use Friendica\Network\Probe;
use Friendica\Database\DBA;
use Friendica\Util\Proxy as ProxyUtils;
+use Friendica\Util\Strings;
function follow_post(App $a)
{
}
if (isset($_REQUEST['cancel'])) {
- $a->internalRedirect('contacts');
+ $a->internalRedirect('contact');
}
$uid = local_user();
- $url = notags(trim($_REQUEST['url']));
- $return_path = 'contacts';
+ $url = Strings::escapeTags(trim($_REQUEST['url']));
+ $return_path = 'follow?url=' . urlencode($url);
// Makes the connection request for friendica contacts easier
// This is just a precaution if maybe this page is called somewhere directly via POST
function follow_content(App $a)
{
- $return_path = 'contacts';
+ $return_path = 'contact';
if (!local_user()) {
notice(L10n::t('Permission denied.'));
}
$uid = local_user();
- $url = notags(trim($_REQUEST['url']));
+ $url = Strings::escapeTags(trim($_REQUEST['url']));
$submit = L10n::t('Submit Request');
$r = q("SELECT `pending` FROM `contact` WHERE `uid` = %d AND ((`rel` != %d) OR (`network` = '%s')) AND
(`nurl` = '%s' OR `alias` = '%s' OR `alias` = '%s') AND
`network` != '%s' LIMIT 1",
- intval(local_user()), DBA::escape(Contact::FOLLOWER), DBA::escape(Protocol::DFRN), DBA::escape(normalise_link($url)),
- DBA::escape(normalise_link($url)), DBA::escape($url), DBA::escape(Protocol::STATUSNET));
+ intval(local_user()), DBA::escape(Contact::FOLLOWER), DBA::escape(Protocol::DFRN), DBA::escape(Strings::normaliseLink($url)),
+ DBA::escape(Strings::normaliseLink($url)), DBA::escape($url), DBA::escape(Protocol::STATUSNET));
if ($r) {
if ($r[0]['pending']) {
$_SESSION['fastlane'] = $ret['url'];
$r = q("SELECT `id`, `location`, `about`, `keywords` FROM `gcontact` WHERE `nurl` = '%s'",
- normalise_link($ret['url']));
+ Strings::normaliseLink($ret['url']));
if (!$r) {
$r = [['location' => '', 'about' => '', 'keywords' => '']];