use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Core\Logger;
+use Friendica\Core\Renderer;
use Friendica\Model\FileTag;
-
-require_once "include/conversation.php";
-
-/**
- * This is our template processor
- *
- * @param string|FriendicaSmarty $s the string requiring macro substitution,
- * or an instance of FriendicaSmarty
- * @param array $r key value pairs (search => replace)
- * @return string substituted string
- */
-function replace_macros($s, $r) {
-
- $stamp1 = microtime(true);
-
- $a = get_app();
-
- // pass $baseurl to all templates
- $r['$baseurl'] = System::baseUrl();
-
- $t = $a->getTemplateEngine();
- try {
- $output = $t->replaceMacros($s, $r);
- } catch (Exception $e) {
- echo "<pre><b>" . __FUNCTION__ . "</b>: " . $e->getMessage() . "</pre>";
- killme();
- }
-
- $a->saveTimestamp($stamp1, "rendering");
-
- return $output;
-}
-
-/**
- * @brief Generates a pseudo-random string of hexadecimal characters
- *
- * @param int $size
- * @return string
- */
-function random_string($size = 64)
-{
- $byte_size = ceil($size / 2);
-
- $bytes = random_bytes($byte_size);
-
- $return = substr(bin2hex($bytes), 0, $size);
-
- return $return;
-}
-
-/**
- * This is our primary input filter.
- *
- * The high bit hack only involved some old IE browser, forget which (IE5/Mac?)
- * that had an XSS attack vector due to stripping the high-bit on an 8-bit character
- * after cleansing, and angle chars with the high bit set could get through as markup.
- *
- * This is now disabled because it was interfering with some legitimate unicode sequences
- * and hopefully there aren't a lot of those browsers left.
- *
- * Use this on any text input where angle chars are not valid or permitted
- * They will be replaced with safer brackets. This may be filtered further
- * if these are not allowed either.
- *
- * @param string $string Input string
- * @return string Filtered string
- */
-function notags($string) {
- return str_replace(["<", ">"], ['[', ']'], $string);
-
-// High-bit filter no longer used
-// return str_replace(array("<",">","\xBA","\xBC","\xBE"), array('[',']','','',''), $string);
-}
-
-
-/**
- * use this on "body" or "content" input where angle chars shouldn't be removed,
- * and allow them to be safely displayed.
- * @param string $string
- * @return string
- */
-function escape_tags($string) {
- return htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false);
-}
-
-
-/**
- * generate a string that's random, but usually pronounceable.
- * used to generate initial passwords
- * @param int $len
- * @return string
- */
-function autoname($len) {
-
- if ($len <= 0) {
- return '';
- }
-
- $vowels = ['a','a','ai','au','e','e','e','ee','ea','i','ie','o','ou','u'];
- if (mt_rand(0, 5) == 4) {
- $vowels[] = 'y';
- }
-
- $cons = [
- 'b','bl','br',
- 'c','ch','cl','cr',
- 'd','dr',
- 'f','fl','fr',
- 'g','gh','gl','gr',
- 'h',
- 'j',
- 'k','kh','kl','kr',
- 'l',
- 'm',
- 'n',
- 'p','ph','pl','pr',
- 'qu',
- 'r','rh',
- 's','sc','sh','sm','sp','st',
- 't','th','tr',
- 'v',
- 'w','wh',
- 'x',
- 'z','zh'
- ];
-
- $midcons = ['ck','ct','gn','ld','lf','lm','lt','mb','mm', 'mn','mp',
- 'nd','ng','nk','nt','rn','rp','rt'];
-
- $noend = ['bl', 'br', 'cl','cr','dr','fl','fr','gl','gr',
- 'kh', 'kl','kr','mn','pl','pr','rh','tr','qu','wh','q'];
-
- $start = mt_rand(0,2);
- if ($start == 0) {
- $table = $vowels;
- } else {
- $table = $cons;
- }
-
- $word = '';
-
- for ($x = 0; $x < $len; $x ++) {
- $r = mt_rand(0,count($table) - 1);
- $word .= $table[$r];
-
- if ($table == $vowels) {
- $table = array_merge($cons,$midcons);
- } else {
- $table = $vowels;
- }
-
- }
-
- $word = substr($word,0,$len);
-
- foreach ($noend as $noe) {
- $noelen = strlen($noe);
- if ((strlen($word) > $noelen) && (substr($word, -$noelen) == $noe)) {
- $word = autoname($len);
- break;
- }
- }
-
- return $word;
-}
-
-
-/**
- * escape text ($str) for XML transport
- * @param string $str
- * @return string Escaped text.
- */
-function xmlify($str) {
- /// @TODO deprecated code found?
