From 1217ae3b3e3b63cee8ca46d72551e2f0aca13bb8 Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 08:05:22 +0000 Subject: [PATCH 01/19] remove it --- Zotlabs/Lib/Activity.php | 1 - 1 file changed, 1 deletion(-) diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 6072b672f..4e04283ba 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -3833,7 +3833,6 @@ class Activity { return $act->objprop('id', null) ?? (is_string($act->obj) ? $act->obj : null) - // ?? $act->obj['data']['id'] // pleroma fetched like? ?? ''; } From 077ca1aea5a6b02ca91d9739e94e5dee221a681a Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 08:41:10 +0000 Subject: [PATCH 02/19] change photo.filename to type text (some platforms have very long filenames for their profile photos) --- install/schema_mysql.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/schema_mysql.sql b/install/schema_mysql.sql index e75224815..3cf8039e4 100644 --- a/install/schema_mysql.sql +++ b/install/schema_mysql.sql @@ -876,7 +876,7 @@ CREATE TABLE IF NOT EXISTS `photo` ( `title` char(191) NOT NULL DEFAULT '', `description` text NOT NULL, `album` char(191) NOT NULL DEFAULT '', - `filename` char(191) NOT NULL DEFAULT '', + `filename` text NOT NULL, `mimetype` char(128) NOT NULL DEFAULT 'image/jpeg', `height` smallint(6) NOT NULL DEFAULT 0 , `width` smallint(6) NOT NULL DEFAULT 0 , From 805bbd1c3eaea99e5a8e3a92a7d850077d145fed Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 09:03:32 +0000 Subject: [PATCH 03/19] fix color bbcode markup --- include/html2bbcode.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/html2bbcode.php b/include/html2bbcode.php index b799a0c28..ba298aa58 100644 --- a/include/html2bbcode.php +++ b/include/html2bbcode.php @@ -176,7 +176,7 @@ function html2bbcode($message) //node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(\d+)[,;].*/'), '[size=$1]', '[/size]'); //node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(.+?)[,;].*/'), '[size=$1]', '[/size]'); - node2bbcode($doc, 'span', array('style'=>'/.*color:\s*(.+?)[,;].*/'), '[color="$1"]', '[/color]'); + node2bbcode($doc, 'span', array('style'=>'/.*color:\s*(.+?)[,;].*/'), '[color=$1]', '[/color]'); //node2bbcode($doc, 'span', array('style'=>'/.*font-family:\s*(.+?)[,;].*/'), '[font=$1]', '[/font]'); //node2bbcode($doc, 'div', array('style'=>'/.*font-family:\s*(.+?)[,;].*font-size:\s*(\d+?)pt.*/'), '[font=$1][size=$2]', '[/size][/font]'); From 083b2b1bbcafcea3df3a769f82c9713475d7a195 Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 09:10:45 +0000 Subject: [PATCH 04/19] add suport for strong bbcode tag --- include/bbcode.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/bbcode.php b/include/bbcode.php index 65bda1b7b..c152d45cb 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -1402,6 +1402,9 @@ function bbcode($text, $options = []) { if (strpos($text,'[b]') !== false) { $text = preg_replace("(\[b\](.*?)\[\/b\])ism", '$1', $text); } + if (strpos($text,'[strong]') !== false) { + $text = preg_replace("(\[strong\](.*?)\[\/strong\])ism", '$1', $text); + } // Check for Italics text if (strpos($text,'[i]') !== false) { $text = preg_replace("(\[i\](.*?)\[\/i\])ism", '$1', $text); From d82e7c9f6cf1019c1d8a55e89ae953f714387476 Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 14:20:27 +0000 Subject: [PATCH 05/19] fix php warning --- Zotlabs/Module/Photos.