X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Factivityutils.php;h=c462514c498e40b04cea0f26f0eb5a5cd11e3b16;hb=5c4723919fa757b3e14a59350415cfe53e0900d1;hp=c85a3db5560f0ba8ac7c8490da532bd7c8533416;hpb=e458e9fe6352df6063079979b20a6924f97198f4;p=quix0rs-gnu-social.git

diff --git a/lib/activityutils.php b/lib/activityutils.php
index c85a3db556..c462514c49 100644
--- a/lib/activityutils.php
+++ b/lib/activityutils.php
@@ -46,7 +46,6 @@ if (!defined('STATUSNET')) {
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
  * @link      http://status.net/
  */
-
 class ActivityUtils
 {
     const ATOM = 'http://www.w3.org/2005/Atom';
@@ -66,7 +65,6 @@ class ActivityUtils
      *
      * @return string related link, if any
      */
-
     static function getPermalink($element)
     {
         return self::getLink($element, 'alternate', 'text/html');
@@ -79,19 +77,16 @@ class ActivityUtils
      *
      * @return string related link, if any
      */
-
     static function getLink(DOMNode $element, $rel, $type=null)
     {
         $els = $element->childNodes;
 
         foreach ($els as $link) {
-
             if (!($link instanceof DOMElement)) {
                 continue;
             }
 
             if ($link->localName == self::LINK && $link->namespaceURI == self::ATOM) {
-
                 $linkRel = $link->getAttribute(self::REL);
                 $linkType = $link->getAttribute(self::TYPE);
 
@@ -112,7 +107,6 @@ class ActivityUtils
 
         foreach ($els as $link) {
             if ($link->localName == self::LINK && $link->namespaceURI == self::ATOM) {
-
                 $linkRel = $link->getAttribute(self::REL);
                 $linkType = $link->getAttribute(self::TYPE);
 
@@ -135,7 +129,6 @@ class ActivityUtils
      *
      * @return DOMElement found element or null
      */
-
     static function child(DOMNode $element, $tag, $namespace=self::ATOM)
     {
         $els = $element->childNodes;
@@ -160,7 +153,6 @@ class ActivityUtils
      *
      * @return string content of the child
      */
-
     static function childContent(DOMNode $element, $tag, $namespace=self::ATOM)
     {
         $el = self::child($element, $tag, $namespace);
@@ -194,7 +186,6 @@ class ActivityUtils
      * @todo handle embedded XML mime types
      * @todo handle base64-encoded non-XML and non-text mime types
      */
-
     static function getContent($element)
     {
         return self::childHtmlContent($element, self::CONTENT, self::ATOM);
@@ -205,6 +196,7 @@ class ActivityUtils
         $src  = $el->getAttribute(self::SRC);
 
         if (!empty($src)) {
+            // TRANS: Client exception thrown when there is no source attribute.
             throw new ClientException(_("Can't handle remote content yet."));
         }
 
@@ -213,11 +205,19 @@ class ActivityUtils
         // slavishly following http://atompub.org/rfc4287.html#rfc.section.4.1.3.3
 
         if (empty($type) || $type == 'text') {
-            return $el->textContent;
+            // We have plaintext saved as the XML text content.
+            // Since we want HTML, we need to escape any special chars.
+            return htmlspecialchars($el->textContent);
         } else if ($type == 'html') {
+            // We have HTML saved as the XML text content.
+            // No additional processing required once we've got it.
             $text = $el->textContent;
-            return htmlspecialchars_decode($text, ENT_QUOTES);
+            return $text;
         } else if ($type == 'xhtml') {
+            // Per spec, the <content type="xhtml"> contains a single
+            // HTML <div> with XHTML namespace on it as a child node.
+            // We need to pull all of that <div>'s child nodes and
+            // serialize them back to an (X)HTML source fragment.
             $divEl = ActivityUtils::child($el, 'div', 'http://www.w3.org/1999/xhtml');
             if (empty($divEl)) {
                 return null;
@@ -233,11 +233,41 @@ class ActivityUtils
             return trim($text);
         } else if (in_array($type, array('text/xml', 'application/xml')) ||
                    preg_match('#(+|/)xml$#', $type)) {
+            // TRANS: Client exception thrown when there embedded XML content is found that cannot be processed yet.
             throw new ClientException(_("Can't handle embedded XML content yet."));
         } else if (strncasecmp($type, 'text/', 5)) {
             return $el->textContent;
         } else {
+            // TRANS: Client exception thrown when base64 encoded content is found that cannot be processed yet.
             throw new ClientException(_("Can't handle embedded Base64 content yet."));
         }
     }
+
+    /**
+     * Is this a valid URI for remote profile/notice identification?
+     * Does not have to be a resolvable URL.
+     * @param string $uri
+     * @return boolean
+     */
+    static function validateUri($uri)
+    {
+        // Check mailto: URIs first
+
+        if (preg_match('/^mailto:(.*)$/', $uri, $match)) {
+            return Validate::email($match[1], common_config('email', 'check_domain'));
+        }
+
+        if (Validate::uri($uri)) {
+            return true;
+        }
+
+        // Possibly an upstream bug; tag: URIs aren't validated properly
+        // unless you explicitly ask for them. All other schemes are accepted
+        // for basic URI validation without asking.
+        if (Validate::uri($uri, array('allowed_scheme' => array('tag')))) {
+            return true;
+        }
+
+        return false;
+    }
 }