-/* $buffer = '';
-
- $len = mb_strlen($str);
- for ($x = 0; $x < $len; $x ++) {
- $char = mb_substr($str,$x,1);
-
- switch($char) {
-
- case "\r" :
- break;
- case "&" :
- $buffer .= '&';
- break;
- case "'" :
- $buffer .= ''';
- break;
- case "\"" :
- $buffer .= '"';
- break;
- case '<' :
- $buffer .= '<';
- break;
- case '>' :
- $buffer .= '>';
- break;
- case "\n" :
- $buffer .= "\n";
- break;
- default :
- $buffer .= $char;
- break;
- }
- }*/
- /*
- $buffer = mb_ereg_replace("&", "&", $str);
- $buffer = mb_ereg_replace("'", "'", $buffer);
- $buffer = mb_ereg_replace('"', """, $buffer);
- $buffer = mb_ereg_replace("<", "<", $buffer);
- $buffer = mb_ereg_replace(">", ">", $buffer);
- */
- $buffer = htmlspecialchars($str, ENT_QUOTES, "UTF-8");
- $buffer = trim($buffer);
-
- return $buffer;
-}
-
-
-/**
- * undo an xmlify
- * @param string $s xml escaped text
- * @return string unescaped text
- */
-function unxmlify($s) {
- /// @TODO deprecated code found?
-// $ret = str_replace('&','&', $s);
-// $ret = str_replace(array('<','>','"','''),array('<','>','"',"'"),$ret);
- /*$ret = mb_ereg_replace('&', '&', $s);
- $ret = mb_ereg_replace(''', "'", $ret);
- $ret = mb_ereg_replace('"', '"', $ret);
- $ret = mb_ereg_replace('<', "<", $ret);
- $ret = mb_ereg_replace('>', ">", $ret);
- */
- $ret = htmlspecialchars_decode($s, ENT_QUOTES);
- return $ret;
-}
-
-/**
- * Loader for infinite scrolling
- * @return string html for loader
- */
-function scroll_loader() {
- $tpl = get_markup_template("scroll_loader.tpl");
- return replace_macros($tpl, [
- 'wait' => L10n::t('Loading more entries...'),
- 'end' => L10n::t('The end')
- ]);
-}
-
+use Friendica\Util\Strings;
+use Friendica\Util\XML;
+use Friendica\Content\Text\HTML;
/**
* Turn user/group ACLs stored as angle bracketed text into arrays
*/
function sanitise_acl(&$item) {
if (intval($item)) {
- $item = '<' . intval(notags(trim($item))) . '>';
+ $item = '<' . intval(Strings::escapeTags(trim($item))) . '>';
} else {
unset($item);
}
return $ret;
}
-/**
- * load template $s
- *
- * @param string $s
- * @param string $root
- * @return string
- */
-function get_markup_template($s, $root = '') {
- $stamp1 = microtime(true);
-
- $a = get_app();
- $t = $a->getTemplateEngine();
- try {
- $template = $t->getTemplateFile($s, $root);
- } catch (Exception $e) {
- echo "<pre><b>" . __FUNCTION__ . "</b>: " . $e->getMessage() . "</pre>";
- killme();
- }
-
- $a->saveTimestamp($stamp1, "file");
-
- return $template;
-}
-
/**
* for html,xml parsing - let's say you've got
* an attribute foobar="class1 class2 class3"
return (($haystack === $needle) || ((basename($needle) === $haystack) && strstr($needle, NAMESPACE_ACTIVITY_SCHEMA)));
}
-
-/**
- * @brief Pull out all #hashtags and @person tags from $string.
- *
- * We also get @person@domain.com - which would make
- * the regex quite complicated as tags can also
- * end a sentence. So we'll run through our results
- * and strip the period from any tags which end with one.
- * Returns array of tags found, or empty array.
- *
- * @param string $string Post content
- * @return array List of tag and person names
- */
-function get_tags($string) {
- $ret = [];
-
- // Convert hashtag links to hashtags
- $string = preg_replace('/#\[url\=([^\[\]]*)\](.*?)\[\/url\]/ism', '#$2', $string);
-
- // ignore anything in a code block
- $string = preg_replace('/\[code\](.*?)\[\/code\]/sm', '', $string);
-
- // Force line feeds at bbtags
- $string = str_replace(['[', ']'], ["\n[", "]\n"], $string);
-
- // ignore anything in a bbtag
- $string = preg_replace('/\[(.*?)\]/sm', '', $string);
-
- // Match full names against @tags including the space between first and last
- // We will look these up afterward to see if they are full names or not recognisable.
-
- if (preg_match_all('/(@[^ \x0D\x0A,:?]+ [^ \x0D\x0A@,:?]+)([ \x0D\x0A@,:?]|$)/', $string, $matches)) {
- foreach ($matches[1] as $match) {
- if (strstr($match, ']')) {
- // we might be inside a bbcode color tag - leave it alone
- continue;
- }
- if (substr($match, -1, 1) === '.') {
- $ret[] = substr($match, 0, -1);
- } else {
- $ret[] = $match;
- }
- }
- }
-
- // Otherwise pull out single word tags. These can be @nickname, @first_last
- // and #hash tags.