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index e31aa9dc1..6fdf61344 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -965,7 +965,6 @@ class Photos extends \Zotlabs\Web\Controller { $map = null; if($linked_items) { - xchan_query($linked_items); $linked_items = fetch_post_tags($linked_items,true); @@ -1217,12 +1216,17 @@ class Photos extends \Zotlabs\Web\Controller { $like_e = $like; $dislike_e = $dislike; $paginate = paginate(); + $responses = []; - $response_verbs = array('like'); - if(feature_enabled($owner_uid,'dislike')) - $response_verbs[] = 'dislike'; + if ($linkitem) { + $response_verbs = ['like']; - $responses = get_responses($conv_responses,$response_verbs,'',$link_item); + if(feature_enabled($owner_uid,'dislike')) { + $response_verbs[] = 'dislike'; + } + + $responses = get_responses($conv_responses,$response_verbs,'',$link_item); + } $hookdata = [ 'onclick' => '$.colorbox({href: \'' . $photo['href'] . '\'}); return false;', From f6b91f97bf41ad707916dda365a9dc28ce871a0b Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 14:21:20 +0000 Subject: [PATCH 06/19] this should be info instead of notice --- Zotlabs/Module/Moderate.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Zotlabs/Module/Moderate.php b/Zotlabs/Module/Moderate.php index 2103684ab..1d8f65348 100644 --- a/Zotlabs/Module/Moderate.php +++ b/Zotlabs/Module/Moderate.php @@ -67,7 +67,7 @@ class Moderate extends \Zotlabs\Web\Controller { $item['item_blocked'] = 0; item_update_parent_commented($item); - notice( t('Item approved') . EOL); + info(t('Item approved') . EOL); } elseif($action === 'drop') { // TODO: not implemented @@ -75,7 +75,7 @@ class Moderate extends \Zotlabs\Web\Controller { // Activity::send_rejection_activity(App::get_channel(), $item['author_xchan'], $item); drop_item($post_id); - notice( t('Item deleted') . EOL); + info(t('Item deleted') . EOL); } // refetch the item after changes have been made From aa0c8973fa3b912851459b8c4b7dc4f6337092ce Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 14:25:48 +0000 Subject: [PATCH 07/19] fix more php warnings --- Zotlabs/Module/Photos.php | 1 + 1 file changed, 1 insertion(+) diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 6fdf61344..2d93444ba 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -963,6 +963,7 @@ class Photos extends \Zotlabs\Web\Controller { ); $map = null; + $link_item = null; if($linked_items) { xchan_query($linked_items); From b7b1a5574fb7a06003b9f607da69887597c1c39d Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 14:28:42 +0000 Subject: [PATCH 08/19] fix more php warnings --- Zotlabs/Module/Activity.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Zotlabs/Module/Activity.php b/Zotlabs/Module/Activity.php index 85b9f3e7c..64da2586b 100644 --- a/Zotlabs/Module/Activity.php +++ b/Zotlabs/Module/Activity.php @@ -23,7 +23,7 @@ class Activity extends Controller { if (! $item_id) http_status_exit(404, 'Not found'); - $portable_id = EMPTY_STR; + $portable_id = null; $item_normal_extra = sprintf(" and not verb in ('Follow', 'Ignore', '%s', '%s') ", dbesc(ACTIVITY_FOLLOW), @@ -166,6 +166,7 @@ class Activity extends Controller { return; } + $portable_id = null; $ob_authorize = false; $item_uid = 0; From 868a8ccfd9dea452b81ad2c5a3aa5f297426c410 Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 14:37:38 +0000 Subject: [PATCH 09/19] fix more php warnings --- Zotlabs/Module/Photos.