Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-04-27 18:30:12 +00:00
Code Issues Projects Releases Packages Wiki Activity

Some more "escapeTags" removed

Browse source
This commit is contained in:
Michael 2021-11-06 20:25:21 +00:00
parent 8e65bdd011
commit 359dad4244
17 changed files with 76 additions and 89 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/Module/Settings/Display.php
View file

@ -30,7 +30,6 @@ use Friendica\DI;
use Friendica\Model\User;
use Friendica\Module\BaseSettings;
use Friendica\Network\HTTPException;
use Friendica\Util\Strings;
/**
* Module to update user settings
@ -47,9 +46,9 @@ class Display extends BaseSettings
$user = User::getById(local_user());
$theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : $user['theme'];
$mobile_theme = !empty($_POST['mobile_theme']) ? Strings::escapeTags(trim($_POST['mobile_theme'])) : '';
$enable_smile = !empty($_POST['enable_smile']) ? intval($_POST['enable_smile']) : 0;
$theme = !empty($_POST['theme']) ? trim($_POST['theme']) : $user['theme'];
$mobile_theme = !empty($_POST['mobile_theme']) ? trim($_POST['mobile_theme']) : '';
$enable_smile = !empty($_POST['enable_smile']) ? intval($_POST['enable_smile']) : 0;
$first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0;
$infinite_scroll = !empty($_POST['infinite_scroll']) ? intval($_POST['infinite_scroll']) : 0;
$no_auto_update = !empty($_POST['no_auto_update']) ? intval($_POST['no_auto_update']) : 0;

25
src/Module/Settings/Profile/Index.php
View file

@ -37,7 +37,6 @@ use Friendica\Module\BaseSettings;
use Friendica\Module\Security\Login;
use Friendica\Network\HTTPException;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Strings;
use Friendica\Util\Temporal;
class Index extends BaseSettings
@ -79,23 +78,23 @@ class Index extends BaseSettings
}
}
$name = Strings::escapeTags(trim($_POST['name'] ?? ''));
$name = trim($_POST['name'] ?? '');
if (!strlen($name)) {
notice(DI::l10n()->t('Profile Name is required.'));
return;
}
$about = Strings::escapeTags(trim($_POST['about']));
$address = Strings::escapeTags(trim($_POST['address']));
$locality = Strings::escapeTags(trim($_POST['locality']));
$region = Strings::escapeTags(trim($_POST['region']));
$postal_code = Strings::escapeTags(trim($_POST['postal_code']));
$country_name = Strings::escapeTags(trim($_POST['country_name']));
$pub_keywords = self::cleanKeywords(Strings::escapeTags(trim($_POST['pub_keywords'])));
$prv_keywords = self::cleanKeywords(Strings::escapeTags(trim($_POST['prv_keywords'])));
$xmpp = Strings::escapeTags(trim($_POST['xmpp']));
$matrix = Strings::escapeTags(trim($_POST['matrix']));
$homepage = Strings::escapeTags(trim($_POST['homepage']));
$about = trim($_POST['about']);
$address = trim($_POST['address']);
$locality = trim($_POST['locality']);
$region = trim($_POST['region']);
$postal_code = trim($_POST['postal_code']);
$country_name = trim($_POST['country_name']);
$pub_keywords = self::cleanKeywords(trim($_POST['pub_keywords']));
$prv_keywords = self::cleanKeywords(trim($_POST['prv_keywords']));
$xmpp = trim($_POST['xmpp']);
$matrix = trim($_POST['matrix']);
$homepage = trim($_POST['homepage']);
if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) {
// neither http nor https in URL, add them
$homepage = 'http://' . $homepage;