From 761e94d134cf841a013127ba5070dcba525e0c6d Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Tue, 25 Dec 2018 11:37:32 -0500
Subject: [PATCH] Remove redundant htmlentities/htmlspecialchars

---
 mod/admin.php             |  2 --
 mod/allfriends.php        |  6 ++----
 mod/babel.php             |  2 +-
 mod/common.php            |  4 ++--
 mod/credits.php           |  2 +-
 mod/crepair.php           |  4 ++--
 mod/editpost.php          |  9 ++++-----
 mod/follow.php            | 12 +-----------
 mod/message.php           | 30 +++++++++++++++---------------
 mod/network.php           |  2 +-
 mod/unfollow.php          |  4 +---
 mod/wallmessage.php       | 28 ++++++++++++++--------------
 src/Content/Text/HTML.php |  2 +-
 src/Module/Itemsource.php |  4 ++--
 14 files changed, 47 insertions(+), 64 deletions(-)

diff --git a/mod/admin.php b/mod/admin.php
index 89514397f0..eab2e72267 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -1444,9 +1444,7 @@ function admin_page_site(App $a)
 		$banner = '<a href="https://friendi.ca"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="https://friendi.ca">Friendica</a></span>';
 	}
 
-	$banner = htmlspecialchars($banner);
 	$info = Config::get('config', 'info');
-	$info = htmlspecialchars($info);
 
 	// Automatically create temporary paths
 	get_temppath();
diff --git a/mod/allfriends.php b/mod/allfriends.php
index b233a46182..7a39c481db 100644
--- a/mod/allfriends.php
+++ b/mod/allfriends.php
@@ -81,9 +81,9 @@ function allfriends_content(App $a)
 		$entry = [
 			'url'          => $rr['url'],
 			'itemurl'      => defaults($contact_details, 'addr', $rr['url']),
-			'name'         => htmlentities($contact_details['name']),
+			'name'         => $contact_details['name'],
 			'thumb'        => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
-			'img_hover'    => htmlentities($contact_details['name']),
+			'img_hover'    => $contact_details['name'],
 			'details'      => $contact_details['location'],
 			'tags'         => $contact_details['keywords'],
 			'about'        => $contact_details['about'],
@@ -100,9 +100,7 @@ function allfriends_content(App $a)
 	$tab_str = Module\Contact::getTabsHTML($a, $contact, 4);
 
 	$tpl = Renderer::getMarkupTemplate('viewcontact_template.tpl');
-
 	$o .= Renderer::replaceMacros($tpl, [
-		//'$title' => L10n::t('Friends of %s', htmlentities($c[0]['name'])),
 		'$tab_str' => $tab_str,
 		'$contacts' => $entries,
 		'$paginate' => $pager->renderFull($total),
diff --git a/mod/babel.php b/mod/babel.php
index b9846e4fb4..64c9557767 100644
--- a/mod/babel.php
+++ b/mod/babel.php
@@ -142,7 +142,7 @@ function babel_content()
 
 	$tpl = Renderer::getMarkupTemplate('babel.tpl');
 	$o = Renderer::replaceMacros($tpl, [
-		'$text'          => ['text', L10n::t('Source text'), htmlentities(defaults($_REQUEST, 'text', '')), ''],
+		'$text'          => ['text', L10n::t('Source text'), defaults($_REQUEST, 'text', ''), ''],
 		'$type_bbcode'   => ['type', L10n::t('BBCode'), 'bbcode', '', defaults($_REQUEST, 'type', 'bbcode') == 'bbcode'],
 		'$type_markdown' => ['type', L10n::t('Markdown'), 'markdown', '', defaults($_REQUEST, 'type', 'bbcode') == 'markdown'],
 		'$type_html'     => ['type', L10n::t('HTML'), 'html', '', defaults($_REQUEST, 'type', 'bbcode') == 'html'],
diff --git a/mod/common.php b/mod/common.php
index c88d6ee77c..c93edf3b30 100644
--- a/mod/common.php
+++ b/mod/common.php
@@ -50,7 +50,7 @@ function common_content(App $a)
 
