use Friendica\Util\DateTimeFormat;
use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Util\Temporal;
+use Friendica\Util\Strings;
use Friendica\Util\XML;
use Friendica\Util\Crypto;
. "<script> var profile_uid = " . $_SESSION['uid']
. "; var netargs = '" . substr($a->cmd, 8)
. '?f='
- . ((x($_GET, 'cid')) ? '&cid=' . $_GET['cid'] : '')
- . ((x($_GET, 'search')) ? '&search=' . $_GET['search'] : '')
- . ((x($_GET, 'star')) ? '&star=' . $_GET['star'] : '')
- . ((x($_GET, 'order')) ? '&order=' . $_GET['order'] : '')
- . ((x($_GET, 'bmark')) ? '&bmark=' . $_GET['bmark'] : '')
- . ((x($_GET, 'liked')) ? '&liked=' . $_GET['liked'] : '')
- . ((x($_GET, 'conv')) ? '&conv=' . $_GET['conv'] : '')
- . ((x($_GET, 'nets')) ? '&nets=' . $_GET['nets'] : '')
- . ((x($_GET, 'cmin')) ? '&cmin=' . $_GET['cmin'] : '')
- . ((x($_GET, 'cmax')) ? '&cmax=' . $_GET['cmax'] : '')
- . ((x($_GET, 'file')) ? '&file=' . $_GET['file'] : '')
+ . ((x($_GET, 'cid')) ? '&cid=' . rawurlencode($_GET['cid']) : '')
+ . ((x($_GET, 'search')) ? '&search=' . rawurlencode($_GET['search']) : '')
+ . ((x($_GET, 'star')) ? '&star=' . rawurlencode($_GET['star']) : '')
+ . ((x($_GET, 'order')) ? '&order=' . rawurlencode($_GET['order']) : '')
+ . ((x($_GET, 'bmark')) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
+ . ((x($_GET, 'liked')) ? '&liked=' . rawurlencode($_GET['liked']) : '')
+ . ((x($_GET, 'conv')) ? '&conv=' . rawurlencode($_GET['conv']) : '')
+ . ((x($_GET, 'nets')) ? '&nets=' . rawurlencode($_GET['nets']) : '')
+ . ((x($_GET, 'cmin')) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
+ . ((x($_GET, 'cmax')) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
+ . ((x($_GET, 'file')) ? '&file=' . rawurlencode($_GET['file']) : '')
. "'; var profile_page = " . $pager->getPage() . "; </script>\r\n";
}
if (!$update) {
$tab = 'posts';
if (x($_GET, 'tab')) {
- $tab = notags(trim($_GET['tab']));
+ $tab = Strings::escapeTags(trim($_GET['tab']));
}
if ($tab === 'posts') {
/*
$lock = false;
$likebuttons = false;
- $body = prepare_body($item, true, $preview);
+ $body = Item::prepareBody($item, true, $preview);
list($categories, $folders) = get_cats_and_terms($item);
'owner_name' => $owner_name_e,
'owner_url' => $owner_url,
'owner_photo' => System::removedBaseUrl(ProxyUtils::proxifyUrl($item['owner-avatar'], false, ProxyUtils::SIZE_THUMB)),
- 'plink' => get_plink($item),
+ 'plink' => Item::getPlink($item),
'edpost' => false,
'isstarred' => $isstarred,
'star' => $star,
'$mode' => $mode,
'$user' => $a->user,
'$threads' => $threads,
- '$dropping' => ($page_dropping && Feature::isEnabled(local_user(), 'multi_delete') ? L10n::t('Delete Selected Items') : False),
+ '$dropping' => ($page_dropping ? L10n::t('Delete Selected Items') : False),
]);
return $o;
$cid = 0;
$network = '';
$rel = 0;
- $condition = ['uid' => local_user(), 'nurl' => normalise_link($item['author-link'])];
+ $condition = ['uid' => local_user(), 'nurl' => Strings::normaliseLink($item['author-link'])];
$contact = DBA::selectFirst('contact', ['id', 'network', 'rel'], $condition);
if (DBA::isResult($contact)) {
$cid = $contact['id'];
'$lockstate' => $x['lockstate'],
'$bang' => $x['bang'],
'$profile_uid' => $x['profile_uid'],
- '$preview' => Feature::isEnabled($x['profile_uid'], 'preview') ? L10n::t('Preview') : '',
+ '$preview' => L10n::t('Preview'),
'$jotplugins' => $jotplugins,
'$notes_cid' => $notes_cid,
'$sourceapp' => L10n::t($a->sourcename),
projects / friendica.git / blobdiff