encode and decode channel names containing HTML special characters and quotes so they will survive a reshare without mangling

This commit is contained in:
friendica 2013-09-06 05:25:10 -07:00
parent f2f3372aa9
commit d194ee091a
3 changed files with 5 additions and 25 deletions

View File

@ -106,48 +106,28 @@ function bb_ShareAttributes($match) {
$author = "";
preg_match("/author='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "")
$author = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8');
preg_match('/author="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$author = $matches[1];
$author = urldecode($matches[1]);
$link = "";
preg_match("/link='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "")
$link = $matches[1];
preg_match('/link="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$link = $matches[1];
$avatar = "";
preg_match("/avatar='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "")
$avatar = $matches[1];
preg_match('/avatar="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$avatar = $matches[1];
$profile = "";
preg_match("/profile='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "")
$profile = $matches[1];
preg_match('/profile="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$profile = $matches[1];
$posted = "";
preg_match("/posted='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "")
$posted = $matches[1];
preg_match('/posted="(.*?)"/ism', $attributes, $matches);
if ($matches[1] != "")
$posted = $matches[1];
// FIXME - this should really be a wall-item-ago so it will get updated on the client
$reldate = (($posted) ? relative_date($posted) : '');

View File

@ -19,7 +19,6 @@ function display_content(&$a, $update = 0, $load = false) {
$a->page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array());
if(argc() > 1 && argv(1) !== 'load')
$item_hash = argv(1);
@ -91,7 +90,6 @@ function display_content(&$a, $update = 0, $load = false) {
$sql_extra = public_permissions_sql(get_observer_hash());
if($update && $load) {
$updateable = false;
@ -109,8 +107,10 @@ function display_content(&$a, $update = 0, $load = false) {
intval(local_user()),
dbesc($target_item['parent_mid'])
);
if($r)
if($r) {
$updateable = true;
}
}
if($r === null) {
$r = q("SELECT * from item

View File

@ -21,7 +21,7 @@ function share_init(&$a) {
$pos = strpos($r[0]['body'], "[share");
$o = substr($r[0]['body'], $pos);
} else {
$o = "[share author='".str_replace("'", "'",$r[0]['author']['xchan_name']).
$o = "[share author='".urlencode($r[0]['author']['xchan_name']).
"' profile='".$r[0]['author']['xchan_url'] .
"' avatar='".$r[0]['author']['xchan_photo_s'].
"' link='".$r[0]['plink'].