diff options
| author | M.Dent <dentm42@dm42.net> | 2018-10-07 19:08:47 -0400 |
|---|---|---|
| committer | M.Dent <dentm42@dm42.net> | 2018-10-08 13:35:18 -0400 |
| commit | 93a310582f044d35f0a3583671053595fefdbedb (patch) | |
| tree | fa57eb0f9b71ce9b8a8cedf46411f53e475c7bc0 /Zotlabs/Lib/NativeWiki.php | |
| parent | f0b7a7e5d38a92268a67d8dedf69f97d88b4c542 (diff) | |
| download | volse-hubzilla-93a310582f044d35f0a3583671053595fefdbedb.tar.gz volse-hubzilla-93a310582f044d35f0a3583671053595fefdbedb.tar.bz2 volse-hubzilla-93a310582f044d35f0a3583671053595fefdbedb.zip | |
Implement custom escaping
Diffstat (limited to 'Zotlabs/Lib/NativeWiki.php')
| -rw-r--r-- | Zotlabs/Lib/NativeWiki.php | 36 |
1 files changed, 33 insertions, 3 deletions
diff --git a/Zotlabs/Lib/NativeWiki.php b/Zotlabs/Lib/NativeWiki.php index 6f916216e..4309d3f6e 100644 --- a/Zotlabs/Lib/NativeWiki.php +++ b/Zotlabs/Lib/NativeWiki.php @@ -26,7 +26,8 @@ class NativeWiki { $w['rawName'] = get_iconfig($w, 'wiki', 'rawName'); $w['htmlName'] = escape_tags($w['rawName']); - $w['urlName'] = urlencode(urlencode($w['rawName'])); + //$w['urlName'] = urlencode(urlencode($w['rawName'])); + $w['urlName'] = self::name_encode($w['rawName']); $w['mimeType'] = get_iconfig($w, 'wiki', 'mimeType'); $w['typelock'] = get_iconfig($w, 'wiki', 'typelock'); $w['lockstate'] = (($w['allow_cid'] || $w['allow_gid'] || $w['deny_cid'] || $w['deny_gid']) ? 'lock' : 'unlock'); @@ -233,7 +234,8 @@ class NativeWiki { 'wiki' => $w, 'rawName' => $rawName, 'htmlName' => escape_tags($rawName), - 'urlName' => urlencode(urlencode($rawName)), + //'urlName' => urlencode(urlencode($rawName)), + 'urlName' => self::name_encode($rawName), 'mimeType' => $mimeType, 'typelock' => $typelock ); @@ -249,7 +251,8 @@ class NativeWiki { WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d AND item_deleted = 0 $sql_extra limit 1", dbesc(NWIKI_ITEM_RESOURCE_TYPE), - dbesc(urldecode($urlName)), + //dbesc(urldecode($urlName)), + dbesc($urlName), intval($uid) ); @@ -286,4 +289,31 @@ class NativeWiki { return array('read' => true, 'write' => $write, 'success' => true); } } + + public static function name_encode ($string) { + + $encoding = mb_internal_encoding(); + mb_internal_encoding("UTF-8"); + $ret = mb_ereg_replace_callback ('[^A-Za-z0-9\-\_\.\~]',function ($char) { + $charhex = unpack('H*',$char[0]); + $ret = '('.$charhex[1].')'; + return $ret; + } + ,$string); + mb_internal_encoding($encoding); + return $ret; + } + + public static function name_decode ($string) { + + $encoding = mb_internal_encoding(); + mb_internal_encoding("UTF-8"); + $ret = mb_ereg_replace_callback ('(\(([0-9a-f]+)\))',function ($chars) { + return pack('H*',$chars[2]); + } + ,$string); + mb_internal_encoding($encoding); + return $ret; + } + } |