From: Adam Magness Date: Fri, 9 Nov 2018 18:27:58 +0000 (-0500) Subject: Rename escapeTags to escapeHtml X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=063f0e9cb06bb09d06c2630d4b6cecc5eb381fdc;p=friendica.git Rename escapeTags to escapeHtml rename function and update calls. --- diff --git a/mod/admin.php b/mod/admin.php index 873966b999..d1b761c980 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -2478,9 +2478,9 @@ function admin_page_viewlogs(App $a) } $seek = fseek($fp, 0 - $size, SEEK_END); if ($seek === 0) { - $data = Strings::escapeTags(fread($fp, $size)); + $data = Strings::escapeHtml(fread($fp, $size)); while (!feof($fp)) { - $data .= Strings::escapeTags(fread($fp, 4096)); + $data .= Strings::escapeHtml(fread($fp, 4096)); } } } diff --git a/mod/dirfind.php b/mod/dirfind.php index 7ef217253e..7b603a7427 100644 --- a/mod/dirfind.php +++ b/mod/dirfind.php @@ -126,8 +126,8 @@ function dirfind_content(App $a, $prefix = "") { (`url` LIKE '%s' OR `name` LIKE '%s' OR `location` LIKE '%s' OR `addr` LIKE '%s' OR `about` LIKE '%s' OR `keywords` LIKE '%s') $extra_sql", DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora), - DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), - DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2))); + DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), + DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2))); $results = q("SELECT `nurl` FROM `gcontact` @@ -138,8 +138,8 @@ function dirfind_content(App $a, $prefix = "") { GROUP BY `nurl` ORDER BY `updated` DESC LIMIT %d, %d", DBA::escape(Protocol::DFRN), DBA::escape($ostatus), DBA::escape($diaspora), - DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), - DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), DBA::escape(Strings::escapeTags($search2)), + DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), + DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), DBA::escape(Strings::escapeHtml($search2)), $pager->getStart(), $pager->getItemsPerPage()); $j = new stdClass(); $j->total = $count[0]["total"]; diff --git a/mod/events.php b/mod/events.php index 540a5b1650..f147e00545 100644 --- a/mod/events.php +++ b/mod/events.php @@ -60,8 +60,8 @@ function events_post(App $a) $cid = !empty($_POST['cid']) ? intval($_POST['cid']) : 0; $uid = local_user(); - $start_text = Strings::escapeTags(defaults($_REQUEST, 'start_text', '')); - $finish_text = Strings::escapeTags(defaults($_REQUEST, 'finish_text', '')); + $start_text = Strings::escapeHtml(defaults($_REQUEST, 'start_text', '')); + $finish_text = Strings::escapeHtml(defaults($_REQUEST, 'finish_text', '')); $adjust = intval(defaults($_POST, 'adjust', 0)); $nofinish = intval(defaults($_POST, 'nofinish', 0)); @@ -97,9 +97,9 @@ function events_post(App $a) // and we'll waste a bunch of time responding to it. Time that // could've been spent doing something else. - $summary = Strings::escapeTags(trim(defaults($_POST, 'summary', ''))); - $desc = Strings::escapeTags(trim(defaults($_POST, 'desc', ''))); - $location = Strings::escapeTags(trim(defaults($_POST, 'location', ''))); + $summary = Strings::escapeHtml(trim(defaults($_POST, 'summary', ''))); + $desc = Strings::escapeHtml(trim(defaults($_POST, 'desc', ''))); + $location = Strings::escapeHtml(trim(defaults($_POST, 'location', ''))); $type = 'event'; $action = ($event_id == '') ? 