Merge pull request #773 from zeroadam/TextToStrings

Functions moved to Strings class
pull/774/head
Hypolite Petovan 2018-11-09 14:44:31 -05:00 committed by GitHub
commit d2460a43e5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
22 changed files with 80 additions and 58 deletions

View File

@ -11,6 +11,7 @@ use Friendica\App;
use Friendica\Core\Addon; use Friendica\Core\Addon;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Util\Strings;
function blockem_install() function blockem_install()
{ {
@ -100,7 +101,7 @@ function blockem_enotify_store(App $a, array &$b)
continue; continue;
} }
if (link_compare($b['url'], $word)) { if (Strings::compareLink($b['url'], $word)) {
$found = true; $found = true;
break; break;
} }
@ -133,7 +134,7 @@ function blockem_prepare_body_content_filter(App $a, array &$hook_data)
$found = false; $found = false;
foreach ($profiles_array as $word) { foreach ($profiles_array as $word) {
if (link_compare($hook_data['item']['author-link'], trim($word))) { if (Strings::compareLink($hook_data['item']['author-link'], trim($word))) {
$found = true; $found = true;
break; break;
} }
@ -192,7 +193,7 @@ function blockem_item_photo_menu(App $a, array &$b)
if (!empty($a->data['blockem'])) { if (!empty($a->data['blockem'])) {
foreach($a->data['blockem'] as $bloke) { foreach($a->data['blockem'] as $bloke) {
if (link_compare($bloke,$author)) { if (Strings::compareLink($bloke,$author)) {
$blocked = true; $blocked = true;
break; break;
} }
@ -231,7 +232,7 @@ function blockem_init(App $a)
if (count($arr)) { if (count($arr)) {
foreach ($arr as $x) { foreach ($arr as $x) {
if (!link_compare(trim($x), trim($_GET['unblock']))) { if (!Strings::compareLink(trim($x), trim($_GET['unblock']))) {
$newarr[] = $x; $newarr[] = $x;
} }
} }

View File

@ -19,6 +19,7 @@ use Friendica\Core\Renderer;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\ItemContent; use Friendica\Model\ItemContent;
use Friendica\Util\Proxy as ProxyUtils; use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Util\Strings;
function buffer_install() function buffer_install()
{ {
@ -83,8 +84,8 @@ function buffer_addon_admin(App $a, &$o)
function buffer_addon_admin_post(App $a) function buffer_addon_admin_post(App $a)
{ {
$client_id = ((!empty($_POST['client_id'])) ? notags(trim($_POST['client_id'])) : ''); $client_id = ((!empty($_POST['client_id'])) ? Strings::escapeTags(trim($_POST['client_id'])) : '');
$client_secret = ((!empty($_POST['client_secret'])) ? notags(trim($_POST['client_secret'])) : ''); $client_secret = ((!empty($_POST['client_secret'])) ? Strings::escapeTags(trim($_POST['client_secret'])) : '');
Config::set('buffer', 'client_id' , $client_id); Config::set('buffer', 'client_id' , $client_id);
Config::set('buffer', 'client_secret', $client_secret); Config::set('buffer', 'client_secret', $client_secret);

View File

@ -17,6 +17,7 @@ use Friendica\Core\Renderer;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Model\Profile; use Friendica\Model\Profile;
use Friendica\Util\Strings;
use Friendica\Util\Temporal; use Friendica\Util\Temporal;
require_once 'boot.php'; require_once 'boot.php';
@ -72,9 +73,9 @@ function forumdirectory_content(App $a)
Nav::setSelected('directory'); Nav::setSelected('directory');
if (!empty($a->data['search'])) { if (!empty($a->data['search'])) {
$search = notags(trim($a->data['search'])); $search = Strings::escapeTags(trim($a->data['search']));
} else { } else {
$search = ((!empty($_GET['search'])) ? notags(trim(rawurldecode($_GET['search']))) : ''); $search = ((!empty($_GET['search'])) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
} }
$tpl = Renderer::getMarkupTemplate('directory_header.tpl'); $tpl = Renderer::getMarkupTemplate('directory_header.tpl');

View File

@ -12,6 +12,7 @@ use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Util\Network; use Friendica\Util\Network;
use Friendica\Util\Strings;
function geocoordinates_install() function geocoordinates_install()
{ {
@ -99,10 +100,10 @@ function geocoordinates_addon_admin(&$a, &$o)
function geocoordinates_addon_admin_post(&$a) function geocoordinates_addon_admin_post(&$a)
{ {
$api_key = ((x($_POST, 'api_key')) ? notags(trim($_POST['api_key'])) : ''); $api_key = ((x($_POST, 'api_key')) ? Strings::escapeTags(trim($_POST['api_key'])) : '');
Config::set('geocoordinates', 'api_key', $api_key); Config::set('geocoordinates', 'api_key', $api_key);
$language = ((x($_POST, 'language')) ? notags(trim($_POST['language'])) : ''); $language = ((x($_POST, 'language')) ? Strings::escapeTags(trim($_POST['language'])) : '');
Config::set('geocoordinates', 'language', $language); Config::set('geocoordinates', 'language', $language);
info(L10n::t('Settings updated.'). EOL); info(L10n::t('Settings updated.'). EOL);
} }

