more types
This commit is contained in:
Shish
parent
f8499be286
commit
cddf6e9d5f
9 changed files with 12 additions and 11 deletions
|
|
@ -61,7 +61,7 @@ class Block
|
||||||
$this->position = $position;
|
$this->position = $position;
|
||||||
|
|
||||||
if (is_null($id)) {
|
if (is_null($id)) {
|
||||||
$id = (empty($header) ? md5($body) : $header) . $section;
|
$id = (empty($header) ? md5($body ?? '') : $header) . $section;
|
||||||
}
|
}
|
||||||
$this->id = preg_replace('/[^\w-]/', '', str_replace(' ', '_', $id));
|
$this->id = preg_replace('/[^\w-]/', '', str_replace(' ', '_', $id));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
<?php declare(strict_types=1);
|
<?php declare(strict_types=1);
|
||||||
use function MicroHTML\emptyHTML;
|
use function MicroHTML\emptyHTML;
|
||||||
|
use function MicroHTML\rawHTML;
|
||||||
use function MicroHTML\FORM;
|
use function MicroHTML\FORM;
|
||||||
use function MicroHTML\INPUT;
|
use function MicroHTML\INPUT;
|
||||||
use function MicroHTML\DIV;
|
use function MicroHTML\DIV;
|
||||||
|
|
@ -695,7 +696,7 @@ function SHM_FORM(string $target, string $method="POST", bool $multipart=false,
|
||||||
return FORM(
|
return FORM(
|
||||||
$attrs,
|
$attrs,
|
||||||
INPUT(["type"=>"hidden", "name"=>"q", "value"=>$target]),
|
INPUT(["type"=>"hidden", "name"=>"q", "value"=>$target]),
|
||||||
$method != "GET" ? "" : $user->get_auth_html()
|
$method == "GET" ? "" : rawHTML($user->get_auth_html())
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -207,7 +207,7 @@ class CommentList extends Extension
|
||||||
if (isset($_POST['image_id']) && isset($_POST['comment'])) {
|
if (isset($_POST['image_id']) && isset($_POST['comment'])) {
|
||||||
try {
|
try {
|
||||||
$i_iid = int_escape($_POST['image_id']);
|
$i_iid = int_escape($_POST['image_id']);
|
||||||
$cpe = new CommentPostingEvent($_POST['image_id'], $user, $_POST['comment']);
|
$cpe = new CommentPostingEvent(int_escape($_POST['image_id']), $user, $_POST['comment']);
|
||||||
send_event($cpe);
|
send_event($cpe);
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(make_link("post/view/$i_iid#comment_on_$i_iid"));
|
$page->set_redirect(make_link("post/view/$i_iid#comment_on_$i_iid"));
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,7 @@ class FeaturedTheme extends Themelet
|
||||||
|
|
||||||
public function build_featured_html(Image $image, ?string $query=null): string
|
public function build_featured_html(Image $image, ?string $query=null): string
|
||||||
{
|
{
|
||||||
$i_id = int_escape($image->id);
|
$i_id = $image->id;
|
||||||
$h_view_link = make_link("post/view/$i_id", $query);
|
$h_view_link = make_link("post/view/$i_id", $query);
|
||||||
$h_thumb_link = $image->get_thumb_link();
|
$h_thumb_link = $image->get_thumb_link();
|
||||||
$h_tip = html_escape($image->get_tooltip());
|
$h_tip = html_escape($image->get_tooltip());
|
||||||
|
|
|
||||||
|
|
@ -46,7 +46,7 @@ class ImageIO extends Extension
|
||||||
if ($event->page_matches("image/delete")) {
|
if ($event->page_matches("image/delete")) {
|
||||||
global $page, $user;
|
global $page, $user;
|
||||||
if ($user->can(Permissions::DELETE_IMAGE) && isset($_POST['image_id']) && $user->check_auth_token()) {
|
if ($user->can(Permissions::DELETE_IMAGE) && isset($_POST['image_id']) && $user->check_auth_token()) {
|
||||||
$image = Image::by_id($_POST['image_id']);
|
$image = Image::by_id(int_escape($_POST['image_id']));
|
||||||
if ($image) {
|
if ($image) {
|
||||||
send_event(new ImageDeletionEvent($image));
