4 files changed, 63 insertions, 1 deletions
diff --git a/include/bbcode.php b/include/bbcode.php
index bb9144b1d..84f0f3dda 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -4,6 +4,8 @@
  * @brief BBCode related functions for parsing, etc.
  */
 
+use Zotlabs\Lib\SvgSanitizer;
+
 require_once('include/oembed.php');
 require_once('include/event.php');
 require_once('include/zot.php');
@@ -267,6 +269,22 @@ function bb_parse_app($match) {
 		return Zotlabs\Lib\Apps::app_render($app);
 }
 
+function bb_svg($match) {
+
+	$params = str_replace(['<br>', '&quot;'], [ '', '"'],$match[1]);
+	$Text = str_replace([ '[',']' ], [ '<','>' ], $match[2]);
+	
+	$output =  '<svg' . (($params) ? $params : ' width="100%" height="480" ') . '>' . str_replace(['<br>', '&quot;', '&nbsp;'], [ '', '"', ' '],$Text) . '</svg>';
+
+	$purify = new SvgSanitizer();
+	$purify->loadXML($output);
+	$purify->sanitize();
+	$output = $purify->saveSVG();
+	$output = preg_replace("/\<\?xml(.*?)\?\>/",'',$output);
+	return $output;
+}
+
+
 function bb_parse_element($match) {
 	$j = json_decode(base64url_decode($match[1]),true);
 
@@ -1289,6 +1307,9 @@ function bbcode($Text, $options = []) {
 		$Text = preg_replace_callback("/\[zaudio\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mp3|opus|m4a))\[\/zaudio\]/ism", 'tryzrlaudio', $Text);
 	}
 
+	// SVG stuff
+	$Text = preg_replace_callback("/\[svg(.*?)\](.*?)\[\/svg\]/ism", 'bb_svg', $Text);
+
 	// Try to Oembed
 	if ($tryoembed) {
 		if (strpos($Text,'[/video]') !== false) {
diff --git a/include/follow.php b/include/follow.php
index 50b952881..a4d382545 100644
--- a/include/follow.php
+++ b/include/follow.php
@@ -142,7 +142,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 		$sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : '');
 		
 
-		$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' $sql_options ",
+		$r = q("select * from xchan where (xchan_addr = '%s' or xchan_url = '%s') $sql_options ",
 			dbesc($url),
 			dbesc($url)
 		);
diff --git a/include/items.php b/include/items.php
index 6786b8b05..917808ad5 100755
--- a/include/items.php
+++ b/include/items.php
@@ -206,6 +206,25 @@ function collect_recipients($item, &$private_envelope,$include_groups = true) {
 }
 
 function comments_are_now_closed($item) {
+
+	$x = [
+		'item' => $item,
+		'closed' => 'unset'
+	];
+
+	/**
+	 * @hooks comments_are_now_closed
+	 *   Called to determine whether commenting should be closed
+	 *   * \e array \b item
+	 *   * \e boolean \b closed - return value
+	 */
+
+	call_hooks('comments_are_now_closed', $x);
+
+	if ($x['closed'] != 'unset') {
+		return $x['closed'];
+	}
+
 	if($item['comments_closed'] > NULL_DATE) {
 		$d = datetime_convert();
 		if($d > $item['comments_closed'])
diff --git a/include/text.php b/include/text.php
index 54ad9ec7a..2496ca934 100644
--- a/include/text.php
+++ b/include/text.php
@@ -9,6 +9,8 @@ use Michelf\MarkdownExtra;
 use Ramsey\Uuid\Uuid;
 use Ramsey\Uuid\Exception\UnsatisfiedDependencyException;
 
+use Zotlabs\Lib\SvgSanitizer;
+
 require_once("include/bbcode.php");
 
 // random string, there are 86 characters max in text mode, 128 for hex
@@ -3648,3 +3650,23 @@ function new_uuid() {
 
 	return $hash;
 }
+
+
+function svg2bb($s) {
+
+	$s = preg_replace("/\<text (.*?)\>(.*?)\<(.*?)\<\/text\>/", '<text $1>$2&lt;$3</text>', $s);
+	$s = preg_replace("/\<text (.*?)\>(.*?)\>(.*?)\<\/text\>/", '<text $1>$2&gt;$3</text>', $s);
+	$s = preg_replace("/\<text (.*?)\>(.*?)\[(.*?)\<\/text\>/", '<text $1>$2&#91;$3</text>', $s);
+	$s = preg_replace("/\<text (.*?)\>(.*?)\](.*?)\<\/text\>/", '<text $1>$2&#93;$3</text>', $s);
+	$s = utf8_encode($s);
+	$purify = new SvgSanitizer();
+	if ($purify->loadXML($s)) {
+		$purify->sanitize();
+		$output = $purify->saveSVG();
+		$output = preg_replace("/\<\?xml(.*?)\>/",'',$output);
+		$output = preg_replace("/\<\!\-\-(.*?)\-\-\>/",'',$output);
+		$output = str_replace(['<','>'],['[',']'],$output);
+		return $output;
+	}
+	return EMPTY_STR;
+}