View File

@ -15,6 +15,7 @@ use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Util\Security; use Friendica\Util\Security;
use Friendica\Util\Strings;
/** /**
* Installs the addon hook * Installs the addon hook
@ -121,8 +122,8 @@ function gravatar_addon_admin (&$a, &$o) {
function gravatar_addon_admin_post (&$a) { function gravatar_addon_admin_post (&$a) {
BaseModule::checkFormSecurityToken('gravatarsave'); BaseModule::checkFormSecurityToken('gravatarsave');
$default_avatar = ((x($_POST, 'avatar')) ? notags(trim($_POST['avatar'])) : 'identicon'); $default_avatar = ((x($_POST, 'avatar')) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon');
$rating = ((x($_POST, 'rating')) ? notags(trim($_POST['rating'])) : 'g'); $rating = ((x($_POST, 'rating')) ? Strings::escapeTags(trim($_POST['rating'])) : 'g');
Config::set('gravatar', 'default_avatar', $default_avatar); Config::set('gravatar', 'default_avatar', $default_avatar);
Config::set('gravatar', 'rating', $rating); Config::set('gravatar', 'rating', $rating);
info(L10n::t('Gravatar settings updated.') .EOL); info(L10n::t('Gravatar settings updated.') .EOL);

View File

@ -18,6 +18,7 @@ use Friendica\Core\PConfig;
use Friendica\Core\Protocol; use Friendica\Core\Protocol;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Item; use Friendica\Model\Item;
use Friendica\Util\Strings;
function ifttt_install() function ifttt_install()
{ {
@ -50,7 +51,7 @@ function ifttt_settings(App $a, &$s)
$key = PConfig::get(local_user(), 'ifttt', 'key'); $key = PConfig::get(local_user(), 'ifttt', 'key');
if (!$key) { if (!$key) {
$key = random_string(20); $key = Strings::getRandomHex(20);
PConfig::set(local_user(), 'ifttt', 'key', $key); PConfig::set(local_user(), 'ifttt', 'key', $key);
} }

View File

@ -14,6 +14,7 @@ use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Util\Proxy as ProxyUtils; use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Util\Strings;
function impressum_install() { function impressum_install() {
Addon::registerHook('load_config', 'addon/impressum/impressum.php', 'impressum_load_config'); Addon::registerHook('load_config', 'addon/impressum/impressum.php', 'impressum_load_config');
@ -86,11 +87,11 @@ function impressum_show($a,&$b) {
} }
function impressum_addon_admin_post (&$a) { function impressum_addon_admin_post (&$a) {
$owner = ((x($_POST, 'owner')) ? notags(trim($_POST['owner'])) : ''); $owner = ((x($_POST, 'owner')) ? Strings::escapeTags(trim($_POST['owner'])) : '');
$ownerprofile = ((x($_POST, 'ownerprofile')) ? notags(trim($_POST['ownerprofile'])) : ''); $ownerprofile = ((x($_POST, 'ownerprofile')) ? Strings::escapeTags(trim($_POST['ownerprofile'])) : '');
$postal = ((x($_POST, 'postal')) ? (trim($_POST['postal'])) : ''); $postal = ((x($_POST, 'postal')) ? (trim($_POST['postal'])) : '');
$notes = ((x($_POST, 'notes')) ? (trim($_POST['notes'])) : ''); $notes = ((x($_POST, 'notes')) ? (trim($_POST['notes'])) : '');
$email = ((x($_POST, 'email')) ? notags(trim($_POST['email'])) : ''); $email = ((x($_POST, 'email')) ? Strings::escapeTags(trim($_POST['email'])) : '');
$footer_text = ((x($_POST, 'footer_text')) ? (trim($_POST['footer_text'])) : ''); $footer_text = ((x($_POST, 'footer_text')) ? (trim($_POST['footer_text'])) : '');
Config::set('impressum','owner',strip_tags($owner)); Config::set('impressum','owner',strip_tags($owner));
Config::set('impressum','ownerprofile',strip_tags($ownerprofile)); Config::set('impressum','ownerprofile',strip_tags($ownerprofile));

