From 2de2c8e207aae66280a7be6bccfe64558534a54e Mon Sep 17 00:00:00 2001 From: Harald Eilertsen Date: Sat, 26 Nov 2022 15:45:37 +0100 Subject: Fix Category widget URLs The category widget template expects a URL without any query params, as it appends `/?cat=` to the base URL passed to it. The Widget code tried to preserve any query param passed to it except for the `cat` query param. When passed to the template, this caused the invalid URLs to be generated. Example input url: https://example.com/channel/user?f=&tag=pasta The URL generated for the "Dinner" category would then be: https://example.com/channel/user&tag=pasta&tag=pasta/?cat=Dinner Which is troublesome in more than one way, and cause at least some search bots to go wild by sending requests with increasingly long URLs. This patch will simply discard the existing query params in the URL, so with the same input url, the generated URL for the "Dinner" category will now be: https://example.com/channel/user/?cat=Dinner This is comparable to what the Category Cloud and Tag Cloud widgets already do. --- Zotlabs/Widget/Categories.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Widget/Categories.php b/Zotlabs/Widget/Categories.php index b31856e48..b0eda253b 100644 --- a/Zotlabs/Widget/Categories.php +++ b/Zotlabs/Widget/Categories.php @@ -24,15 +24,16 @@ class Categories { } $cat = ((x($_REQUEST, 'cat')) ? htmlspecialchars($_REQUEST['cat'], ENT_COMPAT, 'UTF-8') : ''); - $srchurl = App::$query_string; - $srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is', '', $srchurl), '&'); - $srchurl = str_replace(['?f=','&f=', '/?'], ['', '', ''], $srchurl); + + // Discard queries from the current URL, as the template expects a base + // URL without any queries. + $base = substr(App::$query_string, 0, strcspn(App::$query_string, '?')); if($files) { - return filecategories_widget($srchurl, $cat); + return filecategories_widget($base, $cat); } - return categories_widget($srchurl, $cat); + return categories_widget($base, $cat); } } -- cgit v1.2.3