-
- if (preg_match_all('/([!#@][^\^ \x0D\x0A,;:?]+)([ \x0D\x0A,;:?]|$)/', $string, $matches)) {
- foreach ($matches[1] as $match) {
- if (strstr($match, ']')) {
- // we might be inside a bbcode color tag - leave it alone
- continue;
- }
- if (substr($match, -1, 1) === '.') {
- $match = substr($match,0,-1);
- }
- // ignore strictly numeric tags like #1
- if ((strpos($match, '#') === 0) && ctype_digit(substr($match, 1))) {
- continue;
- }
- // try not to catch url fragments
- if (strpos($string, $match) && preg_match('/[a-zA-z0-9\/]/', substr($string, strpos($string, $match) - 1, 1))) {
- continue;
- }
- $ret[] = $match;
- }
- }
- return $ret;
-}
-
-
/**
* quick and dirty quoted_printable encoding
*
return str_replace("%", "=", rawurlencode($s));
}
-
-/**
- * Get html for contact block.
- *
- * @template contact_block.tpl
- * @hook contact_block_end (contacts=>array, output=>string)
- * @return string
- */
-function contact_block() {
- $o = '';
- $a = get_app();
-
- $shown = PConfig::get($a->profile['uid'], 'system', 'display_friend_count', 24);
- if ($shown == 0) {
- return;
- }
-
- if (!is_array($a->profile) || $a->profile['hide-friends']) {
- return $o;
- }
- $r = q("SELECT COUNT(*) AS `total` FROM `contact`
- WHERE `uid` = %d AND NOT `self` AND NOT `blocked`
- AND NOT `pending` AND NOT `hidden` AND NOT `archive`
- AND `network` IN ('%s', '%s', '%s')",
- intval($a->profile['uid']),
- DBA::escape(Protocol::DFRN),
- DBA::escape(Protocol::OSTATUS),
- DBA::escape(Protocol::DIASPORA)
- );
- if (DBA::isResult($r)) {
- $total = intval($r[0]['total']);
- }
- if (!$total) {
- $contacts = L10n::t('No contacts');
- $micropro = null;
- } else {
- // Splitting the query in two parts makes it much faster
- $r = q("SELECT `id` FROM `contact`
- WHERE `uid` = %d AND NOT `self` AND NOT `blocked`
- AND NOT `pending` AND NOT `hidden` AND NOT `archive`
- AND `network` IN ('%s', '%s', '%s')
- ORDER BY RAND() LIMIT %d",
- intval($a->profile['uid']),
- DBA::escape(Protocol::DFRN),
- DBA::escape(Protocol::OSTATUS),
- DBA::escape(Protocol::DIASPORA),
- intval($shown)
- );
- if (DBA::isResult($r)) {
- $contacts = [];
- foreach ($r AS $contact) {
- $contacts[] = $contact["id"];
- }
- $r = q("SELECT `id`, `uid`, `addr`, `url`, `name`, `thumb`, `network` FROM `contact` WHERE `id` IN (%s)",
- DBA::escape(implode(",", $contacts)));
-
- if (DBA::isResult($r)) {
- $contacts = L10n::tt('%d Contact', '%d Contacts', $total);
- $micropro = [];
- foreach ($r as $rr) {
- $micropro[] = micropro($rr, true, 'mpfriend');
- }
- }
- }
- }
-
- $tpl = get_markup_template('contact_block.tpl');
- $o = replace_macros($tpl, [
- '$contacts' => $contacts,
- '$nickname' => $a->profile['nickname'],
- '$viewcontacts' => L10n::t('View Contacts'),
- '$micropro' => $micropro,
- ]);
-
- $arr = ['contacts' => $r, 'output' => $o];
-
- Addon::callHooks('contact_block_end', $arr);
- return $o;
-
-}
-
-
-/**
- * @brief Format contacts as picture links or as texxt links
- *
- * @param array $contact Array with contacts which contains an array with
- * int 'id' => The ID of the contact
- * int 'uid' => The user ID of the user who owns this data
- * string 'name' => The name of the contact
- * string 'url' => The url to the profile page of the contact
- * string 'addr' => The webbie of the contact (e.g.) username@friendica.com
- * string 'network' => The network to which the contact belongs to
- * string 'thumb' => The contact picture
- * string 'click' => js code which is performed when clicking on the contact
- * @param boolean $redirect If true try to use the redir url if it's possible
- * @param string $class CSS class for the
- * @param boolean $textmode If true display the contacts as text links
- * if false display the contacts as picture links
-
- * @return string Formatted html
- */
-function micropro($contact, $redirect = false, $class = '', $textmode = false) {
-
- // Use the contact URL if no address is available
- if (!x($contact, "addr")) {
- $contact["addr"] = $contact["url"];
- }
-
- $url = $contact['url'];
- $sparkle = '';
- $redir = false;
-
- if ($redirect) {
- $url = Contact::magicLink($contact['url']);
- if (strpos($url, 'redir/') === 0) {
- $sparkle = ' sparkle';
- }
- }
-
- // If there is some js available we don't need the url
- if (x($contact, 'click')) {
- $url = '';
- }
-
- return replace_macros(get_markup_template(($textmode)?'micropro_txt.tpl':'micropro_img.tpl'),[
- '$click' => defaults($contact, 'click', ''),
- '$class' => $class,
- '$url' => $url,
- '$photo' => ProxyUtils::proxifyUrl($contact['thumb'], false, ProxyUtils::SIZE_THUMB),
- '$name' => $contact['name'],
- 'title' => $contact['name'] . ' [' . $contact['addr'] . ']',
- '$parkle' => $sparkle,
- '$redir' => $redir,
-
- ]);
-}
-
-/**
- * Search box.
