diff --git a/blockem/blockem.php b/blockem/blockem.php index 2a5fd8b60..fbba29f40 100644 --- a/blockem/blockem.php +++ b/blockem/blockem.php @@ -11,6 +11,7 @@ use Friendica\App; use Friendica\Core\Addon; use Friendica\Core\L10n; use Friendica\Core\PConfig; +use Friendica\Util\Strings; function blockem_install() { @@ -100,7 +101,7 @@ function blockem_enotify_store(App $a, array &$b) continue; } - if (link_compare($b['url'], $word)) { + if (Strings::compareLink($b['url'], $word)) { $found = true; break; } @@ -133,7 +134,7 @@ function blockem_prepare_body_content_filter(App $a, array &$hook_data) $found = false; foreach ($profiles_array as $word) { - if (link_compare($hook_data['item']['author-link'], trim($word))) { + if (Strings::compareLink($hook_data['item']['author-link'], trim($word))) { $found = true; break; } @@ -192,7 +193,7 @@ function blockem_item_photo_menu(App $a, array &$b) if (!empty($a->data['blockem'])) { foreach($a->data['blockem'] as $bloke) { - if (link_compare($bloke,$author)) { + if (Strings::compareLink($bloke,$author)) { $blocked = true; break; } @@ -231,7 +232,7 @@ function blockem_init(App $a) if (count($arr)) { foreach ($arr as $x) { - if (!link_compare(trim($x), trim($_GET['unblock']))) { + if (!Strings::compareLink(trim($x), trim($_GET['unblock']))) { $newarr[] = $x; } } diff --git a/buffer/buffer.php b/buffer/buffer.php index bb9af8ab3..d9378cb12 100644 --- a/buffer/buffer.php +++ b/buffer/buffer.php @@ -19,6 +19,7 @@ use Friendica\Core\Renderer; use Friendica\Database\DBA; use Friendica\Model\ItemContent; use Friendica\Util\Proxy as ProxyUtils; +use Friendica\Util\Strings; function buffer_install() { @@ -83,8 +84,8 @@ function buffer_addon_admin(App $a, &$o) function buffer_addon_admin_post(App $a) { - $client_id = ((!empty($_POST['client_id'])) ? notags(trim($_POST['client_id'])) : ''); - $client_secret = ((!empty($_POST['client_secret'])) ? notags(trim($_POST['client_secret'])) : ''); + $client_id = ((!empty($_POST['client_id'])) ? Strings::escapeTags(trim($_POST['client_id'])) : ''); + $client_secret = ((!empty($_POST['client_secret'])) ? Strings::escapeTags(trim($_POST['client_secret'])) : ''); Config::set('buffer', 'client_id' , $client_id); Config::set('buffer', 'client_secret', $client_secret); diff --git a/forumdirectory/forumdirectory.php b/forumdirectory/forumdirectory.php index 1c88dfafe..a901015f2 100644 --- a/forumdirectory/forumdirectory.php +++ b/forumdirectory/forumdirectory.php @@ -17,6 +17,7 @@ use Friendica\Core\Renderer; use Friendica\Database\DBA; use Friendica\Model\Contact; use Friendica\Model\Profile; +use Friendica\Util\Strings; use Friendica\Util\Temporal; require_once 'boot.php'; @@ -72,9 +73,9 @@ function forumdirectory_content(App $a) Nav::setSelected('directory'); if (!empty($a->data['search'])) { - $search = notags(trim($a->data['search'])); + $search = Strings::escapeTags(trim($a->data['search'])); } else { - $search = ((!empty($_GET['search'])) ? notags(trim(rawurldecode($_GET['search']))) : ''); + $search = ((!empty($_GET['search'])) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : ''); } $tpl = Renderer::getMarkupTemplate('directory_header.tpl'); diff --git a/geocoordinates/geocoordinates.php b/geocoordinates/geocoordinates.php