mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-20 03:55:18 +00:00
Merge branch 'zap'
This commit is contained in:
commit
8c75aa8dc4
1 changed files with 32 additions and 28 deletions
|
@ -6,8 +6,11 @@
|
||||||
use Zotlabs\Lib\MarkdownSoap;
|
use Zotlabs\Lib\MarkdownSoap;
|
||||||
use Zotlabs\Lib\Group;
|
use Zotlabs\Lib\Group;
|
||||||
use Zotlabs\Lib\Libzot;
|
use Zotlabs\Lib\Libzot;
|
||||||
|
use App;
|
||||||
|
|
||||||
use Michelf\MarkdownExtra;
|
use Michelf\MarkdownExtra;
|
||||||
|
use Ramsey\Uuid\Uuid;
|
||||||
|
use Ramsey\Uuid\Exception\UnsatisfiedDependencyException;
|
||||||
|
|
||||||
require_once("include/bbcode.php");
|
require_once("include/bbcode.php");
|
||||||
|
|
||||||
|
@ -28,8 +31,8 @@ define('RANDOM_STRING_TEXT', 0x01 );
|
||||||
*/
|
*/
|
||||||
function replace_macros($s, $r) {
|
function replace_macros($s, $r) {
|
||||||
$arr = [
|
$arr = [
|
||||||
'template' => $s,
|
'template' => $s,
|
||||||
'params' => $r
|
'params' => $r
|
||||||
];
|
];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -62,35 +65,20 @@ function random_string($size = 64, $type = RANDOM_STRING_HEX) {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief This is our primary input filter.
|
* @brief Input filter to replace HTML tag characters with something safe.
|
||||||
*
|
|
||||||
* The high bit hack only involved some old IE browser, forget which (IE5/Mac?)
|
|
||||||
* that had an XSS attack vector due to stripping the high-bit on an 8-bit character
|
|
||||||
* after cleansing, and angle chars with the high bit set could get through as markup.
|
|
||||||
*
|
|
||||||
* This is now disabled because it was interfering with some legitimate unicode sequences
|
|
||||||
* and hopefully there aren't a lot of those browsers left.
|
|
||||||
*
|
|
||||||
* Use this on any text input where angle chars are not valid or permitted
|
|
||||||
* They will be replaced with safer brackets. This may be filtered further
|
|
||||||
* if these are not allowed either.
|
|
||||||
*
|
*
|
||||||
* @param string $string Input string
|
* @param string $string Input string
|
||||||
*
|
*
|
||||||
* @return string Filtered string
|
* @return string Filtered string
|
||||||
*/
|
*/
|
||||||
function notags($string) {
|
function notags($string) {
|
||||||
|
|
||||||
return(str_replace(array("<",">"), array('[',']'), $string));
|
return(str_replace(array("<",">"), array('[',']'), $string));
|
||||||
|
|
||||||
// High-bit filter no longer used
|
|
||||||
// return(str_replace(array("<",">","\xBA","\xBC","\xBE"), array('[',']','','',''), $string));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* use this on "body" or "content" input where angle chars shouldn't be removed,
|
* use this on input where angle chars shouldn't be removed,
|
||||||
* and allow them to be safely displayed.
|
* and allow them to be safely used in HTML.
|
||||||
*
|
*
|
||||||
* @param string $string
|
* @param string $string
|
||||||
*
|
*
|
||||||
|
@ -568,16 +556,25 @@ function alt_pager($i, $more = '', $less = '') {
|
||||||
* @return string a unique id
|
* @return string a unique id
|
||||||
*/
|
*/
|
||||||
function item_message_id() {
|
function item_message_id() {
|
||||||
|
|
||||||
|
|
||||||
do {
|
do {
|
||||||
$dups = false;
|
$dups = false;
|
||||||
$hash = random_string(48);
|
|
||||||
|
try {
|
||||||
|
$hash = Uuid::uuid5(Uuid::NAMESPACE_DNS, App::get_hostname())->toString();
|
||||||
|
} catch (UnsatisfiedDependencyException $e) {
|
||||||
|
$hash = random_string(48);
|
||||||
|
}
|
||||||
|
|
||||||
$mid = z_root() . '/item/' . $hash;
|
$mid = z_root() . '/item/' . $hash;
|
||||||
|
|
||||||
$r = q("SELECT id FROM item WHERE mid = '%s' LIMIT 1",
|
$r = q("SELECT id FROM item WHERE mid = '%s' LIMIT 1",
|
||||||
dbesc($mid));
|
dbesc($mid));
|
||||||
if($r)
|
if ($r) {
|
||||||
$dups = true;
|
$dups = true;
|
||||||
} while($dups == true);
|
}
|
||||||
|
} while ($dups === true);
|
||||||
|
|
||||||
return $mid;
|
return $mid;
|
||||||
}
|
}
|
||||||
|
@ -592,15 +589,22 @@ function item_message_id() {
|
||||||
function photo_new_resource() {
|
function photo_new_resource() {
|
||||||
do {
|
do {
|
||||||
$found = false;
|
$found = false;
|
||||||
$resource = random_string(48);
|
|
||||||
|
try {
|
||||||
|
$hash = Uuid::uuid5(Uuid::NAMESPACE_DNS, App::get_hostname())->toString();
|
||||||
|
} catch (UnsatisfiedDependencyException $e) {
|
||||||
|
$hash = random_string(48);
|
||||||
|
}
|
||||||
|
|
||||||
$r = q("SELECT id FROM photo WHERE resource_id = '%s' LIMIT 1",
|
$r = q("SELECT id FROM photo WHERE resource_id = '%s' LIMIT 1",
|
||||||
dbesc($resource));
|
dbesc($hash)
|
||||||
if($r)
|
);
|
||||||
|
if ($r) {
|
||||||
$found = true;
|
$found = true;
|
||||||
} while($found === true);
|
}
|
||||||
|
} while ($found === true);
|
||||||
|
|
||||||
return $resource;
|
return $hash;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in a new issue