From 5e112b395ddb80b72891361b259b4d3fafa7efc2 Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 3 Jun 2022 08:51:54 +0000 Subject: oembed: implement a max oembed size which defaults to 1MB and do not try to oembed text previews --- include/oembed.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'include') diff --git a/include/oembed.php b/include/oembed.php index 36938c577..bcf5d525c 100644 --- a/include/oembed.php +++ b/include/oembed.php @@ -163,6 +163,25 @@ function oembed_fetch_url($embedurl){ $txt = EMPTY_STR; + if ($action !== 'block') { + $max_oembed_size = get_config('system', 'oembed_max_size', 1 * 1024 * 1024 /* 1MB */); + + stream_context_set_default( + [ + 'http' => [ + 'method' => 'HEAD', + 'timeout' => 5 + ] + ] + ); + + $headers = get_headers($furl, true); + + if (isset($headers['Content-Length']) && $headers['Content-Length'] > $max_oembed_size) { + $action = 'block'; + } + } + if ($action !== 'block') { // try oembed autodiscovery $redirects = 0; -- cgit v1.2.3 From 5e2bb874c847b576c79eb648e5bd45319688cfdb Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Tue, 14 Jun 2022 23:19:09 +0200 Subject: Fix Opengraph images inside zmg opening tag --- include/opengraph.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/opengraph.php b/include/opengraph.php index 465acbd39..f62970c5d 100644 --- a/include/opengraph.php +++ b/include/opengraph.php @@ -21,7 +21,7 @@ $ogtitle = $item['title']; // find first image if exist - if(preg_match("/\[[zi]mg(=[0-9]+x[0-9]+)?\]([^\[]+)/is", $item['body'], $matches)) { + if (preg_match("/\[[zi]mg(=[0-9]+x[0-9]+)?\]([^\[]+)/is", $item['body'], $matches) || preg_match("/\[[zi]mg(=)([^\]]+)/is", $item['body'], $matches)) { $ogimage = $matches[2]; $ogimagetype = guess_image_type($ogimage); } -- cgit v1.2.3 From d6a9a9927c23e8b4307dc2164407481f8c542682 Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 15 Jul 2022 17:50:02 +0000 Subject: HQ dashboard - initial checkin --- include/attach.php | 3 ++- include/conversation.php | 5 ++++- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/attach.php b/include/attach.php index 2109b84f1..32a86fcba 100644 --- a/include/attach.php +++ b/include/attach.php @@ -2702,10 +2702,11 @@ function attach_move($channel_id, $resource_id, $new_folder_hash, $newname = '', } - q("update attach set content = '%s', folder = '%s', filename = '%s' where id = %d", + q("update attach set content = '%s', folder = '%s', filename = '%s', edited = '%s' where id = %d", dbescbin($newstorepath), dbesc($new_folder_hash), dbesc($filename), + dbesc(datetime_convert()), intval($r[0]['id']) ); diff --git a/include/conversation.php b/include/conversation.php index 1d6295df7..d509342d4 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1719,12 +1719,14 @@ function prepare_page($item) { } $body = prepare_body($item, true, [ 'newwin' => false ]); + $edit_link = (($item['uid'] === local_channel()) ? z_root() . '/editwebpage/' . argv(1) . '/' . $item['id'] : ''); if(App::$page['template'] == 'none') { $tpl = 'page_display_empty.tpl'; return replace_macros(get_markup_template($tpl), array( - '$body' => $body['html'] + '$body' => $body['html'], + '$edit_link' => $edit_link )); } @@ -1741,6 +1743,7 @@ function prepare_page($item) { '$body' => $body['html'], '$preview' => $preview, '$link' => $link, + '$edit_link' => $edit_link )); } -- cgit v1.2.3