X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Futil.php;h=64733986d3db8a7fc23d20fdf1090caba0b06637;hb=79c40bc73b41147fbc98eb03c590f9d4383c32d1;hp=ee108df416d116f3cc92bee5fa74c3f8c9c6ca05;hpb=58717fa6c53644851a4598be16b4901bcd84d48a;p=quix0rs-gnu-social.git

diff --git a/lib/util.php b/lib/util.php
index ee108df416..64733986d3 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -210,7 +210,7 @@ function common_language()
 /**
  * Salted, hashed passwords are stored in the DB.
  */
-function common_munge_password($password, $id, Profile $profile=null)
+function common_munge_password($password, Profile $profile=null)
 {
     $hashed = null;
 
@@ -245,14 +245,13 @@ function common_check_user($nickname, $password)
         }
 
         if ($user instanceof User && !empty($password)) {
-            if (0 == strcmp(common_munge_password($password, $user->id),
-                            $user->password)) {
+            if (0 == strcmp(common_munge_password($password, $user->getProfile()), $user->password)) {
                 //internal checking passed
                 $authenticatedUser = $user;
             }
         }
-        Event::handle('EndCheckPassword', array($nickname, $password, $authenticatedUser));
     }
+    Event::handle('EndCheckPassword', array($nickname, $password, $authenticatedUser));
 
     return $authenticatedUser;
 }
@@ -383,6 +382,7 @@ function common_rememberme($user=null)
 
     if (!$result) {
         common_log_db_error($rm, 'INSERT', __FILE__);
+        $rm->query('ROLLBACK');
         return false;
     }
 
@@ -575,6 +575,34 @@ function common_canonical_email($email)
     return $email;
 }
 
+function common_purify($html)
+{
+    require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php';
+
+    $config = array('safe' => 1,    // means that elements=* means elements=*-applet-embed-iframe-object-script or so
+                    'elements' => '*',
+                    'deny_attribute' => 'id,style,on*');
+
+    // Remove more elements than what the 'safe' filter gives (elements must be '*' before this)
+    // http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/htmLawed_README.htm#s3.6
+    foreach (common_config('htmlfilter') as $tag=>$filter) {
+        if ($filter === true) {
+            $config['elements'] .= "-{$tag}";
+        }
+    }
+
+    $html = common_remove_unicode_formatting($html);
+
+    return htmLawed($html, $config);
+}
+
+function common_remove_unicode_formatting($text)
+{
+    // Strip Unicode text formatting/direction codes
+    // this is pretty dangerous for visualisation of text and can be used for mischief
+    return preg_replace('/[\\x{200b}-\\x{200f}\\x{202a}-\\x{202e}]/u', '', $text);
+}
+
 /**
  * Partial notice markup rendering step: build links to !group references.
  *
@@ -584,9 +612,9 @@ function common_canonical_email($email)
  */
 function common_render_content($text, Notice $notice)
 {
-    $r = common_render_text($text);
-    $r = common_linkify_mentions($r, $notice);
-    return $r;
+    $text = common_render_text($text);
+    $text = common_linkify_mentions($text, $notice);
+    return $text;
 }
 
 /**
@@ -599,7 +627,7 @@ function common_render_content($text, Notice $notice)
  * @param Notice $notice in-progress or complete Notice object for context
  * @return string partially-rendered HTML
  */
-function common_linkify_mentions($text, $notice)
+function common_linkify_mentions($text, Notice $notice)
 {
     $mentions = common_find_mentions($text, $notice);
 
@@ -626,7 +654,7 @@ function common_linkify_mentions($text, $notice)
     return $text;
 }
 
-function common_linkify_mention($mention)
+function common_linkify_mention(array $mention)
 {
     $output = null;
 
@@ -635,17 +663,13 @@ function common_linkify_mention($mention)
         $xs = new XMLStringer(false);
 
         $attrs = array('href' => $mention['url'],
-                       'class' => 'url');
+                       'class' => 'h-card '.$mention['type']);
 
         if (!empty($mention['title'])) {
             $attrs['title'] = $mention['title'];
         }
 
