X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Ftagger.php;h=78133a9e1823a30498262e811269eee948c910e0;hb=892a395eb79c0ec8ea6e44bebb5a3c6e3a373f4f;hp=edfcd7bd13e45a910ef13c51aa3a8a07adad6df8;hpb=2f28c2ebbfd8f66093d7081d40b1d48f65fcff20;p=friendica.git
diff --git a/mod/tagger.php b/mod/tagger.php
index edfcd7bd13..78133a9e18 100644
--- a/mod/tagger.php
+++ b/mod/tagger.php
@@ -10,8 +10,8 @@ use Friendica\Core\System;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\Model\Item;
-
-require_once 'include/items.php';
+use Friendica\Util\Strings;
+use Friendica\Util\XML;
function tagger_content(App $a) {
@@ -19,7 +19,7 @@ function tagger_content(App $a) {
return;
}
- $term = notags(trim($_GET['term']));
+ $term = Strings::escapeTags(trim($_GET['term']));
// no commas allowed
$term = str_replace([',',' '],['','_'],$term);
@@ -27,7 +27,7 @@ function tagger_content(App $a) {
return;
}
- $item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
+ $item_id = (($a->argc > 1) ? Strings::escapeTags(trim($a->argv[1])) : 0);
Logger::log('tagger: tag ' . $term . ' item ' . $item_id);
@@ -66,7 +66,7 @@ function tagger_content(App $a) {
}
$uri = Item::newURI($owner_uid);
- $xterm = xmlify($term);
+ $xterm = XML::escape($term);
$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
$targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
@@ -76,9 +76,9 @@ function tagger_content(App $a) {
$href = System::baseUrl() . '/display/' . $item['guid'];
}
- $link = xmlify('' . "\n") ;
+ $link = XML::escape('' . "\n");
- $body = xmlify($item['body']);
+ $body = XML::escape($item['body']);
$target = <<< EOT
@@ -91,7 +91,7 @@ function tagger_content(App $a) {
EOT;
- $tagid = System::baseUrl() . '/search?tag=' . $term;
+ $tagid = System::baseUrl() . '/search?tag=' . $xterm;
$objtype = ACTIVITY_OBJ_TAGTERM;
$obj = <<< EOT
@@ -111,7 +111,7 @@ EOT;
return;
}
- $termlink = html_entity_decode('⌗') . '[url=' . System::baseUrl() . '/search?tag=' . urlencode($term) . ']'. $term . '[/url]';
+ $termlink = html_entity_decode('⌗') . '[url=' . System::baseUrl() . '/search?tag=' . $term . ']'. $term . '[/url]';
$arr = [];
@@ -168,7 +168,7 @@ EOT;
$term_objtype,
TERM_HASHTAG,
DBA::escape($term),
- DBA::escape(System::baseUrl() . '/search?tag=' . $term),
+ '',
intval($owner_uid)
);
}
@@ -190,7 +190,7 @@ EOT;
$term_objtype,
TERM_HASHTAG,
DBA::escape($term),
- DBA::escape(System::baseUrl() . '/search?tag=' . $term),
+ '',
intval($owner_uid)
);
}