Sanitize the addon author if it is not a valid URL but a handle

This commit is contained in:
Michael 2021-10-01 13:25:00 +00:00
parent 57ac1e5b92
commit 19d5987c9d

View file

@ -23,6 +23,7 @@ namespace Friendica\Core;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\DI; use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Util\Strings; use Friendica\Util\Strings;
/** /**
@ -257,6 +258,12 @@ class Addon
if ($type == "author" || $type == "maintainer") { if ($type == "author" || $type == "maintainer") {
$r = preg_match("|([^<]+)<([^>]+)>|", $v, $m); $r = preg_match("|([^<]+)<([^>]+)>|", $v, $m);
if ($r) { if ($r) {
if (!empty($m[2]) && empty(parse_url($m[2], PHP_URL_SCHEME))) {
$contact = Contact::getByURL($m[2], false);
if (!empty($contact['url'])) {
$m[2] = $contact['url'];
}
}
$info[$type][] = ['name' => $m[1], 'link' => $m[2]]; $info[$type][] = ['name' => $m[1], 'link' => $m[2]];
} else { } else {
$info[$type][] = ['name' => $v]; $info[$type][] = ['name' => $v];