Merge pull request #11241 from annando/timing

[friendica.git] / mod / photos.php

diff --git a/mod/photos.php b/mod/photos.php
index 2efd3a5a7af55aa4459eec73955ba37b47bc81bd..ce6d11340e8d114380455209d220b9eae43e73dd 100644 (file)
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2021, the Friendica project
+ * @copyright Copyright (C) 2010-2022, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -204,7 +204,7 @@ function photos_post(App $a)
                }
 
                // RENAME photo album
-               $newalbum = Strings::escapeTags(trim($_POST['albumname']));
+               $newalbum = trim($_POST['albumname'] ?? '');
                if ($newalbum != $album) {
                        Photo::update(['album' => $newalbum], ['album' => $album, 'uid' => $page_owner_uid]);
                        // Update the photo albums cache
@@ -291,11 +291,11 @@ function photos_post(App $a)
        }
 
        if (DI::args()->getArgc() > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) {
-               $desc        = !empty($_POST['desc'])      ? Strings::escapeTags(trim($_POST['desc']))      : '';
-               $rawtags     = !empty($_POST['newtag'])    ? Strings::escapeTags(trim($_POST['newtag']))    : '';
-               $item_id     = !empty($_POST['item_id'])   ? intval($_POST['item_id'])                      : 0;
-               $albname     = !empty($_POST['albname'])   ? trim($_POST['albname'])                        : '';
-               $origaname   = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : '';
+               $desc      = !empty($_POST['desc'])      ? trim($_POST['desc'])      : '';
+               $rawtags   = !empty($_POST['newtag'])    ? trim($_POST['newtag'])    : '';
+               $item_id   = !empty($_POST['item_id'])   ? intval($_POST['item_id']) : 0;
+               $albname   = !empty($_POST['albname'])   ? trim($_POST['albname'])   : '';
+               $origaname = !empty($_POST['origaname']) ? trim($_POST['origaname']) : '';
 
                $resource_id = DI::args()->getArgv()[3];
 
@@ -604,7 +604,7 @@ function photos_post(App $a)
         * they acquire comments, likes, dislikes, and/or tags
         */
 
-       $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > UTC_TIMESTAMP() - INTERVAL 3 HOUR', $album, $page_owner_uid]);
+       $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > ?', $album, $page_owner_uid, DateTimeFormat::utc('now - 3 hours')]);
 
        if (!DBA::isResult($r) || ($album == DI::l10n()->t(Photo::PROFILE_PHOTOS))) {
                $visible = 1;
@@ -703,9 +703,6 @@ function photos_post(App $a)
        @unlink($src);
 
        $max_length = DI::config()->get('system', 'max_image_length');
-       if (!$max_length) {
-               $max_length = MAX_IMAGE_LENGTH;
-       }
        if ($max_length > 0) {
                $image->scaleDown($max_length);
        }
@@ -1435,7 +1432,7 @@ function photos_content(App $a)
                                        ];
 
                                        $title_e = $item['title'];
-                                       $body_e = BBCode::convert($item['body']);
+                                       $body_e = BBCode::convertForUriId($item['uri-id'], $item['body']);
 
                                        $comments .= Renderer::replaceMacros($template,[
                                                '$id' => $item['id'],