Escape user names in notifications

author Hypolite Petovan <hypolite@mrpetovan.com>

Mon, 16 Nov 2020 23:17:24 +0000 (18:17 -0500)

committer Hypolite Petovan <hypolite@mrpetovan.com>

Mon, 16 Nov 2020 23:20:23 +0000 (18:20 -0500)
author Hypolite Petovan <hypolite@mrpetovan.com>
Mon, 16 Nov 2020 23:17:24 +0000 (18:17 -0500)
committer Hypolite Petovan <hypolite@mrpetovan.com>
Mon, 16 Nov 2020 23:20:23 +0000 (18:20 -0500)
diff --git a/mod/ping.php b/mod/ping.php

index 8e00ae31f177235a7e3be2be73747c881f9b3bab..1634ed725d1984fc786e8262336d8c01d3e621c1 100644 (file)
--- a/mod/ping.php
+++ b/mod/ping.php
@@ -133,7 +133,7 @@ function ping_init(App $a)
                         exit();
                 }
  
-               $notifs = ping_get_notifications(local_user());
+               $notifications = ping_get_notifications(local_user());
  
                 $condition = ["`unseen` AND `uid` = ? AND NOT `origin` AND (`vid` != ? OR `vid` IS NULL)",
                         local_user(), Verb::getID(Activity::FOLLOW)];
@@ -263,8 +263,8 @@ function ping_init(App $a)
                 $data['birthdays']        = $birthdays;
                 $data['birthdays-today']  = $birthdays_today;
  
-               if (DBA::isResult($notifs)) {
-                       foreach ($notifs as $notif) {
+               if (DBA::isResult($notifications)) {
+                       foreach ($notifications as $notif) {
                                 if ($notif['seen'] == 0) {
                                         $sysnotify_count ++;
                                 }
@@ -277,14 +277,14 @@ function ping_init(App $a)
                                 $notif = [
                                         'id'      => 0,
                                         'href'    => DI::baseUrl() . '/notifications/intros/' . $intro['id'],
-                                       'name'    => $intro['name'],
+                                       'name'    => BBCode::convert($intro['name']),
                                         'url'     => $intro['url'],
                                         'photo'   => $intro['photo'],
                                         'date'    => $intro['datetime'],
                                         'seen'    => false,
                                         'message' => DI::l10n()->t('{0} wants to be your friend'),
                                 ];
-                               $notifs[] = $notif;
+                               $notifications[] = $notif;
                         }
                 }
  
@@ -314,7 +314,7 @@ function ping_init(App $a)
                                         'seen'    => false,
                                         'message' => DI::l10n()->t('{0} and %d others requested registration', count($regs) - 1),
                                 ];
-                               $notifs[] = $notif;
+                               $notifications[] = $notif;
                         }
                 }
  
@@ -337,28 +337,16 @@ function ping_init(App $a)
                         }
                         return ($adate < $bdate) ? 1 : -1;
                 };
-               usort($notifs, $sort_function);
-
-               if (DBA::isResult($notifs)) {
-                       foreach ($notifs as $notif) {
-                               $contact = Contact::getByURL($notif['url'], false, ['micro', 'id', 'avatar']);
-                               $notif['photo'] = Contact::getMicro($contact, $notif['photo']);
-
-                               $local_time = DateTimeFormat::local($notif['date']);
-
-                               $notifications[] = [
-                                       'id'        => $notif['id'],
-                                       'href'      => $notif['href'],
-                                       'name'      => $notif['name'],
-                                       'url'       => $notif['url'],
-                                       'photo'     => $notif['photo'],
-                                       'date'      => Temporal::getRelativeDate($notif['date']),
-                                       'message'   => $notif['message'],
-                                       'seen'      => $notif['seen'],
-                                       'timestamp' => strtotime($local_time)
-                               ];
+               usort($notifications, $sort_function);
+
+               array_walk($notifications, function (&$notification) {
+                       if (empty($notification['photo'])) {
+                               $contact = Contact::getByURL($notification['url'], false, ['micro', 'id', 'avatar']);
+                               $notification['photo'] = Contact::getMicro($contact, $notif['photo']);
                         }
-               }
+
+                       $notification['timestamp'] = DateTimeFormat::local($notification['date']);
+               });
         }
  
         $sysmsgs = [];
author	Hypolite Petovan <hypolite@mrpetovan.com>
	Mon, 16 Nov 2020 23:17:24 +0000 (18:17 -0500)
committer	Hypolite Petovan <hypolite@mrpetovan.com>
	Mon, 16 Nov 2020 23:20:23 +0000 (18:20 -0500)