use Friendica\Util\DateTimeFormat;
use Friendica\Util\Emailer;
use Friendica\Util\Security;
-
-require_once 'include/enotify.php';
-require_once 'include/text.php';
-require_once 'include/items.php';
+use Friendica\Util\Strings;
function item_post(App $a) {
if (!local_user() && !remote_user()) {
// Now check that valid personal details have been provided
if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) {
- notice(L10n::t('Permission denied.') . EOL) ;
+ notice(L10n::t('Permission denied.') . EOL);
if (!empty($_REQUEST['return'])) {
$a->internalRedirect($return_path);
$objecttype = $orig_post['object-type'];
$app = $orig_post['app'];
$categories = $orig_post['file'];
- $title = notags(trim($_REQUEST['title']));
- $body = escape_tags(trim($_REQUEST['body']));
+ $title = Strings::escapeTags(trim($_REQUEST['title']));
+ $body = Strings::escapeHtml(trim($_REQUEST['body']));
$private = $orig_post['private'];
$pubmail_enabled = $orig_post['pubmail'];
$network = $orig_post['network'];
$str_contact_deny = perms2str(defaults($_REQUEST, 'contact_deny', ''));
}
- $title = notags(trim(defaults($_REQUEST, 'title' , '')));
- $location = notags(trim(defaults($_REQUEST, 'location', '')));
- $coord = notags(trim(defaults($_REQUEST, 'coord' , '')));
- $verb = notags(trim(defaults($_REQUEST, 'verb' , '')));
- $emailcc = notags(trim(defaults($_REQUEST, 'emailcc' , '')));
- $body = escape_tags(trim(defaults($_REQUEST, 'body' , '')));
- $network = notags(trim(defaults($_REQUEST, 'network' , Protocol::DFRN)));
- $guid = System::createUUID();
+ $title = Strings::escapeTags(trim(defaults($_REQUEST, 'title' , '')));
+ $location = Strings::escapeTags(trim(defaults($_REQUEST, 'location', '')));
+ $coord = Strings::escapeTags(trim(defaults($_REQUEST, 'coord' , '')));
+ $verb = Strings::escapeTags(trim(defaults($_REQUEST, 'verb' , '')));
+ $emailcc = Strings::escapeTags(trim(defaults($_REQUEST, 'emailcc' , '')));
+ $body = Strings::escapeHtml(trim(defaults($_REQUEST, 'body' , '')));
+ $network = Strings::escapeTags(trim(defaults($_REQUEST, 'network' , Protocol::DFRN)));
+ $guid = System::createUUID();
$postopts = defaults($_REQUEST, 'postopts', '');
$str_tags = '';
$inform = '';
- $tags = get_tags($body);
+ $tags = BBCode::getTags($body);
// Add a tag if the parent contact is from ActivityPub or OStatus (This will notify them)
if ($parent && in_array($thr_parent_contact['network'], [Protocol::OSTATUS, Protocol::ACTIVITYPUB])) {
$fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow,
'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny];
- $condition = ['resource-id' => $image_uri, 'uid' => $profile_uid, 'album' => L10n::t('Wall Photos')];
+ $condition = ['resource-id' => $image_uri, 'uid' => $profile_uid];
DBA::update('photo', $fields, $condition);
}
}
// preview mode - prepare the body for display and send it via json
if ($preview) {
- require_once 'include/conversation.php';
// We set the datarray ID to -1 because in preview mode the dataray
// doesn't have an ID.
$datarray["id"] = -1;
}
$json = ['cancel' => 1];
- if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) {
+ if (!empty($_REQUEST['jsreload'])) {
$json['reload'] = System::baseUrl() . '/' . $_REQUEST['jsreload'];
}
}
$json = ['success' => 1];
- if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) {
+ if (!empty($_REQUEST['jsreload'])) {
$json['reload'] = $baseurl . '/' . $_REQUEST['jsreload'];
}