From 286326a98e8d5de102ce58eee581c6c2e9fa6c06 Mon Sep 17 00:00:00 2001
From: Max Kostikov <max@kostikov.co>
Date: Tue, 13 Nov 2018 11:38:49 +0100
Subject: Replace fetch_image_from_url() with z_fetch_url()

---
 Zotlabs/Module/Photo.php | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

(limited to 'Zotlabs')

diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php
index 95e3404fb..68cd7c4ac 100644
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -89,9 +89,8 @@ class Photo extends \Zotlabs\Web\Controller {
 			}
 
 			if(! $data) {
-				$data = fetch_image_from_url($default,$mimetype);
-			}
-			if(! $mimetype) {
+			    $x = z_fetch_url($default,true,0,[ 'novalidate' => true ]);
+				$data = ($x['success'] ? $x['body'] : EMPTY_STR);
 				$mimetype = 'image/png';
 			}
 		}
@@ -200,19 +199,22 @@ class Photo extends \Zotlabs\Web\Controller {
 			if(isset($resolution)) {
 				switch($resolution) {
 					case 4:
-						$data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(),$mimetype);
+						$default = z_root() . '/' . get_default_profile_photo();
 						break;
 					case 5:
-						$data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(80),$mimetype);
+						$default = z_root() . '/' . get_default_profile_photo(80);
 						break;
 					case 6:
-						$data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(48),$mimetype);
+						$default = z_root() . '/' . get_default_profile_photo(48);
 						break;
 					default:
 						killme();
 						// NOTREACHED
 						break;
 				}
+				$x = z_fetch_url($default,true,0,[ 'novalidate' => true ]);
+				$data = ($x['success'] ? $x['body'] : EMPTY_STR);
+				$mimetype = 'image/png';
 			}
 		}
 	
-- 
cgit v1.2.3


From d029e3dc167feb9048d2ba06d44b2162d1c45643 Mon Sep 17 00:00:00 2001
From: Max Kostikov <max@kostikov.co>
Date: Tue, 13 Nov 2018 11:39:42 +0100
Subject: Text formatting in Photo.php

---
 Zotlabs/Module/Photo.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'Zotlabs')

diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php
index 68cd7c4ac..27cdbf779 100644
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -90,8 +90,8 @@ class Photo extends \Zotlabs\Web\Controller {
 
 			if(! $data) {
 			    $x = z_fetch_url($default,true,0,[ 'novalidate' => true ]);
-				$data = ($x['success'] ? $x['body'] : EMPTY_STR);
-				$mimetype = 'image/png';
+			    $data = ($x['success'] ? $x['body'] : EMPTY_STR);
+			    $mimetype = 'image/png';
 			}
 		}
 		else {
-- 
cgit v1.2.3


From a1455596621fb19b614e71d6f5b3249067d2566b Mon Sep 17 00:00:00 2001
From: Max Kostikov <max@kostikov.co>
Date: Tue, 13 Nov 2018 11:45:18 +0100
Subject: Remove uneccessary include/photos.php

---
 Zotlabs/Module/Photo.php | 1 -
 1 file changed, 1 deletion(-)

(limited to 'Zotlabs')

diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php
index 27cdbf779..8d55eed2f 100644
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -4,7 +4,6 @@ namespace Zotlabs\Module;
 require_once('include/security.php');
 require_once('include/attach.php');
 require_once('include/photo/photo_driver.php');
-require_once('include/photos.php');
 
 
 class Photo extends \Zotlabs\Web\Controller {
-- 
cgit v1.2.3


From cf2f7f2132e11dc37d1d62576a5ea7ed8ee9839d Mon Sep 17 00:00:00 2001
From: Max Kostikov <max@kostikov.co>
Date: Tue, 13 Nov 2018 12:52:35 +0100
Subject: Update Photo.php

---
 Zotlabs/Module/Photo.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'Zotlabs')

diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php
index 8d55eed2f..30e8340e2 100644
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -198,20 +198,20 @@ class Photo extends \Zotlabs\Web\Controller {
 			if(isset($resolution)) {
 				switch($resolution) {
 					case 4:
-						$default = z_root() . '/' . get_default_profile_photo();
+						$default = get_default_profile_photo();
 						break;
 					case 5:
-						$default = z_root() . '/' . get_default_profile_photo(80);
+						$default = get_default_profile_photo(80);
 						break;
 					case 6:
-						$default = z_root() . '/' . get_default_profile_photo(48);
+						$default = get_default_profile_photo(48);
 						break;
 					default:
 						killme();
 						// NOTREACHED
 						break;
 				}
-				$x = z_fetch_url($default,true,0,[ 'novalidate' => true ]);
+				$x = z_fetch_url(z_root() . '/' . $default,true,0,[ 'novalidate' => true ]);
 				$data = ($x['success'] ? $x['body'] : EMPTY_STR);
 				$mimetype = 'image/png';
 			}
-- 
cgit v1.2.3


From f1d168f781fc14e55b85b6e0a4e214d18f2ec969 Mon Sep 17 00:00:00 2001
From: "DM42.Net (Matt Dent)" <dentm42@dm42.net>
Date: Tue, 13 Nov 2018 23:06:00 -0500
Subject: Fix double escaping after xss fix

---
 Zotlabs/Module/Search.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'Zotlabs')

diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php
index 272bbdac1..838f9d6b9 100644
--- a/Zotlabs/Module/Search.php
+++ b/Zotlabs/Module/Search.php
@@ -227,9 +227,9 @@ class Search extends \Zotlabs\Web\Controller {
 		}
 	
 		if($tag) 
-			$o .= '<h2>' . sprintf( t('Items tagged with: %s'),htmlspecialchars($search, ENT_COMPAT,'UTF-8')) . '</h2>';
+			$o .= '<h2>' . sprintf( t('Items tagged with: %s'),$search) . '</h2>';
 		else
-			$o .= '<h2>' . sprintf( t('Search results for: %s'),htmlspecialchars($search, ENT_COMPAT,'UTF-8')) . '</h2>';
+			$o .= '<h2>' . sprintf( t('Search results for: %s'),$search) . '</h2>';
 	
 		$o .= conversation($items,'search',$update,'client');
 	
-- 
cgit v1.2.3