 		if (DBA::isResult($contact)) {
 			$vcard_widget = Renderer::replaceMacros(Renderer::getMarkupTemplate("vcard-widget.tpl"), [
-				'$name'  => htmlentities($contact['name']),
+				'$name'  => $contact['name'],
 				'$photo' => $contact['photo'],
 				'url'    => 'contact/' . $cid
 			]);
@@ -123,7 +123,7 @@ function common_content(App $a)
 			'itemurl'      => defaults($contact_details, 'addr', $common_friend['url']),
 			'name'         => $contact_details['name'],
 			'thumb'        => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
-			'img_hover'    => htmlentities($contact_details['name']),
+			'img_hover'    => $contact_details['name'],
 			'details'      => $contact_details['location'],
 			'tags'         => $contact_details['keywords'],
 			'about'        => $contact_details['about'],
diff --git a/mod/credits.php b/mod/credits.php
index c53c86b8b9..f397bdca70 100644
--- a/mod/credits.php
+++ b/mod/credits.php
@@ -13,7 +13,7 @@ function credits_content()
 {
 	/* fill the page with credits */
 	$credits_string = file_get_contents('util/credits.txt');
-	$names = explode("\n", htmlspecialchars($credits_string));
+	$names = explode("\n", $credits_string);
 	$tpl = Renderer::getMarkupTemplate('credits.tpl');
 	return Renderer::replaceMacros($tpl, [
 		'$title'  => L10n::t('Credits'),
diff --git a/mod/crepair.php b/mod/crepair.php
index 8623d3c4ac..91b22dbc92 100644
--- a/mod/crepair.php
+++ b/mod/crepair.php
@@ -158,8 +158,8 @@ function crepair_content(App $a)
 			$remote_self_options
 		],
 
-		'$name'		=> ['name', L10n::t('Name') , htmlentities($contact['name'])],
-		'$nick'		=> ['nick', L10n::t('Account Nickname'), htmlentities($contact['nick'])],
+		'$name'		=> ['name', L10n::t('Name') , $contact['name']],
+		'$nick'		=> ['nick', L10n::t('Account Nickname'), $contact['nick']],
 		'$attag'	=> ['attag', L10n::t('@Tagname - overrides Name/Nickname'), $contact['attag']],
 		'$url'		=> ['url', L10n::t('Account URL'), $contact['url']],
 		'$request'	=> ['request', L10n::t('Friend Request URL'), $contact['request']],
diff --git a/mod/editpost.php b/mod/editpost.php
index b518588a59..1e53285830 100644
--- a/mod/editpost.php
+++ b/mod/editpost.php
@@ -6,6 +6,7 @@ use Friendica\App;
 use Friendica\Content\Feature;
 use Friendica\Core\Addon;
 use Friendica\Core\Config;
+use Friendica\Core\Hook;
 use Friendica\Core\L10n;
 use Friendica\Core\Renderer;
 use Friendica\Core\System;
@@ -54,8 +55,6 @@ function editpost_content(App $a)
 		'$nickname' => $a->user['nickname']
 	]);
 
-	$tpl = Renderer::getMarkupTemplate("jot.tpl");
-
 	if (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) {
 		$lockstate = 'lock';
 	} else {
@@ -84,9 +83,9 @@ function editpost_content(App $a)
 		}
 	}
 
-	Addon::callHooks('jot_tool', $jotplugins);
-	//Addon::callHooks('jot_networks', $jotnets);
+	Hook::callAll('jot_tool', $jotplugins);
 
+	$tpl = Renderer::getMarkupTemplate("jot.tpl");
 	$o .= Renderer::replaceMacros($tpl, [
 		'$is_edit' => true,
 		'$return_path' => '/display/' . $item['guid'],
@@ -119,7 +118,7 @@ function editpost_content(App $a)
 		'$emailcc' => L10n::t('CC: email addresses'),
 		'$public' => L10n::t('Public post'),
 		'$jotnets' => $jotnets,
-		'$title' => htmlspecialchars($item['title']),
+		'$title' => $item['title'],
 		'$placeholdertitle' => L10n::t('Set title'),
 		'$category' => FileTag::fileToList($item['file'], 'category'),
 		'$placeholdercategory' => (Feature::isEnabled(local_user(),'categories') ? L10n::t("Categories \x28comma-separated list\x29") : ''),
diff --git a/mod/follow.php b/mod/follow.php
index 1ee61ce9e1..f8e2539d97 100644
--- a/mod/follow.php
+++ b/mod/follow.php
@@ -144,11 +144,8 @@ function follow_content(App $a)
 		$r[0]['about'] = '';
 	}
 
