X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Ftagger.php;h=78133a9e1823a30498262e811269eee948c910e0;hb=892a395eb79c0ec8ea6e44bebb5a3c6e3a373f4f;hp=edfcd7bd13e45a910ef13c51aa3a8a07adad6df8;hpb=2f28c2ebbfd8f66093d7081d40b1d48f65fcff20;p=friendica.git

diff --git a/mod/tagger.php b/mod/tagger.php
index edfcd7bd13..78133a9e18 100644
--- a/mod/tagger.php
+++ b/mod/tagger.php
@@ -10,8 +10,8 @@ use Friendica\Core\System;
 use Friendica\Core\Worker;
 use Friendica\Database\DBA;
 use Friendica\Model\Item;
-
-require_once 'include/items.php';
+use Friendica\Util\Strings;
+use Friendica\Util\XML;
 
 function tagger_content(App $a) {
 
@@ -19,7 +19,7 @@ function tagger_content(App $a) {
 		return;
 	}
 
-	$term = notags(trim($_GET['term']));
+	$term = Strings::escapeTags(trim($_GET['term']));
 	// no commas allowed
 	$term = str_replace([',',' '],['','_'],$term);
 
@@ -27,7 +27,7 @@ function tagger_content(App $a) {
 		return;
 	}
 
-	$item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
+	$item_id = (($a->argc > 1) ? Strings::escapeTags(trim($a->argv[1])) : 0);
 
 	Logger::log('tagger: tag ' . $term . ' item ' . $item_id);
 
@@ -66,7 +66,7 @@ function tagger_content(App $a) {
 	}
 
 	$uri = Item::newURI($owner_uid);
-	$xterm = xmlify($term);
+	$xterm = XML::escape($term);
 	$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
 	$targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
 
@@ -76,9 +76,9 @@ function tagger_content(App $a) {
 		$href = System::baseUrl() . '/display/' . $item['guid'];
 	}
 
-	$link = xmlify('<link rel="alternate" type="text/html" href="'. $href . '" />' . "\n") ;
+	$link = XML::escape('<link rel="alternate" type="text/html" href="'. $href . '" />' . "\n");
 
-	$body = xmlify($item['body']);
+	$body = XML::escape($item['body']);
 
 	$target = <<< EOT
 	<target>
@@ -91,7 +91,7 @@ function tagger_content(App $a) {
 	</target>
 EOT;
 
-	$tagid = System::baseUrl() . '/search?tag=' . $term;
+	$tagid = System::baseUrl() . '/search?tag=' . $xterm;
 	$objtype = ACTIVITY_OBJ_TAGTERM;
 
 	$obj = <<< EOT
@@ -111,7 +111,7 @@ EOT;
 		return;
 	}
 
-	$termlink = html_entity_decode('&#x2317;') . '[url=' . System::baseUrl() . '/search?tag=' . urlencode($term) . ']'. $term . '[/url]';
+	$termlink = html_entity_decode('&#x2317;') . '[url=' . System::baseUrl() . '/search?tag=' . $term . ']'. $term . '[/url]';
 
 	$arr = [];
 
@@ -168,7 +168,7 @@ EOT;
 		   $term_objtype,
 		   TERM_HASHTAG,
 		   DBA::escape($term),
-		   DBA::escape(System::baseUrl() . '/search?tag=' . $term),
+		   '',
 		   intval($owner_uid)
 		);
 	}
@@ -190,7 +190,7 @@ EOT;
 				$term_objtype,
 				TERM_HASHTAG,
 				DBA::escape($term),
-				DBA::escape(System::baseUrl() . '/search?tag=' . $term),
+				'',
 				intval($owner_uid)
 			);
 		}