-        $xs->elementStart('span', 'vcard');
-        $xs->elementStart('a', $attrs);
-        $xs->element('span', 'fn nickname mention', $mention['text']);
-        $xs->elementEnd('a');
-        $xs->elementEnd('span');
+        $xs->element('a', $attrs, $mention['text']);
 
         $output = $xs->getString();
 
@@ -670,13 +694,10 @@ function common_linkify_mention($mention)
  *
  * @access private
  */
-function common_find_mentions($text, $notice)
+function common_find_mentions($text, Notice $notice)
 {
-    try {
-        $sender = Profile::getKV('id', $notice->profile_id);
-    } catch (NoProfileException $e) {
-        return array();
-    }
+    // The getProfile call throws NoProfileException on failure
+    $sender = $notice->getProfile();
 
     $mentions = array();
 
@@ -688,26 +709,24 @@ function common_find_mentions($text, $notice)
 
         // Is it a reply?
 
-        if ($notice instanceof Notice) {
-            try {
-                $origNotice = $notice->getParent();
-                $origAuthor = $origNotice->getProfile();
+        try {
+            $origNotice = $notice->getParent();
+            $origAuthor = $origNotice->getProfile();
 
-                $ids = $origNotice->getReplies();
+            $ids = $origNotice->getReplies();
 
-                foreach ($ids as $id) {
-                    $repliedTo = Profile::getKV('id', $id);
-                    if ($repliedTo instanceof Profile) {
-                        $origMentions[$repliedTo->nickname] = $repliedTo;
-                    }
+            foreach ($ids as $id) {
+                try {
+                    $repliedTo = Profile::getByID($id);
+                    $origMentions[$repliedTo->getNickname()] = $repliedTo;
+                } catch (NoResultException $e) {
+                    // continue foreach
                 }
-            } catch (NoProfileException $e) {
-                common_log(LOG_WARNING, sprintf('Notice %d author profile id %d does not exist', $origNotice->id, $origNotice->profile_id));
-            } catch (ServerException $e) {
-                common_log(LOG_WARNING, __METHOD__ . ' got exception: ' . $e->getMessage());
-            } catch (Exception $e) {
-                // Probably just no parent. Should get a specific NoParentException
             }
+        } catch (NoParentNoticeException $e) {
+            // It wasn't a reply to anything, so we can't harvest nickname-relations.
+        } catch (NoResultException $e) {
+            // The parent notice was deleted.
         }
 
         $matches = common_find_mentions_raw($text);
@@ -743,6 +762,7 @@ function common_find_mentions($text, $notice)
                 }
 
                 $mention = array('mentioned' => array($mentioned),
+                                 'type' => 'mention',
                                  'text' => $match[0],
                                  'position' => $match[1],
                                  'url' => $url);
@@ -768,10 +788,11 @@ function common_find_mentions($text, $notice)
             $tagged = $sender->getTaggedSubscribers($tag);
 
             $url = common_local_url('showprofiletag',
-                                    array('tagger' => $sender->nickname,
+                                    array('nickname' => $sender->getNickname(),
                                           'tag' => $tag));
 
             $mentions[] = array('mentioned' => $tagged,
+                                'type'      => 'list',
                                 'text' => $hmatch[0],
                                 'position' => $hmatch[1],
                                 'url' => $url);
@@ -790,6 +811,7 @@ function common_find_mentions($text, $notice)
             $profile = $group->getProfile();
 
             $mentions[] = array('mentioned' => array($profile),
+                                'type'      => 'group',
                                 'text'      => $hmatch[0],
                                 'position'  => $hmatch[1],
                                 'url'       => $group->permalink(),
@@ -829,14 +851,15 @@ function common_find_mentions_raw($text)
 
 function common_render_text($text)
 {
-    $r = htmlspecialchars($text);
+    $text = common_remove_unicode_formatting($text);
+    $text = nl2br(htmlspecialchars($text));
 
