diff options
| -rw-r--r-- | Zotlabs/Zot/Receiver.php | 4 | ||||
| -rw-r--r-- | include/bbcode.php | 2 | ||||
| -rw-r--r-- | include/markdown.php | 4 | ||||
| -rwxr-xr-x | include/plugin.php | 1 |
4 files changed, 6 insertions, 5 deletions
diff --git a/Zotlabs/Zot/Receiver.php b/Zotlabs/Zot/Receiver.php index 71d57eb35..0050a2559 100644 --- a/Zotlabs/Zot/Receiver.php +++ b/Zotlabs/Zot/Receiver.php @@ -138,7 +138,6 @@ class Receiver { * This packet is optionally encrypted, which we will discover if the json has an 'iv' element. * $contents => array( 'alg' => 'aes256cbc', 'iv' => initialisation vector, 'key' => decryption key, 'data' => encrypted data); * $contents->iv and $contents->key are random strings encrypted with this site's RSA public key and then base64url encoded. - * Currently only 'aes256cbc' is used, but this is extensible should that algorithm prove inadequate. * * Once decrypted, one will find the normal json_encoded zot message packet. * @@ -156,7 +155,8 @@ class Receiver { * }, * "recipients": { optional recipient array }, * "callback":"\/post", - * "version":1, + * "version":"1.2", + * "encryption":["aes256cbc"], * "secret":"1eaa...", * "secret_sig": "df89025470fac8..." * } diff --git a/include/bbcode.php b/include/bbcode.php index c0033f280..2f15cefe1 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -776,7 +776,7 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false) // Perform URL Search - $urlchars = '[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,\@\(\)]'; + $urlchars = '[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]'; if (strpos($Text,'http') !== false) { if($tryoembed) { diff --git a/include/markdown.php b/include/markdown.php index 7e1f1c42c..a9617f72b 100644 --- a/include/markdown.php +++ b/include/markdown.php @@ -199,10 +199,10 @@ function markdown_to_bb($s, $use_zrl = false) { // Convert everything that looks like a link to a link if($use_zrl) { $s = str_replace(array('[img','/img]'),array('[zmg','/zmg]'),$s); - $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\(\)]+)/ism", '$1[zrl=$2$3]$2$3[/zrl]',$s); + $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ism", '$1[zrl=$2$3]$2$3[/zrl]',$s); } else { - $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\(\)]+)/ism", '$1[url=$2$3]$2$3[/url]',$s); + $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ism", '$1[url=$2$3]$2$3[/url]',$s); } // remove duplicate adjacent code tags diff --git a/include/plugin.php b/include/plugin.php index 29474735e..db20152ea 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -356,6 +356,7 @@ function get_plugin_info($plugin){ return $info; $f = file_get_contents("addon/$plugin/$plugin.php"); + $f = escape_tags($f); $r = preg_match("|/\*.*\*/|msU", $f, $m); if ($r){ |