X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fbookmarklet.php;h=e1ae9aa64ce60dd94119865d570d8962e773e169;hb=f32ea03911e81ccb1ce9f6553f8fc3bdaa815ffb;hp=7a6a3ee21cf9ad5c65b79a9da85645d15b9e2716;hpb=c845415a99ebc348103815a7b2c55b15c75cdd24;p=friendica.git
diff --git a/mod/bookmarklet.php b/mod/bookmarklet.php
index 7a6a3ee21c..e1ae9aa64c 100644
--- a/mod/bookmarklet.php
+++ b/mod/bookmarklet.php
@@ -2,7 +2,10 @@
/**
* @file mod/bookmarklet.php
*/
+
use Friendica\App;
+use Friendica\Core\ACL;
+use Friendica\Core\Config;
use Friendica\Core\L10n;
use Friendica\Core\System;
use Friendica\Module\Login;
@@ -19,14 +22,18 @@ function bookmarklet_content(App $a)
{
if (!local_user()) {
$o = '
' . L10n::t('Login') . '
';
- $o .= Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? false : true);
+ $o .= Login::form($a->query_string, intval(Config::get('config', 'register_policy')) === REGISTER_CLOSED ? false : true);
return $o;
}
- $referer = normalise_link($_SERVER["HTTP_REFERER"]);
+ $referer = normalise_link(defaults($_SERVER, 'HTTP_REFERER', ''));
$page = normalise_link(System::baseUrl() . "/bookmarklet");
if (!strstr($referer, $page)) {
+ if (empty($_REQUEST["url"])) {
+ System::httpExit(400, ["title" => L10n::t('Bad Request')]);
+ }
+
$content = add_page_info($_REQUEST["url"]);
$x = [
@@ -35,12 +42,12 @@ function bookmarklet_content(App $a)
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
'lockstate' => ((is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid'])))) ? 'lock' : 'unlock'),
- 'default_perms' => get_acl_permissions($a->user),
- 'acl' => populate_acl($a->user, true),
+ 'default_perms' => ACL::getDefaultUserPermissions($a->user),
+ 'acl' => ACL::getFullSelectorHTML($a->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
- 'title' => trim($_REQUEST["title"], "*"),
+ 'title' => trim(defaults($_REQUEST, 'title', ''), "*"),
'content' => $content
];
$o = status_editor($a, $x, 0, false);