From 0cf2e051bbe98166e99025bc1f32a6e8e08a26f2 Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 31 Mar 2012 14:48:35 -0700 Subject: escape % in file_tag_query as it is ultimately embedded in a sprintf --- include/text.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'include') diff --git a/include/text.php b/include/text.php index f758c37ee..64f6f72a8 100644 --- a/include/text.php +++ b/include/text.php @@ -1306,6 +1306,10 @@ function file_tag_decode($s) { } function file_tag_file_query($table,$s,$type = 'file') { + + // this is ultimately going into a vsprintf + $s = str_replace('%','%%',$s); + if($type == 'file') $str = preg_quote( '[' . file_tag_encode($s) . ']' ); else -- cgit v1.2.3 From 53f799f2bc125fadf527e3c65e8e9882d53d9aea Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 31 Mar 2012 15:25:17 -0700 Subject: handle escaped file chars in display and search --- include/contact_widgets.php | 2 +- include/text.php | 11 ++++------- 2 files changed, 5 insertions(+), 8 deletions(-) (limited to 'include') diff --git a/include/contact_widgets.php b/include/contact_widgets.php index 1f70e536f..7346b95af 100755 --- a/include/contact_widgets.php +++ b/include/contact_widgets.php @@ -87,7 +87,7 @@ function fileas_widget($baseurl,$selected = '') { $cnt = preg_match_all('/\[(.*?)\]/',$saved,$matches,PREG_SET_ORDER); if($cnt) { foreach($matches as $mtch) { - $unescaped = file_tag_decode($mtch[1]); + $unescaped = xmlify(file_tag_decode($mtch[1])); $terms[] = array('name' => $unescaped,'selected' => (($selected == $unescaped) ? 'selected' : '')); } } diff --git a/include/text.php b/include/text.php index 64f6f72a8..191f4fca8 100644 --- a/include/text.php +++ b/include/text.php @@ -920,7 +920,7 @@ function prepare_body($item,$attach = false) { foreach($matches as $mtch) { if(strlen($x)) $x .= ','; - $x .= file_tag_decode($mtch[1]); + $x .= xmlify(file_tag_decode($mtch[1])); } if(strlen($x)) $s .= '
' . t('Categories:') . ' ' . $x . '
'; @@ -935,7 +935,7 @@ function prepare_body($item,$attach = false) { foreach($matches as $mtch) { if(strlen($x)) $x .= '   '; - $x .= file_tag_decode($mtch[1]). ' ' . t('[remove]') . ''; + $x .= xmlify(file_tag_decode($mtch[1])) . ' ' . t('[remove]') . ''; } if(strlen($x) && (local_user() == $item['uid'])) $s .= '
' . t('Filed under:') . ' ' . $x . '
'; @@ -1307,13 +1307,10 @@ function file_tag_decode($s) { function file_tag_file_query($table,$s,$type = 'file') { - // this is ultimately going into a vsprintf - $s = str_replace('%','%%',$s); - if($type == 'file') - $str = preg_quote( '[' . file_tag_encode($s) . ']' ); + $str = preg_quote( '[' . str_replace('%','%%',file_tag_encode($s)) . ']' ); else - $str = preg_quote( '<' . file_tag_encode($s) . '>' ); + $str = preg_quote( '<' . str_replace('%','%%',file_tag_encode($s)) . '>' ); return " AND " . (($table) ? dbesc($table) . '.' : '') . "file regexp '" . dbesc($str) . "' "; } -- cgit v1.2.3 From e6fd6bfd89ada9b5aeea8fcac1614546deba85aa Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 31 Mar 2012 17:44:34 -0700 Subject: more error handling --- include/conversation.php | 2 +- include/network.php | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index a9fb807ad..5a922b2b5 100755 --- a/include/conversation.php +++ b/include/conversation.php @@ -250,7 +250,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { $threads = array(); $threadsid = -1; - if(count($items)) { + if($items && count($items)) { if($mode === 'network-new' || $mode === 'search' || $mode === 'community') { diff --git a/include/network.php b/include/network.php index 22157ff18..9e1ed2091 100755 --- a/include/network.php +++ b/include/network.php @@ -364,6 +364,9 @@ function lrdd($uri, $debug = false) { logger('lrdd: host_meta: ' . $xml, LOGGER_DATA); + if(! stristr($xml,'