diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/attach.php | 2 | ||||
-rw-r--r-- | include/feedutils.php | 10 | ||||
-rw-r--r-- | include/items.php | 45 | ||||
-rw-r--r-- | include/text.php | 100 |
4 files changed, 108 insertions, 49 deletions
diff --git a/include/attach.php b/include/attach.php index fc146d008..b7fb17f38 100644 --- a/include/attach.php +++ b/include/attach.php @@ -220,7 +220,7 @@ function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $ $sql_extra .= protect_sprintf(" and filetype like '%" . dbesc($filetype) . "%' "); if($entries) - $limit = " limit " . intval($start) . ", " . intval($entries) . " "; + $limit = " LIMIT " . intval($entries) . " OFFSET " . intval($start) . " "; if(! $since) $since = NULL_DATE; diff --git a/include/feedutils.php b/include/feedutils.php index b657c28d0..a2d52c698 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -1829,11 +1829,11 @@ function atom_author($tag, $nick, $name, $uri, $h, $w, $type, $photo) { */ function atom_render_author($tag, $xchan) { - $nick = xmlify(substr($xchan['xchan_addr'], 0, strpos($xchan['xchan_addr'], '@'))); - $id = xmlify($xchan['xchan_url']); - $name = xmlify($xchan['xchan_name']); - $photo = xmlify($xchan['xchan_photo_l']); - $type = xmlify($xchan['xchan_photo_mimetype']); + $nick = ((!empty($xchan['xchan_addr'])) ? xmlify(substr($xchan['xchan_addr'], 0, strpos($xchan['xchan_addr'], '@'))) : ''); + $id = ((!empty($xchan['xchan_url'])) ? xmlify($xchan['xchan_url']) : ''); + $name = ((!empty($xchan['xchan_name'])) ? xmlify($xchan['xchan_name']) : ''); + $photo = ((!empty($xchan['xchan_photo_l'])) ? xmlify($xchan['xchan_photo_l']) : ''); + $type = ((!empty($xchan['xchan_photo_mimetype'])) ? xmlify($xchan['xchan_photo_mimetype']) : ''); $w = $h = 300; $o = "<$tag>\r\n"; diff --git a/include/items.php b/include/items.php index 989edf683..f6a93cc2c 100644 --- a/include/items.php +++ b/include/items.php @@ -719,12 +719,12 @@ function get_item_elements($x,$allow_code = false) { $arr['comment_policy'] = (($x['comment_scope']) ? htmlspecialchars($x['comment_scope'], ENT_COMPAT,'UTF-8',false) : 'contacts'); - $arr['sig'] = (($x['signature']) ? htmlspecialchars($x['signature'], ENT_COMPAT,'UTF-8',false) : ''); - $arr['obj'] = activity_sanitise($x['object']); - $arr['target'] = activity_sanitise($x['target']); - $arr['attach'] = activity_sanitise($x['attach']); - $arr['term'] = decode_tags($x['tags']); - $arr['iconfig'] = decode_item_meta($x['meta']); + $arr['sig'] = ((!empty($x['signature'])) ? htmlspecialchars($x['signature'], ENT_COMPAT,'UTF-8',false) : ''); + $arr['obj'] = ((!empty($x['object'])) ? activity_sanitise($x['object']) : ''); + $arr['target'] = ((!empty($x['target'])) ? activity_sanitise($x['target']) : ''); + $arr['attach'] = ((!empty($x['attach'])) ? activity_sanitise($x['attach']) : ''); + $arr['term'] = ((!empty($x['tags'])) ? decode_tags($x['tags']) : ''); + $arr['iconfig'] = ((!empty($x['meta'])) ? decode_item_meta($x['meta']) : ''); $arr['item_flags'] = 0; if(array_key_exists('flags',$x)) { @@ -1539,6 +1539,39 @@ function item_sign(&$item) { $item['item_verified'] = 1; } +/** + * @brief packs json data for storage. + * if it is a string, check if it is already json encoded. + * Otherwise, json encode it + * If it is an array, sanitise it and then json_encode it. + * + * @param array $arr + * @param string | intval $k + * + * @return string | null + */ + +function item_json_encapsulate($arr, $k) { + $retval = null; + + if (isset($arr[$k])) { + if (is_string($arr[$k])) { + // determine if it is json encoded already + $test = json_decode($arr[$k]); + // assume it is json encoded already + $retval = $arr[$k]; + if ($test === NULL) { + $retval = json_encode($arr[$k], JSON_UNESCAPED_SLASHES); + } + } + else { + activity_sanitise($arr[$k]); + $retval = json_encode($arr[$k], JSON_UNESCAPED_SLASHES); + } + } + + return $retval; +} /** * @brief Stores an item type record. diff --git a/include/text.php b/include/text.php index d84b36378..aadca80e1 100644 --- a/include/text.php +++ b/include/text.php @@ -3301,61 +3301,87 @@ function json_url_replace($old,$new,&$s) { return $replaced; } +function item_url_replace($channel, &$item, $old, $new, $oldnick = '') { -function item_url_replace($channel,&$item,$old,$new,$oldnick = '') { - - if($item['attach']) { - json_url_replace($old,$new,$item['attach']); - if($oldnick && ($oldnick !