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 2d93444ba..215f0b08b 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -557,6 +557,9 @@ class Photos extends \Zotlabs\Web\Controller { $can_post = false; $visitor = 0; + $link_item = null; + $like = null; + $dislike = null; $owner_uid = \App::$data['channel']['channel_id']; @@ -963,7 +966,6 @@ class Photos extends \Zotlabs\Web\Controller { ); $map = null; - $link_item = null; if($linked_items) { xchan_query($linked_items); From 7f7763ee0cb57410186e69b2f686313baabf980d Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 15 Apr 2025 14:38:28 +0000 Subject: [PATCH 10/19] remove redundant var declaration --- Zotlabs/Module/Photos.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 215f0b08b..132c0ce33 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -561,7 +561,6 @@ class Photos extends \Zotlabs\Web\Controller { $like = null; $dislike = null; - $owner_uid = \App::$data['channel']['channel_id']; $owner_aid = \App::$data['channel']['channel_account_id']; @@ -1105,9 +1104,6 @@ class Photos extends \Zotlabs\Web\Controller { $alike = array(); $dlike = array(); - $like = ''; - $dislike = ''; - $conv_responses = array( 'like' => array('title' => t('Likes','title')),'dislike' => array('title' => t('Dislikes','title')), 'attendyes' => array('title' => t('Attending','title')), 'attendno' => array('title' => t('Not attending','title')), 'attendmaybe' => array('title' => t('Might attend','title')) From 443c5495e9ca5aebdb959749b38fd37b03a0d4bf Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 16 Apr 2025 07:44:12 +0000 Subject: [PATCH 11/19] do not translate network to stream --- Zotlabs/Lib/Apps.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index 0dc405ea9..337344645 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -341,7 +341,7 @@ class Apps { 'Suggest Channels' => t('Suggest Channels'), 'Login' => t('Login'), 'Channel Manager' => t('Channel Manager'), - 'Network' => t('Stream'), + 'Network' => t('Network'), 'Settings' => t('Settings'), 'Files' => t('Files'), 'Webpages' => t('Webpages'), From 9342a92682e369cd4230f7a471e460cece9c1747 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 16 Apr 2025 07:44:40 +0000 Subject: [PATCH 12/19] deal with link type attachments --- Zotlabs/Lib/Activity.php | 2 ++ include/text.php | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 4e04283ba..b99d0b902 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -853,6 +853,8 @@ class Activity { $entry['type'] = $att['mediaType']; } elseif (array_key_exists('type', $att) && $att['type'] === 'Image') { $entry['type'] = 'image/jpeg'; + } elseif (array_key_exists('type', $att) && $att['type'] === 'Link') { + $entry['type'] = 'text/uri-list'; } if (array_key_exists('name', $att) && $att['name']) { $entry['name'] = html2plain(purify_html($att['name']), 256); diff --git a/include/text.php b/include/text.php index 52a6440cb..b4955a78d 100644 --- a/include/text.php +++ b/include/text.php @@ -1611,7 +1611,7 @@ function theme_attachments(&$item) { $url = z_root() . '/magic?owa=1&bdest=' . bin2hex($r['href']); } - if (isset($label) && isset($url) && isset($icon) && isset($title)) { + if (isset($label, $url, $icon, $title)) { array_unshift($attaches, ['label' => $label, 'url' => $url, 'icon' => $icon, 'title' => $title]); } } @@ -3232,6 +3232,7 @@ function getIconFromType($type) { 'text/markdown' => 'bi-filetype-md', 'text/bbcode' => 'bi-file-earmark-text', 'text/html' => 'bi-filetype-html', + 'text/uri-list' => 'bi-box-arrow-up-right', 'application/msword' => 'bi-file-earmark-word', 'application/pdf' => 'bi-file-earmark-pdf', 'application/vnd.oasis.opendocument.text' => 'bifile--earmark-text', From 64652c1d6eea4c72bfa02ff383b7fc09f3688303 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 16 Apr 2025 07:51:22 +0000 Subject: [PATCH 13/19] fix variable name --- Zotlabs/Module/Photos.