return;
}
- $replyto = !empty($_REQUEST['replyto']) ? Strings::escapeTags(trim($_REQUEST['replyto'])) : '';
- $subject = !empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '';
- $body = !empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
- $recipient = !empty($_REQUEST['recipient']) ? intval($_REQUEST['recipient']) : 0;
+ $replyto = !empty($_REQUEST['replyto']) ? trim($_REQUEST['replyto']) : '';
+ $subject = !empty($_REQUEST['subject']) ? trim($_REQUEST['subject']) : '';
+ $body = !empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
+ $recipient = !empty($_REQUEST['recipient']) ? intval($_REQUEST['recipient']) : 0;
$ret = Mail::send($recipient, $body, $subject, $replyto);
$norecip = false;
}
if (DI::args()->getArgc() > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) {
- $desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : '';
- $rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : '';
- $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
- $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : '';
- $origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : '';
+ $desc = !empty($_POST['desc']) ? trim($_POST['desc']) : '';
+ $rawtags = !empty($_POST['newtag']) ? trim($_POST['newtag']) : '';
+ $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
+ $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : '';
+ $origaname = !empty($_POST['origaname']) ? trim($_POST['origaname']) : '';
$resource_id = DI::args()->getArgv()[3];
use Friendica\Module\BaseSettings;
use Friendica\Module\Security\Login;
use Friendica\Protocol\Email;
-use Friendica\Util\Strings;
use Friendica\Util\Temporal;
use Friendica\Worker\Delivery;
}
}
- $username = (!empty($_POST['username']) ? Strings::escapeTags(trim($_POST['username'])) : '');
- $email = (!empty($_POST['email']) ? Strings::escapeTags(trim($_POST['email'])) : '');
- $timezone = (!empty($_POST['timezone']) ? Strings::escapeTags(trim($_POST['timezone'])) : '');
- $language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
+ $username = (!empty($_POST['username']) ? trim($_POST['username']) : '');
+ $email = (!empty($_POST['email']) ? trim($_POST['email']) : '');
+ $timezone = (!empty($_POST['timezone']) ? trim($_POST['timezone']) : '');
+ $language = (!empty($_POST['language']) ? trim($_POST['language']) : '');
- $defloc = (!empty($_POST['defloc']) ? Strings::escapeTags(trim($_POST['defloc'])) : '');
- $maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
- $expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
+ $defloc = (!empty($_POST['defloc']) ? trim($_POST['defloc']) : '');
+ $maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
+ $expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
$def_gid = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
return;
}
- $subject = (!empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '');
- $body = (!empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '');
+ $subject = trim($_REQUEST['subject'] ?? '');
+ $body = Strings::escapeHtml(trim($_REQUEST['body'] ?? ''));
- $recipient = ((DI::args()->getArgc() > 1) ? Strings::escapeTags(DI::args()->getArgv()[1]) : '');
+ $recipient = ((DI::args()->getArgc() > 1) ? DI::args()->getArgv()[1] : '');
if ((! $recipient) || (! $body)) {
return;
}
}
// end relocate
- $sitename = (!empty($_POST['sitename']) ? Strings::escapeTags(trim($_POST['sitename'])) : '');
- $sender_email = (!empty($_POST['sender_email']) ? Strings::escapeTags(trim($_POST['sender_email'])) : '');
+ $sitename = (!empty($_POST['sitename']) ? trim($_POST['sitename']) : '');