-	$header = L10n::t('Connect/Follow');
-
 	$o = Renderer::replaceMacros($tpl, [
-		'$header'        => htmlentities($header),
-		//'$photo'         => ProxyUtils::proxifyUrl($ret['photo'], false, ProxyUtils::SIZE_SMALL),
+		'$header'        => L10n::t('Connect/Follow'),
 		'$desc'          => '',
 		'$pls_answer'    => L10n::t('Please answer the following:'),
 		'$does_know_you' => ['knowyou', L10n::t('Does %s know you?', $ret['name']), false, '', [L10n::t('No'), L10n::t('Yes')]],
@@ -170,13 +167,6 @@ function follow_content(App $a)
 		'$url_label'     => L10n::t('Profile URL'),
 		'$myaddr'        => $myaddr,
 		'$request'       => $request,
-		/*
-		 * @TODO commented out?
-		'$location'      => Friendica\Content\Text\BBCode::::convert($r[0]['location']),
-		'$location_label'=> L10n::t('Location:'),
-		'$about'         => Friendica\Content\Text\BBCode::::convert($r[0]['about'], false, false),
-		'$about_label'   => L10n::t('About:'),
-		*/
 		'$keywords'      => $r[0]['keywords'],
 		'$keywords_label'=> L10n::t('Tags:')
 	]);
diff --git a/mod/message.php b/mod/message.php
index af19487990..d0993698b7 100644
--- a/mod/message.php
+++ b/mod/message.php
@@ -247,22 +247,22 @@ function message_content(App $a)
 
 		$tpl = Renderer::getMarkupTemplate('prv_message.tpl');
 		$o .= Renderer::replaceMacros($tpl, [
-			'$header' => L10n::t('Send Private Message'),
-			'$to' => L10n::t('To:'),
+			'$header'     => L10n::t('Send Private Message'),
+			'$to'         => L10n::t('To:'),
 			'$showinputs' => 'true',
-			'$prefill' => $prefill,
-			'$preid' => $preid,
-			'$subject' => L10n::t('Subject:'),
-			'$subjtxt' => !empty($_REQUEST['subject']) ? strip_tags($_REQUEST['subject']) : '',
-			'$text' => !empty($_REQUEST['body']) ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : '',
-			'$readonly' => '',
-			'$yourmessage' => L10n::t('Your message:'),
-			'$select' => $select,
-			'$parent' => '',
-			'$upload' => L10n::t('Upload photo'),
-			'$insert' => L10n::t('Insert web link'),
-			'$wait' => L10n::t('Please wait'),
-			'$submit' => L10n::t('Submit')
+			'$prefill'    => $prefill,
+			'$preid'      => $preid,
+			'$subject'    => L10n::t('Subject:'),
+			'$subjtxt'    => defaults($_REQUEST, 'subject', ''),
+			'$text'       => defaults($_REQUEST, 'body', ''),
+			'$readonly'   => '',
+			'$yourmessage'=> L10n::t('Your message:'),
+			'$select'     => $select,
+			'$parent'     => '',
+			'$upload'     => L10n::t('Upload photo'),
+			'$insert'     => L10n::t('Insert web link'),
+			'$wait'       => L10n::t('Please wait'),
+			'$submit'     => L10n::t('Submit')
 		]);
 		return $o;
 	}
diff --git a/mod/network.php b/mod/network.php
index 46861e3943..6a4413b54e 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -667,7 +667,7 @@ function networkThreadedView(App $a, $update, $parent)
 
 			$entries[0] = [
 				'id' => 'network',
-				'name' => htmlentities($contact['name']),
+				'name' => $contact['name'],
 				'itemurl' => defaults($contact, 'addr', $contact['nurl']),
 				'thumb' => ProxyUtils::proxifyUrl($contact['thumb'], false, ProxyUtils::SIZE_THUMB),
 				'details' => $contact['location'],
diff --git a/mod/unfollow.php b/mod/unfollow.php
index 433a4782ff..a66c88aefd 100644
--- a/mod/unfollow.php
+++ b/mod/unfollow.php
@@ -114,10 +114,8 @@ function unfollow_content(App $a)
 	// Makes the connection request for friendica contacts easier
 	$_SESSION['fastlane'] = $contact['url'];
 
