X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fphotos.php;h=65a48c4c3f4995e26d82b2b94372c96eff461650;hb=5e577ed1330425ec8da7966e27d24a9ea692e2b8;hp=92f79d7c94d3f4ddc01681d1ea42978f3e19da54;hpb=91facd2d0a2869e2c26a5943d8afe1849d3891f8;p=friendica.git
diff --git a/mod/photos.php b/mod/photos.php
index 92f79d7c94..65a48c4c3f 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -26,10 +26,13 @@ use Friendica\Model\User;
use Friendica\Network\Probe;
use Friendica\Object\Image;
use Friendica\Protocol\DFRN;
+use Friendica\Util\Crypto;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Map;
use Friendica\Util\Security;
use Friendica\Util\Temporal;
+use Friendica\Util\Strings;
+use Friendica\Util\XML;
require_once 'include/items.php';
@@ -63,7 +66,7 @@ function photos_init(App $a) {
$account_type = Contact::getAccountType($profile);
- $tpl = get_markup_template("vcard-widget.tpl");
+ $tpl = Renderer::getMarkupTemplate("vcard-widget.tpl");
$vcard_widget = Renderer::replaceMacros($tpl, [
'$name' => $profile['name'],
@@ -110,7 +113,7 @@ function photos_init(App $a) {
}
if ($ret['success']) {
- $photo_albums_widget = Renderer::replaceMacros(get_markup_template('photo_albums.tpl'), [
+ $photo_albums_widget = Renderer::replaceMacros(Renderer::getMarkupTemplate('photo_albums.tpl'), [
'$nick' => $a->data['user']['nickname'],
'$title' => L10n::t('Photo Albums'),
'$recent' => L10n::t('Recent Photos'),
@@ -131,7 +134,7 @@ function photos_init(App $a) {
$a->page['aside'] .= $photo_albums_widget;
}
- $tpl = get_markup_template("photos_head.tpl");
+ $tpl = Renderer::getMarkupTemplate("photos_head.tpl");
$a->page['htmlhead'] .= Renderer::replaceMacros($tpl,[
'$ispublic' => L10n::t('everybody')
@@ -220,7 +223,7 @@ function photos_post(App $a)
}
// RENAME photo album
- $newalbum = notags(trim($_POST['albumname']));
+ $newalbum = Strings::escapeTags(trim($_POST['albumname']));
if ($newalbum != $album) {
q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
DBA::escape($newalbum),
@@ -247,7 +250,7 @@ function photos_post(App $a)
['name' => 'albumname', 'value' => $_POST['albumname']],
];
- $a->page['content'] = Renderer::replaceMacros(get_markup_template('confirm.tpl'), [
+ $a->page['content'] = Renderer::replaceMacros(Renderer::getMarkupTemplate('confirm.tpl'), [
'$method' => 'post',
'$message' => L10n::t('Do you really want to delete this photo album and all its photos?'),
'$extra_inputs' => $extra_inputs,
@@ -319,7 +322,7 @@ function photos_post(App $a)
if (!empty($_REQUEST['confirm'])) {
$drop_url = $a->query_string;
- $a->page['content'] = Renderer::replaceMacros(get_markup_template('confirm.tpl'), [
+ $a->page['content'] = Renderer::replaceMacros(Renderer::getMarkupTemplate('confirm.tpl'), [
'$method' => 'post',
'$message' => L10n::t('Do you really want to delete this photo?'),
'$extra_inputs' => [],
@@ -363,11 +366,11 @@ function photos_post(App $a)
}
if ($a->argc > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || !empty($_POST['albname']) !== false)) {
- $desc = !empty($_POST['desc']) ? notags(trim($_POST['desc'])) : '';
- $rawtags = !empty($_POST['newtag']) ? notags(trim($_POST['newtag'])) : '';
+ $desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : '';
+ $rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : '';
$item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
- $albname = !empty($_POST['albname']) ? notags(trim($_POST['albname'])) : '';