index 1a0b9daab..58c5a30c7 100644 --- a/geocoordinates/geocoordinates.php +++ b/geocoordinates/geocoordinates.php @@ -12,6 +12,7 @@ use Friendica\Core\L10n; use Friendica\Core\Logger; use Friendica\Core\Renderer; use Friendica\Util\Network; +use Friendica\Util\Strings; function geocoordinates_install() { @@ -99,10 +100,10 @@ function geocoordinates_addon_admin(&$a, &$o) function geocoordinates_addon_admin_post(&$a) { - $api_key = ((x($_POST, 'api_key')) ? notags(trim($_POST['api_key'])) : ''); + $api_key = ((x($_POST, 'api_key')) ? Strings::escapeTags(trim($_POST['api_key'])) : ''); Config::set('geocoordinates', 'api_key', $api_key); - $language = ((x($_POST, 'language')) ? notags(trim($_POST['language'])) : ''); + $language = ((x($_POST, 'language')) ? Strings::escapeTags(trim($_POST['language'])) : ''); Config::set('geocoordinates', 'language', $language); info(L10n::t('Settings updated.'). EOL); } diff --git a/gravatar/gravatar.php b/gravatar/gravatar.php index d0d546899..49eec4a66 100644 --- a/gravatar/gravatar.php +++ b/gravatar/gravatar.php @@ -15,6 +15,7 @@ use Friendica\Core\Logger; use Friendica\Core\Renderer; use Friendica\Database\DBA; use Friendica\Util\Security; +use Friendica\Util\Strings; /** * Installs the addon hook @@ -121,8 +122,8 @@ function gravatar_addon_admin (&$a, &$o) { function gravatar_addon_admin_post (&$a) { BaseModule::checkFormSecurityToken('gravatarsave'); - $default_avatar = ((x($_POST, 'avatar')) ? notags(trim($_POST['avatar'])) : 'identicon'); - $rating = ((x($_POST, 'rating')) ? notags(trim($_POST['rating'])) : 'g'); + $default_avatar = ((x($_POST, 'avatar')) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon'); + $rating = ((x($_POST, 'rating')) ? Strings::escapeTags(trim($_POST['rating'])) : 'g'); Config::set('gravatar', 'default_avatar', $default_avatar); Config::set('gravatar', 'rating', $rating); info(L10n::t('Gravatar settings updated.') .EOL); diff --git a/ifttt/ifttt.php b/ifttt/ifttt.php index a5838c049..fd5700488 100644 --- a/ifttt/ifttt.php +++ b/ifttt/ifttt.php @@ -18,6 +18,7 @@ use Friendica\Core\PConfig; use Friendica\Core\Protocol; use Friendica\Database\DBA; use Friendica\Model\Item; +use Friendica\Util\Strings; function ifttt_install() { @@ -50,7 +51,7 @@ function ifttt_settings(App $a, &$s) $key = PConfig::get(local_user(), 'ifttt', 'key'); if (!$key) { - $key = random_string(20); + $key = Strings::getRandomHex(20); PConfig::set(local_user(), 'ifttt', 'key', $key); } diff --git a/impressum/impressum.php b/impressum/impressum.php index 0efe5c3c6..3e04c64fe 100644 --- a/impressum/impressum.php +++ b/impressum/impressum.php @@ -14,6 +14,7 @@ use Friendica\Core\L10n; use Friendica\Core\Logger; use Friendica\Core\Renderer; use Friendica\Util\Proxy as ProxyUtils; +use Friendica\Util\Strings; function impressum_install() { Addon::registerHook('load_config', 'addon/impressum/impressum.php', 'impressum_load_config'); @@ -86,11 +87,11 @@ function impressum_show($a,&$b) { } function impressum_addon_admin_post (&$a) { - $owner = ((x($_POST, 'owner')) ? notags(trim($_POST['owner'])) : ''); - $ownerprofile = ((x($_POST, 'ownerprofile')) ? notags(trim($_POST['ownerprofile'])) : ''); + $owner = ((x($_POST, 