diff --git a/Zotlabs/Lib/MessageFilter.php b/Zotlabs/Lib/MessageFilter.php
index b45a1f229..5ca8b737b 100644
--- a/Zotlabs/Lib/MessageFilter.php
+++ b/Zotlabs/Lib/MessageFilter.php
@@ -38,6 +38,11 @@ class MessageFilter {
if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
return false;
}
+ elseif(substr($word,0,1) === '$' && $tags) {
+ foreach($tags as $t)
+ if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
+ return false;
+ }
elseif((strpos($word,'/') === 0) && preg_match($word,$text))
return false;
elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
@@ -61,6 +66,11 @@ class MessageFilter {
if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
return true;
}
+ elseif(substr($word,0,1) === '$' && $tags) {
+ foreach($tags as $t)
+ if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
+ return true;
+ }
elseif((strpos($word,'/') === 0) && preg_match($word,$text))
return true;
elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php
index a4571941c..18f76d885 100644
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -434,12 +434,12 @@ class Channel extends Controller {
'$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1),
'$search' => $search,
'$xchan' => '',
- '$order' => $order,
+ '$order' => (($order) ? urlencode($order) : ''),
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
'$file' => '',
'$cats' => (($category) ? urlencode($category) : ''),
'$tags' => (($hashtags) ? urlencode($hashtags) : ''),
- '$mid' => $mid,
+ '$mid' => (($mid) ? urlencode($mid) : ''),
'$verb' => '',
'$net' => '',
'$dend' => $datequery,
diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php
index 1fda0c931..1d32560fa 100644
--- a/Zotlabs/Module/Connections.php
+++ b/Zotlabs/Module/Connections.php
@@ -326,7 +326,7 @@ class Connections extends \Zotlabs\Web\Controller {
killme();
}
else {
- $o .= "";
+ $o .= "";
$o .= replace_macros(get_markup_template('connections.tpl'),array(
'$header' => t('Connections') . (($head) ? ': ' . $head : ''),
'$tabs' => $tabs,
diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php
index ff399cc7c..d92ebb223 100644
--- a/Zotlabs/Module/Directory.php
+++ b/Zotlabs/Module/Directory.php
@@ -400,7 +400,7 @@ class Directory extends \Zotlabs\Web\Controller {
$dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory'));
- $o .= "";
+ $o .= "";
$o .= replace_macros($tpl, array(
'$search' => $search,
'$desc' => t('Find'),
diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php
index c6215c734..120401952 100644
--- a/Zotlabs/Module/Display.php
+++ b/Zotlabs/Module/Display.php
@@ -239,7 +239,7 @@ class Display extends Controller {
'$dbegin' => '',
'$verb' => '',
'$net' => '',
- '$mid' => $mid
+ '$mid' => (($mid) ? urlencode($mid) : '')
));
head_add_link([
diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php
index ae58a17b2..6c7c09383 100644
--- a/Zotlabs/Module/Hq.php
+++ b/Zotlabs/Module/Hq.php
@@ -193,7 +193,7 @@ class Hq extends \Zotlabs\Web\Controller {
'$dbegin' => '',
'$verb' => '',
'$net' => '',
- '$mid' => $mid
+ '$mid' => (($mid) ? urlencode($mid) : '')
]);
}
diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php
index 7024e8176..be2c83df4 100644
--- a/Zotlabs/Module/Network.php
+++ b/Zotlabs/Module/Network.php
@@ -345,18 +345,18 @@ class Network extends \Zotlabs\Web\Controller {
'$static' => $static,
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
'$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1),
- '$search' => (($search) ? $search : ''),
- '$xchan' => $xchan,
- '$order' => $order,
- '$file' => $file,
- '$cats' => urlencode($category),
- '$tags' => urlencode($hashtags),
+ '$search' => (($search) ? urlencode($search) : ''),
+ '$xchan' => (($xchan) ? urlencode($xchan) : ''),
+ '$order' => (($order) ? urlencode($order) : ''),
+ '$file' => (($file) ? urlencode($file) : ''),
+ '$cats' => (($category) ? urlencode($category) : ''),
+ '$tags' => (($hashtags) ? urlencode($hashtags) : ''),
'$dend' => $datequery,
'$mid' => '',
- '$verb' => $verb,
- '$net' => $net,
+ '$verb' => (($verb) ? urlencode($verb) : ''),
+ '$net' => (($net) ? urlencode($net) : ''),
'$dbegin' => $datequery2,
- '$pf' => (($pf) ? $pf : '0'),
+ '$pf' => (($pf) ? intval($pf) : '0'),
));
}
diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php
index cb9cc436d..936332dfd 100644
--- a/Zotlabs/Module/Photos.php
+++ b/Zotlabs/Module/Photos.php
@@ -738,7 +738,7 @@ class Photos extends \Zotlabs\Web\Controller {
killme();
}
else {
- $o .= "";
+ $o .= "";
$tpl = get_markup_template('photo_album.tpl');
$o .= replace_macros($tpl, array(
'$photos' => $photos,
diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php
index 7b80a3978..761dd6a35 100644
--- a/Zotlabs/Module/Pubstream.php
+++ b/Zotlabs/Module/Pubstream.php
@@ -135,11 +135,11 @@ class Pubstream extends \Zotlabs\Web\Controller {
'$order' => 'comment',
'$file' => '',
'$cats' => '',
- '$tags' => $hashtags,
+ '$tags' => (($hashtags) ? urlencode($hashtags) : ''),
'$dend' => '',
- '$mid' => $mid,
+ '$mid' => (($mid) ? urlencode($mid) : ''),
'$verb' => '',
- '$net' => $net,
+ '$net' => (($net) ? urlencode($net) : ''),
'$dbegin' => ''
));
}
diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php
index 791a696c6..67a15288d 100644
--- a/Zotlabs/Module/Viewconnections.php
+++ b/Zotlabs/Module/Viewconnections.php
@@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller {
killme();
}
else {
- $o .= "";
+ $o .= "";
$tpl = get_markup_template("viewcontact_template.tpl");
$o .= replace_macros($tpl, array(
'$title' => t('View Connections'),