diff options
-rw-r--r-- | include/api.php | 28 | ||||
-rw-r--r-- | mod/item.php | 13 |
2 files changed, 31 insertions, 10 deletions
diff --git a/include/api.php b/include/api.php index 1f58a6baa..5d008c290 100644 --- a/include/api.php +++ b/include/api.php @@ -466,6 +466,7 @@ } return null; } + // TODO - media uploads function api_statuses_update(&$a, $type) { if (local_user()===false) return false; @@ -475,7 +476,32 @@ // logger('api_post: ' . print_r($_POST,true)); - $_POST['body'] = urldecode(requestdata('status')); + if(requestdata('htmlstatus')) { + require_once('library/HTMLPurifier.auto.php'); + require_once('include/html2bbcode.php'); + + $txt = requestdata('htmlstatus'); + if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) { + + $txt = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s', + '[youtube]$1[/youtube]', $txt); + + $txt = preg_replace('#<iframe[^>].+?' . 'http://www.youtube.com/embed/([A-Za-z0-9\-_=]+).+?</iframe>#s', + '[youtube]$1[/youtube]', $txt); + + $config = HTMLPurifier_Config::createDefault(); + $config->set('Cache.DefinitionImpl', null); + + + $purifier = new HTMLPurifier($config); + $txt = $purifier->purify($txt); + + $_POST['body'] = html2bbcode($txt); + } + + } + else + $_POST['body'] = urldecode(requestdata('status')); $parent = requestdata('in_reply_to_status_id'); if(ctype_digit($parent)) diff --git a/mod/item.php b/mod/item.php index b4ec7666f..e6ce1ea6f 100644 --- a/mod/item.php +++ b/mod/item.php @@ -38,6 +38,7 @@ function item_post(&$a) { call_hooks('post_local_start', $_POST); $api_source = ((x($_POST,'api_source') && $_POST['api_source']) ? true : false); + $return_path = ((x($_POST,'return')) ? $_POST['return'] : ''); /** * Is this a reply to something? @@ -834,12 +835,6 @@ function item_post(&$a) { } } - - - - - - logger('post_complete'); // figure out how to return, depending on from whence we came @@ -847,10 +842,10 @@ function item_post(&$a) { if($api_source) return; - if((x($_POST,'return')) && strlen($_POST['return'])) { - logger('return: ' . $_POST['return']); - goaway($a->get_baseurl() . "/" . $_POST['return'] ); + if($return_path) { + goaway($a->get_baseurl() . "/" . $return_path); } + $json = array('success' => 1); if(x($_POST,'jsreload') && strlen($_POST['jsreload'])) $json['reload'] = $a->get_baseurl() . '/' . $_POST['jsreload']; |