use Friendica\Content\Widget\CalendarExport;
use Friendica\Core\ACL;
use Friendica\Core\L10n;
+use Friendica\Core\Logger;
+use Friendica\Core\Renderer;
use Friendica\Core\System;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\Model\Profile;
use Friendica\Module\Login;
use Friendica\Util\DateTimeFormat;
+use Friendica\Util\Strings;
use Friendica\Util\Temporal;
require_once 'include/items.php';
function events_post(App $a)
{
- logger('post: ' . print_r($_REQUEST, true), LOGGER_DATA);
+ Logger::log('post: ' . print_r($_REQUEST, true), Logger::DATA);
if (!local_user()) {
return;
$cid = !empty($_POST['cid']) ? intval($_POST['cid']) : 0;
$uid = local_user();
- $start_text = escape_tags(defaults($_REQUEST, 'start_text', ''));
- $finish_text = escape_tags(defaults($_REQUEST, 'finish_text', ''));
+ $start_text = Strings::escapeHtml(defaults($_REQUEST, 'start_text', ''));
+ $finish_text = Strings::escapeHtml(defaults($_REQUEST, 'finish_text', ''));
$adjust = intval(defaults($_POST, 'adjust', 0));
$nofinish = intval(defaults($_POST, 'nofinish', 0));
// and we'll waste a bunch of time responding to it. Time that
// could've been spent doing something else.
- $summary = escape_tags(trim(defaults($_POST, 'summary', '')));
- $desc = escape_tags(trim(defaults($_POST, 'desc', '')));
- $location = escape_tags(trim(defaults($_POST, 'location', '')));
+ $summary = trim(defaults($_POST, 'summary' , ''));
+ $desc = trim(defaults($_POST, 'desc' , ''));
+ $location = trim(defaults($_POST, 'location', ''));
$type = 'event';
- $action = ($event_id == '') ? 'new' : "event/" . $event_id;
- $onerror_path = "events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish";
+ $params = [
+ 'summary' => $summary,
+ 'description' => $desc,
+ 'location' => $location,
+ 'start' => $start_text,
+ 'finish' => $finish_text,
+ 'adjust' => $adjust,
+ 'nofinish' => $nofinish,
+ ];
+
+ $action = ($event_id == '') ? 'new' : 'event/' . $event_id;
+ $onerror_path = 'events/' . $action . '?' . http_build_query($params, null, null, PHP_QUERY_RFC3986);
if (strcmp($finish, $start) < 0 && !$nofinish) {
notice(L10n::t('Event can not end before it has started.') . EOL);
if ($share) {
- $str_group_allow = !empty($_POST['group_allow']) ? perms2str($_POST['group_allow']) : '';
- $str_contact_allow = !empty($_POST['contact_allow']) ? perms2str($_POST['contact_allow']) : '';
- $str_group_deny = !empty($_POST['group_deny']) ? perms2str($_POST['group_deny']) : '';
- $str_contact_deny = !empty($_POST['contact_deny']) ? perms2str($_POST['contact_deny']) : '';
+ $str_group_allow = perms2str(defaults($_POST, 'group_allow' , ''));
+ $str_contact_allow = perms2str(defaults($_POST, 'contact_allow', ''));
+ $str_group_deny = perms2str(defaults($_POST, 'group_deny' , ''));
+ $str_contact_deny = perms2str(defaults($_POST, 'contact_deny' , ''));
// Undo the pseudo-contact of self, since there are real contacts now
if (strpos($str_contact_allow, '<' . $self . '>') !== false) {
if (intval($_REQUEST['preview'])) {
$html = Event::getHTML($datarray);
echo $html;
- killme();
+ exit();
}
$item_id = Event::store($datarray);
// get the translation strings for the callendar
$i18n = Event::getStrings();
- $htpl = get_markup_template('event_head.tpl');
- $a->page['htmlhead'] .= replace_macros($htpl, [
+ $htpl = Renderer::getMarkupTemplate('event_head.tpl');
+ $a->page['htmlhead'] .= Renderer::replaceMacros($htpl, [
'$baseurl' => System::baseUrl(),
'$module_url' => '/events',
'$modparams' => 1,
}
if ($a->argc > 1 && $a->argv[1] === 'json') {
+ header('Content-Type: application/json');
echo json_encode($events);
- killme();
+ exit();
}
if (!empty($_GET['id'])) {
- $tpl = get_markup_template("event.tpl");
+ $tpl = Renderer::getMarkupTemplate("event.tpl");
} else {
- $tpl = get_markup_template("events_js.tpl");
+ $tpl = Renderer::getMarkupTemplate("events_js.tpl");
}
// Get rid of dashes in key names, Smarty3 can't handle them
$events[$key]['item'] = $event_item;
}
- $o = replace_macros($tpl, [
+ $o = Renderer::replaceMacros($tpl, [
'$baseurl' => System::baseUrl(),
'$tabs' => $tabs,
'$title' => L10n::t('Events'),
$uri = '';
}
- $tpl = get_markup_template('event_form.tpl');
+ $tpl = Renderer::getMarkupTemplate('event_form.tpl');
- $o .= replace_macros($tpl, [
+ $o .= Renderer::replaceMacros($tpl, [
'$post' => System::baseUrl() . '/events',
'$eid' => $eid,
'$cid' => $cid,