From 15ab9ff9e3303255ff14166ee86ffdf3bc4f52ce Mon Sep 17 00:00:00 2001
From: Mikael Nordfeldth <mmn@hethane.se>
Date: Fri, 2 Sep 2016 00:08:17 +0200
Subject: [PATCH] common_to_alphanumeric added, filtering Notice->source in
 classic layout

---
 lib/activityhandlerplugin.php | 5 +++++
 lib/noticelistitem.php        | 6 ++++--
 lib/util.php                  | 9 +++++++++
 3 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/lib/activityhandlerplugin.php b/lib/activityhandlerplugin.php
index 8f28da85d6..b22096be0e 100644
--- a/lib/activityhandlerplugin.php
+++ b/lib/activityhandlerplugin.php
@@ -552,6 +552,11 @@ abstract class ActivityHandlerPlugin extends Plugin
         if ($nli->notice->scope != 0 && $nli->notice->scope != 1) {
             $class .= ' limited-scope';
         }
+        try {
+            $class .= ' notice-source-'.common_to_alphanumeric($this->notice->source);
+        } catch (Exception $e) {
+            // either source or what we filtered out was a zero-length string
+        }
         $nli->out->elementStart('li', array('class' => $class,
                                             'id' => 'notice-' . $id));
     }
diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php
index 4c4bde34a1..387d2f3762 100644
--- a/lib/noticelistitem.php
+++ b/lib/noticelistitem.php
@@ -227,8 +227,10 @@ class NoticeListItem extends Widget
             if ($this->notice->scope != 0 && $this->notice->scope != 1) {
                 $class .= ' limited-scope';
             }
-            if (!empty($this->notice->source)) {
-                $class .= ' notice-source-'.$this->notice->source;
+            try {
+                $class .= ' notice-source-'.common_to_alphanumeric($this->notice->source);
+            } catch (Exception $e) {
+                // either source or what we filtered out was a zero-length string
             }
             $id_prefix = (strlen($this->id_prefix) ? $this->id_prefix . '-' : '');
             $this->out->elementStart($this->item_tag, array('class' => $class,
diff --git a/lib/util.php b/lib/util.php
index c87b0f1bf6..a177c92a25 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -580,6 +580,15 @@ function common_canonical_email($email)
     return $email;
 }
 
+function common_to_alphanumeric($str)
+{
+    $filtered = preg_replace('/[^A-Za-z0-9]\s*/', '', $str);
+    if (strlen($filtered) < 1) {
+        throw new Exception('Filtered string was zero-length.');
+    }
+    return $filtered;
+}
+
 function common_purify($html)
 {
     require_once INSTALLDIR.'/extlib/HTMLPurifier/HTMLPurifier.auto.php';
-- 
2.39.5