X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fbookmarklet.php;h=1c4d191c4f8d1fa21b89e4d6194cb915be585dc9;hb=51210af22157327376954721bfdca7161b66a7be;hp=7a6a3ee21cf9ad5c65b79a9da85645d15b9e2716;hpb=29f7ebe307c22b275466390937b82ccb3820fb1c;p=friendica.git diff --git a/mod/bookmarklet.php b/mod/bookmarklet.php index 7a6a3ee21c..1c4d191c4f 100644 --- a/mod/bookmarklet.php +++ b/mod/bookmarklet.php @@ -2,13 +2,14 @@ /** * @file mod/bookmarklet.php */ + use Friendica\App; +use Friendica\Core\ACL; +use Friendica\Core\Config; use Friendica\Core\L10n; use Friendica\Core\System; use Friendica\Module\Login; - -require_once 'include/conversation.php'; -require_once 'include/items.php'; +use Friendica\Util\Strings; function bookmarklet_init() { @@ -19,14 +20,18 @@ function bookmarklet_content(App $a) { if (!local_user()) { $o = '

' . L10n::t('Login') . '

'; - $o .= Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? false : true); + $o .= Login::form($a->query_string, intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED ? false : true); return $o; } - $referer = normalise_link($_SERVER["HTTP_REFERER"]); - $page = normalise_link(System::baseUrl() . "/bookmarklet"); + $referer = Strings::normaliseLink(defaults($_SERVER, 'HTTP_REFERER', '')); + $page = Strings::normaliseLink(System::baseUrl() . "/bookmarklet"); if (!strstr($referer, $page)) { + if (empty($_REQUEST["url"])) { + System::httpExit(400, ["title" => L10n::t('Bad Request')]); + } + $content = add_page_info($_REQUEST["url"]); $x = [ @@ -35,12 +40,12 @@ function bookmarklet_content(App $a) 'default_location' => $a->user['default-location'], 'nickname' => $a->user['nickname'], 'lockstate' => ((is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid'])))) ? 'lock' : 'unlock'), - 'default_perms' => get_acl_permissions($a->user), - 'acl' => populate_acl($a->user, true), + 'default_perms' => ACL::getDefaultUserPermissions($a->user), + 'acl' => ACL::getFullSelectorHTML($a->user, true), 'bang' => '', 'visitor' => 'block', 'profile_uid' => local_user(), - 'title' => trim($_REQUEST["title"], "*"), + 'title' => trim(defaults($_REQUEST, 'title', ''), "*"), 'content' => $content ]; $o = status_editor($a, $x, 0, false);