-    $r = preg_replace('/[\x{0}-\x{8}\x{b}-\x{c}\x{e}-\x{19}]/', '', $r);
-    $r = common_replace_urls_callback($r, 'common_linkify');
-    $r = preg_replace_callback('/(^|\&quot\;|\'|\(|\[|\{|\s+)#([\pL\pN_\-\.]{1,64})/u',
-                function ($m) { return "{$m[1]}#".common_tag_link($m[2]); }, $r);
+    $text = preg_replace('/[\x{0}-\x{8}\x{b}-\x{c}\x{e}-\x{19}]/', '', $text);
+    $text = common_replace_urls_callback($text, 'common_linkify');
+    $text = preg_replace_callback('/(^|\&quot\;|\'|\(|\[|\{|\s+)#([\pL\pN_\-\.]{1,64})/u',
+                function ($m) { return "{$m[1]}#".common_tag_link($m[2]); }, $text);
     // XXX: machine tags
-    return $r;
+    return $text;
 }
 
 /**
@@ -867,15 +890,19 @@ function common_replace_urls_callback($text, $callback, $arg = null) {
                     ')'.
                 ')'.
             ')'.
+            '|(?:(?:magnet):)'. // URLs without domain name
             '|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)'. //IPv4
             '|(?:'. //IPv6
                 '\[?(?:(?:(?:[0-9A-Fa-f]{1,4}:){7}(?:(?:[0-9A-Fa-f]{1,4})|:))|(?:(?:[0-9A-Fa-f]{1,4}:){6}(?::|(?:(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})|(?::[0-9A-Fa-f]{1,4})))|(?:(?:[0-9A-Fa-f]{1,4}:){5}(?:(?::(?:(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|(?:(?::[0-9A-Fa-f]{1,4}){1,2})))|(?:(?:[0-9A-Fa-f]{1,4}:){4}(?::[0-9A-Fa-f]{1,4}){0,1}(?:(?::(?:(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|(?:(?::[0-9A-Fa-f]{1,4}){1,2})))|(?:(?:[0-9A-Fa-f]{1,4}:){3}(?::[0-9A-Fa-f]{1,4}){0,2}(?:(?::(?:(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|(?:(?::[0-9A-Fa-f]{1,4}){1,2})))|(?:(?:[0-9A-Fa-f]{1,4}:){2}(?::[0-9A-Fa-f]{1,4}){0,3}(?:(?::(?:(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|(?:(?::[0-9A-Fa-f]{1,4}){1,2})))|(?:(?:[0-9A-Fa-f]{1,4}:)(?::[0-9A-Fa-f]{1,4}){0,4}(?:(?::(?:(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|(?:(?::[0-9A-Fa-f]{1,4}){1,2})))|(?::(?::[0-9A-Fa-f]{1,4}){0,5}(?:(?::(?:(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})?)|(?:(?::[0-9A-Fa-f]{1,4}){1,2})))|(?:(?:(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})(?:\.(?:25[0-5]|2[0-4]\d|[01]?\d{1,2})){3})))\]?(?<!:)'.
-            ')|(?:'. //DNS
-                '(?:[\pN\pL\-\_\+\%\~]+(?:\:[\pN\pL\-\_\+\%\~]+)?\@)?'. //user:pass@
-                '[\pN\pL\-\_]+(?:\.[\pN\pL\-\_]+)*\.'.
-                //tld list from http://data.iana.org/TLD/tlds-alpha-by-domain.txt, also added local, loc, and onion