'new' : "event/" . $event_id; diff --git a/mod/fsuggest.php b/mod/fsuggest.php index 7768c8cf8c..2195f455af 100644 --- a/mod/fsuggest.php +++ b/mod/fsuggest.php @@ -37,7 +37,7 @@ function fsuggest_post(App $a) $hash = Strings::getRandomHex(); - $note = Strings::escapeTags(trim(defaults($_POST, 'note', ''))); + $note = Strings::escapeHtml(trim(defaults($_POST, 'note', ''))); if ($new_contact) { $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", diff --git a/mod/item.php b/mod/item.php index 193fa9ed9f..0473c74c52 100644 --- a/mod/item.php +++ b/mod/item.php @@ -205,7 +205,7 @@ function item_post(App $a) { $app = $orig_post['app']; $categories = $orig_post['file']; $title = Strings::removeTags(trim($_REQUEST['title'])); - $body = Strings::escapeTags(trim($_REQUEST['body'])); + $body = Strings::escapeHtml(trim($_REQUEST['body'])); $private = $orig_post['private']; $pubmail_enabled = $orig_post['pubmail']; $network = $orig_post['network']; @@ -241,7 +241,7 @@ function item_post(App $a) { $coord = Strings::removeTags(trim(defaults($_REQUEST, 'coord' , ''))); $verb = Strings::removeTags(trim(defaults($_REQUEST, 'verb' , ''))); $emailcc = Strings::removeTags(trim(defaults($_REQUEST, 'emailcc' , ''))); - $body = Strings::escapeTags(trim(defaults($_REQUEST, 'body' , ''))); + $body = Strings::escapeHtml(trim(defaults($_REQUEST, 'body' , ''))); $network = Strings::removeTags(trim(defaults($_REQUEST, 'network' , Protocol::DFRN))); $guid = System::createUUID(); diff --git a/mod/message.php b/mod/message.php index e689c45021..3a9480f2f2 100644 --- a/mod/message.php +++ b/mod/message.php @@ -61,7 +61,7 @@ function message_post(App $a) $replyto = x($_REQUEST, 'replyto') ? Strings::removeTags(trim($_REQUEST['replyto'])) : ''; $subject = x($_REQUEST, 'subject') ? Strings::removeTags(trim($_REQUEST['subject'])) : ''; - $body = x($_REQUEST, 'body') ? Strings::escapeTags(trim($_REQUEST['body'])) : ''; + $body = x($_REQUEST, 'body') ? Strings::escapeHtml(trim($_REQUEST['body'])) : ''; $recipient = x($_REQUEST, 'messageto') ? intval($_REQUEST['messageto']) : 0; $ret = Mail::send($recipient, $body, $subject, $replyto); @@ -254,7 +254,7 @@ function message_content(App $a) '$preid' => $preid, '$subject' => L10n::t('Subject:'), '$subjtxt' => x($_REQUEST, 'subject') ? strip_tags($_REQUEST['subject']) : '', - '$text' => x($_REQUEST, 'body') ? Strings::escapeTags(htmlspecialchars($_REQUEST['body'])) : '', + '$text' => x($_REQUEST, 'body') ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : '', '$readonly' => '', '$yourmessage' => L10n::t('Your message:'), '$select' => $select, diff --git a/mod/network.php b/mod/network.php index 77e815fe1a..ff20f04d4e 100644 --- a/mod/network.php +++ b/mod/network.php @@ -42,7 +42,7 @@ function network_init(App $a) Hook::add('head', __FILE__, 'network_infinite_scroll_head'); - $search = (x($_GET, 'search') ? Strings::escapeTags($_GET['search']) : ''); + $search = (x($_GET, 'search') ? Strings::escapeHtml($_GET['search']) : ''); if (($search != '') && !empty($_GET['submit'])) { $a->internalRedirect('search?search=' . urlencode($search)); @@ -519,9 +519,9 @@ function networkThreadedView(App $a, $update, $parent) for ($x = 1; $x < $a->argc; $x ++) { if (is_a_date_arg($a->argv[$x])) { if ($datequery) { - $datequery2 = Strings::escapeTags($a->argv[$x]); + $datequery2 = Strings::escapeHtml($a->argv[$x]); } else { - $datequery = Strings::escapeTags($a->argv[$x]); + $datequery = Strings::escapeHtml($a->argv[$x]); $_GET['order'] = 'post'; } } elseif (intval($a->argv[$x])) { diff --git a/mod/profile.php b/mod/profile.php index f520ef94b7..f17888368a 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -115,9 +115,9 @@ function profile_content(App $a, $update = 0) for ($x = 2; $x < $a->argc; $x ++) { if (is_a_date_arg($a->argv[$x])) { if ($datequery) { - $datequery2 = Strings::escapeTags($a->argv[$x]); + $datequery2 = Strings::escapeHtml($a->argv[$x]); } else { - $datequery = Strings::escapeTags($a->argv[$x]); + $datequery = Strings::escapeHtml($a->argv[$x]); } } else { $category = $a->argv[$x]; diff --git a/mod/profiles.php b/mod/profiles.php index 00fdc6a29c..83febcc717 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -208,7 +208,7 @@ function profiles_post(App $a) { return; } - $dob = $_POST['dob'] ? Strings::escapeTags(trim($_POST['dob'])) : '0000-00-00'; + $dob = $_POST['dob'] ? Strings::escapeHtml(trim($_POST['dob'])) : '0000-00-00'; $y = substr($dob, 0, 4); if ((! ctype_digit($y)) || ($y < 1900)) { @@ -323,19 +323,19 @@ function profiles_post(App $a) { $politic = Strings::removeTags(trim($_POST['politic'])); $religion = Strings::removeTags(trim($_POST['religion'])); - $likes = Strings::escapeTags(trim($_POST['likes'])); - $dislikes = Strings::escapeTags(trim($_POST['dislikes'])); - - $about = Strings::escapeTags(trim($_POST['about'])); - $interest = Strings::escapeTags(trim($_POST['interest'])); - $contact = Strings::escapeTags(trim($_POST['contact'])); - $music = Strings::escapeTags(trim($_POST['music'])); - $book = Strings::escapeTags(trim($_POST['book'])); - $tv = Strings::escapeTags(trim($_POST['tv'])); - $film = Strings::escapeTags(trim($_POST['film'])); - $romance = Strings::escapeTags(trim($_POST['romance'])); - $work = Strings::escapeTags(trim($_POST['work'])); - $education = Strings::escapeTags(trim($_POST['education'])); + $likes = Strings::escapeHtml(trim($_POST['likes'])); + $dislikes = Strings::escapeHtml(trim($_POST['dislikes'])); + + $about = Strings::escapeHtml(trim($_POST['about'])); + $interest = Strings::escapeHtml(trim($_POST['interest'])); + $contact = Strings::escapeHtml(trim($_POST['contact'])); + $music = Strings::escapeHtml(trim($_POST['music'])); + $book = Strings::escapeHtml(trim($_POST['book'])); + $tv = Strings::escapeHtml(trim($_POST['tv'])); + $film = Strings::escapeHtml(trim($_POST['film'])); + $romance = Strings::escapeHtml(trim($_POST['romance'])); + $work = Strings::escapeHtml(trim($_POST['work'])); + $education = Strings::escapeHtml(trim($_POST['education'])); $hide_friends = (($_POST['hide-friends'] == 1) ? 1: 0); diff --git a/mod/wallmessage.php b/mod/wallmessage.php index f2fb04442c..06b3720f73 100644 --- a/mod/wallmessage.php +++ b/mod/wallmessage.php @@ -21,7 +21,7 @@ function wallmessage_post(App $a) { } $subject = ((x($_REQUEST,'subject')) ? Strings::removeTags(trim($_REQUEST['subject'])) : ''); - $body = ((x($_REQUEST,'body')) ? Strings::escapeTags(trim($_REQUEST['body'])) : ''); + $body = ((x($_REQUEST,'body')) ? Strings::escapeHtml(trim($_REQUEST['body'])) : ''); $recipient = (($a->argc > 1) ? Strings::removeTags($a->argv[1]) : ''); if ((! $recipient) || (! $body)) { @@ -132,7 +132,7 @@ function wallmessage_content(App $a) { '$recipname' => $user['username'], '$nickname' => $user['nickname'], '$subjtxt' => ((x($_REQUEST, 