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 132c0ce33..862298e82 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -1217,7 +1217,7 @@ class Photos extends \Zotlabs\Web\Controller { $paginate = paginate(); $responses = []; - if ($linkitem) { + if ($link_item) { $response_verbs = ['like']; if(feature_enabled($owner_uid,'dislike')) { From 87d68b175e9731cf0e297e9bd26bc73f474977ad Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 16 Apr 2025 08:08:02 +0000 Subject: [PATCH 14/19] fix undefined variable warning --- Zotlabs/Lib/Libzot.php | 1 + 1 file changed, 1 insertion(+) diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index 57c110d8b..90a6dc442 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -1542,6 +1542,7 @@ class Libzot { $local_public = $public; $item_result = null; + $parent = null; $DR = new DReport(z_root(), $sender, $d, $arr['mid'], $arr['uuid']); From fd0f6d4fa8018f255d7fd1fe149ddca7cc07ddc7 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 16 Apr 2025 08:15:30 +0000 Subject: [PATCH 15/19] check if the uuid is mapped before using it --- Zotlabs/Lib/ThreadItem.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php index d0fa1e587..9f5d3a350 100644 --- a/Zotlabs/Lib/ThreadItem.php +++ b/Zotlabs/Lib/ThreadItem.php @@ -475,7 +475,7 @@ class ThreadItem { 'wait' => t('Please wait'), 'thread_level' => $thread_level, 'settings' => $settings, - 'thr_parent_uuid' => (($item['parent_mid'] != $item['thr_parent']) ? $mid_uuid_map[$item['thr_parent']] : ''), + 'thr_parent_uuid' => (($item['parent_mid'] !== $item['thr_parent'] && isset($mid_uuid_map[$item['thr_parent']])) ? $mid_uuid_map[$item['thr_parent']] : ''), 'contact_id' => (($contact) ? $contact['abook_id'] : ''), 'moderate' => ($item['item_blocked'] == ITEM_MODERATED), 'moderate_approve' => t('Approve'), From d2aad8a41a9d70814e4ddd3a928048932a3a05b2 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 16 Apr 2025 08:36:10 +0000 Subject: [PATCH 16/19] stephenhill/base58 seems not maintained anymore and throws a deprecation warning - fix here for now --- vendor/stephenhill/base58/src/Base58.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vendor/stephenhill/base58/src/Base58.php b/vendor/stephenhill/base58/src/Base58.php index 75a2e0de4..2b44b22b2 100644 --- a/vendor/stephenhill/base58/src/Base58.php +++ b/vendor/stephenhill/base58/src/Base58.php @@ -29,8 +29,8 @@ class Base58 * @since v1.1.0 Added the optional $service argument. */ public function __construct( - $alphabet = null, - ServiceInterface $service = null + string|null $alphabet = null, + ServiceInterface|null $service = null ) { // Handle null alphabet if (is_null($alphabet) === true) { From 4c962417ff41130b8cb675119f8ced4ec9f35dca Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 16 Apr 2025 11:03:08 +0000 Subject: [PATCH 17/19] =?UTF-8?q?p=C3=83revent=20storing=20files/folder=20?= =?UTF-8?q?with=20filenames=20exceeding=20their=20max=20name=20length?