|
send_event(new ImageDeletionEvent($image));
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
|
|
|
||||||
|
|
@ -144,7 +144,7 @@ class PrivMsg extends Extension
|
||||||
if (is_null($pm)) {
|
if (is_null($pm)) {
|
||||||
$this->theme->display_error(404, "No such PM", "There is no PM #$pm_id");
|
$this->theme->display_error(404, "No such PM", "There is no PM #$pm_id");
|
||||||
} elseif (($pm["to_id"] == $user->id) || $user->can(Permissions::VIEW_OTHER_PMS)) {
|
} elseif (($pm["to_id"] == $user->id) || $user->can(Permissions::VIEW_OTHER_PMS)) {
|
||||||
$from_user = User::by_id(int_escape($pm["from_id"]));
|
$from_user = User::by_id((int)$pm["from_id"]);
|
||||||
if ($pm["to_id"] == $user->id) {
|
if ($pm["to_id"] == $user->id) {
|
||||||
$database->execute("UPDATE private_message SET is_read='Y' WHERE id = :id", ["id" => $pm_id]);
|
$database->execute("UPDATE private_message SET is_read='Y' WHERE id = :id", ["id" => $pm_id]);
|
||||||
$cache->delete("pm-count-{$user->id}");
|
$cache->delete("pm-count-{$user->id}");
|
||||||
|
|
|
||||||
|
|
@ -225,10 +225,10 @@ class ReportImage extends Extension
|
||||||
|
|
||||||
$reports = [];
|
$reports = [];
|
||||||
foreach ($all_reports as $report) {
|
foreach ($all_reports as $report) {
|
||||||
$image_id = int_escape($report['image_id']);
|
$image_id = (int)$report['image_id'];
|
||||||
$image = Image::by_id($image_id);
|
$image = Image::by_id($image_id);
|
||||||
if (is_null($image)) {
|
if (is_null($image)) {
|
||||||
send_event(new RemoveReportedImageEvent($report['id']));
|
send_event(new RemoveReportedImageEvent((int)$report['id']));
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
$report['image'] = $image;
|
$report['image'] = $image;
|
||||||
|
|
|
||||||
|
|
@ -105,7 +105,7 @@ class StatsDInterface extends Extension
|
||||||
try {
|
try {
|
||||||
$parts = explode(":", STATSD_HOST);
|
$parts = explode(":", STATSD_HOST);
|
||||||
$host = $parts[0];
|
$host = $parts[0];
|
||||||
$port = $parts[1];
|
$port = (int)$parts[1];
|
||||||
$fp = fsockopen("udp://$host", $port, $errno, $errstr);
|
$fp = fsockopen("udp://$host", $port, $errno, $errstr);
|
||||||
if (! $fp) {
|
if (! $fp) {
|
||||||
return;
|
return;
|
||||||
|
|
|
||||||
|
|
@ -252,13 +252,13 @@ class Upload extends Extension
|
||||||
foreach ($_FILES as $name => $file) {
|
foreach ($_FILES as $name => $file) {
|
||||||
$tags = $this->tags_for_upload_slot(int_escape(substr($name, 4)));
|
$tags = $this->tags_for_upload_slot(int_escape(substr($name, 4)));
|
||||||
$source = isset($_POST['source']) ? $_POST['source'] : null;
|
$source = isset($_POST['source']) ? $_POST['source'] : null;
|
||||||
$ok = $ok & $this->try_upload($file, $tags, $source);
|
$ok = $this->try_upload($file, $tags, $source) && $ok;
|
||||||
}
|
}
|
||||||
foreach ($_POST as $name => $value) {
|
foreach ($_POST as $name => $value) {
|
||||||
if (substr($name, 0, 3) == "url" && strlen($value) > 0) {
|
if (substr($name, 0, 3) == "url" && strlen($value) > 0) {
|
||||||
$tags = $this->tags_for_upload_slot(int_escape(substr($name, 3)));
|
$tags = $this->tags_for_upload_slot(int_escape(substr($name, 3)));
|
||||||
$source = isset($_POST['source']) ? $_POST['source'] : $value;
|
$source = isset($_POST['source']) ? $_POST['source'] : $value;
|
||||||
$ok = $ok & $this->try_transload($value, $tags, $source);
|
$ok = $this->try_transload($value, $tags, $source) && $ok;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Reference in a new issue