- $origaname = !empty($_POST['origaname']) ? notags(trim($_POST['origaname'])) : '';
+ $albname = !empty($_POST['albname']) ? Strings::escapeTags(trim($_POST['albname'])) : '';
+ $origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : '';
$str_group_allow = !empty($_POST['group_allow']) ? perms2str($_POST['group_allow']) : '';
$str_contact_allow = !empty($_POST['contact_allow']) ? perms2str($_POST['contact_allow']) : '';
@@ -522,7 +525,7 @@ function photos_post(App $a)
}
$taginfo = [];
- $tags = get_tags($rawtags);
+ $tags = BBCode::getTags($rawtags);
if (count($tags)) {
foreach ($tags as $tag) {
@@ -682,15 +685,15 @@ function photos_post(App $a)
$arr['body'] .= "\n\n" . '[url=' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . System::baseUrl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n" ;
$arr['object'] = '' . "\n";
$arr['target'] = '' . ACTIVITY_OBJ_IMAGE . '' . $p[0]['desc'] . ''
. System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '';
- $arr['target'] .= '' . xmlify('' . "\n" . '') . '';
+ $arr['target'] .= '' . XML::escape('' . "\n" . '') . '';
$item_id = Item::insert($arr);
}
@@ -705,8 +708,8 @@ function photos_post(App $a)
Addon::callHooks('photo_post_init', $_POST);
// Determine the album to use
- $album = !empty($_REQUEST['album']) ? notags(trim($_REQUEST['album'])) : '';
- $newalbum = !empty($_REQUEST['newalbum']) ? notags(trim($_REQUEST['newalbum'])) : '';
+ $album = !empty($_REQUEST['album']) ? Strings::escapeTags(trim($_REQUEST['album'])) : '';
+ $newalbum = !empty($_REQUEST['newalbum']) ? Strings::escapeTags(trim($_REQUEST['newalbum'])) : '';
Logger::log('mod/photos.php: photos_post(): album= ' . $album . ' newalbum= ' . $newalbum , Logger::DEBUG);
@@ -777,7 +780,7 @@ function photos_post(App $a)
notice(L10n::t('Image exceeds size limit of %s', ini_get('upload_max_filesize')) . EOL);
break;
case UPLOAD_ERR_FORM_SIZE:
- notice(L10n::t('Image exceeds size limit of %s', formatBytes(defaults($_REQUEST, 'MAX_FILE_SIZE', 0))) . EOL);
+ notice(L10n::t('Image exceeds size limit of %s', Strings::formatBytes(defaults($_REQUEST, 'MAX_FILE_SIZE', 0))) . EOL);
break;
case UPLOAD_ERR_PARTIAL:
notice(L10n::t('Image upload didn\'t complete, please try again') . EOL);
@@ -806,7 +809,7 @@ function photos_post(App $a)
$maximagesize = Config::get('system', 'maximagesize');
if ($maximagesize && ($filesize > $maximagesize)) {
- notice(L10n::t('Image exceeds size limit of %s', formatBytes($maximagesize)) . EOL);
+ notice(L10n::t('Image exceeds size limit of %s', Strings::formatBytes($maximagesize)) . EOL);
@unlink($src);
$foo = 0;
Addon::callHooks('photo_post_end', $foo);
@@ -1085,14 +1088,14 @@ function photos_content(App $a)
Addon::callHooks('photo_upload_form',$ret);
- $default_upload_box = Renderer::replaceMacros(get_markup_template('photos_default_uploader_box.tpl'), []);
- $default_upload_submit = Renderer::replaceMacros(get_markup_template('photos_default_uploader_submit.tpl'), [
+ $default_upload_box = Renderer::replaceMacros(Renderer::getMarkupTemplate('photos_default_uploader_box.tpl'), []);
+ $default_upload_submit = Renderer::replaceMacros(Renderer::getMarkupTemplate('photos_default_uploader_submit.tpl'), [
'$submit' => L10n::t('Submit'),
]);
$usage_message = '';
- $tpl = get_markup_template('photos_upload.tpl');
+ $tpl = Renderer::getMarkupTemplate('photos_upload.tpl');
$aclselect_e = ($visitor ? '' : ACL::getFullSelectorHTML($a->user));
@@ -1166,7 +1169,7 @@ function photos_content(App $a)
