]> git.mxchange.org Git - quix0rs-gnu-social.git/commitdiff
Twitter-compatible API - properly encode and decode UTF-8 HTML entities
authorzach <zach@controlyourself.ca>
Mon, 3 Nov 2008 21:16:53 +0000 (16:16 -0500)
committerzach <zach@controlyourself.ca>
Mon, 3 Nov 2008 21:16:53 +0000 (16:16 -0500)
darcs-hash:20081103211653-462f3-58a0ad41ab0426c21aceb04b4a91dc52559018d0.gz

actions/twitapistatuses.php
lib/util.php

index 68d6bb622477970855c29746b47ad808104ec916..539a0b1b3b408f2cdfddbae9942216eee1719a19 100644 (file)
@@ -193,10 +193,10 @@ class TwitapistatusesAction extends TwitterapiAction {
 
                # FriendFeed's SUP protocol
                # Also added RSS and Atom feeds
-               
+
                $suplink = common_local_url('sup', NULL, $user->id);
                header('X-SUP-ID: '.$suplink);
-               
+
                # XXX: since
 
                $notice = $user->getNotices((($page-1)*20), $count, $since_id, $before_id);
@@ -234,10 +234,6 @@ class TwitapistatusesAction extends TwitterapiAction {
                        return;
                }
 
-               foreach ($_POST as $p => $v) {
-                       common_debug("_POST: $p = $v");
-               }
-
                $this->auth_user = $apidata['user'];
                $user = $this->auth_user;
                $status = $this->trimmed('status');
@@ -298,7 +294,8 @@ class TwitapistatusesAction extends TwitterapiAction {
                                }
                        }
 
-                       $notice = Notice::saveNew($user->id, $status, $source, 1, $reply_to);
+                       $notice = Notice::saveNew($user->id, html_entity_decode($status, ENT_NOQUOTES, 'UTF-8'),
+                               $source, 1, $reply_to);
 
                        if (is_string($notice)) {
                                $this->server_error($notice);
index 44c75156c71252b3053644d2a0f5836b47c3db6d..88841d3f6aa69f2210a87ac1f210ae46f8839e64 100644 (file)
@@ -708,7 +708,7 @@ function common_render_content($text, $notice) {
 }
 
 function common_render_text($text) {
-       $r = htmlspecialchars($text);
+       $r = htmlentities($text, ENT_NOQUOTES, 'UTF-8');
 
        $r = preg_replace('/[\x{0}-\x{8}\x{b}-\x{c}\x{e}-\x{19}]/', '', $r);
        $r = preg_replace_callback('@https?://[^\]>\s]+@', 'common_render_uri_thingy', $r);