aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Lib
diff options
context:
space:
mode:
authorM.Dent <dentm42@dm42.net>2018-10-07 23:08:47 +0000
committerMario <mario@mariovavti.com>2018-10-10 11:04:58 +0200
commitbf878dc4461ea28f71055d59496b21a1685ef63e (patch)
tree7a7abb400df5c2c167cbb24d9c15fd3d0d7e156a /Zotlabs/Lib
parentd1270aab4d2c6bbc300eac489253fc9683a8a848 (diff)
downloadvolse-hubzilla-bf878dc4461ea28f71055d59496b21a1685ef63e.tar.gz
volse-hubzilla-bf878dc4461ea28f71055d59496b21a1685ef63e.tar.bz2
volse-hubzilla-bf878dc4461ea28f71055d59496b21a1685ef63e.zip
Implement custom escaping
(cherry picked from commit 93a310582f044d35f0a3583671053595fefdbedb)
Diffstat (limited to 'Zotlabs/Lib')
-rw-r--r--Zotlabs/Lib/NativeWiki.php36
-rw-r--r--Zotlabs/Lib/NativeWikiPage.php12
2 files changed, 41 insertions, 7 deletions
diff --git a/Zotlabs/Lib/NativeWiki.php b/Zotlabs/Lib/NativeWiki.php
index 6f916216e..4309d3f6e 100644
--- a/Zotlabs/Lib/NativeWiki.php
+++ b/Zotlabs/Lib/NativeWiki.php
@@ -26,7 +26,8 @@ class NativeWiki {
$w['rawName'] = get_iconfig($w, 'wiki', 'rawName');
$w['htmlName'] = escape_tags($w['rawName']);
- $w['urlName'] = urlencode(urlencode($w['rawName']));
+ //$w['urlName'] = urlencode(urlencode($w['rawName']));
+ $w['urlName'] = self::name_encode($w['rawName']);
$w['mimeType'] = get_iconfig($w, 'wiki', 'mimeType');
$w['typelock'] = get_iconfig($w, 'wiki', 'typelock');
$w['lockstate'] = (($w['allow_cid'] || $w['allow_gid'] || $w['deny_cid'] || $w['deny_gid']) ? 'lock' : 'unlock');
@@ -233,7 +234,8 @@ class NativeWiki {
'wiki' => $w,
'rawName' => $rawName,
'htmlName' => escape_tags($rawName),
- 'urlName' => urlencode(urlencode($rawName)),
+ //'urlName' => urlencode(urlencode($rawName)),
+ 'urlName' => self::name_encode($rawName),
'mimeType' => $mimeType,
'typelock' => $typelock
);
@@ -249,7 +251,8 @@ class NativeWiki {
WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d
AND item_deleted = 0 $sql_extra limit 1",
dbesc(NWIKI_ITEM_RESOURCE_TYPE),
- dbesc(urldecode($urlName)),
+ //dbesc(urldecode($urlName)),
+ dbesc($urlName),
intval($uid)
);
@@ -286,4 +289,31 @@ class NativeWiki {
return array('read' => true, 'write' => $write, 'success' => true);
}
}
+
+ public static function name_encode ($string) {
+
+ $encoding = mb_internal_encoding();
+ mb_internal_encoding("UTF-8");
+ $ret = mb_ereg_replace_callback ('[^A-Za-z0-9\-\_\.\~]',function ($char) {
+ $charhex = unpack('H*',$char[0]);
+ $ret = '('.$charhex[1].')';
+ return $ret;
+ }
+ ,$string);
+ mb_internal_encoding($encoding);
+ return $ret;
+ }
+
+ public static function name_decode ($string) {
+
+ $encoding = mb_internal_encoding();
+ mb_internal_encoding("UTF-8");
+ $ret = mb_ereg_replace_callback ('(\(([0-9a-f]+)\))',function ($chars) {
+ return pack('H*',$chars[2]);
+ }
+ ,$string);
+ mb_internal_encoding($encoding);
+ return $ret;
+ }
+
}
diff --git a/Zotlabs/Lib/NativeWikiPage.php b/Zotlabs/Lib/NativeWikiPage.php
index d4875bbaf..d0f522ec1 100644
--- a/Zotlabs/Lib/NativeWikiPage.php
+++ b/Zotlabs/Lib/NativeWikiPage.php
@@ -44,7 +44,8 @@ class NativeWikiPage {
$pages[] = [
'resource_id' => $resource_id,
'title' => escape_tags($title),
- 'url' => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
+ //'url' => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
+ 'url' => Zlib\NativeWiki::name_encode($title),
'link_id' => 'id_' . substr($resource_id, 0, 10) . '_' . $page_item['id']
];
}
@@ -98,7 +99,8 @@ class NativeWikiPage {
$page = [
'rawName' => $name,
'htmlName' => escape_tags($name),
- 'urlName' => urlencode($name),
+ //'urlName' => urlencode($name),
+ Zlib\NativeWiki::name_encode($name)
];
@@ -154,7 +156,8 @@ class NativeWikiPage {
$page = [
'rawName' => $pageNewName,
'htmlName' => escape_tags($pageNewName),
- 'urlName' => urlencode(escape_tags($pageNewName))
+ //'urlName' => urlencode(escape_tags($pageNewName))
+ Zlib\NativeWiki::name_encode($pageNewName)
];
return [ 'success' => true, 'page' => $page ];
@@ -527,7 +530,8 @@ class NativeWikiPage {
$pages = $pageURLs = array();
foreach ($match[1] as $m) {
// TODO: Why do we need to double urlencode for this to work?
- $pageURLs[] = urlencode(urlencode(escape_tags($m)));
+ //$pageURLs[] = urlencode(urlencode(escape_tags($m)));
+ $pageURLs[] = Zlib\NativeWiki::name_encode(escape_tags($m));
$pages[] = $m;
}
$idx = 0;