Merge branch 'dev' into 'dev'

Dev sync

See merge request kostikov/core!4

5 files changed, 77 insertions, 10 deletions

diff --git a/include/bbcode.php b/include/bbcode.php
index bb9144b1d..c7dea53c5 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -4,6 +4,8 @@
  * @brief BBCode related functions for parsing, etc.
  */
 
+use Zotlabs\Lib\SvgSanitizer;
+
 require_once('include/oembed.php');
 require_once('include/event.php');
 require_once('include/zot.php');
@@ -267,6 +269,22 @@ function bb_parse_app($match) {
 		return Zotlabs\Lib\Apps::app_render($app);
 }
 
+function bb_svg($match) {
+
+	$params = str_replace(['<br>', '&quot;'], [ '', '"'],$match[1]);
+	$Text = str_replace([ '[',']' ], [ '<','>' ], $match[2]);
+	
+	$output =  '<svg' . (($params) ? $params : ' width="100%" height="480" ') . '>' . str_replace(['<br>', '&quot;', '&nbsp;'], [ '', '"', ' '],$Text) . '</svg>';
+
+	$purify = new SvgSanitizer();
+	$purify->loadXML($output);
+	$purify->sanitize();
+	$output = $purify->saveSVG();
+	$output = preg_replace("/\<\?xml(.*?)\?\>/",'',$output);
+	return $output;
+}
+
+
 function bb_parse_element($match) {
 	$j = json_decode(base64url_decode($match[1]),true);
 
@@ -948,9 +966,9 @@ function bbcode($Text, $options = []) {
 
 	if (strpos($Text,'http') !== false) {
 		if($tryoembed) {
-			$Text = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", 'tryoembed', $Text);
+			$Text = preg_replace_callback("/([^\]\='".'"'."\;\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", 'tryoembed', $Text);
 		}
-		$Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1<a href="$2" ' . $target . ' rel="nofollow noopener">$2</a>', $Text);
+		$Text = preg_replace("/([^\]\='".'"'."\;\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1<a href="$2" ' . $target . ' rel="nofollow noopener">$2</a>', $Text);
 	}
 
 	if (strpos($Text,'[/share]') !== false) {
@@ -1289,6 +1307,9 @@ function bbcode($Text, $options = []) {
 		$Text = preg_replace_callback("/\[zaudio\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mp3|opus|m4a))\[\/zaudio\]/ism", 'tryzrlaudio', $Text);
 	}
 
+	// SVG stuff
+	$Text = preg_replace_callback("/\[svg(.*?)\](.*?)\[\/svg\]/ism", 'bb_svg', $Text);
+
 	// Try to Oembed
 	if ($tryoembed) {
 		if (strpos($Text,'[/video]') !== false) {
diff --git a/include/follow.php b/include/follow.php
index 50b952881..a4d382545 100644
--- a/include/follow.php
+++ b/include/follow.php
@@ -142,7 +142,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 		$sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : '');
 		
 
-		$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' $sql_options ",
+		$r = q("select * from xchan where (xchan_addr = '%s' or xchan_url = '%s') $sql_options ",
 			dbesc($url),
 			dbesc($url)
 		);
diff --git a/include/items.php b/include/items.php
index 6786b8b05..917808ad5 100755
--- a/include/items.php
+++ b/include/items.php
@@ -206,6 +206,25 @@ function collect_recipients($item, &$private_envelope,$include_groups = true) {
 }
 
 function comments_are_now_closed($item) {
+
+	$x = [
+		'item' => $item,
+		'closed' => 'unset'
+	];
+
+	/**
+	 * @hooks comments_are_now_closed
+	 *   Called to determine whether commenting should be closed
+	 *   * \e array \b item
+	 *   * \e boolean \b closed - return value
+	 */
+
+	call_hooks('comments_are_now_closed', $x);
+
+	if ($x['closed'] != 'unset') {
+		return $x['closed'];
+	}
+
 	if($item['comments_closed'] > NULL_DATE) {
 		$d = datetime_convert();
 		if($d > $item['comments_closed'])
diff --git a/include/markdown.php b/include/markdown.php
index 213986867..69cc264df 100644
--- a/include/markdown.php
+++ b/include/markdown.php
@@ -246,6 +246,9 @@ function bb_to_markdown($Text, $options = []) {
 	call_hooks('bb_to_markdown_bb', $x);
 
 	$Text = $x['bbcode'];
+	
+	// Replace spoiler tag before BBcode conversion
+	$Text = preg_replace("/\[\/?spoiler\]/is", "\n--- " .t('spoiler') . " ---\n", $Text);
 