'owner')) ? Strings::escapeTags(trim($_POST['owner'])) : ''); + $ownerprofile = ((x($_POST, 'ownerprofile')) ? Strings::escapeTags(trim($_POST['ownerprofile'])) : ''); $postal = ((x($_POST, 'postal')) ? (trim($_POST['postal'])) : ''); $notes = ((x($_POST, 'notes')) ? (trim($_POST['notes'])) : ''); - $email = ((x($_POST, 'email')) ? notags(trim($_POST['email'])) : ''); + $email = ((x($_POST, 'email')) ? Strings::escapeTags(trim($_POST['email'])) : ''); $footer_text = ((x($_POST, 'footer_text')) ? (trim($_POST['footer_text'])) : ''); Config::set('impressum','owner',strip_tags($owner)); Config::set('impressum','ownerprofile',strip_tags($ownerprofile)); diff --git a/libravatar/libravatar.php b/libravatar/libravatar.php index 39f77a569..c711bf5ed 100644 --- a/libravatar/libravatar.php +++ b/libravatar/libravatar.php @@ -15,6 +15,7 @@ use Friendica\Core\Logger; use Friendica\Core\Renderer; use Friendica\Database\DBA; use Friendica\Util\Security; +use Friendica\Util\Strings; /** * Installs the addon hook @@ -124,7 +125,7 @@ function libravatar_addon_admin_post(&$a) { BaseModule::checkFormSecurityToken('libravatarrsave'); - $default_avatar = ((x($_POST, 'avatar')) ? notags(trim($_POST['avatar'])) : 'identicon'); + $default_avatar = ((x($_POST, 'avatar')) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon'); Config::set('libravatar', 'default_avatar', $default_avatar); info(L10n::t('Libravatar settings updated.') .EOL); } diff --git a/newmemberwidget/newmemberwidget.php b/newmemberwidget/newmemberwidget.php index 73ae176cc..8ecbaaa9a 100644 --- a/newmemberwidget/newmemberwidget.php +++ b/newmemberwidget/newmemberwidget.php @@ -12,6 +12,7 @@ use Friendica\Core\Config; use Friendica\Core\L10n; use Friendica\Core\Logger; use Friendica\Core\Renderer; +use Friendica\Util\Strings; function newmemberwidget_install() { @@ -54,7 +55,7 @@ function newmemberwidget_network_mod_init ($a, $b) function newmemberwidget_addon_admin_post(&$a) { $ft = ((x($_POST, 'freetext')) ? trim($_POST['freetext']) : ""); - $lsn = ((x($_POST, 'localsupportname')) ? notags(trim($_POST['localsupportname'])) : ""); + $lsn = ((x($_POST, 'localsupportname')) ? Strings::escapeTags(trim($_POST['localsupportname'])) : ""); $gs = intval($_POST['linkglobalsupport']); $ls = intval($_POST['linklocalsupport']); Config::set('newmemberwidget', 'freetext', trim($ft)); diff --git a/openstreetmap/openstreetmap.php b/openstreetmap/openstreetmap.php index 68edf8bfe..0410931e7 100644 --- a/openstreetmap/openstreetmap.php +++ b/openstreetmap/openstreetmap.php @@ -16,6 +16,7 @@ use Friendica\Core\Logger; use Friendica\Core\Renderer; use Friendica\Core\System; use Friendica\Util\Network; +use Friendica\Util\Strings; const OSM_TMS = 'https://www.openstreetmap.org'; const OSM_NOM = 'https://nominatim.openstreetmap.org/search.php'; @@ -176,7 +177,7 @@ function openstreetmap_generate_map(&$a, &$b) $cardlink .= '?mlat=' . $lat . '&mlon=' . $lon; } - $cardlink .= '#map=' . $zoom . '/' . $lat . '/' . $lon . '">' . ($b['location'] ? escape_tags($b['location']) : L10n::t('View Larger')) . ''; + $cardlink .= '#map=' . $zoom . '/' . $lat . '/' . $lon . '">' . ($b['location'] ? Strings::escapeHtml($b['location']) : L10n::t('View Larger')) . ''; if (empty($b['mode'])) { $b['html'] = '