View File

@ -15,6 +15,7 @@ use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Util\Security; use Friendica\Util\Security;
use Friendica\Util\Strings;
/** /**
* Installs the addon hook * Installs the addon hook
@ -124,7 +125,7 @@ function libravatar_addon_admin_post(&$a)
{ {
BaseModule::checkFormSecurityToken('libravatarrsave'); BaseModule::checkFormSecurityToken('libravatarrsave');
$default_avatar = ((x($_POST, 'avatar')) ? notags(trim($_POST['avatar'])) : 'identicon'); $default_avatar = ((x($_POST, 'avatar')) ? Strings::escapeTags(trim($_POST['avatar'])) : 'identicon');
Config::set('libravatar', 'default_avatar', $default_avatar); Config::set('libravatar', 'default_avatar', $default_avatar);
info(L10n::t('Libravatar settings updated.') .EOL); info(L10n::t('Libravatar settings updated.') .EOL);
} }

View File

@ -12,6 +12,7 @@ use Friendica\Core\Config;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Util\Strings;
function newmemberwidget_install() function newmemberwidget_install()
{ {
@ -54,7 +55,7 @@ function newmemberwidget_network_mod_init ($a, $b)
function newmemberwidget_addon_admin_post(&$a) function newmemberwidget_addon_admin_post(&$a)
{ {
$ft = ((x($_POST, 'freetext')) ? trim($_POST['freetext']) : ""); $ft = ((x($_POST, 'freetext')) ? trim($_POST['freetext']) : "");
$lsn = ((x($_POST, 'localsupportname')) ? notags(trim($_POST['localsupportname'])) : ""); $lsn = ((x($_POST, 'localsupportname')) ? Strings::escapeTags(trim($_POST['localsupportname'])) : "");
$gs = intval($_POST['linkglobalsupport']); $gs = intval($_POST['linkglobalsupport']);
$ls = intval($_POST['linklocalsupport']); $ls = intval($_POST['linklocalsupport']);
Config::set('newmemberwidget', 'freetext', trim($ft)); Config::set('newmemberwidget', 'freetext', trim($ft));

View File

@ -16,6 +16,7 @@ use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Util\Network; use Friendica\Util\Network;
use Friendica\Util\Strings;
const OSM_TMS = 'https://www.openstreetmap.org'; const OSM_TMS = 'https://www.openstreetmap.org';
const OSM_NOM = 'https://nominatim.openstreetmap.org/search.php'; const OSM_NOM = 'https://nominatim.openstreetmap.org/search.php';
@ -176,7 +177,7 @@ function openstreetmap_generate_map(&$a, &$b)
$cardlink .= '?mlat=' . $lat . '&mlon=' . $lon; $cardlink .= '?mlat=' . $lat . '&mlon=' . $lon;
} }
$cardlink .= '#map=' . $zoom . '/' . $lat . '/' . $lon . '">' . ($b['location'] ? escape_tags($b['location']) : L10n::t('View Larger')) . '</a>'; $cardlink .= '#map=' . $zoom . '/' . $lat . '/' . $lon . '">' . ($b['location'] ? Strings::escapeHtml($b['location']) : L10n::t('View Larger')) . '</a>';
if (empty($b['mode'])) { if (empty($b['mode'])) {
$b['html'] = '<iframe style="width:100%; height:300px; border:1px solid #ccc" src="' . $tmsserver . $b['html'] = '<iframe style="width:100%; height:300px; border:1px solid #ccc" src="' . $tmsserver .
'/export/embed.html?bbox=' . ($lon - 0.01) . '%2C' . ($lat - 0.01) . '%2C' . ($lon + 0.01) . '%2C' . ($lat + 0.01) . '/export/embed.html?bbox=' . ($lon - 0.01) . '%2C' . ($lat - 0.01) . '%2C' . ($lon + 0.01) . '%2C' . ($lat + 0.01) .

View File

@ -35,6 +35,7 @@ use Friendica\Core\Config;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Util\Strings;
function piwik_install() { function piwik_install() {
Addon::registerHook('load_config', 'addon/piwik/piwik.php', 'piwik_load_config'); Addon::registerHook('load_config', 'addon/piwik/piwik.php', 'piwik_load_config');
@ -107,7 +108,7 @@ function piwik_addon_admin (&$a, &$o) {
]); ]);
} }
function piwik_addon_admin_post (&$a) { function piwik_addon_admin_post (&$a) {
$url = ((x($_POST, 'baseurl')) ? notags(trim($_POST['baseurl'])) : ''); $url = ((x($_POST, 'baseurl')) ? Strings::escapeTags(trim($_POST['baseurl'])) : '');
$id = ((x($_POST, 'siteid')) ? trim($_POST['siteid']) : ''); $id = ((x($_POST, 'siteid')) ? trim($_POST['siteid']) : '');
$optout = ((x($_POST, 'optout')) ? trim($_POST['optout']) : ''); $optout = ((x($_POST, 'optout')) ? trim($_POST['optout']) : '');
$async = ((x($_POST, 'async')) ? trim($_POST['async']) : ''); $async = ((x($_POST, 'async')) ? trim($_POST['async']) : '');