+ $sender_email = (!empty($_POST['sender_email']) ? trim($_POST['sender_email']) : '');
$banner = (!empty($_POST['banner']) ? trim($_POST['banner']) : false);
$email_banner = (!empty($_POST['email_banner']) ? trim($_POST['email_banner']) : false);
- $shortcut_icon = (!empty($_POST['shortcut_icon']) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : '');
- $touch_icon = (!empty($_POST['touch_icon']) ? Strings::escapeTags(trim($_POST['touch_icon'])) : '');
+ $shortcut_icon = (!empty($_POST['shortcut_icon']) ? trim($_POST['shortcut_icon']) : '');
+ $touch_icon = (!empty($_POST['touch_icon']) ? trim($_POST['touch_icon']) : '');
$additional_info = (!empty($_POST['additional_info']) ? trim($_POST['additional_info']) : '');
- $language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
- $theme = (!empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : '');
- $theme_mobile = (!empty($_POST['theme_mobile']) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : '');
+ $language = (!empty($_POST['language']) ? trim($_POST['language']) : '');
+ $theme = (!empty($_POST['theme']) ? trim($_POST['theme']) : '');
+ $theme_mobile = (!empty($_POST['theme_mobile']) ? trim($_POST['theme_mobile']) : '');
$maximagesize = (!empty($_POST['maximagesize']) ? intval(trim($_POST['maximagesize'])) : 0);
$maximagelength = (!empty($_POST['maximagelength']) ? intval(trim($_POST['maximagelength'])) : -1);
$jpegimagequality = (!empty($_POST['jpegimagequality']) ? intval(trim($_POST['jpegimagequality'])) : 100);
$register_text = (!empty($_POST['register_text']) ? strip_tags(trim($_POST['register_text'])) : '');
- $allowed_sites = (!empty($_POST['allowed_sites']) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : '');
- $allowed_email = (!empty($_POST['allowed_email']) ? Strings::escapeTags(trim($_POST['allowed_email'])) : '');
- $forbidden_nicknames = (!empty($_POST['forbidden_nicknames']) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : '');
- $system_actor_name = (!empty($_POST['system_actor_name']) ? Strings::escapeTags(trim($_POST['system_actor_name'])) : '');
+ $allowed_sites = (!empty($_POST['allowed_sites']) ? trim($_POST['allowed_sites']) : '');
+ $allowed_email = (!empty($_POST['allowed_email']) ? trim($_POST['allowed_email']) : '');
+ $forbidden_nicknames = (!empty($_POST['forbidden_nicknames']) ? strtolower(trim($_POST['forbidden_nicknames'])) : '');
+ $system_actor_name = (!empty($_POST['system_actor_name']) ? trim($_POST['system_actor_name']) : '');
$no_oembed_rich_content = !empty($_POST['no_oembed_rich_content']);
- $allowed_oembed = (!empty($_POST['allowed_oembed']) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : '');
+ $allowed_oembed = (!empty($_POST['allowed_oembed']) ? trim($_POST['allowed_oembed']) : '');
$block_public = !empty($_POST['block_public']);
$force_publish = !empty($_POST['publish_all']);
- $global_directory = (!empty($_POST['directory']) ? Strings::escapeTags(trim($_POST['directory'])) : '');
+ $global_directory = (!empty($_POST['directory']) ? trim($_POST['directory']) : '');
$newuser_private = !empty($_POST['newuser_private']);
$enotify_no_content = !empty($_POST['enotify_no_content']);
$private_addons = !empty($_POST['private_addons']);
$max_author_posts_community_page = (!empty($_POST['max_author_posts_community_page']) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
$verifyssl = !empty($_POST['verifyssl']);
- $proxyuser = (!empty($_POST['proxyuser']) ? Strings::escapeTags(trim($_POST['proxyuser'])) : '');
- $proxy = (!empty($_POST['proxy']) ? Strings::escapeTags(trim($_POST['proxy'])) : '');
+ $proxyuser = (!empty($_POST['proxyuser']) ? trim($_POST['proxyuser']) : '');