-                '(?:AC|AD|AE|AERO|AF|AG|AI|AL|AM|AN|AO|AQ|AR|ARPA|AS|ASIA|AT|AU|AW|AX|AZ|BA|BB|BD|BE|BF|BG|BH|BI|BIZ|BJ|BM|BN|BO|BR|BS|BT|BV|BW|BY|BZ|CA|CAT|CC|CD|CF|CG|CH|CI|CK|CL|CM|CN|CO|COM|COOP|CR|CU|CV|CX|CY|CZ|DE|DJ|DK|DM|DO|DZ|EC|EDU|EE|EG|ER|ES|ET|EU|FI|FJ|FK|FM|FO|FR|GA|GB|GD|GE|GF|GG|GH|GI|GL|GM|GN|GOV|GP|GQ|GR|GS|GT|GU|GW|GY|HK|HM|HN|HR|HT|HU|ID|IE|IL|IM|IN|INFO|INT|IO|IQ|IR|IS|IT|JE|JM|JO|JOBS|JP|KE|KG|KH|KI|KM|KN|KP|KR|KW|KY|KZ|LA|LB|LC|LI|LK|LR|LS|LT|LU|LV|LY|MA|MC|MD|ME|MG|MH|MIL|MK|ML|MM|MN|MO|MOBI|MP|MQ|MR|MS|MT|MU|MUSEUM|MV|MW|MX|MY|MZ|NA|NAME|NC|NE|NET|NF|NG|NI|NL|NO|NP|NR|NU|NZ|OM|ORG|PA|PE|PF|PG|PH|PK|PL|PM|PN|PR|PRO|PS|PT|PW|PY|QA|RE|RO|RS|RU|RW|SA|SB|SC|SD|SE|SG|SH|SI|SJ|SK|SL|SM|SN|SO|SR|ST|SU|SV|SY|SZ|TC|TD|TEL|TF|TG|TH|TJ|TK|TL|TM|TN|TO|TP|TR|TRAVEL|TT|TV|TW|TZ|UA|UG|UK|US|UY|UZ|VA|VC|VE|VG|VI|VN|VU|WF|WS|XN--0ZWM56D|测试|XN--11B5BS3A9AJ6G|परीक्षा|XN--80AKHBYKNJ4F|испытание|XN--9T4B11YI5A|테스트|XN--DEBA0AD|טעסט|XN--G6W251D|測試|XN--HGBK6AJ7F53BBA|آزمایشی|XN--HLCJ6AYA9ESC7A|பரிட்சை|XN--JXALPDLP|δοκιμή|XN--KGBECHTV|إختبار|XN--ZCKZAH|テスト|YE|YT|YU|ZA|ZM|ZW|local|loc|onion)'.
-            ')(?![\pN\pL\-\_])'.
+            ')'.
+            (common_config('linkify', 'bare_domains')
+                ? '|(?:'. //DNS
+                    '(?:[\pN\pL\-\_\+\%\~]+(?:\:[\pN\pL\-\_\+\%\~]+)?\@)?'. //user:pass@
+                    '[\pN\pL\-\_]+(?:\.[\pN\pL\-\_]+)*\.'.
+                    //tld list from http://data.iana.org/TLD/tlds-alpha-by-domain.txt, also added local, loc, and onion
+                    '(?:AC|AD|AE|AERO|AF|AG|AI|AL|AM|AN|AO|AQ|AR|ARPA|AS|ASIA|AT|AU|AW|AX|AZ|BA|BB|BD|BE|BF|BG|BH|BI|BIZ|BJ|BM|BN|BO|BR|BS|BT|BV|BW|BY|BZ|CA|CAT|CC|CD|CF|CG|CH|CI|CK|CL|CM|CN|CO|COM|COOP|CR|CU|CV|CX|CY|CZ|DE|DJ|DK|DM|DO|DZ|EC|EDU|EE|EG|ER|ES|ET|EU|FI|FJ|FK|FM|FO|FR|GA|GB|GD|GE|GF|GG|GH|GI|GL|GM|GN|GOV|GP|GQ|GR|GS|GT|GU|GW|GY|HK|HM|HN|HR|HT|HU|ID|IE|IL|IM|IN|INFO|INT|IO|IQ|IR|IS|IT|JE|JM|JO|JOBS|JP|KE|KG|KH|KI|KM|KN|KP|KR|KW|KY|KZ|LA|LB|LC|LI|LK|LR|LS|LT|LU|LV|LY|MA|MC|MD|ME|MG|MH|MIL|MK|ML|MM|MN|MO|MOBI|MP|MQ|MR|MS|MT|MU|MUSEUM|MV|MW|MX|MY|MZ|NA|NAME|NC|NE|NET|NF|NG|NI|NL|NO|NP|NR|NU|NZ|OM|ORG|PA|PE|PF|PG|PH|PK|PL|PM|PN|PR|PRO|PS|PT|PW|PY|QA|RE|RO|RS|RU|RW|SA|SB|SC|SD|SE|SG|SH|SI|SJ|SK|SL|SM|SN|SO|SR|ST|SU|SV|SY|SZ|TC|TD|TEL|TF|TG|TH|TJ|TK|TL|TM|TN|TO|TP|TR|TRAVEL|TT|TV|TW|TZ|UA|UG|UK|US|UY|UZ|VA|VC|VE|VG|VI|VN|VU|WF|WS|XN--0ZWM56D|测试|XN--11B5BS3A9AJ6G|परीक्षा|XN--80AKHBYKNJ4F|испытание|XN--9T4B11YI5A|테스트|XN--DEBA0AD|טעסט|XN--G6W251D|測試|XN--HGBK6AJ7F53BBA|آزمایشی|XN--HLCJ6AYA9ESC7A|பரிட்சை|XN--JXALPDLP|δοκιμή|XN--KGBECHTV|إختبار|XN--ZCKZAH|テスト|YE|YT|YU|ZA|ZM|ZONE|ZW|local|loc|onion)'.
+            ')(?![\pN\pL\-\_])'
+                : '') . // if common_config('linkify', 'bare_domains') is false, don't add anything here
         ')'.
         '(?:'.
             '(?:\:\d+)?'. //:port
@@ -948,24 +975,7 @@ function callback_helper($matches, $callback, $arg=null) {
     return substr($matches[0],0,$left) . $result . substr($matches[0],$right);
 }
 