== $channel['channel_address'])) - json_url_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['attach']); - } - if($item['object']) { - json_url_replace($old,$new,$item['object']); - if($oldnick && ($oldnick !== $channel['channel_address'])) - json_url_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['object']); + if (!empty($item['attach'])) { + $converted = false; + if (is_array($item['attach'])) { + $item['attach'] = item_json_encapsulate($item,'attach'); + $converted = true; + } + json_url_replace($old, $new, $item['attach']); + if ($oldnick && ($oldnick !== $channel['channel_address'])) { + json_url_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['attach']); + } + if ($converted) { + $item['attach'] = json_decode($item['attach'],true); + } } - if($item['target']) { - json_url_replace($old,$new,$item['target']); - if($oldnick && ($oldnick !== $channel['channel_address'])) - json_url_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['target']); + + if (!empty($item['obj'])) { + $converted = false; + if (is_array($item['obj'])) { + $item['obj'] = item_json_encapsulate($item,'obj'); + $converted = true; + } + json_url_replace($old, $new, $item['obj']); + if ($oldnick && ($oldnick !== $channel['channel_address'])) { + json_url_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['obj']); + } + if ($converted) { + $item['obj'] = json_decode($item['obj'],true); + } } - $root_replaced = null; - $nick_replaced = null; + if (!empty($item['target'])) { + $converted = false; + if (is_array($item['target'])) { + $item['target'] = item_json_encapsulate($item,'target'); + $converted = true; + } + json_url_replace($old, $new, $item['target']); + if ($oldnick && ($oldnick !== $channel['channel_address'])) { + json_url_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['target']); + } + if ($converted) { + $item['target'] = json_decode($item['target'],true); + } + } // FIXME: ignore anything in a share tag + $item['body'] = str_replace($old, $new, $item['body']); - $item['body'] = str_replace($old, $new, $item['body'], $root_replaced); - - if($oldnick && ($oldnick !== $channel['channel_address'])) { - $item['body'] = str_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['body'], $nick_replaced); + if ($oldnick && ($oldnick !== $channel['channel_address'])) { + $item['body'] = str_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['body']); } - if ($root_replaced || $nick_replaced) { - $item['sig'] = Libzot::sign($item['body'], $channel['channel_prvkey']); - $item['item_verified'] = 1; - } + $item['sig'] = Libzot::sign($item['body'], $channel['channel_prvkey']); + $item['item_verified'] = 1; - $item['plink'] = str_replace($old,$new,$item['plink']); - if($oldnick && ($oldnick !== $channel['channel_address'])) - $item['plink'] = str_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['plink']); + if (isset($item['plink'])) { + $item['plink'] = str_replace($old, $new, $item['plink']); + if ($oldnick && ($oldnick !== $channel['channel_address'])) { + $item['plink'] = str_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['plink']); + } + } - $item['llink'] = str_replace($old,$new,$item['llink']); - if($oldnick && ($oldnick !== $channel['channel_address'])) - $item['llink'] = str_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['llink']); + if (isset($item['llink'])) { + $item['llink'] = str_replace($old, $new, $item['llink']); + if ($oldnick && ($oldnick !== $channel['channel_address'])) { + $item['llink'] = str_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['llink']); + } + } - if($item['term']) { - for($x = 0; $x < count($item['term']); $x ++) { - $item['term'][$x]['url'] = str_replace($old,$new,$item['term'][$x]['url']); + if (isset($item['term']) && is_array($item['term'])) { + for ($x = 0; $x < count($item['term']); $x++) { + $item['term'][$x]['url'] = str_replace($old, $new, $item['term'][$x]['url']); if ($oldnick && ($oldnick !== $channel['channel_address'])) { - $item['term'][$x]['url'] = str_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['term'][$x]['url']); + $item['term'][$x]['url'] = str_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['term'][$x]['url']); } } } - } - /** * @brief Used to wrap ACL elements in angle brackets for storage. * |