keith/friendica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #6191 from MrPetovan/task/urlencode-file-param

Browse source 
URL encode /network file query parameter
This commit is contained in:
Michael Vogel 2018-11-23 21:37:31 +01:00 committed by GitHub
commit 96a43d0db9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 23 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
include/conversation.php
View file

@ -462,17 +462,17 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
. "<script> var profile_uid = " . $_SESSION['uid'] . "<script> var profile_uid = " . $_SESSION['uid']
. "; var netargs = '" . substr($a->cmd, 8) . "; var netargs = '" . substr($a->cmd, 8)
. '?f=' . '?f='
. ((x($_GET, 'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET, 'cid')) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. ((x($_GET, 'search')) ? '&search=' . $_GET['search'] : '') . ((x($_GET, 'search')) ? '&search=' . rawurlencode($_GET['search']) : '')
. ((x($_GET, 'star')) ? '&star=' . $_GET['star'] : '') . ((x($_GET, 'star')) ? '&star=' . rawurlencode($_GET['star']) : '')
. ((x($_GET, 'order')) ? '&order=' . $_GET['order'] : '') . ((x($_GET, 'order')) ? '&order=' . rawurlencode($_GET['order']) : '')
. ((x($_GET, 'bmark')) ? '&bmark=' . $_GET['bmark'] : '') . ((x($_GET, 'bmark')) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. ((x($_GET, 'liked')) ? '&liked=' . $_GET['liked'] : '') . ((x($_GET, 'liked')) ? '&liked=' . rawurlencode($_GET['liked']) : '')
. ((x($_GET, 'conv')) ? '&conv=' . $_GET['conv'] : '') . ((x($_GET, 'conv')) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. ((x($_GET, 'nets')) ? '&nets=' . $_GET['nets'] : '') . ((x($_GET, 'nets')) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. ((x($_GET, 'cmin')) ? '&cmin=' . $_GET['cmin'] : '') . ((x($_GET, 'cmin')) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. ((x($_GET, 'cmax')) ? '&cmax=' . $_GET['cmax'] : '') . ((x($_GET, 'cmax')) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. ((x($_GET, 'file')) ? '&file=' . $_GET['file'] : '') . ((x($_GET, 'file')) ? '&file=' . rawurlencode($_GET['file']) : '')
. "'; var profile_page = " . $pager->getPage() . "; </script>\r\n"; . "'; var profile_page = " . $pager->getPage() . "; </script>\r\n";
} }

2
mod/filerm.php
View file

@ -36,6 +36,6 @@ function filerm_content(App $a)
info('Item was not deleted'); info('Item was not deleted');
} }
$a->internalRedirect('/network?f=&file=' . $term); $a->internalRedirect('/network?f=&file=' . rawurlencode($term));
killme(); killme();
} }

22
mod/network.php
View file

@ -170,21 +170,17 @@ function network_init(App $a)
function saved_searches($search) function saved_searches($search)
{ {
$a = get_app();
$srchurl = '/network?f=' $srchurl = '/network?f='
. ((x($_GET, 'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET, 'cid')) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. ((x($_GET, 'star')) ? '&star=' . $_GET['star'] : '') . ((x($_GET, 'star')) ? '&star=' . rawurlencode($_GET['star']) : '')
. ((x($_GET, 'bmark')) ? '&bmark=' . $_GET['bmark'] : '') . ((x($_GET, 'bmark')) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. ((x($_GET, 'conv')) ? '&conv=' . $_GET['conv'] : '') . ((x($_GET, 'conv')) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. ((x($_GET, 'nets')) ? '&nets=' . $_GET['nets'] : '') . ((x($_GET, 'nets')) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. ((x($_GET, 'cmin')) ? '&cmin=' . $_GET['cmin'] : '') . ((x($_GET, 'cmin')) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. ((x($_GET, 'cmax')) ? '&cmax=' . $_GET['cmax'] : '') . ((x($_GET, 'cmax')) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. ((x($_GET, 'file')) ? '&file=' . $_GET['file'] : ''); . ((x($_GET, 'file')) ? '&file=' . rawurlencode($_GET['file']) : '');
; ;
$o = '';
$terms = DBA::select('search', ['id', 'term'], ['uid' => local_user()]); $terms = DBA::select('search', ['id', 'term'], ['uid' => local_user()]);
$saved = []; $saved = [];
@ -202,7 +198,7 @@ function saved_searches($search)
$o = Renderer::replaceMacros($tpl, [ $o = Renderer::replaceMacros($tpl, [
'$title' => L10n::t('Saved Searches'), '$title' => L10n::t('Saved Searches'),
'$add' => L10n::t('add'), '$add' => L10n::t('add'),
'$searchbox' => HTML::search($search, 'netsearch-box', $srchurl, true), '$searchbox' => HTML::search($search, 'netsearch-box', $srchurl),
'$saved' => $saved, '$saved' => $saved,
]); ]);

2
mod/search.php
View file

@ -162,7 +162,7 @@ function search_content(App $a) {
'name' => "search-header", 'name' => "search-header",
'$title' => L10n::t("Search"), '$title' => L10n::t("Search"),
'$title_size' => 3, '$title_size' => 3,
'$content' => HTML::search($search,'search-box','search',((local_user()) ? true : false), false) '$content' => HTML::search($search,'search-box','search', false)
]); ]);
if (strpos($search,'#') === 0) { if (strpos($search,'#') === 0) {

2
src/Content/Text/HTML.php
View file

@ -951,7 +951,7 @@ class HTML
* *
* @return string Formatted HTML. * @return string Formatted HTML.
*/ */
public static function search($s, $id = 'search-box', $url = 'search', $save = false, $aside = true) public static function search($s, $id = 'search-box', $url = 'search', $aside = true)
{ {
$mode = 'text'; $mode = 'text';