+ $proxy = (!empty($_POST['proxy']) ? trim($_POST['proxy']) : '');
$timeout = (!empty($_POST['timeout']) ? intval(trim($_POST['timeout'])) : 60);
$maxloadavg = (!empty($_POST['maxloadavg']) ? intval(trim($_POST['maxloadavg'])) : 20);
$min_memory = (!empty($_POST['min_memory']) ? intval(trim($_POST['min_memory'])) : 0);
$suppress_tags = !empty($_POST['suppress_tags']);
$max_comments = (!empty($_POST['max_comments']) ? intval($_POST['max_comments']) : 0);
$max_display_comments = (!empty($_POST['max_display_comments']) ? intval($_POST['max_display_comments']) : 0);
- $temppath = (!empty($_POST['temppath']) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
- $singleuser = (!empty($_POST['singleuser']) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
+ $temppath = (!empty($_POST['temppath']) ? trim($_POST['temppath']) : '');
+ $singleuser = (!empty($_POST['singleuser']) ? trim($_POST['singleuser']) : '');
$only_tag_search = !empty($_POST['only_tag_search']);
- $check_new_version_url = (!empty($_POST['check_new_version_url']) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
+ $check_new_version_url = (!empty($_POST['check_new_version_url']) ? trim($_POST['check_new_version_url']) : 'none');
$worker_queues = (!empty($_POST['worker_queues']) ? intval($_POST['worker_queues']) : 10);
$worker_fastlane = !empty($_POST['worker_fastlane']);
$relay_directly = !empty($_POST['relay_directly']);
- $relay_scope = (!empty($_POST['relay_scope']) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
- $relay_server_tags = (!empty($_POST['relay_server_tags']) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
- $relay_deny_tags = (!empty($_POST['relay_deny_tags']) ? Strings::escapeTags(trim($_POST['relay_deny_tags'])) : '');
+ $relay_scope = (!empty($_POST['relay_scope']) ? trim($_POST['relay_scope']) : '');
+ $relay_server_tags = (!empty($_POST['relay_server_tags']) ? trim($_POST['relay_server_tags']) : '');
+ $relay_deny_tags = (!empty($_POST['relay_deny_tags']) ? trim($_POST['relay_deny_tags']) : '');
$relay_user_tags = !empty($_POST['relay_user_tags']);
- $active_panel = (!empty($_POST['active_panel']) ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
+ $active_panel = (!empty($_POST['active_panel']) ? "#" . trim($_POST['active_panel']) : '');
// Has the directory url changed? If yes, then resubmit the existing profiles there
if ($global_directory != DI::config()->get('system', 'directory') && ($global_directory != '')) {
$a = DI::app();
- $search = Strings::escapeTags(trim($_GET['search'] ?? ''));
- $nets = Strings::escapeTags(trim($_GET['nets'] ?? ''));
- $rel = Strings::escapeTags(trim($_GET['rel'] ?? ''));
- $group = Strings::escapeTags(trim($_GET['group'] ?? ''));
+ $search = trim($_GET['search'] ?? '');
+ $nets = trim($_GET['nets'] ?? '');
+ $rel = trim($_GET['rel'] ?? '');
+ $group = trim($_GET['group'] ?? '');
$accounttype = $_GET['accounttype'] ?? '';
$accounttypeid = User::getAccountTypeByString($accounttype);
'$submit' => DI::l10n()->t('Submit'),
'$lbl_info1' => $lbl_info1,
'$lbl_info2' => DI::l10n()->t('Their personal note'),
- '$reason' => trim(Strings::escapeTags($contact['reason'])),
+ '$reason' => trim($contact['reason']),
'$infedit' => DI::l10n()->t('Edit contact notes'),
'$common_link' => 'contact/' . $contact['id'] . '/contacts/common',
'$relation_text' => $relation_text,
use Friendica\Model;
use Friendica\Model\Profile;
use Friendica\Network\HTTPException;
-use Friendica\Util\Strings;
/**
* Shows the local directory of this node
Nav::setSelected('directory');
- $search = (!empty($_REQUEST['search']) ?
