harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

encode and decode channel names containing HTML special characters and quotes so they will survive a reshare without mangling

Browse Source
This commit is contained in:
friendica 2013-09-06 05:25:10 -07:00
parent f2f3372aa9
commit d194ee091a
3 changed files with 5 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
include/bbcode.php
View File

@ -106,48 +106,28 @@ function bb_ShareAttributes($match) {
$author = ""; $author = "";
preg_match("/author='(.*?)'/ism", $attributes, $matches); preg_match("/author='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "") if ($matches[1] != "")
$author = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8'); $author = urldecode($matches[1]);
preg_match('/author="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$author = $matches[1];
$link = ""; $link = "";
preg_match("/link='(.*?)'/ism", $attributes, $matches); preg_match("/link='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "") if ($matches[1] != "")
$link = $matches[1]; $link = $matches[1];
preg_match('/link="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$link = $matches[1];
$avatar = ""; $avatar = "";
preg_match("/avatar='(.*?)'/ism", $attributes, $matches); preg_match("/avatar='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "") if ($matches[1] != "")
$avatar = $matches[1]; $avatar = $matches[1];
preg_match('/avatar="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$avatar = $matches[1];
$profile = ""; $profile = "";
preg_match("/profile='(.*?)'/ism", $attributes, $matches); preg_match("/profile='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "") if ($matches[1] != "")
$profile = $matches[1]; $profile = $matches[1];
preg_match('/profile="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$profile = $matches[1];
$posted = ""; $posted = "";
preg_match("/posted='(.*?)'/ism", $attributes, $matches); preg_match("/posted='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "") if ($matches[1] != "")
$posted = $matches[1]; $posted = $matches[1];
preg_match('/posted="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$posted = $matches[1];
// FIXME - this should really be a wall-item-ago so it will get updated on the client // FIXME - this should really be a wall-item-ago so it will get updated on the client
$reldate = (($posted) ? relative_date($posted) : ''); $reldate = (($posted) ? relative_date($posted) : '');

6
mod/display.php
View File

@ -19,7 +19,6 @@ function display_content(&$a, $update = 0, $load = false) {
$a->page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array()); $a->page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array());
if(argc() > 1 && argv(1) !== 'load') if(argc() > 1 && argv(1) !== 'load')
$item_hash = argv(1); $item_hash = argv(1);
@ -91,7 +90,6 @@ function display_content(&$a, $update = 0, $load = false) {
$sql_extra = public_permissions_sql(get_observer_hash()); $sql_extra = public_permissions_sql(get_observer_hash());
if($update && $load) { if($update && $load) {
$updateable = false; $updateable = false;
@ -109,8 +107,10 @@ function display_content(&$a, $update = 0, $load = false) {
intval(local_user()), intval(local_user()),
dbesc($target_item['parent_mid']) dbesc($target_item['parent_mid'])
); );
if($r) if($r) {
$updateable = true; $updateable = true;
}
} }
if($r === null) { if($r === null) {
$r = q("SELECT * from item $r = q("SELECT * from item

2
mod/share.php
View File

@ -21,7 +21,7 @@ function share_init(&$a) {
$pos = strpos($r[0]['body'], "[share"); $pos = strpos($r[0]['body'], "[share");
$o = substr($r[0]['body'], $pos); $o = substr($r[0]['body'], $pos);
} else { } else {
$o = "[share author='".str_replace("'", "'",$r[0]['author']['xchan_name']). $o = "[share author='".urlencode($r[0]['author']['xchan_name']).
"' profile='".$r[0]['author']['xchan_url'] . "' profile='".$r[0]['author']['xchan_url'] .
"' avatar='".$r[0]['author']['xchan_photo_s']. "' avatar='".$r[0]['author']['xchan_photo_s'].
"' link='".$r[0]['plink']. "' link='".$r[0]['plink'].