 	// Convert it to HTML - don't try oembed
 	$Text = bbcode($Text, [ 'tryoembed' => false ]);
@@ -265,8 +268,8 @@ function bb_to_markdown($Text, $options = []) {
 	// Remove empty zrl links
 	$Text = preg_replace("/\[zrl\=\].*?\[\/zrl\]/is", "", $Text);
 	
-	// Remove unprocessed spoiler HTML tags
-	$Text = preg_replace("/<div.+>([^<]+)<.+>(>.+)$/im", "$1\n$2", $Text);
+	// Replace unprocessed <br> in code
+	$Text = str_replace("<br></br>", "\n", $Text);
 
 	$Text = trim($Text);
 
diff --git a/include/text.php b/include/text.php
index 54ad9ec7a..daa3c4c94 100644
--- a/include/text.php
+++ b/include/text.php
@@ -9,6 +9,8 @@ use Michelf\MarkdownExtra;
 use Ramsey\Uuid\Uuid;
 use Ramsey\Uuid\Exception\UnsatisfiedDependencyException;
 
+use Zotlabs\Lib\SvgSanitizer;
+
 require_once("include/bbcode.php");
 
 // random string, there are 86 characters max in text mode, 128 for hex
@@ -842,9 +844,9 @@ function get_tags($s) {
 	$ret = array();
 	$match = array();
 
-	// ignore anything in a code block
-
+	// ignore anything in a code or svg block
 	$s = preg_replace('/\[code(.*?)\](.*?)\[\/code\]/sm','',$s);
+	$s = preg_replace('/\[svg(.*?)\](.*?)\[\/svg\]/sm','',$s);
 
 	// ignore anything in [style= ]
 	$s = preg_replace('/\[style=(.*?)\]/sm','',$s);
@@ -3412,18 +3414,20 @@ function cleanup_bbcode($body) {
 	$body = preg_replace_callback('/\[code(.*?)\[\/(code)\]/ism','\red_escape_codeblock',$body);
 	$body = preg_replace_callback('/\[url(.*?)\[\/(url)\]/ism','\red_escape_codeblock',$body);
 	$body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body);
+	$body = preg_replace_callback('/\[svg(.*?)\[\/(svg)\]/ism','\red_escape_codeblock',$body);
 
-	$body = preg_replace_callback("/([^\]\='".'"'."\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
+	$body = preg_replace_callback("/([^\]\='".'"'."\;\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
 +\,\(\)]+)/ismu", '\nakedoembed', $body);
 
-	$body = preg_replace_callback("/([^\]\='".'"'."\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
+	$body = preg_replace_callback("/([^\]\='".'"'."\;\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
 +\,\(\)]+)/ismu", '\red_zrl_callback', $body);
 
 
 	$body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body);
 	$body = preg_replace_callback('/\[\$b64url(.*?)\[\/(url)\]/ism','\red_unescape_codeblock',$body);
 	$body = preg_replace_callback('/\[\$b64code(.*?)\[\/(code)\]/ism','\red_unescape_codeblock',$body);
-
+	$body = preg_replace_callback('/\[\$b64svg(.*?)\[\/(svg)\]/ism','\red_unescape_codeblock',$body);
+	
 	// fix any img tags that should be zmg
 
 	$body = preg_replace_callback('/\[img(.*?)\](.*?)\[\/img\]/ism','\red_zrlify_img_callback',$body);
@@ -3648,3 +3652,23 @@ function new_uuid() {
 
 	return $hash;
 }
+
+
+function svg2bb($s) {
+
+	$s = preg_replace("/\<text (.*?)\>(.*?)\<(.*?)\<\/text\>/", '<text $1>$2&lt;$3</text>', $s);
+	$s = preg_replace("/\<text (.*?)\>(.*?)\>(.*?)\<\/text\>/", '<text $1>$2&gt;$3</text>', $s);
+	$s = preg_replace("/\<text (.*?)\>(.*?)\[(.*?)\<\/text\>/", '<text $1>$2&#91;$3</text>', $s);
+	$s = preg_replace("/\<text (.*?)\>(.*?)\](.*?)\<\/text\>/", '<text $1>$2&#93;$3</text>', $s);
+	$s = utf8_encode($s);
+	$purify = new SvgSanitizer();
+	if ($purify->loadXML($s)) {
+		$purify->sanitize();
+		$output = $purify->saveSVG();
+		$output = preg_replace("/\<\?xml(.*?)\>/",'',$output);
+		$output = preg_replace("/\<\!\-\-(.*?)\-\-\>/",'',$output);
+		$output = str_replace(['<','>'],['[',']'],$output);
+		return $output;
+	}
+	return EMPTY_STR;
+}