threads']);
$diaspora_enabled = !empty($_POST['diaspora_enabled']);
$ssl_policy = (!empty($_POST['ssl_policy']) ? intval($_POST['ssl_policy']) : 0);
$force_ssl = !empty($_POST['force_ssl']);
$hide_help = !empty($_POST['hide_help']);
$dbclean = !empty($_POST['dbclean']);
$dbclean_expire_days = (!empty($_POST['dbclean_expire_days']) ? intval($_POST['dbclean_expire_days']) : 0);
$dbclean_unclaimed = (!empty($_POST['dbclean_unclaimed']) ? intval($_POST['dbclean_unclaimed']) : 0);
$dbclean_expire_conv = (!empty($_POST['dbclean_expire_conv']) ? intval($_POST['dbclean_expire_conv']) : 0);
$suppress_tags = !empty($_POST['suppress_tags']);
$itemcache = (!empty($_POST['itemcache']) ? Strings::escapeTags(trim($_POST['itemcache'])) : '');
$itemcache_duration = (!empty($_POST['itemcache_duration']) ? intval($_POST['itemcache_duration']) : 0);
$max_comments = (!empty($_POST['max_comments']) ? intval($_POST['max_comments']) : 0);
$temppath = (!empty($_POST['temppath']) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
$basepath = (!empty($_POST['basepath']) ? Strings::escapeTags(trim($_POST['basepath'])) : '');
$singleuser = (!empty($_POST['singleuser']) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
$proxy_disabled = !empty($_POST['proxy_disabled']);
$only_tag_search = !empty($_POST['only_tag_search']);
$rino = (!empty($_POST['rino']) ? intval($_POST['rino']) : 0);
$check_new_version_url = (!empty($_POST['check_new_version_url']) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
$worker_queues = (!empty($_POST['worker_queues']) ? intval($_POST['worker_queues']) : 10);
$worker_dont_fork = !empty($_POST['worker_dont_fork']);
$worker_fastlane = !empty($_POST['worker_fastlane']);
$worker_frontend = !empty($_POST['worker_frontend']);
$relay_directly = !empty($_POST['relay_directly']);
$relay_server = (!empty($_POST['relay_server']) ? Strings::escapeTags(trim($_POST['relay_server'])) : '');
$relay_subscribe = !empty($_POST['relay_subscribe']);
$relay_scope = (!empty($_POST['relay_scope']) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
$relay_server_tags = (!empty($_POST['relay_server_tags']) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
$relay_user_tags = !empty($_POST['relay_user_tags']);
$active_panel = (!empty($_POST['active_panel']) ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
// Has the directory url changed? If yes, then resubmit the existing profiles there
if ($global_directory != Config::get('system', 'directory') && ($global_directory != '')) {
@ -1217,24 +1219,24 @@ function admin_page_site_post(App $a)
);
}
}
Config::set('system', 'ssl_policy', $ssl_policy);
Config::set('system', 'maxloadavg', $maxloadavg);
Config::set('system', 'maxloadavg_frontend', $maxloadavg_frontend);
Config::set('system', 'min_memory', $min_memory);
Config::set('system', 'ssl_policy' , $ssl_policy);
Config::set('system', 'maxloadavg' , $maxloadavg);
Config::set('system', 'maxloadavg_frontend' , $maxloadavg_frontend);
Config::set('system', 'min_memory' , $min_memory);
Config::set('system', 'optimize_max_tablesize', $optimize_max_tablesize);
Config::set('system', 'optimize_fragmentation', $optimize_fragmentation);
Config::set('system', 'poco_completion', $poco_completion);
Config::set('system', 'poco_requery_days', $poco_requery_days);
Config::set('system', 'poco_discovery', $poco_discovery);
Config::set('system', 'poco_discovery_since', $poco_discovery_since);
Config::set('system', 'poco_local_search', $poco_local_search);
Config::set('system', 'nodeinfo', $nodeinfo);
Config::set('config', 'sitename', $sitename);
Config::set('config', 'hostname', $hostname);
Config::set('config', 'sender_email', $sender_email);
Config::set('system', 'suppress_tags', $suppress_tags);
Config::set('system', 'shortcut_icon', $shortcut_icon);
Config::set('system', 'touch_icon', $touch_icon);
Config::set('system', 'poco_completion' , $poco_completion);
Config::set('system', 'poco_requery_days' , $poco_requery_days);
Config::set('system', 'poco_discovery' , $poco_discovery);
Config::set('system', 'poco_discovery_since' , $poco_discovery_since);
Config::set('system', 'poco_local_search' , $poco_local_search);
Config::set('system', 'nodeinfo' , $nodeinfo);
Config::set('config', 'sitename' , $sitename);
Config::set('config', 'hostname' , $hostname);
Config::set('config', 'sender_email' , $sender_email);
Config::set('system', 'suppress_tags' , $suppress_tags);
Config::set('system', 'shortcut_icon' , $shortcut_icon);
Config::set('system', 'touch_icon' , $touch_icon);
if ($banner == "") {