- *
- * @param string $s Search query.
- * @param string $id HTML id
- * @param string $url Search url.
- * @param bool $save Show save search button.
- * @param bool $aside Display the search widgit aside.
- *
- * @return string Formatted HTML.
- */
-function search($s, $id = 'search-box', $url = 'search', $save = false, $aside = true)
-{
- $mode = 'text';
-
- if (strpos($s, '#') === 0) {
- $mode = 'tag';
- }
- $save_label = $mode === 'text' ? L10n::t('Save') : L10n::t('Follow');
-
- $values = [
- '$s' => htmlspecialchars($s),
- '$id' => $id,
- '$action_url' => $url,
- '$search_label' => L10n::t('Search'),
- '$save_label' => $save_label,
- '$savedsearch' => local_user() && Feature::isEnabled(local_user(),'savedsearch'),
- '$search_hint' => L10n::t('@name, !forum, #tags, content'),
- '$mode' => $mode
- ];
-
- if (!$aside) {
- $values['$searchoption'] = [
- L10n::t("Full Text"),
- L10n::t("Tags"),
- L10n::t("Contacts")];
-
- if (Config::get('system','poco_local_search')) {
- $values['$searchoption'][] = L10n::t("Forums");
- }
- }
-
- return replace_macros(get_markup_template('searchbox.tpl'), $values);
-}
-
-/**
- * @brief Check for a valid email string
- *
- * @param string $email_address
- * @return boolean
- */
-function valid_email($email_address)
-{
- return preg_match('/^[_a-zA-Z0-9\-\+]+(\.[_a-zA-Z0-9\-\+]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+$/', $email_address);
-}
-
-
-/**
- * Replace naked text hyperlink with HTML formatted hyperlink
- *
- * @param string $s
- */
-function linkify($s) {
- $s = preg_replace("/(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\'\%\$\!\+]*)/", ' <a href="$1" target="_blank">$1</a>', $s);
- $s = preg_replace("/\<(.*?)(src|href)=(.*?)\&\;(.*?)\>/ism",'<$1$2=$3&$4>',$s);
- return $s;
-}
-
-
-/**
- * Load poke verbs
- *
- * @return array index is present tense verb
- * value is array containing past tense verb, translation of present, translation of past
- * @hook poke_verbs pokes array
- */
-function get_poke_verbs() {
-
- // index is present tense verb
- // value is array containing past tense verb, translation of present, translation of past
-
- $arr = [
- 'poke' => ['poked', L10n::t('poke'), L10n::t('poked')],
- 'ping' => ['pinged', L10n::t('ping'), L10n::t('pinged')],
- 'prod' => ['prodded', L10n::t('prod'), L10n::t('prodded')],
- 'slap' => ['slapped', L10n::t('slap'), L10n::t('slapped')],
- 'finger' => ['fingered', L10n::t('finger'), L10n::t('fingered')],
- 'rebuff' => ['rebuffed', L10n::t('rebuff'), L10n::t('rebuffed')],
- ];
- Addon::callHooks('poke_verbs', $arr);
- return $arr;
-}
-
-/**
- * @brief Translate days and months names.
- *
- * @param string $s String with day or month name.
- * @return string Translated string.
- */
-function day_translate($s) {
- $ret = str_replace(['Monday','Tuesday','Wednesday','Thursday','Friday','Saturday','Sunday'],
- [L10n::t('Monday'), L10n::t('Tuesday'), L10n::t('Wednesday'), L10n::t('Thursday'), L10n::t('Friday'), L10n::t('Saturday'), L10n::t('Sunday')],
- $s);
-
- $ret = str_replace(['January','February','March','April','May','June','July','August','September','October','November','December'],
- [L10n::t('January'), L10n::t('February'), L10n::t('March'), L10n::t('April'), L10n::t('May'), L10n::t('June'), L10n::t('July'), L10n::t('August'), L10n::t('September'), L10n::t('October'), L10n::t('November'), L10n::t('December')],
- $ret);
-
- return $ret;
-}
-
-/**
- * @brief Translate short days and months names.
- *
- * @param string $s String with short day or month name.
- * @return string Translated string.
