Merge pull request #6365 from MrPetovan/bug/6363-unescape-prev-next-link

[friendica.git] / view / theme / frio / theme.php

diff --git a/view/theme/frio/theme.php b/view/theme/frio/theme.php
index f46b42788fe9253da7355c6e9285f695cff474f2..a61810f99e4196b9387ab5be4c9852d8a866ea43 100644 (file)
--- a/view/theme/frio/theme.php
+++ b/view/theme/frio/theme.php
@@ -13,11 +13,14 @@ use Friendica\Content\Widget;
 use Friendica\Core\Addon;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
+use Friendica\Core\Logger;
 use Friendica\Core\PConfig;
+use Friendica\Core\Renderer;
 use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model;
 use Friendica\Module;
+use Friendica\Util\Strings;
 
 $frio = 'view/theme/frio';
 
@@ -29,7 +32,7 @@ function frio_init(App $a)
        $a->theme_events_in_profile = false;
        $a->videowidth = 622;
 
-       $a->setActiveTemplateEngine('smarty3');
+       Renderer::setActiveTemplateEngine('smarty3');
 
        $baseurl = System::baseUrl();
 
@@ -63,7 +66,7 @@ function frio_install()
        Addon::registerHook('acl_lookup_end', 'view/theme/frio/theme.php', 'frio_acl_lookup');
        Addon::registerHook('display_item', 'view/theme/frio/theme.php', 'frio_display_item');
 
-       logger('installed theme frio');
+       Logger::log('installed theme frio');
 }
 
 function frio_uninstall()
@@ -75,7 +78,7 @@ function frio_uninstall()
        Addon::unregisterHook('acl_lookup_end', 'view/theme/frio/theme.php', 'frio_acl_lookup');
        Addon::unregisterHook('display_item', 'view/theme/frio/theme.php', 'frio_display_item');
 
-       logger('uninstalled theme frio');
+       Logger::log('uninstalled theme frio');
 }
 
 /**
@@ -298,7 +301,7 @@ function frio_remote_nav($a, &$nav)
  */
 function frio_acl_lookup(App $a, &$results)
 {
-       $nets = x($_GET, 'nets') ? notags(trim($_GET['nets'])) : '';
+       $nets = !empty($_GET['nets']) ? Strings::escapeTags(trim($_GET['nets'])) : '';
 
        // we introduce a new search type, r should do the same query like it's
        // done in /src/Module/Contact.php for connections
@@ -308,7 +311,7 @@ function frio_acl_lookup(App $a, &$results)
 
        $sql_extra = '';
        if ($results['search']) {
-               $search_txt = DBA::escape(protect_sprintf(preg_quote($results['search'])));
+               $search_txt = DBA::escape(Strings::protectSprintf(preg_quote($results['search'])));
                $sql_extra .= " AND (`attag` LIKE '%%" . $search_txt . "%%' OR `name` LIKE '%%" . $search_txt . "%%' OR `nick` LIKE '%%" . $search_txt . "%%') ";
        }