Config::delete('system', 'banner');
@ -1261,49 +1263,49 @@ function admin_page_site_post(App $a)
} else {
Config::set('system', 'singleuser', $singleuser);
}
Config::set('system', 'maximagesize', $maximagesize);
Config::set('system', 'max_image_length', $maximagelength);
Config::set('system', 'jpeg_quality', $jpegimagequality);
Config::set('system', 'maximagesize' , $maximagesize);
Config::set('system', 'max_image_length' , $maximagelength);
Config::set('system', 'jpeg_quality' , $jpegimagequality);
Config::set('config', 'register_policy', $register_policy);
Config::set('config', 'register_policy' , $register_policy);
Config::set('system', 'max_daily_registrations', $daily_registrations);
Config::set('system', 'account_abandon_days', $abandon_days);
Config::set('config', 'register_text', $register_text);
Config::set('system', 'allowed_sites', $allowed_sites);
Config::set('system', 'allowed_email', $allowed_email);
Config::set('system', 'forbidden_nicknames', $forbidden_nicknames);
Config::set('system', 'no_oembed_rich_content', $no_oembed_rich_content);
Config::set('system', 'allowed_oembed', $allowed_oembed);
Config::set('system', 'block_public', $block_public);
Config::set('system', 'publish_all', $force_publish);
Config::set('system', 'newuser_private', $newuser_private);
Config::set('system', 'enotify_no_content', $enotify_no_content);
Config::set('system', 'disable_embedded', $disable_embedded);
Config::set('system', 'account_abandon_days' , $abandon_days);
Config::set('config', 'register_text' , $register_text);
Config::set('system', 'allowed_sites' , $allowed_sites);
Config::set('system', 'allowed_email' , $allowed_email);
Config::set('system', 'forbidden_nicknames' , $forbidden_nicknames);
Config::set('system', 'no_oembed_rich_content' , $no_oembed_rich_content);
Config::set('system', 'allowed_oembed' , $allowed_oembed);
Config::set('system', 'block_public' , $block_public);
Config::set('system', 'publish_all' , $force_publish);
Config::set('system', 'newuser_private' , $newuser_private);
Config::set('system', 'enotify_no_content' , $enotify_no_content);
Config::set('system', 'disable_embedded' , $disable_embedded);
Config::set('system', 'allow_users_remote_self', $allow_users_remote_self);
Config::set('system', 'explicit_content', $explicit_content);
Config::set('system', 'check_new_version_url', $check_new_version_url);
Config::set('system', 'explicit_content' , $explicit_content);
Config::set('system', 'check_new_version_url' , $check_new_version_url);
Config::set('system', 'block_extended_register', $no_multi_reg);
Config::set('system', 'no_openid', $no_openid);
Config::set('system', 'no_regfullname', $no_regfullname);
Config::set('system', 'community_page_style', $community_page_style);
Config::set('system', 'no_openid' , $no_openid);
Config::set('system', 'no_regfullname' , $no_regfullname);
Config::set('system', 'community_page_style' , $community_page_style);
Config::set('system', 'max_author_posts_community_page', $max_author_posts_community_page);
Config::set('system', 'verifyssl', $verifyssl);
Config::set('system', 'proxyuser', $proxyuser);
Config::set('system', 'proxy', $proxy);
Config::set('system', 'curl_timeout', $timeout);
Config::set('system', 'dfrn_only', $dfrn_only);
Config::set('system', 'ostatus_disabled', $ostatus_disabled);
Config::set('system', 'ostatus_full_threads', $ostatus_full_threads);
Config::set('system', 'diaspora_enabled', $diaspora_enabled);
Config::set('config', 'private_addons', $private_addons);
Config::set('system', 'force_ssl', $force_ssl);
Config::set('system', 'hide_help', $hide_help);
Config::set('system', 'dbclean', $dbclean);
Config::set('system', 'dbclean-expire-days', $dbclean_expire_days);
Config::set('system', 'verifyssl' , $verifyssl);
Config::set('system', 'proxyuser' , $proxyuser);
Config::set('system', 'proxy' , $proxy);
Config::set('system', 'curl_timeout' , $timeout);
Config::set('system', 'dfrn_only' , $dfrn_only);
Config::set('system', 'ostatus_disabled' , $ostatus_disabled);
Config::set('system', 'ostatus_full_threads' , $ostatus_full_threads);
Config::set('system', 'diaspora_enabled' , $diaspora_enabled);
Config::set('config', 'private_addons' , $private_addons);
Config::set('system', 'force_ssl' , $force_ssl);
Config::set('system', 'hide_help' , $hide_help);
Config::set('system', 'dbclean' , $dbclean);
Config::set('system', 'dbclean-expire-days' , $dbclean_expire_days);
Config::set('system', 'dbclean_expire_conversation', $dbclean_expire_conv);
if ($dbclean_unclaimed == 0) {