diff options
author | zotlabs <mike@macgirvin.com> | 2017-11-05 19:47:44 -0800 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2017-11-05 19:47:44 -0800 |
commit | 7efcb3c75f08c8d974f13cd8b5f32f14749d8b6e (patch) | |
tree | 4ebd4a9fef3f43b00516e15df2f7e27a214353a4 /include | |
parent | 359bfb76f66efd585b0cba1b2f81494859931d61 (diff) | |
download | volse-hubzilla-7efcb3c75f08c8d974f13cd8b5f32f14749d8b6e.tar.gz volse-hubzilla-7efcb3c75f08c8d974f13cd8b5f32f14749d8b6e.tar.bz2 volse-hubzilla-7efcb3c75f08c8d974f13cd8b5f32f14749d8b6e.zip |
allow cloud filenames to include ampersands without messing up auth tokens (zid, owt, and zat, and the constant placeholder 'f=')
Diffstat (limited to 'include')
-rw-r--r-- | include/zid.php | 21 |
1 files changed, 5 insertions, 16 deletions
diff --git a/include/zid.php b/include/zid.php index 359b1721f..d1a0fa88a 100644 --- a/include/zid.php +++ b/include/zid.php @@ -103,25 +103,14 @@ function strip_zats($s) { return preg_replace('/[\?&]zat=(.*?)(&|$)/ism','$2',$s); } -function strip_auth_query_params() { - $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); - $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); - $_SERVER['QUERY_STRING'] = strip_owt($_SERVER['QUERY_STRING']); - $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); - $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); - $_SERVER['REQUEST_URI'] = strip_owt($_SERVER['REQUEST_URI']); - - - $_ENV['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_ENV['QUERY_STRING']); - $_ENV['QUERY_STRING'] = strip_zids($_ENV['QUERY_STRING']); - $_ENV['QUERY_STRING'] = strip_owt($_ENV['QUERY_STRING']); - - $_ENV['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_ENV['REQUEST_URI']); - $_ENV['REQUEST_URI'] = strip_zids($_ENV['REQUEST_URI']); - $_ENV['REQUEST_URI'] = strip_owt($_ENV['REQUEST_URI']); +function clean_query_string() { + $x = strip_zids(\App::$query_string); + $x = strip_owt($x); + $x = strip_zats($x); + return strip_query_param($x,'f'); } |