- Strings::escapeTags(trim(rawurldecode($_REQUEST['search']))) :
- '');
+ $search = trim(rawurldecode($_REQUEST['search'] ?? ''));
$gDirPath = '';
$dirURL = $config->get('system', 'directory');
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model;
-use Friendica\Util\Strings;
require_once 'boot.php';
if ((DI::args()->getArgc() == 2) && (DI::args()->getArgv()[1] === 'new')) {
BaseModule::checkFormSecurityTokenRedirectOnError('/group/new', 'group_edit');
- $name = Strings::escapeTags(trim($_POST['groupname']));
+ $name = trim($_POST['groupname']);
$r = Model\Group::create(local_user(), $name);
if ($r) {
$r = Model\Group::getIdByName(local_user(), $name);
notice(DI::l10n()->t('Group not found.'));
DI::baseUrl()->redirect('contact');
}
- $groupname = Strings::escapeTags(trim($_POST['groupname']));
+ $groupname = trim($_POST['groupname']);
if (strlen($groupname) && ($groupname != $group['name'])) {
if (!Model\Group::update($group['id'], $groupname)) {
notice(DI::l10n()->t('Group name was not changed.'));
use Friendica\Content\Text\Markdown;
use Friendica\DI;
use Friendica\Network\HTTPException;
-use Friendica\Util\Strings;
/**
* Shows the friendica help based on the /doc/ directory
$title = basename($path);
$filename = $path;
$text = self::loadDocFile('doc/' . $path . '.md', $lang);
- DI::page()['title'] = DI::l10n()->t('Help:') . ' ' . str_replace('-', ' ', Strings::escapeTags($title));
+ DI::page()['title'] = DI::l10n()->t('Help:') . ' ' . str_replace('-', ' ', $title);
}
$home = self::loadDocFile('doc/Home.md', $lang);
use Friendica\DI;
use Friendica\Network\HTTPException;
use Friendica\Util\BasePath;
-use Friendica\Util\Strings;
use Friendica\Util\Temporal;
class Install extends BaseModule
private static function checkSetting(Cache $configCache, array $post, $cat, $key, $default = null)
{
$configCache->set($cat, $key,
- Strings::escapeTags(
- trim(($post[sprintf('%s-%s', $cat, $key)] ?? '') ?:
- ($default ?? $configCache->get($cat, $key))
- )
+ trim(($post[sprintf('%s-%s', $cat, $key)] ?? '') ?:
+ ($default ?? $configCache->get($cat, $key))
)
);
}
use Friendica\Model\Contact;
use Friendica\Model\Post;
use Friendica\Network\HTTPException;
-use Friendica\Util\Strings;
/**
* ACL selector json backend
private static function globalContactSearch()
{
// autocomplete for global contact search (e.g. navbar search)
- $search = Strings::escapeTags(trim($_REQUEST['search']));
+ $search = trim($_REQUEST['search']);
$mode = $_REQUEST['smode'];
$page = $_REQUEST['page'] ?? 1;
use Friendica\Core\Session;
use Friendica\DI;
use Friendica\Module\Register;
-use Friendica\Util\Strings;
/**
* Login module
if (is_array($attr) && count($attr)) {
foreach ($attr as $k => $v) {
if ($k === 'namePerson/friendly') {
- $nick = Strings::escapeTags(trim($v));
+ $nick = trim($v);
}
if ($k === 'namePerson/first') {
- $first = Strings::escapeTags(trim($v));
+ $first = trim($v);
}
if ($k === 'namePerson') {
- $args['username'] = Strings::escapeTags(trim($v));
+ $args['username'] = trim($v);
}
if ($k === 'contact/email') {
- $args['email'] = Strings::escapeTags(trim($v));
+ $args['email'] = trim($v);
}
if ($k === 'media/image/aspect11') {
$photosq = bin2hex(trim($v));
$args['photo'] = $photo;
}
- $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
+ $args['openid_url'] = trim(Session::get('openid_identity'));
return 'register?' . http_build_query($args);
}
use Friendica\Model\User;
use Friendica\Module\BaseSettings;
use Friendica\Network\HTTPException;
-use Friendica\Util\Strings;
/**
* Module to update user settings
$user = User::getById(local_user());
- $theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : $user['theme'];