- */
-function day_short_translate($s) {
- $ret = str_replace(['Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun'],
- [L10n::t('Mon'), L10n::t('Tue'), L10n::t('Wed'), L10n::t('Thu'), L10n::t('Fri'), L10n::t('Sat'), L10n::t('Sun')],
- $s);
- $ret = str_replace(['Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov','Dec'],
- [L10n::t('Jan'), L10n::t('Feb'), L10n::t('Mar'), L10n::t('Apr'), L10n::t('May'), ('Jun'), L10n::t('Jul'), L10n::t('Aug'), L10n::t('Sep'), L10n::t('Oct'), L10n::t('Nov'), L10n::t('Dec')],
- $ret);
- return $ret;
-}
-
-
-/**
- * Normalize url
- *
- * @param string $url
- * @return string
- */
-function normalise_link($url) {
- $ret = str_replace(['https:', '//www.'], ['http:', '//'], $url);
- return rtrim($ret,'/');
-}
-
-
-/**
- * Compare two URLs to see if they are the same, but ignore
- * slight but hopefully insignificant differences such as if one
- * is https and the other isn't, or if one is www.something and
- * the other isn't - and also ignore case differences.
- *
- * @param string $a first url
- * @param string $b second url
- * @return boolean True if the URLs match, otherwise False
- *
- */
-function link_compare($a, $b) {
- return (strcasecmp(normalise_link($a), normalise_link($b)) === 0);
-}
-
-
/**
* @brief Find any non-embedded images in private items and add redir links to them
*
}
}
-/**
- * Sets the "rendered-html" field of the provided item
- *
- * Body is preserved to avoid side-effects as we modify it just-in-time for spoilers and private image links
- *
- * @param array $item
- * @param bool $update
- *
- * @todo Remove reference, simply return "rendered-html" and "rendered-hash"
- */
-function put_item_in_cache(&$item, $update = false)
-{
- $body = $item["body"];
-
- $rendered_hash = defaults($item, 'rendered-hash', '');
- $rendered_html = defaults($item, 'rendered-html', '');
-
- if ($rendered_hash == ''
- || $rendered_html == ""
- || $rendered_hash != hash("md5", $item["body"])
- || Config::get("system", "ignore_cache")
- ) {
- $a = get_app();
- redir_private_images($a, $item);
-
- $item["rendered-html"] = prepare_text($item["body"]);
- $item["rendered-hash"] = hash("md5", $item["body"]);
-
- $hook_data = ['item' => $item, 'rendered-html' => $item['rendered-html'], 'rendered-hash' => $item['rendered-hash']];
- Addon::callHooks('put_item_in_cache', $hook_data);
- $item['rendered-html'] = $hook_data['rendered-html'];
- $item['rendered-hash'] = $hook_data['rendered-hash'];
- unset($hook_data);
-
- // Force an update if the generated values differ from the existing ones
- if ($rendered_hash != $item["rendered-hash"]) {
- $update = true;
- }
-
- // Only compare the HTML when we forcefully ignore the cache
- if (Config::get("system", "ignore_cache") && ($rendered_html != $item["rendered-html"])) {
- $update = true;
- }
-
- if ($update && !empty($item["id"])) {
- Item::update(['rendered-html' => $item["rendered-html"], 'rendered-hash' => $item["rendered-hash"]],
- ['id' => $item["id"]]);
- }
- }
-
- $item["body"] = $body;
-}
-
-/**
- * @brief Given an item array, convert the body element from bbcode to html and add smilie icons.
- * If attach is true, also add icons for item attachments.
- *
- * @param array $item
- * @param boolean $attach
- * @param boolean $is_preview
- * @return string item body html
- * @hook prepare_body_init item array before any work
- * @hook prepare_body_content_filter ('item'=>item array, 'filter_reasons'=>string array) before first bbcode to html
- * @hook prepare_body ('item'=>item array, 'html'=>body string, 'is_preview'=>boolean, 'filter_reasons'=>string array) after first bbcode to html
- * @hook prepare_body_final ('item'=>item array, 'html'=>body string) after attach icons and blockquote special case handling (spoiler, author)
- */
-function prepare_body(array &$item, $attach = false, $is_preview = false)
-{
- $a = get_app();
- Addon::callHooks('prepare_body_init', $item);
-
- // In order to provide theme developers more possibilities, event items
- // are treated differently.
- if ($item['object-type'] === ACTIVITY_OBJ_EVENT && isset($item['event-id'])) {
- $ev = Event::getItemHTML($item);
- return $ev;
- }
-
- $tags = \Friendica\Model\Term::populateTagsFromItem($item);
-
- $item['tags'] = $tags['tags'];
- $item['hashtags'] = $tags['hashtags'];
- $item['mentions'] = $tags['mentions'];
-
- // Compile eventual content filter reasons
- $filter_reasons = [];
- if (!$is_preview && public_contact() != $item['author-id']) {
- if (!empty($item['content-warning']) && (!local_user() || !PConfig::get(local_user(), 'system', 'disable_cw', false))) {
- $filter_reasons[] = L10n::t('Content warning: %s', $item['content-warning']);
- }
-
- $hook_data = [
- 'item' => $item,
- 'filter_reasons' => $filter_reasons
- ];
- Addon::callHooks('prepare_body_content_filter', $hook_data);
- $filter_reasons = $hook_data['filter_reasons'];
- unset($hook_data);
- }
-
- // Update the cached values if there is no "zrl=..." on the links.
- $update = (!local_user() && !remote_user() && ($item["uid"] == 0));
-
- // Or update it if the current viewer is the intented viewer.
