Catch HTTPExceptions in App::runFrontend()

[friendica.git] / mod / poke.php

diff --git a/mod/poke.php b/mod/poke.php
index be26254384d485aa5df31aa34fd5a303fb19a38b..fb1fae85d6727db111a98371171417d8b85bbebf 100644 (file)
--- a/mod/poke.php
+++ b/mod/poke.php
@@ -22,8 +22,8 @@ use Friendica\Core\System;
 use Friendica\Core\Worker;
 use Friendica\Database\DBA;
 use Friendica\Model\Item;
-
-require_once 'include/items.php';
+use Friendica\Util\Strings;
+use Friendica\Util\XML;
 
 function poke_init(App $a)
 {
@@ -37,9 +37,9 @@ function poke_init(App $a)
                return;
        }
 
-       $verb = notags(trim($_GET['verb']));
+       $verb = Strings::escapeTags(trim($_GET['verb']));
 
-       $verbs = get_poke_verbs();
+       $verbs = L10n::getPokeVerbs();
 
        if (!array_key_exists($verb, $verbs)) {
                return;
@@ -52,7 +52,7 @@ function poke_init(App $a)
                return;
        }
 
-       $parent = (x($_GET,'parent') ? intval($_GET['parent']) : 0);
+       $parent = (!empty($_GET['parent']) ? intval($_GET['parent']) : 0);
 
 
        Logger::log('poke: verb ' . $verb . ' contact ' . $contact_id, Logger::DEBUG);
@@ -84,7 +84,7 @@ function poke_init(App $a)
                        $deny_gid   = $item['deny_gid'];
                }
        } else {
-               $private = (x($_GET,'private') ? intval($_GET['private']) : 0);
+               $private = (!empty($_GET['private']) ? intval($_GET['private']) : 0);
 
                $allow_cid     = ($private ? '<' . $target['id']. '>' : $a->user['allow_cid']);
                $allow_gid     = ($private ? '' : $a->user['allow_gid']);
@@ -124,9 +124,9 @@ function poke_init(App $a)
        $arr['body']          = '[url=' . $poster['url'] . ']' . $poster['name'] . '[/url]' . ' ' . L10n::t($verbs[$verb][0]) . ' ' . '[url=' . $target['url'] . ']' . $target['name'] . '[/url]';
 
        $arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $target['name'] . '</title><id>' . $target['url'] . '</id>';
-       $arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $target['url'] . '" />' . "\n");
+       $arr['object'] .= '<link>' . XML::escape('<link rel="alternate" type="text/html" href="' . $target['url'] . '" />' . "\n");
 
-       $arr['object'] .= xmlify('<link rel="photo" type="image/jpeg" href="' . $target['photo'] . '" />' . "\n");
+       $arr['object'] .= XML::escape('<link rel="photo" type="image/jpeg" href="' . $target['photo'] . '" />' . "\n");
        $arr['object'] .= '</link></object>' . "\n";
 
        $item_id = Item::insert($arr);
@@ -167,10 +167,10 @@ function poke_content(App $a)
        ]);
 
 
-       $parent = (x($_GET,'parent') ? intval($_GET['parent']) : '0');
+       $parent = (!empty($_GET['parent']) ? intval($_GET['parent']) : '0');
 
 
-       $verbs = get_poke_verbs();
+       $verbs = L10n::getPokeVerbs();
 
        $shortlist = [];
        foreach ($verbs as $k => $v) {