return;
}
- if (! x($a->page,'aside')) {
+ if (empty($a->page['aside'])) {
$a->page['aside'] = '';
}
$local = Config::get('system','poco_local_search');
- $search = $prefix.Strings::removeTags(trim(defaults($_REQUEST, 'search', '')));
+ $search = $prefix.Strings::escapeTags(trim(defaults($_REQUEST, 'search', '')));
$header = '';
/// @TODO These 2 SELECTs are not checked on validity with DBA::isResult()
$count = q("SELECT count(*) AS `total` FROM `gcontact`
- WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s') AND
+ WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s', '%s') AND
((`last_contact` >= `last_failure`) OR (`updated` >= `last_failure`)) AND
(`url` LIKE '%s' OR `name` LIKE '%s' OR `location` LIKE '%s' OR
`addr` LIKE '%s' OR `about` LIKE '%s' OR `keywords` LIKE '%s') $extra_sql",
- DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora),
- DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)),
- DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)));
+ DBA::escape(Protocol::ACTIVITYPUB), DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora),
+ DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)),
+ DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)));
$results = q("SELECT `nurl`
FROM `gcontact`
- WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s') AND
+ WHERE NOT `hide` AND `network` IN ('%s', '%s', '%s', '%s') AND
((`last_contact` >= `last_failure`) OR (`updated` >= `last_failure`)) AND
(`url` LIKE '%s' OR `name` LIKE '%s' OR `location` LIKE '%s' OR
`addr` LIKE '%s' OR `about` LIKE '%s' OR `keywords` LIKE '%s') $extra_sql
GROUP BY `nurl`
ORDER BY `updated` DESC LIMIT %d, %d",
- DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora),
- DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)),
- DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)),
+ DBA::escape(Protocol::ACTIVITYPUB), DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora),
+ DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)),
+ DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)),
$pager->getStart(), $pager->getItemsPerPage());
$j = new stdClass();
$j->total = $count[0]["total"];
// Add found profiles from the global directory to the local directory
Worker::add(PRIORITY_LOW, 'DiscoverPoCo', "dirsearch", urlencode($search));
- } else {
+ } elseif (strlen(Config::get('system','directory'))) {
$p = (($pager->getPage() != 1) ? '&p=' . $pager->getPage() : '');
- if (strlen(Config::get('system','directory'))) {
- $x = Network::fetchUrl(get_server() . '/lsearch?f=' . $p . '&search=' . urlencode($search));
- }
+ $x = Network::fetchUrl(get_server() . '/lsearch?f=' . $p . '&search=' . urlencode($search));
$j = json_decode($x);
-
$pager->setItemsPerPage($j->items_page);
}
if (!empty($j->results)) {
$id = 0;
+ $entries = [];
foreach ($j->results as $jj) {
$alt_text = "";
'alt_text' => $alt_text,
'url' => Model\Contact::magicLink($jj->url),
'itemurl' => $itemurl,
- 'name' => htmlentities($jj->name),
+ 'name' => $jj->name,
'thumb' => ProxyUtils::proxifyUrl($jj->photo, false, ProxyUtils::SIZE_THUMB),
'img_hover' => $jj->tags,
'conntxt' => $conntxt,