View File

@ -15,6 +15,7 @@ use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
use Friendica\Util\Strings;
function public_server_install() function public_server_install()
{ {
@ -147,12 +148,12 @@ function public_server_login($a, $b)
function public_server_addon_admin_post(&$a) function public_server_addon_admin_post(&$a)
{ {
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/addons/publicserver', 'publicserver'); BaseModule::checkFormSecurityTokenRedirectOnError('/admin/addons/publicserver', 'publicserver');
$expiredays = (x($_POST, 'expiredays') ? notags(trim($_POST['expiredays'])) : ''); $expiredays = (x($_POST, 'expiredays') ? Strings::escapeTags(trim($_POST['expiredays'])) : '');
$expireposts = (x($_POST, 'expireposts') ? notags(trim($_POST['expireposts'])) : ''); $expireposts = (x($_POST, 'expireposts') ? Strings::escapeTags(trim($_POST['expireposts'])) : '');
$nologin = (x($_POST, 'nologin') ? notags(trim($_POST['nologin'])) : ''); $nologin = (x($_POST, 'nologin') ? Strings::escapeTags(trim($_POST['nologin'])) : '');
$flagusers = (x($_POST, 'flagusers') ? notags(trim($_POST['flagusers'])) : ''); $flagusers = (x($_POST, 'flagusers') ? Strings::escapeTags(trim($_POST['flagusers'])) : '');
$flagposts = (x($_POST, 'flagposts') ? notags(trim($_POST['flagposts'])) : ''); $flagposts = (x($_POST, 'flagposts') ? Strings::escapeTags(trim($_POST['flagposts'])) : '');
$flagpostsexpire = (x($_POST, 'flagpostsexpire') ? notags(trim($_POST['flagpostsexpire'])) : ''); $flagpostsexpire = (x($_POST, 'flagpostsexpire') ? Strings::escapeTags(trim($_POST['flagpostsexpire'])) : '');
Config::set('public_server', 'expiredays', $expiredays); Config::set('public_server', 'expiredays', $expiredays);
Config::set('public_server', 'expireposts', $expireposts); Config::set('public_server', 'expireposts', $expireposts);
Config::set('public_server', 'nologin', $nologin); Config::set('public_server', 'nologin', $nologin);