-if (version_compare(PHP_VERSION, '5.3.0', 'ge')) {
-    // lambda implementation in a separate file; PHP 5.2 won't parse it.
-    require_once INSTALLDIR . "/lib/curry.php";
-} else {
-    function curry($fn) {
-        $args = func_get_args();
-        array_shift($args);
-        $id = uniqid('_partial');
-        $GLOBALS[$id] = array($fn, $args);
-        return create_function('',
-                               '$args = func_get_args(); '.
-                               'return call_user_func_array('.
-                               '$GLOBALS["'.$id.'"][0],'.
-                               'array_merge('.
-                               '$args,'.
-                               '$GLOBALS["'.$id.'"][1]));');
-    }
-}
+require_once INSTALLDIR . "/lib/curry.php";
 
 function common_linkify($url) {
     // It comes in special'd, so we unspecial it before passing to the stringifying
@@ -1003,22 +1013,27 @@ function common_linkify($url) {
 
     $f = File::getKV('url', $longurl);
 
-    if (empty($f)) {
+    if (!$f instanceof File) {
         if (common_config('attachments', 'process_links')) {
             // XXX: this writes to the database. :<
-            $f = File::processNew($longurl);
+            try {
+                $f = File::processNew($longurl);
+            } catch (ServerException $e) {
+                $f = null;
+            }
         }
     }
 
-    if (!empty($f)) {
-        if ($f->getEnclosure()) {
+    if ($f instanceof File) {
+        try {
+            $enclosure = $f->getEnclosure();
             $is_attachment = true;
             $attachment_id = $f->id;
 
             $thumb = File_thumbnail::getKV('file_id', $f->id);
-            if (!empty($thumb)) {
-                $has_thumb = true;
-            }
+            $has_thumb = ($thumb instanceof File_thumbnail);
+        } catch (ServerException $e) {
+            // There was not enough metadata available
         }
     }
 
@@ -1128,6 +1143,27 @@ function common_xml_safe_str($str)
     return preg_replace('/[\p{Cc}\p{Cs}]/u', '*', $str);
 }
 
+function common_slugify($str)
+{
+    // php5-intl is highly recommended...
+    if (!function_exists('transliterator_transliterate')) {
+        $str = preg_replace('/[^\pL\pN]/u', '', $str);
+        $str = mb_convert_case($str, MB_CASE_LOWER, 'UTF-8');
+        $str = substr($str, 0, 64);
+        return $str;
+    }
+    $str = transliterator_transliterate(
+                        'Any-Latin;' .      // any charset to latin compatible
+                            'NFD;' .        // decompose
+                            '[:Nonspacing Mark:] Remove;' . // remove nonspacing marks (accents etc.)
+                            'NFC;' .        // composite again
+                            '[:Punctuation:] Remove;' . // remove punctuation (.,¿? etc.)
+                            'Lower();' .    // turn into lowercase
+                            'Latin-ASCII;',  // get ASCII equivalents (ð to d for example)
+                        $str);
+    return preg_replace('/[^\pL\pN]/', '', $str);
+}
+
 function common_tag_link($tag)
 {
     $canonical = common_canonical_tag($tag);
@@ -1151,11 +1187,9 @@ function common_tag_link($tag)
 