-	$header = L10n::t('Disconnect/Unfollow');
-
 	$o = Renderer::replaceMacros($tpl, [
-		'$header'        => htmlentities($header),
+		'$header'        => L10n::t('Disconnect/Unfollow'),
 		'$desc'          => '',
 		'$pls_answer'    => '',
 		'$does_know_you' => '',
diff --git a/mod/wallmessage.php b/mod/wallmessage.php
index d93104644e..780230b8c7 100644
--- a/mod/wallmessage.php
+++ b/mod/wallmessage.php
@@ -125,20 +125,20 @@ function wallmessage_content(App $a) {
 
 	$tpl = Renderer::getMarkupTemplate('wallmessage.tpl');
 	$o = Renderer::replaceMacros($tpl, [
-		'$header' => L10n::t('Send Private Message'),
-		'$subheader' => L10n::t('If you wish for %s to respond, please check that the privacy settings on your site allow private mail from unknown senders.', $user['username']),
-		'$to' => L10n::t('To:'),
-		'$subject' => L10n::t('Subject:'),
-		'$recipname' => $user['username'],
-		'$nickname' => $user['nickname'],
-		'$subjtxt' => (!empty($_REQUEST['subject']) ? strip_tags($_REQUEST['subject']) : ''),
-		'$text' => (!empty($_REQUEST['body']) ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : ''),
-		'$readonly' => '',
-		'$yourmessage' => L10n::t('Your message:'),
-		'$parent' => '',
-		'$upload' => L10n::t('Upload photo'),
-		'$insert' => L10n::t('Insert web link'),
-		'$wait' => L10n::t('Please wait')
+		'$header'     => L10n::t('Send Private Message'),
+		'$subheader'  => L10n::t('If you wish for %s to respond, please check that the privacy settings on your site allow private mail from unknown senders.', $user['username']),
+		'$to'         => L10n::t('To:'),
+		'$subject'    => L10n::t('Subject:'),
+		'$recipname'  => $user['username'],
+		'$nickname'   => $user['nickname'],
+		'$subjtxt'    => defaults($_REQUEST, 'subject', ''),
+		'$text'       => defaults($_REQUEST, 'body', ''),
+		'$readonly'   => '',
+		'$yourmessage'=> L10n::t('Your message:'),
+		'$parent'     => '',
+		'$upload'     => L10n::t('Upload photo'),
+		'$insert'     => L10n::t('Insert web link'),
+		'$wait'       => L10n::t('Please wait')
 	]);
 
 	return $o;
diff --git a/src/Content/Text/HTML.php b/src/Content/Text/HTML.php
index e452e68353..276094a8f9 100644
--- a/src/Content/Text/HTML.php
+++ b/src/Content/Text/HTML.php
@@ -961,7 +961,7 @@ class HTML
 		$save_label = $mode === 'text' ? L10n::t('Save') : L10n::t('Follow');
 
 		$values = [
-				'$s' => htmlspecialchars($s),
+				'$s' => $s,
 				'$id' => $id,
 				'$action_url' => $url,
 				'$search_label' => L10n::t('Search'),
diff --git a/src/Module/Itemsource.php b/src/Module/Itemsource.php
index 2da679eeef..4d85ef15ce 100644
--- a/src/Module/Itemsource.php
+++ b/src/Module/Itemsource.php
@@ -25,12 +25,12 @@ class Itemsource extends \Friendica\BaseModule
 			$conversation = Model\Conversation::getByItemUri($item['uri']);
 
 			$item_uri = $item['uri'];
-			$source = htmlspecialchars($conversation['source']);
+			$source = $conversation['source'];
 		}
 
 		$tpl = Renderer::getMarkupTemplate('debug/itemsource.tpl');
 		$o = Renderer::replaceMacros($tpl, [
-			'$guid'          => ['guid', L10n::t('Item Guid'), htmlentities(defaults($_REQUEST, 'guid', '')), ''],
+			'$guid'          => ['guid', L10n::t('Item Guid'), defaults($_REQUEST, 'guid', ''), ''],
 			'$source'        => $source,
 			'$item_uri'      => $item_uri
 		]);