diff options
| -rw-r--r-- | Zotlabs/Lib/Enotify.php | 14 | ||||
| -rw-r--r-- | Zotlabs/Module/Search.php | 6 | ||||
| -rw-r--r-- | include/bbcode.php | 12 | ||||
| -rw-r--r-- | include/text.php | 2 | ||||
| -rw-r--r-- | view/theme/redbasic/css/style.css | 10 | ||||
| -rw-r--r-- | view/theme/redbasic/schema/Focus-Light.php | 3 | ||||
| -rw-r--r-- | view/tpl/activity_filter_widget.tpl | 2 |
7 files changed, 26 insertions, 23 deletions
diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index cfb0bd344..25c96d9cc 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -825,7 +825,7 @@ class Enotify { // convert this logic into a json array just like the system notifications - return array( + $x = array( 'notify_link' => $item['llink'], 'name' => $item['author']['xchan_name'], 'url' => $item['author']['xchan_url'], @@ -835,9 +835,19 @@ class Enotify { 'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])), 'notify_id' => 'undefined', 'thread_top' => (($item['item_thread_top']) ? true : false), - 'message' => strip_tags(bbcode($itemem_text)) + 'message' => strip_tags(bbcode($itemem_text)), + // these are for the superblock addon + 'hash' => $item['author']['xchan_hash'], + 'uid' => local_channel(), + 'display' => true ); + call_hooks('enotify_format',$x); + if(! $x['display']) { + return []; + } + + return $x; } } diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index e520c671d..272bbdac1 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -6,7 +6,7 @@ class Search extends \Zotlabs\Web\Controller { function init() { if(x($_REQUEST,'search')) - \App::$data['search'] = $_REQUEST['search']; + \App::$data['search'] = escape_tags($_REQUEST['search']); } @@ -46,12 +46,12 @@ class Search extends \Zotlabs\Web\Controller { if(x(\App::$data,'search')) $search = trim(\App::$data['search']); else - $search = ((x($_GET,'search')) ? trim(rawurldecode($_GET['search'])) : ''); + $search = ((x($_GET,'search')) ? trim(escape_tags(rawurldecode($_GET['search']))) : ''); $tag = false; if(x($_GET,'tag')) { $tag = true; - $search = ((x($_GET,'tag')) ? trim(rawurldecode($_GET['tag'])) : ''); + $search = ((x($_GET,'tag')) ? trim(escape_tags(rawurldecode($_GET['tag']))) : ''); } $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0); diff --git a/include/bbcode.php b/include/bbcode.php index 137e25a9c..c5d6ef998 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -1198,24 +1198,24 @@ function bbcode($Text, $options = []) { // Images // [img]pathtoimage[/img] if (strpos($Text,'[/img]') !== false) { - $Text = preg_replace("/\[img\](.*?)\[\/img\]/ism", '<img style="max-width=100%;" src="$1" alt="' . t('Image/photo') . '" />', $Text); + $Text = preg_replace("/\[img\](.*?)\[\/img\]/ism", '<img style="max-width: 100%;" src="$1" alt="' . t('Image/photo') . '" />', $Text); } if (strpos($Text,'[/zmg]') !== false) { - $Text = preg_replace("/\[zmg\](.*?)\[\/zmg\]/ism", '<img class="zrl" style="max-width=100%;" src="$1" alt="' . t('Image/photo') . '" />', $Text); + $Text = preg_replace("/\[zmg\](.*?)\[\/zmg\]/ism", '<img class="zrl" style="max-width: 100%;" src="$1" alt="' . t('Image/photo') . '" />', $Text); } // [img float={left, right}]pathtoimage[/img] if (strpos($Text,'[/img]') !== false) { - $Text = preg_replace("/\[img float=left\](.*?)\[\/img\]/ism", '<img style="max-width=100%;" src="$1" style="float: left;" alt="' . t('Image/photo') . '" />', $Text); + $Text = preg_replace("/\[img float=left\](.*?)\[\/img\]/ism", '<img src="$1" style="max-width: 100%; float: left;" alt="' . t('Image/photo') . '" />', $Text); } if (strpos($Text,'[/img]') !