common_to_alphanumeric added, filtering Notice->source in classic layout

author Mikael Nordfeldth <mmn@hethane.se>

Thu, 1 Sep 2016 22:08:17 +0000 (00:08 +0200)

committer Mikael Nordfeldth <mmn@hethane.se>

Thu, 1 Sep 2016 22:08:17 +0000 (00:08 +0200)
author Mikael Nordfeldth <mmn@hethane.se>
Thu, 1 Sep 2016 22:08:17 +0000 (00:08 +0200)
committer Mikael Nordfeldth <mmn@hethane.se>
Thu, 1 Sep 2016 22:08:17 +0000 (00:08 +0200)
diff --git a/lib/activityhandlerplugin.php b/lib/activityhandlerplugin.php

index c06f723a3686f2ca3546bdbdb50e47429c7b4f72..9ebcd8a218a05b80fe55c09ec4ab38582f2570ab 100644 (file)
--- a/lib/activityhandlerplugin.php
+++ b/lib/activityhandlerplugin.php
@@ -556,6 +556,11 @@ abstract class ActivityHandlerPlugin extends Plugin
          if ($nli->notice->scope != 0 && $nli->notice->scope != 1) {
              $class .= ' limited-scope';
          }
+        try {
+            $class .= ' notice-source-'.common_to_alphanumeric($this->notice->source);
+        } catch (Exception $e) {
+            // either source or what we filtered out was a zero-length string
+        }
          $nli->out->elementStart('li', array('class' => $class,
                                              'id' => 'notice-' . $id));
      }
diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php

index 5c7efa581494edaaf1efe32b807a8a1c54bb882e..1a629cf37289bb9b0047eb7d21cc3678b55c7134 100644 (file)
--- a/lib/noticelistitem.php
+++ b/lib/noticelistitem.php
@@ -229,8 +229,10 @@ class NoticeListItem extends Widget
              if ($this->notice->scope != 0 && $this->notice->scope != 1) {
                  $class .= ' limited-scope';
              }
-            if (!empty($this->notice->source)) {
-                $class .= ' notice-source-'.$this->notice->source;
+            try {
+                $class .= ' notice-source-'.common_to_alphanumeric($this->notice->source);
+            } catch (Exception $e) {
+                // either source or what we filtered out was a zero-length string
              }
              $id_prefix = (strlen($this->id_prefix) ? $this->id_prefix . '-' : '');
              $this->out->elementStart($this->item_tag, array('class' => $class,
diff --git a/lib/util.php b/lib/util.php

index 985b3773df38a4a63e4659339a14f114e3f7af80..aa0d5bfe7663b5fda8b90e483de3efb6a1108313 100644 (file)
--- a/lib/util.php
+++ b/lib/util.php
@@ -581,6 +581,15 @@ function common_canonical_email($email)
      return $email;
  }
  
+function common_to_alphanumeric($str)
+{
+    $filtered = preg_replace('/[^A-Za-z0-9]\s*/', '', $str);
+    if (strlen($filtered) < 1) {
+        throw new Exception('Filtered string was zero-length.');
+    }
+    return $filtered;
+}
+
  function common_purify($html, array $args=array())
  {
      require_once INSTALLDIR.'/extlib/HTMLPurifier/HTMLPurifier.auto.php';
author	Mikael Nordfeldth <mmn@hethane.se>
	Thu, 1 Sep 2016 22:08:17 +0000 (00:08 +0200)
committer	Mikael Nordfeldth <mmn@hethane.se>
	Thu, 1 Sep 2016 22:08:17 +0000 (00:08 +0200)
lib/activityhandlerplugin.php		patch \| blob \| history
lib/noticelistitem.php		patch \| blob \| history
lib/util.php		patch \| blob \| history