View File

@ -25,6 +25,7 @@ use Friendica\Model\Queue;
use Friendica\Model\User; use Friendica\Model\User;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network; use Friendica\Util\Network;
use Friendica\Util\Strings;
use Friendica\Util\XML; use Friendica\Util\XML;
require 'addon/pumpio/oauth/http.php'; require 'addon/pumpio/oauth/http.php';
@ -878,11 +879,11 @@ function pumpio_dounlike(App $a, $uid, $self, $post, $own_id)
$contactid = 0; $contactid = 0;
if (link_compare($post->actor->url, $own_id)) { if (Strings::compareLink($post->actor->url, $own_id)) {
$contactid = $self[0]['id']; $contactid = $self[0]['id'];
} else { } else {
$r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `blocked` = 0 AND `readonly` = 0 LIMIT 1", $r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `blocked` = 0 AND `readonly` = 0 LIMIT 1",
DBA::escape(normalise_link($post->actor->url)), DBA::escape(Strings::normaliseLink($post->actor->url)),
intval($uid) intval($uid)
); );
@ -930,14 +931,14 @@ function pumpio_dolike(App $a, $uid, $self, $post, $own_id, $threadcompletion =
$contactid = 0; $contactid = 0;
if (link_compare($post->actor->url, $own_id)) { if (Strings::compareLink($post->actor->url, $own_id)) {
$contactid = $self[0]['id']; $contactid = $self[0]['id'];
$post->actor->displayName = $self[0]['name']; $post->actor->displayName = $self[0]['name'];
$post->actor->url = $self[0]['url']; $post->actor->url = $self[0]['url'];
$post->actor->image->url = $self[0]['photo']; $post->actor->image->url = $self[0]['photo'];
} else { } else {
$r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `blocked` = 0 AND `readonly` = 0 LIMIT 1", $r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `blocked` = 0 AND `readonly` = 0 LIMIT 1",
DBA::escape(normalise_link($post->actor->url)), DBA::escape(Strings::normaliseLink($post->actor->url)),
intval($uid) intval($uid)
); );
@ -1016,7 +1017,7 @@ function pumpio_get_contact($uid, $contact, $no_insert = false)
} }
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `nurl` = '%s' LIMIT 1", $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `nurl` = '%s' LIMIT 1",
intval($uid), DBA::escape(normalise_link($contact->url))); intval($uid), DBA::escape(Strings::normaliseLink($contact->url)));
if (!DBA::isResult($r)) { if (!DBA::isResult($r)) {
// create contact record // create contact record
@ -1027,7 +1028,7 @@ function pumpio_get_contact($uid, $contact, $no_insert = false)
intval($uid), intval($uid),
DBA::escape(DateTimeFormat::utcNow()), DBA::escape(DateTimeFormat::utcNow()),
DBA::escape($contact->url), DBA::escape($contact->url),
DBA::escape(normalise_link($contact->url)), DBA::escape(Strings::normaliseLink($contact->url)),
DBA::escape(str_replace("acct:", "", $contact->id)), DBA::escape(str_replace("acct:", "", $contact->id)),
DBA::escape(''), DBA::escape(''),
DBA::escape($contact->id), // What is it for? DBA::escape($contact->id), // What is it for?
@ -1044,7 +1045,7 @@ function pumpio_get_contact($uid, $contact, $no_insert = false)
); );
$r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d LIMIT 1", $r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d LIMIT 1",
DBA::escape(normalise_link($contact->url)), DBA::escape(Strings::normaliseLink($contact->url)),
intval($uid) intval($uid)
); );
@ -1164,7 +1165,7 @@ function pumpio_dopost(App $a, $client, $uid, $self, $post, $own_id, $threadcomp
} else { } else {
$contact_id = pumpio_get_contact($uid, $post->actor, true); $contact_id = pumpio_get_contact($uid, $post->actor, true);
if (link_compare($post->actor->url, $own_id)) { if (Strings::compareLink($post->actor->url, $own_id)) {
$contact_id = $self[0]['id']; $contact_id = $self[0]['id'];
$post->actor->displayName = $self[0]['name']; $post->actor->displayName = $self[0]['name'];
$post->actor->url = $self[0]['url']; $post->actor->url = $self[0]['url'];
@ -1172,7 +1173,7 @@ function pumpio_dopost(App $a, $client, $uid, $self, $post, $own_id, $threadcomp
} elseif ($contact_id == 0) { } elseif ($contact_id == 0) {
// Take an existing contact, the contact of the note or - as a fallback - the id of the user // Take an existing contact, the contact of the note or - as a fallback - the id of the user
$r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `blocked` = 0 AND `readonly` = 0 LIMIT 1", $r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `blocked` = 0 AND `readonly` = 0 LIMIT 1",
DBA::escape(normalise_link($post->actor->url)), DBA::escape(Strings::normaliseLink($post->actor->url)),
intval($uid) intval($uid)
); );
@ -1180,7 +1181,7 @@ function pumpio_dopost(App $a, $client, $uid, $self, $post, $own_id, $threadcomp
$contact_id = $r[0]['id']; $contact_id = $r[0]['id'];
} else { } else {
$r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `blocked` = 0 AND `readonly` = 0 LIMIT 1", $r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `blocked` = 0 AND `readonly` = 0 LIMIT 1",
DBA::escape(normalise_link($post->actor->url)), DBA::escape(Strings::normaliseLink($post->actor->url)),
intval($uid) intval($uid)
); );

View File

@ -13,6 +13,7 @@ use Friendica\Core\L10n;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Util\Strings;
function remote_permissions_install() { function remote_permissions_install() {
Addon::registerHook('lockview_content', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_content'); Addon::registerHook('lockview_content', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_content');
@ -206,7 +207,7 @@ function remote_permissions_addon_admin(&$a, &$o){
} }
function remote_permissions_addon_admin_post(&$a){ function remote_permissions_addon_admin_post(&$a){
$choice = ((x($_POST,'remotepermschoice')) ? notags(trim($_POST['remotepermschoice'])) : ''); $choice = ((x($_POST,'remotepermschoice')) ? Strings::escapeTags(trim($_POST['remotepermschoice'])) : '');
Config::set('remote_perms','global',($choice == 1 ? 1 : 0)); Config::set('remote_perms','global',($choice == 1 ? 1 : 0));
info(L10n::t('Settings updated.'). EOL); info(L10n::t('Settings updated.'). EOL);
} }

View File

@ -10,6 +10,7 @@
use Friendica\Core\Addon; use Friendica\Core\Addon;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Util\Strings;
function showmore_install() function showmore_install()
{ {
@ -131,7 +132,7 @@ function showmore_prepare_body(\Friendica\App $a, &$hook_data)
} }
if ($found) { if ($found) {
$rnd = random_string(8); $rnd = Strings::getRandomHex(8);
$hook_data['html'] = '<span id="showmore-teaser-' . $rnd . '" class="showmore-teaser" style="display: block;">' . $shortened . " " . $hook_data['html'] = '<span id="showmore-teaser-' . $rnd . '" class="showmore-teaser" style="display: block;">' . $shortened . " " .
'<span id="showmore-wrap-' . $rnd . '" style="white-space:nowrap;" class="showmore-wrap fakelink" onclick="openClose(\'showmore-' . $rnd . '\'); openClose(\'showmore-teaser-' . $rnd . '\');" >' . L10n::t('show more') . '</span></span>' . '<span id="showmore-wrap-' . $rnd . '" style="white-space:nowrap;" class="showmore-wrap fakelink" onclick="openClose(\'showmore-' . $rnd . '\'); openClose(\'showmore-teaser-' . $rnd . '\');" >' . L10n::t('show more') . '</span></span>' .
'<div id="showmore-' . $rnd . '" class="showmore-content" style="display: none;">' . $hook_data['html'] . '</div>'; '<div id="showmore-' . $rnd . '" class="showmore-content" style="display: none;">' . $hook_data['html'] . '</div>';