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Zotlabs/Module/Attach_edit.php | 5 +++++ Zotlabs/Module/File_upload.php | 41 +++++++++++++++++++--------------- Zotlabs/Module/Wall_attach.php | 4 ++-- boot.php | 7 ++++++ include/attach.php | 17 ++++++++++++++ 5 files changed, 54 insertions(+), 20 deletions(-) diff --git a/Zotlabs/Module/Attach_edit.php b/Zotlabs/Module/Attach_edit.php index 5880d8f13..4cde1c168 100644 --- a/Zotlabs/Module/Attach_edit.php +++ b/Zotlabs/Module/Attach_edit.php @@ -133,6 +133,11 @@ class Attach_edit extends Controller { } $x = attach_move($channel_id, $resource, $newfolder, (($single) ? $newfilename : '')); + if (!$x['success']) { + notice($x['message'] . EOL); + goaway($return_path); + } + $actions_done .= 'move,'; } diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php index 8956ce16f..6167e9494 100644 --- a/Zotlabs/Module/File_upload.php +++ b/Zotlabs/Module/File_upload.php @@ -16,9 +16,9 @@ class File_upload extends \Zotlabs\Web\Controller { $channel = (($_REQUEST['channick']) ? channelx_by_nick($_REQUEST['channick']) : null); - if(! $channel) { + if (!$channel) { logger('channel not found'); - killme(); + is_ajax() ? killme() : goaway(z_root() . '/' . $_REQUEST['return_url']); } $_REQUEST['source'] = 'file_upload'; @@ -37,13 +37,16 @@ class File_upload extends \Zotlabs\Web\Controller { if(isset($_REQUEST['filename']) && strlen($_REQUEST['filename'])) { $r = attach_mkdir($channel, get_observer_hash(), $_REQUEST); - if($r['success']) { - $hash = $r['data']['hash']; - $sync = attach_export_data($channel,$hash); - if($sync) { - Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync))); - } - goaway(z_root() . '/' . $_REQUEST['return_url']); + + if (!$r['success']) { + notice($r['message'] . EOL); + is_ajax() ? killme() : goaway(z_root() . '/' . $_REQUEST['return_url']); + } + + $hash = $r['data']['hash']; + $sync = attach_export_data($channel,$hash); + if ($sync) { + Libsync::build_sync_packet($channel['channel_id'], ['file' => [$sync]]); } } else { @@ -90,19 +93,21 @@ class File_upload extends \Zotlabs\Web\Controller { } } - $r = attach_store($channel, get_observer_hash(), '', $_REQUEST); - if($r['success']) { - $sync = attach_export_data($channel,$r['data']['hash']); - if($sync) - Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync))); + + $r = attach_store($channel, get_observer_hash(), '', $_REQUEST); + if (!$r['success']) { + notice($r['message'] . EOL); + is_ajax() ? killme() : goaway(z_root() . '/' . $_REQUEST['return_url']); + } + + $sync = attach_export_data($channel,$r['data']['hash']); + if ($sync) { + Libsync::build_sync_packet($channel['channel_id'], ['file' => [$sync]]); } } - if(is_ajax()) - killme(); - - goaway(z_root() . '/' . $_REQUEST['return_url']); + is_ajax() ? killme() : goaway(z_root() . '/' . $_REQUEST['return_url']); } diff --git a/Zotlabs/Module/Wall_attach.php b/Zotlabs/Module/Wall_attach.php index e354f58f1..a8db20242 100644 --- a/Zotlabs/Module/Wall_attach.php +++ b/Zotlabs/Module/Wall_attach.php @@ -98,8 +98,8 @@ class Wall_attach extends \Zotlabs\Web\Controller { $r = attach_store($channel, get_observer_hash(), '', $data); - if(! $r['success']) { - notice( $r['message'] . EOL); + if (!$r['success']) { + notice($r['message'] . EOL); killme(); } diff --git a/boot.php b/boot.php index f85cd114d..657849da8 100644 --- a/boot.php +++ b/boot.php @@ -175,6 +175,13 @@ if (!defined('STORAGE_DEFAULT_PERMISSIONS')) { */ define('MAX_IMAGE_LENGTH', -1); +/** + * Those are the current limits we can store in the DB + */ + +define('MAX_FILENAME_LENGTH', 191); +define('MAX_FOLDER_LENGTH', 64); + /** * log levels diff --git a/include/attach.php b/include/attach.php index bda4905f1..ea52b3aa9 100644 --- a/include/attach.php +++ b/include/attach.php @@ -796,6 +796,12 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { } } + if (strlen($filename) > MAX_FILENAME_LENGTH) { + logger('filename too long'); + $ret['message'] = t('Filename too long'); + return $ret; + } + if(! $hash) $hash = new_uuid(); @@ -1185,6 +1191,12 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { return $ret; } + if(strlen($arr['filename']) > MAX_FOLDER_LENGTH) { + logger('pathname too long'); + $ret['message'] = t('Pathname too long'); + return $ret; + } + $arr['hash'] = $arr['hash'] ?? new_uuid(); // Check for duplicate name. @@ -2589,6 +2601,11 @@ function attach_move($channel_id, $resource_id, $new_folder_hash, $newname = '', } } + if (strlen($filename) > MAX_FILENAME_LENGTH) { + logger('filename too long'); + $ret['message'] = t('Filename too long'); + return $ret; + } q("update attach set content = '%s', folder = '%s', filename = '%s', edited = '%s' where id = %d", dbescbin($newstorepath), From 60b4c003afb81b0fe309f47e29d757ce6fc53b29 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 16 Apr 2025 11:07:03 +0000 Subject: [PATCH 18/19] $_REQUEST > $_POST --- Zotlabs/Module/File_upload.php | 36 +++++++++++++++++----------------- Zotlabs/Module/Wall_attach.php | 4 ++-- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php index 6167e9494..8369987a4 100644 --- a/Zotlabs/Module/File_upload.php +++ b/Zotlabs/Module/File_upload.php @@ -11,36 +11,36 @@ require_once('include/photos.php'); class File_upload extends \Zotlabs\Web\Controller { function post() { - logger('file upload: ' . print_r($_REQUEST,true)); + logger('file upload: ' . print_r($_POST,true)); logger('file upload: ' . print_r($_FILES,true)); - $channel = (($_REQUEST['channick']) ? channelx_by_nick($_REQUEST['channick']) : null); + $channel = (($_POST['channick']) ? channelx_by_nick($_POST['channick']) : null); if (!$channel) { logger('channel not found'); - is_ajax() ? killme() : goaway(z_root() . '/' . $_REQUEST['return_url']); + is_ajax() ? killme() : goaway(z_root() . '/' . $_POST['return_url']); } - $_REQUEST['source'] = 'file_upload'; + $_POST['source'] = 'file_upload'; if($channel['channel_id'] != local_channel()) { - $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); - $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); - $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); - $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); + $_POST['contact_allow'] = expand_acl($channel['channel_allow_cid']); + $_POST['group_allow'] = expand_acl($channel['channel_allow_gid']); + $_POST['contact_deny'] = expand_acl($channel['channel_deny_cid']); + $_POST['group_deny'] = expand_acl($channel['channel_deny_gid']); } - $_REQUEST['allow_cid'] = ((isset($_REQUEST['contact_allow'])) ? perms2str($_REQUEST['contact_allow']) : ''); - $_REQUEST['allow_gid'] = ((isset($_REQUEST['group_allow'])) ? perms2str($_REQUEST['group_allow']) : ''); - $_REQUEST['deny_cid'] = ((isset($_REQUEST['contact_deny'])) ? perms2str($_REQUEST['contact_deny']) : ''); - $_REQUEST['deny_gid'] = ((isset($_REQUEST['group_deny'])) ? perms2str($_REQUEST['group_deny']) : ''); + $_POST['allow_cid'] = ((isset($_POST['contact_allow'])) ? perms2str($_POST['contact_allow']) : ''); + $_POST['allow_gid'] = ((isset($_POST['group_allow'])) ? perms2str($_POST['group_allow']) : ''); + $_POST['deny_cid'] = ((isset($_POST['contact_deny'])) ? perms2str($_POST['contact_deny']) : ''); + $_POST['deny_gid'] = ((isset($_POST['group_deny'])) ? perms2str($_POST['group_deny']) : ''); - if(isset($_REQUEST['filename']) && strlen($_REQUEST['filename'])) { - $r = attach_mkdir($channel, get_observer_hash(), $_REQUEST); + if(isset($_POST['filename']) && strlen($_POST['filename'])) { + $r = attach_mkdir($channel, get_observer_hash(), $_POST); if (!