- $mobile_theme = !empty($_POST['mobile_theme']) ? Strings::escapeTags(trim($_POST['mobile_theme'])) : '';
- $enable_smile = !empty($_POST['enable_smile']) ? intval($_POST['enable_smile']) : 0;
+ $theme = !empty($_POST['theme']) ? trim($_POST['theme']) : $user['theme'];
+ $mobile_theme = !empty($_POST['mobile_theme']) ? trim($_POST['mobile_theme']) : '';
+ $enable_smile = !empty($_POST['enable_smile']) ? intval($_POST['enable_smile']) : 0;
$first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0;
$infinite_scroll = !empty($_POST['infinite_scroll']) ? intval($_POST['infinite_scroll']) : 0;
$no_auto_update = !empty($_POST['no_auto_update']) ? intval($_POST['no_auto_update']) : 0;
use Friendica\Module\Security\Login;
use Friendica\Network\HTTPException;
use Friendica\Util\DateTimeFormat;
-use Friendica\Util\Strings;
use Friendica\Util\Temporal;
class Index extends BaseSettings
}
}
- $name = Strings::escapeTags(trim($_POST['name'] ?? ''));
+ $name = trim($_POST['name'] ?? '');
if (!strlen($name)) {
notice(DI::l10n()->t('Profile Name is required.'));
return;
}
- $about = Strings::escapeTags(trim($_POST['about']));
- $address = Strings::escapeTags(trim($_POST['address']));
- $locality = Strings::escapeTags(trim($_POST['locality']));
- $region = Strings::escapeTags(trim($_POST['region']));
- $postal_code = Strings::escapeTags(trim($_POST['postal_code']));
- $country_name = Strings::escapeTags(trim($_POST['country_name']));
- $pub_keywords = self::cleanKeywords(Strings::escapeTags(trim($_POST['pub_keywords'])));
- $prv_keywords = self::cleanKeywords(Strings::escapeTags(trim($_POST['prv_keywords'])));
- $xmpp = Strings::escapeTags(trim($_POST['xmpp']));
- $matrix = Strings::escapeTags(trim($_POST['matrix']));
- $homepage = Strings::escapeTags(trim($_POST['homepage']));
+ $about = trim($_POST['about']);
+ $address = trim($_POST['address']);
+ $locality = trim($_POST['locality']);
+ $region = trim($_POST['region']);
+ $postal_code = trim($_POST['postal_code']);
+ $country_name = trim($_POST['country_name']);
+ $pub_keywords = self::cleanKeywords(trim($_POST['pub_keywords']));
+ $prv_keywords = self::cleanKeywords(trim($_POST['prv_keywords']));
+ $xmpp = trim($_POST['xmpp']);
+ $matrix = trim($_POST['matrix']);
+ $homepage = trim($_POST['homepage']);
if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) {
// neither http nor https in URL, add them
$homepage = 'http://' . $homepage;
<div id="photo-photo-end"></div>
{{* The photo description *}}
- <div id="photo-caption">{{$desc nofilter}}</div>
+ <div id="photo-caption">{{$desc}}</div>
{{* Tags and mentions *}}
{{if $tags}}
<div id="photo-photo"><a href="{{$photo.href}}" title="{{$photo.title}}"><img src="{{$photo.src}}" /></a></div>
{{if $prevlink}}<div id="photo-prev-link"><a href="{{$prevlink.0}}">{{$prevlink.1 nofilter}}</a></div>{{/if}}
{{if $nextlink}}<div id="photo-next-link"><a href="{{$nextlink.0}}">{{$nextlink.1 nofilter}}</a></div>{{/if}}
-<div id="photo-caption">{{$desc nofilter}}</div>
+<div id="photo-caption">{{$desc}}</div>
{{if $tags}}
<div id="in-this-photo-text">{{$tags.0}}</div>
<div id="in-this-photo">{{$tags.1}}</div>
<div id="photo-photo"><a href="{{$photo.href}}" title="{{$photo.title}}"><img src="{{$photo.src}}" /></a></div>
{{if $nextlink}}<div id="photo-next-link"><a href="{{$nextlink.0}}">{{$nextlink.1 nofilter}}</a></div>{{/if}}
<div id="photo-photo-end"></div>
-<div id="photo-caption">{{$desc nofilter}}</div>
+<div id="photo-caption">{{$desc}}</div>
{{if $tags}}
<div id="in-this-photo-text">{{$tags.0}}</div>
<div id="in-this-photo">{{$tags.1}}</div>
projects / friendica.git / commitdiff