- if (($item["uid"] == local_user()) && ($item["uid"] != 0)) {
- $update = true;
- }
-
- put_item_in_cache($item, $update);
- $s = $item["rendered-html"];
-
- $hook_data = [
- 'item' => $item,
- 'html' => $s,
- 'preview' => $is_preview,
- 'filter_reasons' => $filter_reasons
- ];
- Addon::callHooks('prepare_body', $hook_data);
- $s = $hook_data['html'];
- unset($hook_data);
-
- if (!$attach) {
- // Replace the blockquotes with quotes that are used in mails.
- $mailquote = '<blockquote type="cite" class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">';
- $s = str_replace(['<blockquote>', '<blockquote class="spoiler">', '<blockquote class="author">'], [$mailquote, $mailquote, $mailquote], $s);
- return $s;
- }
-
- $as = '';
- $vhead = false;
- $matches = [];
- preg_match_all('|\[attach\]href=\"(.*?)\" length=\"(.*?)\" type=\"(.*?)\"(?: title=\"(.*?)\")?|', $item['attach'], $matches, PREG_SET_ORDER);
- foreach ($matches as $mtch) {
- $mime = $mtch[3];
-
- $the_url = Contact::magicLinkById($item['author-id'], $mtch[1]);
-
- if (strpos($mime, 'video') !== false) {
- if (!$vhead) {
- $vhead = true;
- $a->page['htmlhead'] .= replace_macros(get_markup_template('videos_head.tpl'), [
- '$baseurl' => System::baseUrl(),
- ]);
- }
-
- $url_parts = explode('/', $the_url);
- $id = end($url_parts);
- $as .= replace_macros(get_markup_template('video_top.tpl'), [
- '$video' => [
- 'id' => $id,
- 'title' => L10n::t('View Video'),
- 'src' => $the_url,
- 'mime' => $mime,
- ],
- ]);
- }
-
- $filetype = strtolower(substr($mime, 0, strpos($mime, '/')));
- if ($filetype) {
- $filesubtype = strtolower(substr($mime, strpos($mime, '/') + 1));
- $filesubtype = str_replace('.', '-', $filesubtype);
- } else {
- $filetype = 'unkn';
- $filesubtype = 'unkn';
- }
-
- $title = escape_tags(trim(!empty($mtch[4]) ? $mtch[4] : $mtch[1]));
- $title .= ' ' . $mtch[2] . ' ' . L10n::t('bytes');
-
- $icon = '<div class="attachtype icon s22 type-' . $filetype . ' subtype-' . $filesubtype . '"></div>';
- $as .= '<a href="' . strip_tags($the_url) . '" title="' . $title . '" class="attachlink" target="_blank" >' . $icon . '</a>';
- }
-
- if ($as != '') {
- $s .= '<div class="body-attach">'.$as.'<div class="clear"></div></div>';
- }
-
- // Map.
- if (strpos($s, '<div class="map">') !== false && x($item, 'coord')) {
- $x = Map::byCoordinates(trim($item['coord']));
- if ($x) {
- $s = preg_replace('/\<div class\=\"map\"\>/', '$0' . $x, $s);
- }
- }
-
-
- // Look for spoiler.
- $spoilersearch = '<blockquote class="spoiler">';
-
- // Remove line breaks before the spoiler.
- while ((strpos($s, "\n" . $spoilersearch) !== false)) {
- $s = str_replace("\n" . $spoilersearch, $spoilersearch, $s);
- }
- while ((strpos($s, "<br />" . $spoilersearch) !== false)) {
- $s = str_replace("<br />" . $spoilersearch, $spoilersearch, $s);
- }
-
- while ((strpos($s, $spoilersearch) !== false)) {
- $pos = strpos($s, $spoilersearch);
- $rnd = random_string(8);
- $spoilerreplace = '<br /> <span id="spoiler-wrap-' . $rnd . '" class="spoiler-wrap fakelink" onclick="openClose(\'spoiler-' . $rnd . '\');">' . L10n::t('Click to open/close') . '</span>'.
- '<blockquote class="spoiler" id="spoiler-' . $rnd . '" style="display: none;">';
- $s = substr($s, 0, $pos) . $spoilerreplace . substr($s, $pos + strlen($spoilersearch));
- }
-
- // Look for quote with author.
- $authorsearch = '<blockquote class="author">';
-
- while ((strpos($s, $authorsearch) !== false)) {
- $pos = strpos($s, $authorsearch);
- $rnd = random_string(8);
- $authorreplace = '<br /> <span id="author-wrap-' . $rnd . '" class="author-wrap fakelink" onclick="openClose(\'author-' . $rnd . '\');">' . L10n::t('Click to open/close') . '</span>'.
- '<blockquote class="author" id="author-' . $rnd . '" style="display: block;">';
- $s = substr($s, 0, $pos) . $authorreplace . substr($s, $pos + strlen($authorsearch));
- }
-
- // Replace friendica image url size with theme preference.
