From d194ee091af0ee15c7f63def7e8c07ee29e38f39 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 6 Sep 2013 05:25:10 -0700 Subject: encode and decode channel names containing HTML special characters and quotes so they will survive a reshare without mangling --- include/bbcode.php | 22 +--------------------- mod/display.php | 6 +++--- mod/share.php | 2 +- 3 files changed, 5 insertions(+), 25 deletions(-) diff --git a/include/bbcode.php b/include/bbcode.php index 4647b8567..997cbac2e 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -106,48 +106,28 @@ function bb_ShareAttributes($match) { $author = ""; preg_match("/author='(.*?)'/ism", $attributes, $matches); if ($matches[1] != "") - $author = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8'); - - preg_match('/author="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") - $author = $matches[1]; + $author = urldecode($matches[1]); $link = ""; preg_match("/link='(.*?)'/ism", $attributes, $matches); if ($matches[1] != "") $link = $matches[1]; - preg_match('/link="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") - $link = $matches[1]; - $avatar = ""; preg_match("/avatar='(.*?)'/ism", $attributes, $matches); if ($matches[1] != "") $avatar = $matches[1]; - preg_match('/avatar="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") - $avatar = $matches[1]; - $profile = ""; preg_match("/profile='(.*?)'/ism", $attributes, $matches); if ($matches[1] != "") $profile = $matches[1]; - preg_match('/profile="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") - $profile = $matches[1]; - $posted = ""; preg_match("/posted='(.*?)'/ism", $attributes, $matches); if ($matches[1] != "") $posted = $matches[1]; - preg_match('/posted="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") - $posted = $matches[1]; - // FIXME - this should really be a wall-item-ago so it will get updated on the client $reldate = (($posted) ? relative_date($posted) : ''); diff --git a/mod/display.php b/mod/display.php index 110dd1807..63b5fa29b 100644 --- a/mod/display.php +++ b/mod/display.php @@ -19,7 +19,6 @@ function display_content(&$a, $update = 0, $load = false) { $a->page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array()); - if(argc() > 1 && argv(1) !== 'load') $item_hash = argv(1); @@ -91,7 +90,6 @@ function display_content(&$a, $update = 0, $load = false) { $sql_extra = public_permissions_sql(get_observer_hash()); - if($update && $load) { $updateable = false; @@ -109,8 +107,10 @@ function display_content(&$a, $update = 0, $load = false) { intval(local_user()), dbesc($target_item['parent_mid']) ); - if($r) + if($r) { $updateable = true; + + } } if($r === null) { $r = q("SELECT * from item diff --git a/mod/share.php b/mod/share.php index f0b14541f..1f767578d 100644 --- a/mod/share.php +++ b/mod/share.php @@ -21,7 +21,7 @@ function share_init(&$a) { $pos = strpos($r[0]['body'], "[share"); $o = substr($r[0]['body'], $pos); } else { - $o = "[share author='".str_replace("'", "'",$r[0]['author']['xchan_name']). + $o = "[share author='".urlencode($r[0]['author']['xchan_name']). "' profile='".$r[0]['author']['xchan_url'] . "' avatar='".$r[0]['author']['xchan_photo_s']. "' link='".$r[0]['plink']. -- cgit v1.2.3