View File

@ -60,6 +60,7 @@ use Friendica\Model\Photo;
use Friendica\Model\User; use Friendica\Model\User;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network; use Friendica\Util\Network;
use Friendica\Util\Strings;
function statusnet_install() function statusnet_install()
{ {
@ -623,7 +624,7 @@ function statusnet_addon_admin_post(App $a)
} }
$secret = trim($_POST['secret'][$id]); $secret = trim($_POST['secret'][$id]);
$key = trim($_POST['key'][$id]); $key = trim($_POST['key'][$id]);
//$applicationname = ((x($_POST, 'applicationname')) ? notags(trim($_POST['applicationname'][$id])):''); //$applicationname = ((x($_POST, 'applicationname')) ? Strings::escapeTags(trim($_POST['applicationname'][$id])):'');
if ($sitename != "" && if ($sitename != "" &&
$apiurl != "" && $apiurl != "" &&
$secret != "" && $secret != "" &&
@ -885,7 +886,7 @@ function statusnet_fetchtimeline(App $a, $uid)
function statusnet_address($contact) function statusnet_address($contact)
{ {
$hostname = normalise_link($contact->statusnet_profile_url); $hostname = Strings::normaliseLink($contact->statusnet_profile_url);
$nickname = $contact->screen_name; $nickname = $contact->screen_name;
$hostname = preg_replace("=https?://([\w\.]*)/.*=ism", "$1", $contact->statusnet_profile_url); $hostname = preg_replace("=https?://([\w\.]*)/.*=ism", "$1", $contact->statusnet_profile_url);
@ -907,7 +908,7 @@ function statusnet_fetch_contact($uid, $contact, $create_user)
"location" => $contact->location, "about" => $contact->description, "location" => $contact->location, "about" => $contact->description,
"addr" => statusnet_address($contact), "generation" => 3]); "addr" => statusnet_address($contact), "generation" => 3]);
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `alias` = '%s' AND `network` = '%s'LIMIT 1", intval($uid), DBA::escape(normalise_link($contact->statusnet_profile_url)), DBA::escape(Protocol::STATUSNET)); $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `alias` = '%s' AND `network` = '%s'LIMIT 1", intval($uid), DBA::escape(Strings::normaliseLink($contact->statusnet_profile_url)), DBA::escape(Protocol::STATUSNET));
if (!DBA::isResult($r) && !$create_user) { if (!DBA::isResult($r) && !$create_user) {
return 0; return 0;
@ -927,9 +928,9 @@ function statusnet_fetch_contact($uid, $contact, $create_user)
intval($uid), intval($uid),
DBA::escape(DateTimeFormat::utcNow()), DBA::escape(DateTimeFormat::utcNow()),
DBA::escape($contact->statusnet_profile_url), DBA::escape($contact->statusnet_profile_url),
DBA::escape(normalise_link($contact->statusnet_profile_url)), DBA::escape(Strings::normaliseLink($contact->statusnet_profile_url)),
DBA::escape(statusnet_address($contact)), DBA::escape(statusnet_address($contact)),
DBA::escape(normalise_link($contact->statusnet_profile_url)), DBA::escape(Strings::normaliseLink($contact->statusnet_profile_url)),
DBA::escape(''), DBA::escape(''),
DBA::escape(''), DBA::escape(''),
DBA::escape($contact->name), DBA::escape($contact->name),
@ -1001,7 +1002,7 @@ function statusnet_fetch_contact($uid, $contact, $create_user)
DBA::escape(DateTimeFormat::utcNow()), DBA::escape(DateTimeFormat::utcNow()),
DBA::escape(DateTimeFormat::utcNow()), DBA::escape(DateTimeFormat::utcNow()),
DBA::escape($contact->statusnet_profile_url), DBA::escape($contact->statusnet_profile_url),
DBA::escape(normalise_link($contact->statusnet_profile_url)), DBA::escape(Strings::normaliseLink($contact->statusnet_profile_url)),
DBA::escape(statusnet_address($contact)), DBA::escape(statusnet_address($contact)),
DBA::escape($contact->name), DBA::escape($contact->name),
DBA::escape($contact->screen_name), DBA::escape($contact->screen_name),
@ -1523,7 +1524,7 @@ function statusnet_fetch_own_contact(App $a, $uid)
// Fetching user data // Fetching user data
$user = $connection->get('account/verify_credentials'); $user = $connection->get('account/verify_credentials');
PConfig::set($uid, 'statusnet', 'own_url', normalise_link($user->statusnet_profile_url)); PConfig::set($uid, 'statusnet', 'own_url', Strings::normaliseLink($user->statusnet_profile_url));
$contact_id = statusnet_fetch_contact($uid, $user, true); $contact_id = statusnet_fetch_contact($uid, $user, true);
} else { } else {

