Merge remote-tracking branch 'mike/master' into dev

2017-10-05 11:25:39 +02:00 · 2017-10-05 11:25:39 +02:00 · 5be9477f21
commit 5be9477f21
parent 6f88d5e92b 15b9a67c01
9 changed files with 35 additions and 7 deletions
--- a/Zotlabs/Lib/MarkdownSoap.php
+++ b/Zotlabs/Lib/MarkdownSoap.php
@ -94,7 +94,7 @@ class MarkdownSoap {
 	}

 	function escape($s) {
-		return htmlspecialchars($s,ENT_QUOTES);
+		return htmlspecialchars($s,ENT_QUOTES,'UTF-8',false);
 	}

 	static public function unescape($s) {
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@ -342,7 +342,7 @@ class Acl extends \Zotlabs\Web\Controller {
 						"type"     => "c",
 						"photo"    => "images/twopeople.png",
 						"name"     => $g['name'] . (($type === 'f') ? '' : '+'),
-						"id"	   => $g['id'] . (($type === 'f') ? '' : '+'),
+						"id"	   => urlencode($g['id']) . (($type === 'f') ? '' : '+'),
 						"xid"      => $g['hash'],
 						"link"     => $g['nick'],
 						"nick"     => substr($g['nick'],0,strpos($g['nick'],'@')),
@ -356,7 +356,7 @@ class Acl extends \Zotlabs\Web\Controller {
 						"type"     => "c",
 						"photo"    => $g['micro'],
 						"name"     => $g['name'],
-						"id"	   => $g['id'],
+						"id"	   => urlencode($g['id']),
 						"xid"      => $g['hash'],
 						"link"     => $g['nick'],
 						"nick"     => (($g['nick']) ? substr($g['nick'],0,strpos($g['nick'],'@')) : $g['nick']),
--- a/Zotlabs/Module/Magic.php
+++ b/Zotlabs/Module/Magic.php
@ -149,6 +149,7 @@ class Magic extends \Zotlabs\Web\Controller {
 					if($j['success'] && $j['token']) {
 						$x = strpbrk($dest,'?&');
 						$args = (($x) ? '&owt=' . $j['token'] : '?f=&owt=' . $j['token']) . (($delegate) ? '&delegate=1' : '');
+						
 						goaway($dest . $args);
 					}
 				}
--- a/Zotlabs/Module/Rmagic.php
+++ b/Zotlabs/Module/Rmagic.php
@ -17,7 +17,7 @@ class Rmagic extends \Zotlabs\Web\Controller {
 			if($r) {	
 				if($r[0]['hubloc_url'] === z_root())
 					goaway(z_root() . '/login');
-				$dest = z_root() . '/' . str_replace('zid=','zid_=',\App::$query_string);
+				$dest = z_root() . '/' . str_replace(['rmagic','zid='],['','zid_='],\App::$query_string);
 				goaway($r[0]['hubloc_url'] . '/magic' . '?f=&owa=1&dest=' . $dest);
 			}
 		}
@ -61,7 +61,7 @@ class Rmagic extends \Zotlabs\Web\Controller {
 				if($_SESSION['return_url']) 
 					$dest = urlencode(z_root() . '/' . str_replace('zid=','zid_=',$_SESSION['return_url']));
 				else
-					$dest = urlencode(z_root() . '/' . str_replace('zid=','zid_=',\App::$query_string));
+					$dest = urlencode(z_root() . '/' . str_replace([ 'rmagic', 'zid=' ] ,[ '', 'zid_='],\App::$query_string));
 	
 				goaway($url . '/magic' . '?f=&owa=1&dest=' . $dest);
 			}
--- a/Zotlabs/Module/Thing.php
+++ b/Zotlabs/Module/Thing.php
@ -91,6 +91,7 @@ class Thing extends \Zotlabs\Web\Controller {
 			}
 			$orig_record = $t[0];
 			if($photo != $orig_record['obj_imgurl']) {
+				delete_thing_photo($orig_record['obj_imgurl'],get_observer_hash());
 				$arr = import_xchan_photo($photo,get_observer_hash(),true);
 				$local_photo = $arr[0];
 				$local_photo_type = $arr[3];
@ -336,6 +337,9 @@ class Thing extends \Zotlabs\Web\Controller {
 				return '';
 			}

+
+			delete_thing_photo($r[0]['obj_imgurl'],get_observer_hash());
+
 			$x = q("delete from obj where obj_obj = '%s' and obj_type = %d and obj_channel = %d",
 				dbesc($thing_hash),
 				intval(TERM_OBJ_THING),
--- a/Zotlabs/Render/Comanche.php
+++ b/Zotlabs/Render/Comanche.php
@ -168,6 +168,8 @@ class Comanche {
 						return $y['xchan_addr'];
 					elseif($x[1] == 'name')
 						return $y['xchan_name'];
+					elseif($x[1] == 'webname')
+						return substr($y['xchan_addr'],0,strpos($y['xchan_addr'],'@'));
 					return false;
 				}
 				return get_observer_hash();
--- a/include/items.php
+++ b/include/items.php
@ -4133,7 +4133,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C

 			//$third = dba_timer();

-			$items = fetch_post_tags($items,true);
+			$items = fetch_post_tags($items,false);

 			//$fourth = dba_timer();

--- a/include/photo/photo_driver.php
+++ b/include/photo/photo_driver.php
@ -518,6 +518,27 @@ function guess_image_type($filename, $headers = '') {

 }

+
+function delete_thing_photo($url,$ob_hash) {
+
+	$hash = basename($url);
+	$hash = substr($hash,0,strpos($hash,'-'));
+
+	// hashes should be 32 bytes. 
+
+	if((! $ob_hash) || (strlen($hash) < 16))
+		return;	
+
+	$r = q("delete from photo where xchan = '%s' and photo_usage = %d and resource_id = '%s'",
+		dbesc($ob_hash),
+		intval(PHOTO_THING),
+		dbesc($hash)
+	);
+	
+}
+
+
+
 function import_xchan_photo($photo,$xchan,$thing = false) {

 	$flags = (($thing) ? PHOTO_THING : PHOTO_XCHAN);
--- a/include/text.php
+++ b/include/text.php
@ -2412,7 +2412,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d
 		}
 		if(! $replaced) {

-			//base tag has the tags name only
+			// base tag has the tags name only

 			if((substr($tag,0,7) === '#&quot;') && (substr($tag,-6,6) === '&quot;')) {
 				$basetag = substr($tag,7);