- if (x($a->theme_info, 'item_image_size')){
- $ps = $a->theme_info['item_image_size'];
- $s = preg_replace('|(<img[^>]+src="[^"]+/photo/[0-9a-f]+)-[0-9]|', "$1-" . $ps, $s);
- }
-
- $s = apply_content_filter($s, $filter_reasons);
-
- $hook_data = ['item' => $item, 'html' => $s];
- Addon::callHooks('prepare_body_final', $hook_data);
-
- return $hook_data['html'];
-}
-
-/**
- * Given a HTML text and a set of filtering reasons, adds a content hiding header with the provided reasons
- *
- * Reasons are expected to have been translated already.
- *
- * @param string $html
- * @param array $reasons
- * @return string
- */
-function apply_content_filter($html, array $reasons)
-{
- if (count($reasons)) {
- $tpl = get_markup_template('wall/content_filter.tpl');
- $html = replace_macros($tpl, [
- '$reasons' => $reasons,
- '$rnd' => random_string(8),
- '$openclose' => L10n::t('Click to open/close'),
- '$html' => $html
- ]);
- }
-
- return $html;
-}
-
/**
* @brief Given a text string, convert from bbcode to html and add smilie icons.
*
if ($cnt) {
foreach ($matches as $mtch) {
$categories[] = [
- 'name' => xmlify(FileTag::decode($mtch[1])),
+ 'name' => XML::escape(FileTag::decode($mtch[1])),
'url' => "#",
- 'removeurl' => ((local_user() == $item['uid'])?'filerm/' . $item['id'] . '?f=&cat=' . xmlify(FileTag::decode($mtch[1])):""),
+ 'removeurl' => ((local_user() == $item['uid'])?'filerm/' . $item['id'] . '?f=&cat=' . XML::escape(FileTag::decode($mtch[1])):""),
'first' => $first,
'last' => false
];
if ($cnt) {
foreach ($matches as $mtch) {
$folders[] = [
- 'name' => xmlify(FileTag::decode($mtch[1])),
+ 'name' => XML::escape(FileTag::decode($mtch[1])),
'url' => "#",
- 'removeurl' => ((local_user() == $item['uid']) ? 'filerm/' . $item['id'] . '?f=&term=' . xmlify(FileTag::decode($mtch[1])) : ""),
+ 'removeurl' => ((local_user() == $item['uid']) ? 'filerm/' . $item['id'] . '?f=&term=' . XML::escape(FileTag::decode($mtch[1])) : ""),
'first' => $first,
'last' => false
];
return [$categories, $folders];
}
-
-/**
- * get private link for item
- * @param array $item
- * @return boolean|array False if item has not plink, otherwise array('href'=>plink url, 'title'=>translated title)
- */
-function get_plink($item) {
- $a = get_app();
-
- if ($a->user['nickname'] != "") {
- $ret = [
- //'href' => "display/" . $a->user['nickname'] . "/" . $item['id'],
- 'href' => "display/" . $item['guid'],
- 'orig' => "display/" . $item['guid'],
- 'title' => L10n::t('View on separate page'),
- 'orig_title' => L10n::t('view on separate page'),
- ];
-
- if (x($item, 'plink')) {
- $ret["href"] = $a->removeBaseURL($item['plink']);
- $ret["title"] = L10n::t('link to source');
- }
-
- } elseif (x($item, 'plink') && ($item['private'] != 1)) {
- $ret = [
- 'href' => $item['plink'],
- 'orig' => $item['plink'],
- 'title' => L10n::t('link to source'),
- ];
- } else {
- $ret = [];
- }
-
- return $ret;
-}
-
-
-/**
- * replace html amp entity with amp char
- * @param string $s
- * @return string
- */
-function unamp($s) {
- return str_replace('&', '&', $s);
-}
-
-
/**
* return number of bytes in size (K, M, G)
* @param string $size_str
}
}
-/**
- * @param string $s
- * @param boolean $strip_padding
- * @return string
- */
-function base64url_encode($s, $strip_padding = false) {
-
- $s = strtr(base64_encode($s), '+/', '-_');
-
- if ($strip_padding) {
- $s = str_replace('=','',$s);
- }
-
- return $s;
-}
-
-/**
- * @param string $s
- * @return string
- */
-function base64url_decode($s) {
-
- if (is_array($s)) {
- Logger::log('base64url_decode: illegal input: ' . print_r(debug_backtrace(), true));
- return $s;
- }
-
-/*
- * // Placeholder for new rev of salmon which strips base64 padding.
- * // PHP base64_decode handles the un-padded input without requiring this step
- * // Uncomment if you find you need it.
