X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fitem.php;h=b77e725756b11f9cf1c1af41b7236dc997b90399;hb=e076998ffe7ed9e29c01463c10a0b36a49659e9d;hp=57fb64e3dac8d3c4864407cb775bdad493a5a23a;hpb=3fc3ded750afe4b90c95f3036bded015ed5c9572;p=friendica.git diff --git a/mod/item.php b/mod/item.php index 57fb64e3da..b77e725756 100644 --- a/mod/item.php +++ b/mod/item.php @@ -54,7 +54,7 @@ use Friendica\Object\EMail\ItemCCEMail; use Friendica\Protocol\Activity; use Friendica\Protocol\Diaspora; use Friendica\Util\DateTimeFormat; -use Friendica\Util\Security; +use Friendica\Security\Security; use Friendica\Util\Strings; use Friendica\Worker\Delivery; @@ -139,7 +139,7 @@ function item_post(App $a) { // When commenting on a public post then store the post for the current user // This enables interaction like starring and saving into folders if ($toplevel_item['uid'] == 0) { - $stored = Item::storeForUser($toplevel_item, local_user()); + $stored = Item::storeForUserByUriId($toplevel_item['uri-id'], local_user()); Logger::info('Public item stored for user', ['uri-id' => $toplevel_item['uri-id'], 'uid' => $uid, 'stored' => $stored]); if ($stored) { $toplevel_item = Item::selectFirst([], ['id' => $stored]); @@ -260,7 +260,7 @@ function item_post(App $a) { $objecttype = $orig_post['object-type']; $app = $orig_post['app']; $categories = $orig_post['file'] ?? ''; - $title = Strings::escapeTags(trim($_REQUEST['title'])); + $title = trim($_REQUEST['title'] ?? ''); $body = trim($body); $private = $orig_post['private']; $pubmail_enabled = $orig_post['pubmail']; @@ -281,13 +281,13 @@ function item_post(App $a) { $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? ''; } - $title = Strings::escapeTags(trim($_REQUEST['title'] ?? '')); - $location = Strings::escapeTags(trim($_REQUEST['location'] ?? '')); - $coord = Strings::escapeTags(trim($_REQUEST['coord'] ?? '')); - $verb = Strings::escapeTags(trim($_REQUEST['verb'] ?? '')); - $emailcc = Strings::escapeTags(trim($_REQUEST['emailcc'] ?? '')); + $title = trim($_REQUEST['title'] ?? ''); + $location = trim($_REQUEST['location'] ?? ''); + $coord = trim($_REQUEST['coord'] ?? ''); + $verb = trim($_REQUEST['verb'] ?? ''); + $emailcc = trim($_REQUEST['emailcc'] ?? ''); $body = trim($body); - $network = Strings::escapeTags(trim(($_REQUEST['network'] ?? '') ?: Protocol::DFRN)); + $network = trim(($_REQUEST['network'] ?? '') ?: Protocol::DFRN); $guid = System::createUUID(); $postopts = $_REQUEST['postopts'] ?? ''; @@ -888,7 +888,7 @@ function drop_item(int $id, string $return = '') $item = Item::selectFirstForUser(local_user(), $fields, ['id' => $id]); if (!DBA::isResult($item)) { - notice(DI::l10n()->t('Item not found.') . EOL); + notice(DI::l10n()->t('Item not found.')); DI::baseUrl()->redirect('network'); } @@ -904,40 +904,8 @@ function drop_item(int $id, string $return = '') } if ((local_user() == $item['uid']) || $contact_id) { - // Check if we should do HTML-based delete confirmation - if (!empty($_REQUEST['confirm'])) { - //