Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-21 22:55:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'dev' of /home/macgirvin/roadhouse into dev

Browse source
This commit is contained in:
nobody 2021-02-22 18:39:58 -08:00
commit 222f318988
4 changed files with 34 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
boot.php
View file

@ -16,7 +16,7 @@ use Zotlabs\Daemon\Run;
* @brief This file defines some global constants and includes the central App class. * @brief This file defines some global constants and includes the central App class.
*/ */
define ( 'STD_VERSION', '21.02.22' ); define ( 'STD_VERSION', '21.02.23' );
define ( 'ZOT_REVISION', '6.0' ); define ( 'ZOT_REVISION', '6.0' );
define ( 'DB_UPDATE_VERSION', 1247 ); define ( 'DB_UPDATE_VERSION', 1247 );
@ -1930,11 +1930,11 @@ function is_site_admin() {
if(! session_id()) if(! session_id())
return false; return false;
if($_SESSION['delegate']) if(isset($_SESSION['delegate']))
return false; return false;
if((intval($_SESSION['authenticated'])) if(isset($_SESSION['authenticated']) && intval($_SESSION['authenticated'])
&& (is_array(App::$account)) && is_array(App::$account)
&& (App::$account['account_roles'] & ACCOUNT_ROLE_ADMIN)) && (App::$account['account_roles'] & ACCOUNT_ROLE_ADMIN))
return true; return true;
@ -1953,7 +1953,8 @@ function is_developer() {
if(! session_id()) if(! session_id())
return false; return false;
if((intval($_SESSION['authenticated'])) if(isset($_SESSION['authenticated'])
&& (intval($_SESSION['authenticated']))
&& (is_array(App::$account)) && (is_array(App::$account))
&& (App::$account['account_roles'] & ACCOUNT_ROLE_DEVELOPER)) && (App::$account['account_roles'] & ACCOUNT_ROLE_DEVELOPER))
return true; return true;

2
include/bbcode.php
View file

@ -2002,7 +2002,7 @@ function bbcode($Text, $options = []) {
else { else {
$Text = preg_replace("/\<(.*?)(src|href)=\"[^zhgfmt#](.*?)\>/ism", '<$1$2="">', $Text); $Text = preg_replace("/\<(.*?)(src|href)=\"[^zhgfmt#](.*?)\>/ism", '<$1$2="">', $Text);
} }
$Text = bb_replace_images($Text, $saved_images); $Text = bb_replace_images($Text, $saved_images);
$args = [ 'text' => $Text, 'options' => $options ]; $args = [ 'text' => $Text, 'options' => $options ];

26
include/items.php
View file

@ -1362,17 +1362,41 @@ function decode_tags($t) {
return ''; return '';
} }
function purify_imported_object($obj) {
$ret = null;
if (is_array($obj)) {
foreach ( $obj as $k => $v ) {
$ret[$k] = purify_html($v);
}
}
elseif (is_string($obj)) {
$ret = purify_html($obj);
}
return $ret;
}
/** /**
* @brief Santise a potentially complex array. * @brief Sanitise a potentially complex array.
*
* Walks the array and applies htmlspecialchars to the content unless it is a known HTML element,
* in which case the result is purified
* *
* @param array $arr * @param array $arr
* @return array|string * @return array|string
*/ */
function activity_sanitise($arr) { function activity_sanitise($arr) {
if($arr) { if($arr) {
if(is_array($arr)) { if(is_array($arr)) {
$ret = array(); $ret = array();
foreach($arr as $k => $x) { foreach($arr as $k => $x) {
if (in_array($k, [ 'content', 'summary', 'contentMap', 'summaryMap' ])) {
$ret[$k] = purify_imported_object($arr[$k]);
continue;
}
if(is_array($x)) if(is_array($x))
$ret[$k] = activity_sanitise($x); $ret[$k] = activity_sanitise($x);
else else

3
include/zid.php
View file

@ -59,7 +59,8 @@ function zid($s, $address = '') {
$mine_parsed = parse_url($mine); $mine_parsed = parse_url($mine);
$s_parsed = parse_url($s); $s_parsed = parse_url($s);
if($mine_parsed['host'] === $s_parsed['host']) if(isset($mine_parsed['host']) && isset($s_parsed['host'])
&& $mine_parsed['host'] === $s_parsed['host'])
$url_match = true; $url_match = true;
if ($mine && $myaddr && (! $url_match)) if ($mine && $myaddr && (! $url_match))