- *
- * $l = strlen($s);
- * if (!strpos($s,'=')) {
- * $m = $l % 4;
- * if ($m == 2)
- * $s .= '==';
- * if ($m == 3)
- * $s .= '=';
- * }
- *
- */
-
- return base64_decode(strtr($s,'-_','+/'));
-}
-
-
-/**
- * return div element with class 'clear'
- * @return string
- * @deprecated
- */
-function cleardiv() {
- return '<div class="clear"></div>';
-}
-
-
function bb_translate_video($s) {
$matches = null;
return $s;
}
-function html2bb_video($s) {
-
- $s = preg_replace('#<object[^>]+>(.*?)https?://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+)(.*?)</object>#ism',
- '[youtube]$2[/youtube]', $s);
-
- $s = preg_replace('#<iframe[^>](.*?)https?://www.youtube.com/embed/([A-Za-z0-9\-_=]+)(.*?)</iframe>#ism',
- '[youtube]$2[/youtube]', $s);
-
- $s = preg_replace('#<iframe[^>](.*?)https?://player.vimeo.com/video/([0-9]+)(.*?)</iframe>#ism',
- '[vimeo]$2[/vimeo]', $s);
-
- return $s;
-}
-
-/**
- * apply xmlify() to all values of array $val, recursively
- * @param array $val
- * @return array
- */
-function array_xmlify($val){
- if (is_bool($val)) {
- return $val?"true":"false";
- } elseif (is_array($val)) {
- return array_map('array_xmlify', $val);
- }
- return xmlify((string) $val);
-}
-
-
-/**
- * transform link href and img src from relative to absolute
- *
- * @param string $text
- * @param string $base base url
- * @return string
- */
-function reltoabs($text, $base) {
- if (empty($base)) {
- return $text;
- }
-
- $base = rtrim($base,'/');
-
- $base2 = $base . "/";
-
- // Replace links
- $pattern = "/<a([^>]*) href=\"(?!http|https|\/)([^\"]*)\"/";
- $replace = "<a\${1} href=\"" . $base2 . "\${2}\"";
- $text = preg_replace($pattern, $replace, $text);
-
- $pattern = "/<a([^>]*) href=\"(?!http|https)([^\"]*)\"/";
- $replace = "<a\${1} href=\"" . $base . "\${2}\"";
- $text = preg_replace($pattern, $replace, $text);
-
- // Replace images
- $pattern = "/<img([^>]*) src=\"(?!http|https|\/)([^\"]*)\"/";
- $replace = "<img\${1} src=\"" . $base2 . "\${2}\"";
- $text = preg_replace($pattern, $replace, $text);
-
- $pattern = "/<img([^>]*) src=\"(?!http|https)([^\"]*)\"/";
- $replace = "<img\${1} src=\"" . $base . "\${2}\"";
- $text = preg_replace($pattern, $replace, $text);
-
-
- // Done
- return $text;
-}
-
-/**
- * get translated item type
- *
- * @param array $itme
- * @return string
- */
-function item_post_type($item) {
- if (!empty($item['event-id'])) {
- return L10n::t('event');
- } elseif (!empty($item['resource-id'])) {
- return L10n::t('photo');
- } elseif (!empty($item['verb']) && $item['verb'] !== ACTIVITY_POST) {
- return L10n::t('activity');
- } elseif ($item['id'] != $item['parent']) {
- return L10n::t('comment');
- }
-
- return L10n::t('post');
-}
-
-function normalise_openid($s) {
- return trim(str_replace(['http://', 'https://'], ['', ''], $s), '/');
-}
-
-
function undo_post_tagging($s) {
$matches = null;
$cnt = preg_match_all('/([!#@])\[url=(.*?)\](.*?)\[\/url\]/ism', $s, $matches, PREG_SET_ORDER);
return $s;
}
-function protect_sprintf($s) {
- return str_replace('%', '%%', $s);
-}
-
/// @TODO Rewrite this
function is_a_date_arg($s) {
$i = intval($s);
return false;
}
-
-/**
- * remove intentation from a text
- */
-function deindent($text, $chr = "[\t ]", $count = NULL) {
- $lines = explode("\n", $text);
-
- if (is_null($count)) {
- $m = [];
- $k = 0;
- while ($k < count($lines) && strlen($lines[$k]) == 0) {
- $k++;
- }
- preg_match("|^" . $chr . "*|", $lines[$k], $m);
- $count = strlen($m[0]);
- }
-
- for ($k = 0; $k < count($lines); $k++) {
- $lines[$k] = preg_replace("|^" . $chr . "{" . $count . "}|", "", $lines[$k]);
- }
-
- return implode("\n", $lines);
-}
-
-function formatBytes($bytes, $precision = 2) {
- $units = ['B', 'KB', 'MB', 'GB', 'TB'];
-
- $bytes = max($bytes, 0);
- $pow = floor(($bytes ? log($bytes) : 0) / log(1024));
- $pow = min($pow, count($units) - 1);
-
- $bytes /= pow(1024, $pow);
-
- return round($bytes, $precision) . ' ' . $units[$pow];
-}
-
-/**
- * @brief translate and format the networkname of a contact
- *
- * @param string $network
- * Networkname of the contact (e.g. dfrn, rss and so on)
- * @param sting $url
- * The contact url
- * @return string
- */
-function format_network_name($network, $url = 0) {
- if ($network != "") {
- if ($url != "") {
- $network_name = '<a href="'.$url.'">'.ContactSelector::networkToName($network, $url)."</a>";
- } else {
- $network_name = ContactSelector::networkToName($network);
- }
-
- return $network_name;
- }
-}