X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Ftagger.php;h=f8979ae6cac05f102f7be5cc4423675b1b25fbf5;hb=5a802bc474abca945240f6a9a2730213e88b30af;hp=0c515f9c8bbe1bdfd38937c2007118625f0945e4;hpb=5af9596dde162b1b9819869e3d5129f571a1c503;p=friendica.git
diff --git a/mod/tagger.php b/mod/tagger.php
index 0c515f9c8b..f8979ae6ca 100644
--- a/mod/tagger.php
+++ b/mod/tagger.php
@@ -5,12 +5,14 @@
use Friendica\App;
use Friendica\Core\Addon;
use Friendica\Core\L10n;
+use Friendica\Core\Logger;
use Friendica\Core\System;
use Friendica\Core\Worker;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
use Friendica\Model\Item;
+use Friendica\Util\Strings;
+use Friendica\Util\XML;
-require_once 'include/security.php';
require_once 'include/items.php';
function tagger_content(App $a) {
@@ -19,7 +21,7 @@ function tagger_content(App $a) {
return;
}
- $term = notags(trim($_GET['term']));
+ $term = Strings::escapeTags(trim($_GET['term']));
// no commas allowed
$term = str_replace([',',' '],['','_'],$term);
@@ -27,15 +29,15 @@ function tagger_content(App $a) {
return;
}
- $item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
+ $item_id = (($a->argc > 1) ? Strings::escapeTags(trim($a->argv[1])) : 0);
- logger('tagger: tag ' . $term . ' item ' . $item_id);
+ Logger::log('tagger: tag ' . $term . ' item ' . $item_id);
$item = Item::selectFirst([], ['id' => $item_id]);
- if (!$item_id || !DBM::is_result($item)) {
- logger('tagger: no item ' . $item_id);
+ if (!$item_id || !DBA::isResult($item)) {
+ Logger::log('tagger: no item ' . $item_id);
return;
}
@@ -46,7 +48,7 @@ function tagger_content(App $a) {
$r = q("select `nickname`,`blocktags` from user where uid = %d limit 1",
intval($owner_uid)
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
$owner_nick = $r[0]['nickname'];
$blocktags = $r[0]['blocktags'];
}
@@ -58,15 +60,15 @@ function tagger_content(App $a) {
$r = q("select * from contact where self = 1 and uid = %d limit 1",
intval(local_user())
);
- if (DBM::is_result($r)) {
+ if (DBA::isResult($r)) {
$contact = $r[0];
} else {
- logger('tagger: no contact_id');
+ Logger::log('tagger: no contact_id');
return;
}
$uri = Item::newURI($owner_uid);
- $xterm = xmlify($term);
+ $xterm = XML::escape($term);
$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
$targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
@@ -76,9 +78,9 @@ function tagger_content(App $a) {
$href = System::baseUrl() . '/display/' . $item['guid'];
}
- $link = xmlify('' . "\n") ;
+ $link = XML::escape('' . "\n");
- $body = xmlify($item['body']);
+ $body = XML::escape($item['body']);
$target = <<< EOT
@@ -91,7 +93,7 @@ function tagger_content(App $a) {
EOT;
- $tagid = System::baseUrl() . '/search?tag=' . $term;
+ $tagid = System::baseUrl() . '/search?tag=' . $xterm;
$objtype = ACTIVITY_OBJ_TAGTERM;
$obj = <<< EOT
@@ -111,11 +113,11 @@ EOT;
return;
}
- $termlink = html_entity_decode('⌗') . '[url=' . System::baseUrl() . '/search?tag=' . urlencode($term) . ']'. $term . '[/url]';
+ $termlink = html_entity_decode('⌗') . '[url=' . System::baseUrl() . '/search?tag=' . $term . ']'. $term . '[/url]';
$arr = [];
- $arr['guid'] = System::createGUID(32);
+ $arr['guid'] = System::createUUID();
$arr['uri'] = $uri;
$arr['uid'] = $owner_uid;
$arr['contact-id'] = $contact['id'];
@@ -159,7 +161,7 @@ EOT;
$t = q("SELECT count(tid) as tcount FROM term WHERE oid=%d AND term='%s'",
intval($item['id']),
- dbesc($term)
+ DBA::escape($term)
);
if (!$blocktags && $t[0]['tcount'] == 0) {
@@ -167,30 +169,30 @@ EOT;
intval($item['id']),
$term_objtype,
TERM_HASHTAG,
- dbesc($term),
- dbesc(System::baseUrl() . '/search?tag=' . $term),
+ DBA::escape($term),
+ '',
intval($owner_uid)
);
}
// if the original post is on this site, update it.
$original_item = Item::selectFirst(['tag', 'id', 'uid'], ['origin' => true, 'uri' => $item['uri']]);
- if (DBM::is_result($original_item)) {
+ if (DBA::isResult($original_item)) {
$x = q("SELECT `blocktags` FROM `user` WHERE `uid`=%d LIMIT 1",
intval($original_item['uid'])
);
$t = q("SELECT COUNT(`tid`) AS `tcount` FROM `term` WHERE `oid`=%d AND `term`='%s'",
intval($original_item['id']),
- dbesc($term)
+ DBA::escape($term)
);
- if (DBM::is_result($x) && !$x[0]['blocktags'] && $t[0]['tcount'] == 0){
+ if (DBA::isResult($x) && !$x[0]['blocktags'] && $t[0]['tcount'] == 0){
q("INSERT INTO term (`oid`, `otype`, `type`, `term`, `url`, `uid`) VALUE (%d, %d, %d, '%s', '%s', %d)",
intval($original_item['id']),
$term_objtype,
TERM_HASHTAG,
- dbesc($term),
- dbesc(System::baseUrl() . '/search?tag=' . $term),
+ DBA::escape($term),
+ '',
intval($owner_uid)
);
}