== false) { - $Text = preg_replace("/\[img float=right\](.*?)\[\/img\]/ism", '<img style="max-width=100%;" src="$1" style="float: right;" alt="' . t('Image/photo') . '" />', $Text); + $Text = preg_replace("/\[img float=right\](.*?)\[\/img\]/ism", '<img src="$1" style="max-width: 100%; float: right;" alt="' . t('Image/photo') . '" />', $Text); } if (strpos($Text,'[/zmg]') !== false) { - $Text = preg_replace("/\[zmg float=left\](.*?)\[\/zmg\]/ism", '<img style="max-width=100%;" class="zrl" src="$1" style="float: left;" alt="' . t('Image/photo') . '" />', $Text); + $Text = preg_replace("/\[zmg float=left\](.*?)\[\/zmg\]/ism", '<img class="zrl" src="$1" style="max-width: 100%; float: left;" alt="' . t('Image/photo') . '" />', $Text); } if (strpos($Text,'[/zmg]') !== false) { - $Text = preg_replace("/\[zmg float=right\](.*?)\[\/zmg\]/ism", '<img style="max-width=100%;" class="zrl" src="$1" style="float: right;" alt="' . t('Image/photo') . '" />', $Text); + $Text = preg_replace("/\[zmg float=right\](.*?)\[\/zmg\]/ism", '<img class="zrl" src="$1" style="max-width: 100%; float: right;" alt="' . t('Image/photo') . '" />', $Text); } // [img=widthxheight]pathtoimage[/img] diff --git a/include/text.php b/include/text.php index 076c98407..da18080dd 100644 --- a/include/text.php +++ b/include/text.php @@ -1075,7 +1075,7 @@ function micropro($contact, $redirect = false, $class = '', $mode = false) { function search($s,$id='search-box',$url='/search',$save = false) { return replace_macros(get_markup_template('searchbox.tpl'),array( - '$s' => $s, + '$s' => htmlspecialchars($s), '$id' => $id, '$action_url' => z_root() . $url, '$search_label' => t('Search'), diff --git a/view/theme/redbasic/css/style.css b/view/theme/redbasic/css/style.css index ddf3d1295..f2c1b7a48 100644 --- a/view/theme/redbasic/css/style.css +++ b/view/theme/redbasic/css/style.css @@ -872,10 +872,6 @@ div.jGrowl div.jGrowl-notification { margin-left: 20px; } -.reshared-content img { - width: 100%; -} - .shared_header img { border-radius: $radius; margin-right: 10px; @@ -884,21 +880,19 @@ div.jGrowl div.jGrowl-notification { .tag1 { font-size : 0.9em !important; } + .tag2 { font-size : 1.0em !important; } - .tag3 { font-size : 1.1em !important; } - .tag4 { font-size : 1.2em !important; } - .tag5 { font-size : 1.3em !important; } @@ -918,12 +912,10 @@ div.jGrowl div.jGrowl-notification { font-size : 1.6em !important; } - .tag9 { font-size : 1.7em !important; } - .tag10 { font-size : 1.8em !important; } diff --git a/view/theme/redbasic/schema/Focus-Light.php b/view/theme/redbasic/schema/Focus-Light.php index 14ee130d9..8a542d1b8 100644 --- a/view/theme/redbasic/schema/Focus-Light.php +++ b/view/theme/redbasic/schema/Focus-Light.php @@ -3,10 +3,11 @@ if (! $nav_bg) $nav_bg = "#f8f9fa"; if (! $nav_icon_colour) - $nav_icon_colour = "rgba(0, 0, 0, 0.5);"; + $nav_icon_colour = "rgba(0, 0, 0, 0.5)"; if (! $nav_active_icon_colour) $nav_active_icon_colour = "rgba(0, 0, 0, 0.7)"; if (! $radius) $radius = "4px"; if (! $banner_colour) $banner_colour = "rgba(0, 0, 0, 0.7)"; + diff --git a/view/tpl/activity_filter_widget.tpl b/view/tpl/activity_filter_widget.tpl index 1eb11c10f..7d10100ba 100644 --- a/view/tpl/activity_filter_widget.tpl +++ b/view/tpl/activity_filter_widget.tpl @@ -17,7 +17,7 @@ </form> </div> <script> - $("#cid-filter").name_autocomplete(baseurl + '/acl', 'a', true, function(data) { + $("#cid-filter").contact_autocomplete(baseurl + '/acl', 'a', true, function(data) { $("#cid").val(data.id); }); </script> |