} elseif (($a->argc > 1) && ($a->argv[1] == 'home')) {
$notif_header = L10n::t('Home Notifications');
$notifs = $nm->homeNotifs($show, $startrec, $perpage);
+ // fallback - redirect to main page
+ } else {
+ $a->internalRedirect('notifications');
}
// Set the pager
*
* @see ParseUrl::getSiteinfo() for more information about scraping embeddable content
*/
+
use Friendica\App;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\System;
use Friendica\Util\Network;
use Friendica\Util\ParseUrl;
+use Friendica\Util\Strings;
function parse_url_content(App $a)
{
$br = "\n";
- if (!empty($_GET['binurl'])) {
+ if (!empty($_GET['binurl']) && Strings::isHex($_GET['binurl'])) {
$url = trim(hex2bin($_GET['binurl']));
- } else {
+ } elseif (!empty($_GET['url'])) {
$url = trim($_GET['url']);
+ // fallback in case no url is valid
+ } else {
+ Logger::info('No url given');
+ exit();
}
if (!empty($_GET['title'])) {
}
if ($a->argc > 3 && $a->argv[2] === 'album') {
+ if (!Strings::isHex($a->argv[3])) {
+ $a->internalRedirect('photos/' . $a->data['user']['nickname'] . '/album');
+ }
$album = hex2bin($a->argv[3]);
if ($album === L10n::t('Profile Photos') || $album === 'Contact Photos' || $album === L10n::t('Contact Photos')) {
return;
}
- $selname = $datum ? hex2bin($datum) : '';
+ $selname = Strings::isHex($datum) ? hex2bin($datum) : '';
$albumselect = '';
// Display a single photo album
if ($datatype === 'album') {
+ // if $datum is not a valid hex, redirect to the default page
+ if (!Strings::isHex($datum)) {
+ $a->internalRedirect('photos/' . $a->data['user']['nickname']. '/album');
+ }
$album = hex2bin($datum);
$total = 0;
'$title' => $title_e,
'$body' => $body_e,
'$ago' => Temporal::getRelativeDate($item['created']),
- '$indent' => (($item['parent'] != $item['item_id']) ? ' comment' : ''),
+ '$indent' => (($item['parent'] != $item['id']) ? ' comment' : ''),
'$drop' => $drop,
'$comment' => $comment
]);
$comments .= Renderer::replaceMacros($cmnt_tpl, [
'$return_path' => '',
'$jsreload' => $return_path,
- '$id' => $item['item_id'],
+ '$id' => $item['id'],
'$parent' => $item['parent'],
'$profile_uid' => $owner_uid,
'$mylink' => $contact['url'],
use Friendica\App;
use Friendica\Core\L10n;
use Friendica\Core\Logger;
+use Friendica\Core\Session;
use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Model\Profile;
-use Friendica\Util\Strings;
use Friendica\Util\Network;
+use Friendica\Util\Strings;
function redir_init(App $a) {
&& is_array($_SESSION['remote']))
{
foreach ($_SESSION['remote'] as $v) {
- if ($v['uid'] == $_SESSION['visitor_visiting'] && $v['cid'] == $_SESSION['visitor_id']) {
+ if (!empty($v['uid']) && !empty($v['cid']) &&
+ $v['uid'] == Session::get('visitor_visiting') &&
+ $v['cid'] == Session::get('visitor_id')) {
// Remote user is already authenticated.
$target_url = defaults($url, $contact_url);
Logger::log($contact['name'] . " is already authenticated. Redirecting to " . $target_url, Logger::DEBUG);
use Friendica\Content\Text\HTML;
use Friendica\Core\Config;
use Friendica\Core\Hook;
+use Friendica\Core\L10n;
use Friendica\Core\Lock;
use Friendica\Core\Logger;
-use Friendica\Core\L10n;
use Friendica\Core\PConfig;
use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
use Friendica\Protocol\OStatus;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Map;
-use Friendica\Util\XML;
+use Friendica\Util\Network;
use Friendica\Util\Security;
use Friendica\Util\Strings;
-use Friendica\Util\Network;
+use Friendica\Util\XML;
use Text_LanguageDetect;
class Item extends BaseObject
'unseen', 'deleted', 'origin', 'forum_mode', 'mention', 'global', 'network',
'title', 'content-warning', 'body', 'location', 'coord', 'app',
'rendered-hash', 'rendered-html', 'object-type', 'object', 'target-type', 'target',
- 'author-id', 'author-link', 'author-name', 'author-avatar',
+ 'author-id', 'author-link', 'author-name', 'author-avatar', 'author-network',
'owner-id', 'owner-link', 'owner-name', 'owner-avatar'];
// Never reorder or remove entries from this list. Just add new ones at the end, if needed.
unset($item['author-link']);
unset($item['author-name']);
unset($item['author-avatar']);
+ unset($item['author-network']);
unset($item['owner-link']);
unset($item['owner-name']);
$part = array_pop($parts);
} while (!empty($parts) && ((strlen($part) >= 40) || (strlen($part) <= 3)));
// only take the x.x.x part of the version, not the "release" after the dash
- $part = array_shift(explode('-', $part));
+ if (!empty($part) && strpos($part, '-')) {
+ $part = array_shift(explode('-', $part));
+ }
if (!empty($part)) {
if (empty($compacted[$part])) {
$compacted[$part] = $versionCounts[$key]['total'];
return $return;
}
+ /**
+ * Checks, if the given string is a valid hexadecimal code
+ *
+ * @param string $hexCode
+ *
+ * @return bool
+ */
+ public static function isHex($hexCode)
+ {
+ return !empty($hexCode) ? @preg_match("/^[a-f0-9]{2,}$/i", $hexCode) && !(strlen($hexCode) & 1) : false;
+ }
+
/**
* @brief This is our primary input filter.
*
$escapedString
);
}
+
+ public function dataIsHex()
+ {
+ return [
+ 'validHex' => [
+ 'input' => '90913473615bf00c122ac78338492980',
+ 'valid' => true,
+ ],
+ 'invalidHex' => [
+ 'input' => '90913473615bf00c122ac7833849293',
+ 'valid' => false,
+ ],
+ 'emptyHex' => [
+ 'input' => '',
+ 'valid' => false,
+ ],
+ 'nullHex' => [
+ 'input' => null,
+ 'valid' => false,
+ ],
+ ];
+ }
+
+ /**
+ * Tests if the string is a valid hexadecimal value
+ *
+ * @param string $input
+ * @param bool $valid
+ *
+ * @dataProvider dataIsHex
+ */
+ public function testIsHex($input, $valid)
+ {
+ $this->assertEquals($valid, Strings::isHex($input));
+ }
}