View File

@ -9,6 +9,7 @@
use Friendica\Core\Addon; use Friendica\Core\Addon;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Util\Strings;
function superblock_install() function superblock_install()
{ {
@ -88,7 +89,7 @@ function superblock_enotify_store(&$a,&$b) {
continue; continue;
} }
if (link_compare($b['url'], $word)) { if (Strings::compareLink($b['url'], $word)) {
$found = true; $found = true;
break; break;
} }
@ -134,7 +135,7 @@ function superblock_item_photo_menu(&$a, &$b)
$author = $b['item']['author-link']; $author = $b['item']['author-link'];
if (!empty($a->data['superblock'])) { if (!empty($a->data['superblock'])) {
foreach ($a->data['superblock'] as $bloke) { foreach ($a->data['superblock'] as $bloke) {
if (link_compare($bloke, $author)) { if (Strings::compareLink($bloke, $author)) {
$blocked = true; $blocked = true;
break; break;
} }

View File

@ -18,6 +18,7 @@ use Friendica\Core\Logger;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Util\Strings;
function tumblr_install() function tumblr_install()
{ {
@ -83,8 +84,8 @@ function tumblr_addon_admin(App $a, &$o)
function tumblr_addon_admin_post(App $a) function tumblr_addon_admin_post(App $a)
{ {
$consumer_key = ((!empty($_POST['consumer_key'])) ? notags(trim($_POST['consumer_key'])) : ''); $consumer_key = ((!empty($_POST['consumer_key'])) ? Strings::escapeTags(trim($_POST['consumer_key'])) : '');
$consumer_secret = ((!empty($_POST['consumer_secret'])) ? notags(trim($_POST['consumer_secret'])): ''); $consumer_secret = ((!empty($_POST['consumer_secret'])) ? Strings::escapeTags(trim($_POST['consumer_secret'])): '');
Config::set('tumblr', 'consumer_key',$consumer_key); Config::set('tumblr', 'consumer_key',$consumer_key);
Config::set('tumblr', 'consumer_secret',$consumer_secret); Config::set('tumblr', 'consumer_secret',$consumer_secret);

View File

@ -86,6 +86,7 @@ use Friendica\Model\User;
use Friendica\Object\Image; use Friendica\Object\Image;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network; use Friendica\Util\Network;
use Friendica\Util\Strings;
require_once 'boot.php'; require_once 'boot.php';
require_once 'include/dba.php'; require_once 'include/dba.php';
@ -657,8 +658,8 @@ function twitter_post_hook(App $a, array &$b)
function twitter_addon_admin_post(App $a) function twitter_addon_admin_post(App $a)
{ {
$consumerkey = x($_POST, 'consumerkey') ? notags(trim($_POST['consumerkey'])) : ''; $consumerkey = x($_POST, 'consumerkey') ? Strings::escapeTags(trim($_POST['consumerkey'])) : '';
$consumersecret = x($_POST, 'consumersecret') ? notags(trim($_POST['consumersecret'])) : ''; $consumersecret = x($_POST, 'consumersecret') ? Strings::escapeTags(trim($_POST['consumersecret'])) : '';
Config::set('twitter', 'consumerkey', $consumerkey); Config::set('twitter', 'consumerkey', $consumerkey);
Config::set('twitter', 'consumersecret', $consumersecret); Config::set('twitter', 'consumersecret', $consumersecret);
info(L10n::t('Settings updated.') . EOL); info(L10n::t('Settings updated.') . EOL);
@ -1058,7 +1059,7 @@ function twitter_fetch_contact($uid, $data, $create_user)
// create contact record // create contact record
$fields['uid'] = $uid; $fields['uid'] = $uid;
$fields['created'] = DateTimeFormat::utcNow(); $fields['created'] = DateTimeFormat::utcNow();
$fields['nurl'] = normalise_link($url); $fields['nurl'] = Strings::normaliseLink($url);
$fields['alias'] = 'twitter::' . $data->id_str; $fields['alias'] = 'twitter::' . $data->id_str;
$fields['poll'] = 'twitter::' . $data->id_str; $fields['poll'] = 'twitter::' . $data->id_str;
$fields['rel'] = Contact::FRIEND; $fields['rel'] = Contact::FRIEND;
@ -1264,7 +1265,7 @@ function twitter_expand_entities(App $a, $body, $item, $picture)
} }
// it seems as if the entities aren't always covering all mentions. So the rest will be checked here // it seems as if the entities aren't always covering all mentions. So the rest will be checked here
$tags = get_tags($body); $tags = Strings::getTags($body);
if (count($tags)) { if (count($tags)) {
foreach ($tags as $tag) { foreach ($tags as $tag) {