 function common_canonical_tag($tag)
 {
-  // only alphanum
-  $tag = preg_replace('/[^\pL\pN]/u', '', $tag);
-  $tag = mb_convert_case($tag, MB_CASE_LOWER, "UTF-8");
-  $tag = substr($tag, 0, 64);
-  return $tag;
+    $tag = common_slugify($tag);
+    $tag = substr($tag, 0, 64);
+    return $tag;
 }
 
 function common_valid_profile_tag($str)
@@ -1230,7 +1264,7 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad
         $path = $r->build($action, $args, $params, $fragment);
 
         $ssl = common_config('site', 'ssl') === 'always'
-                || StatusNet::isHTTPS()
+                || GNUsocial::isHTTPS()
                 || common_is_sensitive($action);
 
         if (common_config('site','fancy')) {
@@ -1274,6 +1308,7 @@ function common_path($relative, $ssl=false, $addSession=true)
     $pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : '';
 
     if (($ssl && (common_config('site', 'ssl') === 'sometimes'))
+        || GNUsocial::isHTTPS()
         || common_config('site', 'ssl') === 'always') {
         $proto = 'https';
         if (is_string(common_config('site', 'sslserver')) &&
@@ -1390,7 +1425,8 @@ function common_exact_date($dt)
     $dateStr = date('d F Y H:i:s', strtotime($dt));
     $d = new DateTime($dateStr, $_utc);
     $d->setTimezone($_siteTz);
-    return $d->format(DATE_RFC850);
+    // TRANS: Human-readable full date-time specification (formatting on http://php.net/date)
+    return $d->format(_('l, d-M-Y H:i:s T'));
 }
 
 function common_date_w3dtf($dt)
@@ -1521,17 +1557,27 @@ function common_root_url($ssl=false)
 }
 
 /**
- * returns $bytes bytes of random data as a hexadecimal string
+ * returns $bytes bytes of raw random data
  */
-function common_random_hexstr($bytes)
+function common_random_rawstr($bytes)
 {
-    $str = @file_exists('/dev/urandom')
+    $rawstr = @file_exists('/dev/urandom')
             ? common_urandom($bytes)
             : common_mtrand($bytes);
 
+    return $rawstr;
+}
+
+/**
+ * returns $bytes bytes of random data as a hexadecimal string
+ */
+function common_random_hexstr($bytes)
+{
+    $str = common_random_rawstr($bytes);
+
     $hexstr = '';
     for ($i = 0; $i < $bytes; $i++) {
-        $hexstr .= sprintf("%02x", ord($str{$i}));
+        $hexstr .= sprintf("%02x", ord($str[$i]));
     }
     return $hexstr;
 }
@@ -1794,6 +1840,54 @@ function common_accept_to_prefs($accept, $def = '*/*')
     return $prefs;
 }
 
+// Match by our supported file extensions
+function common_supported_ext_to_mime($fileext)
+{
+    // Accept a filename and take out the extension
+    if (strpos($fileext, '.') !== false) {
+        $fileext = substr(strrchr($fileext, '.'), 1);
+    }
+
+    $supported = common_config('attachments', 'supported');
+    foreach($supported as $type => $ext) {
+        if ($ext === $fileext) {
+            return $type;
+        }
+    }
+
+    throw new ServerException('Unsupported file extension');
+}
+
+// Match by our supported mime types
+function common_supported_mime_to_ext($mimetype)
+{
+    $supported = common_config('attachments', 'supported');
+    foreach($supported as $type => $ext) {
+        if ($mimetype === $type) {
+            return $ext;
+        }
+    }
+
+    throw new ServerException('Unsupported MIME type');
+}
+
+// The MIME "media" is the part before the slash (video in video/webm)
+function common_get_mime_media($type)
+{
+    $tmp = explode('/', $type);
+    return strtolower($tmp[0]);
+}
+
+// Get only the mimetype and not additional info (separated from bare mime with semi-colon)
+function common_bare_mime($mimetype)
+{
+    $mimetype = mb_strtolower($mimetype);
+    if ($semicolon = mb_strpos($mimetype, ';')) {
+        $mimetype = mb_substr($mimetype, 0, $semicolon);
+    }
+    return $mimetype;
+}
+
 function common_mime_type_match($type, $avail)
 {
     if(array_key_exists($type, $avail)) {
@@ -1850,9 +1944,14 @@ function common_negotiate_type($cprefs, $sprefs)
     return $besttype;
 }
 
