X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fpoco.php;h=3456beb12896a4b2a507f365b28330d66ba76f54;hb=6bc865ff4d68170c83a675cfc75cdc025a192b15;hp=7a33a69d0b9d1d7f707dbb77c2aae8a10d82edc0;hpb=c6ce9ddaa41a59496cbe5cd93ace9bc552478ccd;p=friendica.git

diff --git a/mod/poco.php b/mod/poco.php
index 7a33a69d0b..3456beb128 100644
--- a/mod/poco.php
+++ b/mod/poco.php
@@ -10,10 +10,13 @@ use Friendica\Core\Cache;
 use Friendica\Core\Config;
 use Friendica\Core\Logger;
 use Friendica\Core\Protocol;
+use Friendica\Core\Renderer;
 use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Protocol\PortableContact;
 use Friendica\Util\DateTimeFormat;
+use Friendica\Util\Strings;
+use Friendica\Util\XML;
 
 function poco_init(App $a) {
 	$system_mode = false;
@@ -23,7 +26,7 @@ function poco_init(App $a) {
 	}
 
 	if ($a->argc > 1) {
-		$user = notags(trim($a->argv[1]));
+		$user = Strings::escapeTags(trim($a->argv[1]));
 	}
 	if (empty($user)) {
 		$c = q("SELECT * FROM `pconfig` WHERE `cat` = 'system' AND `k` = 'suggestme' AND `v` = 1");
@@ -85,7 +88,7 @@ function poco_init(App $a) {
 	if (!empty($cid)) {
 		$sql_extra = sprintf(" AND `contact`.`id` = %d ", intval($cid));
 	}
-	if (x($_GET, 'updatedSince')) {
+	if (!empty($_GET['updatedSince'])) {
 		$update_limit = date(DateTimeFormat::MYSQL, strtotime($_GET['updatedSince']));
 	}
 	if ($global) {
@@ -119,7 +122,7 @@ function poco_init(App $a) {
 	} else {
 		$startIndex = 0;
 	}
-	$itemsPerPage = ((x($_GET, 'count') && intval($_GET['count'])) ? intval($_GET['count']) : $totalResults);
+	$itemsPerPage = ((!empty($_GET['count'])) ? intval($_GET['count']) : $totalResults);
 
 	if ($global) {
 		Logger::log("Start global query", Logger::DEBUG);
@@ -161,13 +164,13 @@ function poco_init(App $a) {
 	Logger::log("Query done", Logger::DEBUG);
 
 	$ret = [];
-	if (x($_GET, 'sorted')) {
+	if (!empty($_GET['sorted'])) {
 		$ret['sorted'] = false;
 	}
-	if (x($_GET, 'filtered')) {
+	if (!empty($_GET['filtered'])) {
 		$ret['filtered'] = false;
 	}
-	if (x($_GET, 'updatedSince') && ! $global) {
+	if (!empty($_GET['updatedSince']) && ! $global) {
 		$ret['updatedSince'] = false;
 	}
 	$ret['startIndex']   = (int) $startIndex;
@@ -193,7 +196,7 @@ function poco_init(App $a) {
 		'generation' => false
 	];
 
-	if ((! x($_GET, 'fields')) || ($_GET['fields'] === '@all')) {
+	if (empty($_GET['fields']) || ($_GET['fields'] === '@all')) {
 		foreach ($fields_ret as $k => $v) {
 			$fields_ret[$k] = true;
 		}
@@ -374,7 +377,7 @@ function poco_init(App $a) {
 
 	if ($format === 'xml') {
 		header('Content-type: text/xml');
-		echo replace_macros(get_markup_template('poco_xml.tpl'), array_xmlify(['$response' => $ret]));
+		echo Renderer::replaceMacros(Renderer::getMarkupTemplate('poco_xml.tpl'), XML::arrayEscape(['$response' => $ret]));
 		killme();
 	}
 	if ($format === 'json') {