View File

@ -10,6 +10,7 @@ use Friendica\Core\Addon;
use Friendica\Core\Config; use Friendica\Core\Config;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Util\Strings;
function webrtc_install() { function webrtc_install() {
Addon::registerHook('app_menu', 'addon/webrtc/webrtc.php', 'webrtc_app_menu'); Addon::registerHook('app_menu', 'addon/webrtc/webrtc.php', 'webrtc_app_menu');
@ -32,7 +33,7 @@ function webrtc_addon_admin (&$a, &$o) {
]); ]);
} }
function webrtc_addon_admin_post (&$a) { function webrtc_addon_admin_post (&$a) {
$url = ((x($_POST, 'webrtcurl')) ? notags(trim($_POST['webrtcurl'])) : ''); $url = ((x($_POST, 'webrtcurl')) ? Strings::escapeTags(trim($_POST['webrtcurl'])) : '');
Config::set('webrtc', 'webrtcurl', $url); Config::set('webrtc', 'webrtcurl', $url);
info(L10n::t('Settings updated.'). EOL); info(L10n::t('Settings updated.'). EOL);
} }

View File

@ -14,6 +14,7 @@ use Friendica\Core\Logger;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Util\Network; use Friendica\Util\Network;
use Friendica\Util\Strings;
use Friendica\Util\XML; use Friendica\Util\XML;
function wppost_install() { function wppost_install() {
@ -149,7 +150,7 @@ function wppost_settings_post(&$a,&$b) {
PConfig::set(local_user(),'wppost','wp_blog',trim($_POST['wp_blog'])); PConfig::set(local_user(),'wppost','wp_blog',trim($_POST['wp_blog']));
PConfig::set(local_user(),'wppost','backlink',trim($_POST['wp_backlink'])); PConfig::set(local_user(),'wppost','backlink',trim($_POST['wp_backlink']));
PConfig::set(local_user(),'wppost','shortcheck',trim($_POST['wp_shortcheck'])); PConfig::set(local_user(),'wppost','shortcheck',trim($_POST['wp_shortcheck']));
$wp_backlink_text = notags(trim($_POST['wp_backlink_text'])); $wp_backlink_text = Strings::escapeTags(trim($_POST['wp_backlink_text']));
$wp_backlink_text = BBCode::convert($wp_backlink_text, false, 8); $wp_backlink_text = BBCode::convert($wp_backlink_text, false, 8);
$wp_backlink_text = HTML::toPlaintext($wp_backlink_text, 0, true); $wp_backlink_text = HTML::toPlaintext($wp_backlink_text, 0, true);
PConfig::set(local_user(),'wppost','wp_backlink_text', $wp_backlink_text); PConfig::set(local_user(),'wppost','wp_backlink_text', $wp_backlink_text);

View File

@ -12,6 +12,7 @@ use Friendica\Core\Config;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Util\Strings;
function xmpp_install() function xmpp_install()
{ {
@ -98,7 +99,7 @@ function xmpp_addon_settings(App $a, &$s)
function xmpp_login() function xmpp_login()
{ {
if (empty($_SESSION['allow_api'])) { if (empty($_SESSION['allow_api'])) {
$password = random_string(16); $password = Strings::getRandomHex(16);
PConfig::set(local_user(), 'xmpp', 'password', $password); PConfig::set(local_user(), 'xmpp', 'password', $password);
} }
} }
@ -161,11 +162,11 @@ function xmpp_converse(App $a)
$password = PConfig::get(local_user(), "xmpp", "password", '', true); $password = PConfig::get(local_user(), "xmpp", "password", '', true);
if ($password == "") { if ($password == "") {
$password = random_string(16); $password = Strings::getRandomHex(16);
PConfig::set(local_user(), "xmpp", "password", $password); PConfig::set(local_user(), "xmpp", "password", $password);
} }
$jid = $a->user["nickname"] . "@" . $a->getHostName() . "/converse-" . random_string(5); $jid = $a->user["nickname"] . "@" . $a->getHostName() . "/converse-" . Strings::getRandomHex(5);
$auto_login = "auto_login: true, $auto_login = "auto_login: true,
authentication: 'login', authentication: 'login',