-function common_config($main, $sub)
+function common_config($main, $sub=null)
 {
     global $config;
+    if (is_null($sub)) {
+        // Return the config category array
+        return array_key_exists($main, $config) ? $config[$main] : array();
+    }
+    // Return the config value
     return (array_key_exists($main, $config) &&
             array_key_exists($sub, $config[$main])) ? $config[$main][$sub] : false;
 }
@@ -1925,13 +2024,6 @@ function common_user_uri(&$user)
                             null, null, false);
 }
 
-function common_notice_uri(&$notice)
-{
-    return common_local_url('shownotice',
-                            array('notice' => $notice->id),
-                            null, null, false);
-}
-
 // 36 alphanums - lookalikes (0, O, 1, I) = 32 chars = 5 bits
 
 function common_confirmation_code($bits)
@@ -1951,7 +2043,6 @@ function common_confirmation_code($bits)
 }
 
 // convert markup to HTML
-
 function common_markup_to_html($c, $args=null)
 {
     if ($c === null) {
@@ -1972,7 +2063,8 @@ function common_markup_to_html($c, $args=null)
     $c = preg_replace_callback('/%%action.(\w+)%%/', function ($m) { return common_local_url($m[1]); }, $c);
     $c = preg_replace_callback('/%%doc.(\w+)%%/', function ($m) { return common_local_url('doc', array('title'=>$m[1])); }, $c);
     $c = preg_replace_callback('/%%(\w+).(\w+)%%/', function ($m) { return common_config($m[1], $m[2]); }, $c);
-    return Markdown($c);
+
+    return \Michelf\Markdown::defaultTransform($c);
 }
 
 function common_user_property($property)
@@ -2014,7 +2106,7 @@ function common_profile_uri($profile)
         if (Event::handle('StartCommonProfileURI', array($profile, &$uri))) {
             $user = User::getKV('id', $profile->id);
             if ($user instanceof User) {
-                $uri = $user->uri;
+                $uri = $user->getUri();
             }
             Event::handle('EndCommonProfileURI', array($profile, &$uri));
         }
@@ -2151,17 +2243,16 @@ function common_shorten_url($long_url, User $user=null, $force = false)
     if (Event::handle('StartShortenUrl',
                       array($long_url, $shortenerName, &$shortenedUrl))) {
         if ($shortenerName == 'internal') {
-            $f = File::processNew($long_url);
-            if (empty($f)) {
-                return $long_url;
-            } else {
-                $shortenedUrl = common_local_url('redirecturl',
-                                                 array('id' => $f->id));
+            try {
+                $f = File::processNew($long_url);
+                $shortenedUrl = common_local_url('redirecturl', array('id' => $f->id));
                 if ((mb_strlen($shortenedUrl) < mb_strlen($long_url)) || $force) {
                     return $shortenedUrl;
                 } else {
                     return $long_url;
                 }
+            } catch (ServerException $e) {
+                return $long_url;
             }
         } else {
             return $long_url;
@@ -2342,3 +2433,21 @@ function common_log_delta($comment=null)
 
     common_debug(sprintf("%s: %d %d", $comment, $mtotal, round($ttotal * 1000000)));
 }
+
+function common_strip_html($html, $trim=true, $save_whitespace=false)
+{
+    if (!$save_whitespace) {
+        $html = preg_replace('/\s+/', ' ', $html);
+    }
+    $text = html_entity_decode(strip_tags($html), ENT_QUOTES, 'UTF-8');
+    return $trim ? trim($text) : $text;
+}
+
+function html_sprintf()
+{
+    $args = func_get_args();
+    for ($i=1; $i<count($args); $i++) {
+        $args[$i] = htmlspecialchars($args[$i]);
+    }
+    return call_user_func_array('sprintf', $args);
+}