'subject')) ? strip_tags($_REQUEST['subject']) : ''), - '$text' => ((x($_REQUEST, 'body')) ? Strings::escapeTags(htmlspecialchars($_REQUEST['body'])) : ''), + '$text' => ((x($_REQUEST, 'body')) ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : ''), '$readonly' => '', '$yourmessage' => L10n::t('Your message:'), '$parent' => '', diff --git a/src/Model/Item.php b/src/Model/Item.php index e12f6b6eed..c088685e8d 100644 --- a/src/Model/Item.php +++ b/src/Model/Item.php @@ -3447,7 +3447,7 @@ class Item extends BaseObject $filesubtype = 'unkn'; } - $title = Strings::escapeTags(trim(!empty($mtch[4]) ? $mtch[4] : $mtch[1])); + $title = Strings::escapeHtml(trim(!empty($mtch[4]) ? $mtch[4] : $mtch[1])); $title .= ' ' . $mtch[2] . ' ' . L10n::t('bytes'); $icon = '
'; diff --git a/src/Module/Contact.php b/src/Module/Contact.php index 30c05c889a..9987871880 100644 --- a/src/Module/Contact.php +++ b/src/Module/Contact.php @@ -214,14 +214,14 @@ class Contact extends BaseModule $fetch_further_information = intval(defaults($_POST, 'fetch_further_information', 0)); - $ffi_keyword_blacklist = Strings::escapeTags(trim(defaults($_POST, 'ffi_keyword_blacklist', ''))); + $ffi_keyword_blacklist = Strings::escapeHtml(trim(defaults($_POST, 'ffi_keyword_blacklist', ''))); $priority = intval(defaults($_POST, 'poll', 0)); if ($priority > 5 || $priority < 0) { $priority = 0; } - $info = Strings::escapeTags(trim($_POST['info'])); + $info = Strings::escapeHtml(trim($_POST['info'])); $r = DBA::update('contact', [ 'profile-id' => $profile_id, diff --git a/src/Module/Hashtag.php b/src/Module/Hashtag.php index b016b4da40..4d09183529 100644 --- a/src/Module/Hashtag.php +++ b/src/Module/Hashtag.php @@ -22,7 +22,7 @@ class Hashtag extends BaseModule { $result = []; - $t = Strings::escapeTags($_REQUEST['t']); + $t = Strings::escapeHtml($_REQUEST['t']); if (empty($t)) { System::jsonExit($result); } diff --git a/src/Util/Strings.php b/src/Util/Strings.php index 5cb1fd6b3a..7acf1c9ef2 100644 --- a/src/Util/Strings.php +++ b/src/Util/Strings.php @@ -59,7 +59,7 @@ class Strings * * @return string */ - public static function escapeTags($string) + public static function escapeHtml($string) { return htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false); } diff --git a/src/Worker/OnePoll.php b/src/Worker/OnePoll.php index f9ff0b1a6a..fcbcabd709 100644 --- a/src/Worker/OnePoll.php +++ b/src/Worker/OnePoll.php @@ -507,7 +507,7 @@ class OnePoll Logger::log("Mail: can't fetch msg ".$msg_uid." for ".$mailconf['user']); continue; } - $datarray['body'] = Strings::escapeTags($r['body']); + $datarray['body'] = Strings::escapeHtml($r['body']); $datarray['body'] = BBCode::limitBodySize($datarray['body']); Logger::log("Mail: Importing ".$msg_uid." for ".$mailconf['user']); diff --git a/tests/src/Util/StringsTest.php b/tests/src/Util/StringsTest.php index 54a4bdd727..352fe3089b 100644 --- a/tests/src/Util/StringsTest.php +++ b/tests/src/Util/StringsTest.php @@ -69,12 +69,12 @@ class StringsTest extends TestCase /** * test, that tags are escaped */ - public function testEscapeTags() + public function testEscapeHtml() { $invalidstring=''; $validstring = Strings::removeTags($invalidstring); - $escapedString = Strings::escapeTags($invalidstring); + $escapedString = Strings::escapeHtml($invalidstring); $this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring); $this->assertEquals(