Implement custom escaping

2 files changed, 41 insertions, 7 deletions

diff --git a/Zotlabs/Lib/NativeWiki.php b/Zotlabs/Lib/NativeWiki.php
index 6f916216e..4309d3f6e 100644
--- a/Zotlabs/Lib/NativeWiki.php
+++ b/Zotlabs/Lib/NativeWiki.php
@@ -26,7 +26,8 @@ class NativeWiki {
 
 				$w['rawName']  = get_iconfig($w, 'wiki', 'rawName');
 				$w['htmlName'] = escape_tags($w['rawName']);
-				$w['urlName']  = urlencode(urlencode($w['rawName']));
+				//$w['urlName']  = urlencode(urlencode($w['rawName']));
+				$w['urlName']  = self::name_encode($w['rawName']);
 				$w['mimeType'] = get_iconfig($w, 'wiki', 'mimeType');
 				$w['typelock'] = get_iconfig($w, 'wiki', 'typelock');
 				$w['lockstate']     = (($w['allow_cid'] || $w['allow_gid'] || $w['deny_cid'] || $w['deny_gid']) ? 'lock' : 'unlock');
@@ -233,7 +234,8 @@ class NativeWiki {
 				'wiki'     => $w,
 				'rawName'  => $rawName,
 				'htmlName' => escape_tags($rawName),
-				'urlName'  => urlencode(urlencode($rawName)),
+				//'urlName'  => urlencode(urlencode($rawName)),
+				'urlName'  => self::name_encode($rawName),
 				'mimeType' => $mimeType,
 				'typelock' => $typelock
 			);
@@ -249,7 +251,8 @@ class NativeWiki {
 			WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d 
 			AND item_deleted = 0 $sql_extra limit 1", 
 			dbesc(NWIKI_ITEM_RESOURCE_TYPE), 
-			dbesc(urldecode($urlName)), 
+			//dbesc(urldecode($urlName)), 
+			dbesc($urlName), 
 			intval($uid)
 		);
 
@@ -286,4 +289,31 @@ class NativeWiki {
 			return array('read' => true, 'write' => $write, 'success' => true);
 		}
 	}
+
+	public static function name_encode ($string) {
+
+		$encoding = mb_internal_encoding();
+		mb_internal_encoding("UTF-8");
+		$ret = mb_ereg_replace_callback ('[^A-Za-z0-9\-\_\.\~]',function ($char) {
+	                $charhex = unpack('H*',$char[0]);
+                	$ret = '('.$charhex[1].')';
+                	return $ret;
+ 			}
+			,$string);
+		mb_internal_encoding($encoding);
+		return $ret;
+	}
+
+	public static function name_decode ($string) {
+
+		$encoding = mb_internal_encoding();
+		mb_internal_encoding("UTF-8");
+		$ret = mb_ereg_replace_callback ('(\(([0-9a-f]+)\))',function ($chars) {
+			return pack('H*',$chars[2]);
+			}
+			,$string);
+		mb_internal_encoding($encoding);
+		return $ret;
+	}
+
 }
diff --git a/Zotlabs/Lib/NativeWikiPage.php b/Zotlabs/Lib/NativeWikiPage.php
index d4875bbaf..d0f522ec1 100644
--- a/Zotlabs/Lib/NativeWikiPage.php
+++ b/Zotlabs/Lib/NativeWikiPage.php
@@ -44,7 +44,8 @@ class NativeWikiPage {
 					$pages[] = [
 						'resource_id' => $resource_id,
 						'title'       => escape_tags($title),
-						'url'         => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
+						//'url'         => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
+						'url'		=> Zlib\NativeWiki::name_encode($title),
 						'link_id'     => 'id_' . substr($resource_id, 0, 10) . '_' . $page_item['id']
 					];
 				}
@@ -98,7 +99,8 @@ class NativeWikiPage {
 			$page = [ 
 				'rawName'  => $name,
 				'htmlName' => escape_tags($name),
-				'urlName'  => urlencode($name), 
+				//'urlName'  => urlencode($name), 
+				Zlib\NativeWiki::name_encode($name)
 
 			];
 
@@ -154,7 +156,8 @@ class NativeWikiPage {
 			$page = [ 
 				'rawName'  => $pageNewName, 
 				'htmlName' => escape_tags($pageNewName), 
-				'urlName'  => urlencode(escape_tags($pageNewName))
+				//'urlName'  => urlencode(escape_tags($pageNewName))
+				Zlib\NativeWiki::name_encode($pageNewName)
 			];
 
 			return [ 'success' => true, 'page' => $page ];
@@ -527,7 +530,8 @@ class NativeWikiPage {
 			$pages = $pageURLs = array();
 			foreach ($match[1] as $m) {
 				// TODO: Why do we need to double urlencode for this to work?
-				$pageURLs[] = urlencode(urlencode(escape_tags($m)));
+				//$pageURLs[] = urlencode(urlencode(escape_tags($m)));
+				$pageURLs[] = Zlib\NativeWiki::name_encode(escape_tags($m));
 				$pages[] = $m;
 			}
 			$idx = 0;