keith
/
friendica
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #11185 from annando/issue-11182 

Issue 10906: prevent personal notes from being altered
This commit is contained in:
Hypolite Petovan 2022-01-26 02:49:20 -05:00 committed by GitHub
parent 7c4f6cc816 60af1314a0
commit 3395c61649
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 38 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
mod/item.php
View File

@ -391,48 +391,51 @@ function item_post(App $a) {
$only_to_forum = false; $only_to_forum = false;
$forum_contact = []; $forum_contact = [];
$body = BBCode::performWithEscapedTags($body, ['noparse', 'pre', 'code', 'img'], function ($body) use ($profile_uid, $network, $str_contact_allow, &$inform, &$private_forum, &$private_id, &$only_to_forum, &$forum_contact) { // Personal notes must never be altered to a forum post.
$tags = BBCode::getTags($body); if ($posttype != Item::PT_PERSONAL_NOTE) {
$body = BBCode::performWithEscapedTags($body, ['noparse', 'pre', 'code', 'img'], function ($body) use ($profile_uid, $network, $str_contact_allow, &$inform, &$private_forum, &$private_id, &$only_to_forum, &$forum_contact) {
$tags = BBCode::getTags($body);
$tagged = []; $tagged = [];
foreach ($tags as $tag) { foreach ($tags as $tag) {
$tag_type = substr($tag, 0, 1); $tag_type = substr($tag, 0, 1);
if ($tag_type == Tag::TAG_CHARACTER[Tag::HASHTAG]) { if ($tag_type == Tag::TAG_CHARACTER[Tag::HASHTAG]) {
continue; continue;
} }
/* If we already tagged 'Robert Johnson', don't try and tag 'Robert'. /* If we already tagged 'Robert Johnson', don't try and tag 'Robert'.
* Robert Johnson should be first in the $tags array * Robert Johnson should be first in the $tags array
*/ */
foreach ($tagged as $nextTag) { foreach ($tagged as $nextTag) {
if (stristr($nextTag, $tag . ' ')) { if (stristr($nextTag, $tag . ' ')) {
continue 2; continue 2;
}
}
if ($success = ItemHelper::replaceTag($body, $inform, local_user() ? local_user() : $profile_uid, $tag, $network)) {
if ($success['replaced']) {
$tagged[] = $tag;
}
// When the forum is private or the forum is addressed with a "!" make the post private
if (!empty($success['contact']['prv']) || ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION])) {
$private_forum = $success['contact']['prv'];
$only_to_forum = ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION]);
$private_id = $success['contact']['id'];
$forum_contact = $success['contact'];
} elseif (!empty($success['contact']['forum']) && ($str_contact_allow == '<' . $success['contact']['id'] . '>')) {
$private_forum = false;
$only_to_forum = true;
$private_id = $success['contact']['id'];
$forum_contact = $success['contact'];
}
} }
} }
if ($success = ItemHelper::replaceTag($body, $inform, local_user() ? local_user() : $profile_uid, $tag, $network)) { return $body;
if ($success['replaced']) { });
$tagged[] = $tag; }
}
// When the forum is private or the forum is addressed with a "!" make the post private
if (!empty($success['contact']['prv']) || ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION])) {
$private_forum = $success['contact']['prv'];
$only_to_forum = ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION]);
$private_id = $success['contact']['id'];
$forum_contact = $success['contact'];
} elseif (!empty($success['contact']['forum']) && ($str_contact_allow == '<' . $success['contact']['id'] . '>')) {
$private_forum = false;
$only_to_forum = true;
$private_id = $success['contact']['id'];
$forum_contact = $success['contact'];
}
}
}
return $body;
});
$original_contact_id = $contact_id; $original_contact_id = $contact_id;