if ($cmd === 'edit') {
if (($album !== L10n::t('Profile Photos')) && ($album !== 'Contact Photos') && ($album !== L10n::t('Contact Photos'))) {
if ($can_post) {
- $edit_tpl = get_markup_template('album_edit.tpl');
+ $edit_tpl = Renderer::getMarkupTemplate('album_edit.tpl');
$album_e = $album;
@@ -1220,7 +1223,7 @@ function photos_content(App $a)
}
}
- $tpl = get_markup_template('photo_album.tpl');
+ $tpl = Renderer::getMarkupTemplate('photo_album.tpl');
$o .= Renderer::replaceMacros($tpl, [
'$photos' => $photos,
'$album' => $album,
@@ -1342,7 +1345,7 @@ function photos_content(App $a)
}
if ($cmd === 'edit') {
- $tpl = get_markup_template('photo_edit_head.tpl');
+ $tpl = Renderer::getMarkupTemplate('photo_edit_head.tpl');
$a->page['htmlhead'] .= Renderer::replaceMacros($tpl,[
'$prevlink' => $prevlink,
'$nextlink' => $nextlink
@@ -1429,7 +1432,7 @@ function photos_content(App $a)
$edit = Null;
if ($cmd === 'edit' && $can_post) {
- $edit_tpl = get_markup_template('photo_edit.tpl');
+ $edit_tpl = Renderer::getMarkupTemplate('photo_edit.tpl');
$album_e = $ph[0]['album'];
$caption_e = $ph[0]['desc'];
@@ -1468,16 +1471,16 @@ function photos_content(App $a)
$responses = '';
if (count($linked_items)) {
- $cmnt_tpl = get_markup_template('comment_item.tpl');
- $tpl = get_markup_template('photo_item.tpl');
+ $cmnt_tpl = Renderer::getMarkupTemplate('comment_item.tpl');
+ $tpl = Renderer::getMarkupTemplate('photo_item.tpl');
$return_path = $a->cmd;
if ($can_post || Security::canWriteToUserWall($owner_uid)) {
- $like_tpl = get_markup_template('like_noshare.tpl');
+ $like_tpl = Renderer::getMarkupTemplate('like_noshare.tpl');
$likebuttons = Renderer::replaceMacros($like_tpl, [
'$id' => $link_item['id'],
'$likethis' => L10n::t("I like this \x28toggle\x29"),
- '$nolike' => (Feature::isEnabled(local_user(), 'dislike') ? L10n::t("I don't like this \x28toggle\x29") : ''),
+ '$nolike' => L10n::t("I don't like this \x28toggle\x29"),
'$wait' => L10n::t('Please wait'),
'$return_path' => $a->query_string,
]);
@@ -1499,7 +1502,7 @@ function photos_content(App $a)
'$preview' => L10n::t('Preview'),
'$sourceapp' => L10n::t($a->sourcename),
'$ww' => '',
- '$rand_num' => random_digits(12)
+ '$rand_num' => Crypto::randomDigits(12)
]);
}
}
@@ -1538,7 +1541,7 @@ function photos_content(App $a)
'$preview' => L10n::t('Preview'),
'$sourceapp' => L10n::t($a->sourcename),
'$ww' => '',
- '$rand_num' => random_digits(12)
+ '$rand_num' => Crypto::randomDigits(12)
]);
}
@@ -1598,21 +1601,19 @@ function photos_content(App $a)
'$preview' => L10n::t('Preview'),
'$sourceapp' => L10n::t($a->sourcename),
'$ww' => '',
- '$rand_num' => random_digits(12)
+ '$rand_num' => Crypto::randomDigits(12)
]);
}
}
}
$response_verbs = ['like'];
- if (Feature::isEnabled($owner_uid, 'dislike')) {
- $response_verbs[] = 'dislike';
- }
+ $response_verbs[] = 'dislike';
$responses = get_responses($conv_responses, $response_verbs, '', $link_item);
$paginate = $pager->renderFull($total);
}
- $photo_tpl = get_markup_template('photo_view.tpl');
+ $photo_tpl = Renderer::getMarkupTemplate('photo_view.tpl');
$o .= Renderer::replaceMacros($photo_tpl, [
'$id' => $ph[0]['id'],
'$album' => [$album_link, $ph[0]['album']],
@@ -1704,7 +1705,7 @@ function photos_content(App $a)
}
}
- $tpl = get_markup_template('photos_recent.tpl');
+ $tpl = Renderer::getMarkupTemplate('photos_recent.tpl');
$o .= Renderer::replaceMacros($tpl, [
'$title' => L10n::t('Recent Photos'),
'$can_post' => $can_post,