diff options
Diffstat (limited to 'include/zid.php')
| -rw-r--r-- | include/zid.php | 44 |
1 files changed, 27 insertions, 17 deletions
diff --git a/include/zid.php b/include/zid.php index b38457d99..b74e82930 100644 --- a/include/zid.php +++ b/include/zid.php @@ -1,5 +1,6 @@ <?php +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libzot; use Zotlabs\Lib\Verify; @@ -37,10 +38,16 @@ function is_matrix_url($url) { * @return string */ function zid($s, $address = '') { - if (!$s || strpos($s,'zid=')) + if (!$s || strpos($s,'zid=')) { return $s; + } $m = parse_url($s); + + if (!is_array($m)) { + return $s; + } + $fragment = ((array_key_exists('fragment',$m) && $m['fragment']) ? $m['fragment'] : false); if($fragment !== false) $s = str_replace('#' . $fragment,'',$s); @@ -143,6 +150,9 @@ function clean_query_string($s = '') { */ function drop_query_params($s, $p) { + + $s = unescape_tags($s); + $parsed = parse_url($s); $query = ''; $query_args = null; @@ -165,7 +175,7 @@ function drop_query_params($s, $p) { $parsed['query'] = $query; } - return unparse_url($parsed); + return escape_tags(unparse_url($parsed)); } @@ -254,25 +264,25 @@ function zidify_text($s) { */ function red_zrl_callback($matches) { - // Catch and exclude trailing punctuation - preg_match("/[.,;:!?)]*$/i", $matches[2], $pts); - $matches[2] = substr($matches[2], 0, strlen($matches[2])-strlen($pts[0])); + // Catch and exclude trailing punctuation + preg_match("/[.,;:!?)]*$/i", $matches[2], $pts); + $matches[2] = substr($matches[2], 0, strlen($matches[2])-strlen($pts[0])); - $zrl = is_matrix_url($matches[2]); + $zrl = is_matrix_url($matches[2]); - $t = strip_zids($matches[2]); - if($t !== $matches[2]) { - $zrl = true; - $matches[2] = $t; - } + $t = strip_zids($matches[2]); + if($t !== $matches[2]) { + $zrl = true; + $matches[2] = $t; + } - if($matches[1] === '#^') - $matches[1] = ''; + if($matches[1] === '#^') + $matches[1] = ''; - if($zrl) - return $matches[1] . '#^[zrl=' . $matches[2] . ']' . $matches[2] . '[/zrl]' . $pts[0]; + if($zrl) + return $matches[1] . '#^[zrl=' . $matches[2] . ']' . $matches[2] . '[/zrl]' . $pts[0]; - return $matches[1] . '#^[url=' . $matches[2] . ']' . $matches[2] . '[/url]' . $pts[0]; + return $matches[1] . '#^[url=' . $matches[2] . ']' . $matches[2] . '[/url]' . $pts[0]; } /** @@ -406,7 +416,7 @@ function owt_init($token) { App::set_observer($hubloc); require_once('include/security.php'); App::set_groups(init_groups_visitor($_SESSION['visitor_id'])); - if(! get_config('system', 'hide_owa_greeting')) + if(! Config::Get('system', 'hide_owa_greeting')) info(sprintf( t('OpenWebAuth: %1$s welcomes %2$s'),App::get_hostname(), $hubloc['xchan_name'])); logger('OpenWebAuth: auth success from ' . $hubloc['xchan_addr']); |