aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Lib
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2018-10-08 21:20:17 +0200
committerMario <mario@mariovavti.com>2018-10-08 21:20:17 +0200
commit37b94bf5fa71835fe50af6f862e124e24b5db4b4 (patch)
tree012afad21875e324bd43051c843fef371c3ddd9d /Zotlabs/Lib
parenta00a849952eec8f7d7d480f8663446dc1fb7238c (diff)
parent709665846e66f093109730691b31d9e094d02088 (diff)
downloadvolse-hubzilla-37b94bf5fa71835fe50af6f862e124e24b5db4b4.tar.gz
volse-hubzilla-37b94bf5fa71835fe50af6f862e124e24b5db4b4.tar.bz2
volse-hubzilla-37b94bf5fa71835fe50af6f862e124e24b5db4b4.zip
Merge branch 'fix-wiki-escaping' into 'dev'
Fix wiki escaping (Regression tests needed) See merge request hubzilla/core!1321
Diffstat (limited to 'Zotlabs/Lib')
-rw-r--r--Zotlabs/Lib/NativeWiki.php37
-rw-r--r--Zotlabs/Lib/NativeWikiPage.php13
2 files changed, 42 insertions, 8 deletions
diff --git a/Zotlabs/Lib/NativeWiki.php b/Zotlabs/Lib/NativeWiki.php
index 6f916216e..65f40748c 100644
--- a/Zotlabs/Lib/NativeWiki.php
+++ b/Zotlabs/Lib/NativeWiki.php
@@ -26,7 +26,8 @@ class NativeWiki {
$w['rawName'] = get_iconfig($w, 'wiki', 'rawName');
$w['htmlName'] = escape_tags($w['rawName']);
- $w['urlName'] = urlencode(urlencode($w['rawName']));
+ //$w['urlName'] = urlencode(urlencode($w['rawName']));
+ $w['urlName'] = self::name_encode($w['rawName']);
$w['mimeType'] = get_iconfig($w, 'wiki', 'mimeType');
$w['typelock'] = get_iconfig($w, 'wiki', 'typelock');
$w['lockstate'] = (($w['allow_cid'] || $w['allow_gid'] || $w['deny_cid'] || $w['deny_gid']) ? 'lock' : 'unlock');
@@ -233,7 +234,8 @@ class NativeWiki {
'wiki' => $w,
'rawName' => $rawName,
'htmlName' => escape_tags($rawName),
- 'urlName' => urlencode(urlencode($rawName)),
+ //'urlName' => urlencode(urlencode($rawName)),
+ 'urlName' => self::name_encode($rawName),
'mimeType' => $mimeType,
'typelock' => $typelock
);
@@ -249,7 +251,8 @@ class NativeWiki {
WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d
AND item_deleted = 0 $sql_extra limit 1",
dbesc(NWIKI_ITEM_RESOURCE_TYPE),
- dbesc(urldecode($urlName)),
+ //dbesc(urldecode($urlName)),
+ dbesc($urlName),
intval($uid)
);
@@ -286,4 +289,32 @@ class NativeWiki {
return array('read' => true, 'write' => $write, 'success' => true);
}
}
+
+ public static function name_encode ($string) {
+
+ $string = html_entity_decode($string);
+ $encoding = mb_internal_encoding();
+ mb_internal_encoding("UTF-8");
+ $ret = mb_ereg_replace_callback ('[^A-Za-z0-9\-\_\.\~]',function ($char) {
+ $charhex = unpack('H*',$char[0]);
+ $ret = '('.$charhex[1].')';
+ return $ret;
+ }
+ ,$string);
+ mb_internal_encoding($encoding);
+ return $ret;
+ }
+
+ public static function name_decode ($string) {
+
+ $encoding = mb_internal_encoding();
+ mb_internal_encoding("UTF-8");
+ $ret = mb_ereg_replace_callback ('(\(([0-9a-f]+)\))',function ($chars) {
+ return pack('H*',$chars[2]);
+ }
+ ,$string);
+ mb_internal_encoding($encoding);
+ return $ret;
+ }
+
}
diff --git a/Zotlabs/Lib/NativeWikiPage.php b/Zotlabs/Lib/NativeWikiPage.php
index d4875bbaf..ebdcb4740 100644
--- a/Zotlabs/Lib/NativeWikiPage.php
+++ b/Zotlabs/Lib/NativeWikiPage.php
@@ -44,7 +44,8 @@ class NativeWikiPage {
$pages[] = [
'resource_id' => $resource_id,
'title' => escape_tags($title),
- 'url' => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
+ //'url' => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
+ 'url' => Zlib\NativeWiki::name_encode($title),
'link_id' => 'id_' . substr($resource_id, 0, 10) . '_' . $page_item['id']
];
}
@@ -98,7 +99,8 @@ class NativeWikiPage {
$page = [
'rawName' => $name,
'htmlName' => escape_tags($name),
- 'urlName' => urlencode($name),
+ //'urlName' => urlencode($name),
+ 'urlName' => Zlib\NativeWiki::name_encode($name)
];
@@ -154,7 +156,8 @@ class NativeWikiPage {
$page = [
'rawName' => $pageNewName,
'htmlName' => escape_tags($pageNewName),
- 'urlName' => urlencode(escape_tags($pageNewName))
+ //'urlName' => urlencode(escape_tags($pageNewName))
+ Zlib\NativeWiki::name_encode($pageNewName)
];
return [ 'success' => true, 'page' => $page ];
@@ -365,7 +368,6 @@ class NativeWikiPage {
unset($item['id']);
unset($item['author']);
-
$item['parent'] = 0;
$item['body'] = $content;
$item['author_xchan'] = $observer_hash;
@@ -527,7 +529,8 @@ class NativeWikiPage {
$pages = $pageURLs = array();
foreach ($match[1] as $m) {
// TODO: Why do we need to double urlencode for this to work?
- $pageURLs[] = urlencode(urlencode(escape_tags($m)));
+ //$pageURLs[] = urlencode(urlencode(escape_tags($m)));
+ $pageURLs[] = Zlib\NativeWiki::name_encode(escape_tags($m));
$pages[] = $m;
}
$idx = 0;