X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Funfollow.php;h=a66c88aefd2d9dcfe993c4d81cef222f11efcbd7;hb=51210af22157327376954721bfdca7161b66a7be;hp=372364810ea859f6a7e5be0279443bfa98bff8c5;hpb=8821d33f73785884cfce83e7b23d3ef19cc1bc11;p=friendica.git diff --git a/mod/unfollow.php b/mod/unfollow.php index 372364810e..a66c88aefd 100644 --- a/mod/unfollow.php +++ b/mod/unfollow.php @@ -12,10 +12,11 @@ use Friendica\Database\DBA; use Friendica\Model\Contact; use Friendica\Model\Profile; use Friendica\Model\User; +use Friendica\Util\Strings; function unfollow_post(App $a) { - $return_path = 'contacts'; + $base_return_path = 'contact'; if (!local_user()) { notice(L10n::t('Permission denied.')); @@ -24,26 +25,26 @@ function unfollow_post(App $a) } $uid = local_user(); - $url = notags(trim(defaults($_REQUEST, 'url', ''))); + $url = Strings::escapeTags(trim(defaults($_REQUEST, 'url', ''))); $condition = ["`uid` = ? AND (`rel` = ? OR `rel` = ?) AND (`nurl` = ? OR `alias` = ? OR `alias` = ?)", - $uid, Contact::SHARING, Contact::FRIEND, normalise_link($url), - normalise_link($url), $url]; + $uid, Contact::SHARING, Contact::FRIEND, Strings::normaliseLink($url), + Strings::normaliseLink($url), $url]; $contact = DBA::selectFirst('contact', [], $condition); if (!DBA::isResult($contact)) { notice(L10n::t("You aren't following this contact.")); - $a->internalRedirect($return_path); + $a->internalRedirect($base_return_path); // NOTREACHED } if (!empty($_REQUEST['cancel'])) { - $a->internalRedirect($return_path . '/' . $contact['id']); + $a->internalRedirect($base_return_path . '/' . $contact['id']); } if (!in_array($contact['network'], Protocol::NATIVE_SUPPORT)) { notice(L10n::t('Unfollowing is currently not supported by your network.')); - $a->internalRedirect($return_path . '/' . $contact['id']); + $a->internalRedirect($base_return_path . '/' . $contact['id']); // NOTREACHED } @@ -57,10 +58,10 @@ function unfollow_post(App $a) // Sharing-only contacts get deleted as there no relationship any more if ($dissolve) { Contact::remove($contact['id']); - $return_path = 'contacts'; + $return_path = $base_return_path; } else { DBA::update('contact', ['rel' => Contact::FOLLOWER], ['id' => $contact['id']]); - $return_path = 'contact/' . $contact['id']; + $return_path = $base_return_path . '/' . $contact['id']; } info(L10n::t('Contact unfollowed')); @@ -70,7 +71,7 @@ function unfollow_post(App $a) function unfollow_content(App $a) { - $return_path = 'contacts'; + $base_return_path = 'contact'; if (!local_user()) { notice(L10n::t('Permission denied.')); @@ -79,23 +80,23 @@ function unfollow_content(App $a) } $uid = local_user(); - $url = notags(trim($_REQUEST['url'])); + $url = Strings::escapeTags(trim($_REQUEST['url'])); $condition = ["`uid` = ? AND (`rel` = ? OR `rel` = ?) AND (`nurl` = ? OR `alias` = ? OR `alias` = ?)", - local_user(), Contact::SHARING, Contact::FRIEND, normalise_link($url), - normalise_link($url), $url]; + local_user(), Contact::SHARING, Contact::FRIEND, Strings::normaliseLink($url), + Strings::normaliseLink($url), $url]; $contact = DBA::selectFirst('contact', ['url', 'network', 'addr', 'name'], $condition); if (!DBA::isResult($contact)) { notice(L10n::t("You aren't following this contact.")); - $a->internalRedirect($return_path); + $a->internalRedirect($base_return_path); // NOTREACHED } if (!in_array($contact['network'], Protocol::NATIVE_SUPPORT)) { notice(L10n::t('Unfollowing is currently not supported by your network.')); - $a->internalRedirect('contact/' . $contact['id']); + $a->internalRedirect($base_return_path . '/' . $contact['id']); // NOTREACHED } @@ -106,17 +107,15 @@ function unfollow_content(App $a) if (!DBA::isResult($self)) { notice(L10n::t('Permission denied.')); - $a->internalRedirect($return_path); + $a->internalRedirect($base_return_path); // NOTREACHED } // Makes the connection request for friendica contacts easier $_SESSION['fastlane'] = $contact['url']; - $header = L10n::t('Disconnect/Unfollow'); - $o = Renderer::replaceMacros($tpl, [ - '$header' => htmlentities($header), + '$header' => L10n::t('Disconnect/Unfollow'), '$desc' => '', '$pls_answer' => '', '$does_know_you' => '',