Catch HTTPExceptions in App::runFrontend()

[friendica.git] / mod / item.php

diff --git a/mod/item.php b/mod/item.php
index 739e09ab0fecc03c39c74c0a3d1cee9c250f4e7b..4617dfa02e8c10d81edbaf186d1cce46c300b3af 100644 (file)
--- a/mod/item.php
+++ b/mod/item.php
@@ -36,10 +36,7 @@ use Friendica\Protocol\Email;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Emailer;
 use Friendica\Util\Security;
-
-require_once 'include/enotify.php';
-require_once 'include/text.php';
-require_once 'include/items.php';
+use Friendica\Util\Strings;
 
 function item_post(App $a) {
        if (!local_user() && !remote_user()) {
@@ -165,7 +162,7 @@ function item_post(App $a) {
 
        // Now check that valid personal details have been provided
        if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) {
-               notice(L10n::t('Permission denied.') . EOL) ;
+               notice(L10n::t('Permission denied.') . EOL);
 
                if (!empty($_REQUEST['return'])) {
                        $a->internalRedirect($return_path);
@@ -203,8 +200,8 @@ function item_post(App $a) {
                $objecttype        = $orig_post['object-type'];
                $app               = $orig_post['app'];
                $categories        = $orig_post['file'];
-               $title             = notags(trim($_REQUEST['title']));
-               $body              = escape_tags(trim($_REQUEST['body']));
+               $title             = Strings::escapeTags(trim($_REQUEST['title']));
+               $body              = Strings::escapeHtml(trim($_REQUEST['body']));
                $private           = $orig_post['private'];
                $pubmail_enabled   = $orig_post['pubmail'];
                $network           = $orig_post['network'];
@@ -235,14 +232,14 @@ function item_post(App $a) {
                        $str_contact_deny  = perms2str(defaults($_REQUEST, 'contact_deny', ''));
                }
 
-               $title             =      notags(trim(defaults($_REQUEST, 'title'   , '')));
-               $location          =      notags(trim(defaults($_REQUEST, 'location', '')));
-               $coord             =      notags(trim(defaults($_REQUEST, 'coord'   , '')));
-               $verb              =      notags(trim(defaults($_REQUEST, 'verb'    , '')));
-               $emailcc           =      notags(trim(defaults($_REQUEST, 'emailcc' , '')));
-               $body              = escape_tags(trim(defaults($_REQUEST, 'body'    , '')));
-               $network           =      notags(trim(defaults($_REQUEST, 'network' , Protocol::DFRN)));
-               $guid              =      System::createUUID();
+               $title             = Strings::escapeTags(trim(defaults($_REQUEST, 'title'   , '')));
+               $location          = Strings::escapeTags(trim(defaults($_REQUEST, 'location', '')));
+               $coord             = Strings::escapeTags(trim(defaults($_REQUEST, 'coord'   , '')));
+               $verb              = Strings::escapeTags(trim(defaults($_REQUEST, 'verb'    , '')));
+               $emailcc           = Strings::escapeTags(trim(defaults($_REQUEST, 'emailcc' , '')));
+               $body              = Strings::escapeHtml(trim(defaults($_REQUEST, 'body'    , '')));
+               $network           = Strings::escapeTags(trim(defaults($_REQUEST, 'network' , Protocol::DFRN)));
+               $guid              = System::createUUID();
 
                $postopts = defaults($_REQUEST, 'postopts', '');
 
@@ -347,7 +344,7 @@ function item_post(App $a) {
        $str_tags = '';
        $inform   = '';
 
-       $tags = get_tags($body);
+       $tags = BBCode::getTags($body);
 
        // Add a tag if the parent contact is from ActivityPub or OStatus (This will notify them)
        if ($parent && in_array($thr_parent_contact['network'], [Protocol::OSTATUS, Protocol::ACTIVITYPUB])) {
@@ -467,7 +464,7 @@ function item_post(App $a) {
 
                                $fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow,
                                                'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny];
-                               $condition = ['resource-id' => $image_uri, 'uid' => $profile_uid, 'album' => L10n::t('Wall Photos')];
+                               $condition = ['resource-id' => $image_uri, 'uid' => $profile_uid];
                                DBA::update('photo', $fields, $condition);
                        }
                }
@@ -667,7 +664,6 @@ function item_post(App $a) {
 
        // preview mode - prepare the body for display and send it via json
        if ($preview) {
-               require_once 'include/conversation.php';
                // We set the datarray ID to -1 because in preview mode the dataray
                // doesn't have an ID.
                $datarray["id"] = -1;
@@ -689,7 +685,7 @@ function item_post(App $a) {
                }
 
                $json = ['cancel' => 1];
-               if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) {
+               if (!empty($_REQUEST['jsreload'])) {
                        $json['reload'] = System::baseUrl() . '/' . $_REQUEST['jsreload'];
                }
 
@@ -697,11 +693,10 @@ function item_post(App $a) {
                killme();
        }
 
-       if ($orig_post) {
-
+       if ($orig_post) {
                // Fill the cache field
                // This could be done in Item::update as well - but we have to check for the existance of some fields.
-               put_item_in_cache($datarray);
+               Item::putInCache($datarray);
 
                $fields = [
                        'title' => $datarray['title'],
@@ -817,7 +812,7 @@ function item_post(App $a) {
                                        $subject = Email::encodeHeader('[Friendica]' . ' ' . L10n::t('%s posted an update.', $a->user['username']), 'UTF-8');
                                }
                                $link = '<a href="' . System::baseUrl() . '/profile/' . $a->user['nickname'] . '"><img src="' . $author['thumb'] . '" alt="' . $a->user['username'] . '" /></a><br /><br />';
-                               $html    = prepare_body($datarray);
+                               $html    = Item::prepareBody($datarray);
                                $message = '<html><body>' . $link . $html . $disclaimer . '</body></html>';
                                $params =  [
                                        'fromName' => $a->user['username'],
@@ -858,7 +853,7 @@ function item_post(App $a) {
 function item_post_return($baseurl, $api_source, $return_path)
 {
        // figure out how to return, depending on from whence we came
-    $a = get_app();
+    $a = \get_app();
 
        if ($api_source) {
                return;
@@ -869,7 +864,7 @@ function item_post_return($baseurl, $api_source, $return_path)
        }
 
        $json = ['success' => 1];
-       if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) {
+       if (!empty($_REQUEST['jsreload'])) {
                $json['reload'] = $baseurl . '/' . $_REQUEST['jsreload'];
        }