$r['success']) { notice($r['message'] . EOL); - is_ajax() ? killme() : goaway(z_root() . '/' . $_REQUEST['return_url']); + is_ajax() ? killme() : goaway(z_root() . '/' . $_POST['return_url']); } $hash = $r['data']['hash']; @@ -95,10 +95,10 @@ class File_upload extends \Zotlabs\Web\Controller { - $r = attach_store($channel, get_observer_hash(), '', $_REQUEST); + $r = attach_store($channel, get_observer_hash(), '', $_POST); if (!$r['success']) { notice($r['message'] . EOL); - is_ajax() ? killme() : goaway(z_root() . '/' . $_REQUEST['return_url']); + is_ajax() ? killme() : goaway(z_root() . '/' . $_POST['return_url']); } $sync = attach_export_data($channel,$r['data']['hash']); @@ -107,7 +107,7 @@ class File_upload extends \Zotlabs\Web\Controller { } } - is_ajax() ? killme() : goaway(z_root() . '/' . $_REQUEST['return_url']); + is_ajax() ? killme() : goaway(z_root() . '/' . $_POST['return_url']); } diff --git a/Zotlabs/Module/Wall_attach.php b/Zotlabs/Module/Wall_attach.php index a8db20242..044dd11cf 100644 --- a/Zotlabs/Module/Wall_attach.php +++ b/Zotlabs/Module/Wall_attach.php @@ -10,7 +10,7 @@ class Wall_attach extends \Zotlabs\Web\Controller { function init() { logger('request_method: ' . $_SERVER['REQUEST_METHOD'],LOGGER_DATA,LOG_INFO); - logger('wall_attach: ' . print_r($_REQUEST,true),LOGGER_DEBUG,LOG_INFO); + logger('wall_attach: ' . print_r($_POST,true),LOGGER_DEBUG,LOG_INFO); logger('wall_attach files: ' . print_r($_FILES,true),LOGGER_DEBUG,LOG_INFO); // for testing without actually storing anything // http_status_exit(200,'OK'); @@ -23,7 +23,7 @@ class Wall_attach extends \Zotlabs\Web\Controller { $result = []; - if($_REQUEST['api_source'] && array_key_exists('media',$_FILES)) { + if($_POST['api_source'] && array_key_exists('media',$_FILES)) { $using_api = true; } From 32ab6344c45b7d9f00dffa2d552011d8a5290a81 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 16 Apr 2025 18:51:59 +0000 Subject: [PATCH 19/19] use mb_strlen() instead of strlen() --- include/attach.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/attach.php b/include/attach.php index ea52b3aa9..c3896be29 100644 --- a/include/attach.php +++ b/include/attach.php @@ -796,7 +796,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { } } - if (strlen($filename) > MAX_FILENAME_LENGTH) { + if (mb_strlen($filename, 'UTF-8') > MAX_FILENAME_LENGTH) { logger('filename too long'); $ret['message'] = t('Filename too long'); return $ret; @@ -1186,12 +1186,12 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { return $ret; } - if(isset($arr['filename']) && !strlen($arr['filename'])) { + if(empty($arr['filename'])) { $ret['message'] = t('Empty pathname'); return $ret; } - if(strlen($arr['filename']) > MAX_FOLDER_LENGTH) { + if(mb_strlen($arr['filename'], 'UTF-8') > MAX_FOLDER_LENGTH) { logger('pathname too long'); $ret['message'] = t('Pathname too long'); return $ret; @@ -2601,7 +2601,7 @@ function attach_move($channel_id, $resource_id, $new_folder_hash, $newname = '', } } - if (strlen($filename) > MAX_FILENAME_LENGTH) { + if (mb_strlen($filename, 'UTF-8') > MAX_FILENAME_LENGTH) { logger('filename too long'); $ret['message'] = t('Filename too long'); return $ret;