From 46ec3348ca9ad381dcecfd01a1e6620e83abde82 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 20 Mar 2013 21:22:20 +0400 Subject: harmful tags: enable font --- include/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/functions.php') diff --git a/include/functions.php b/include/functions.php index d9a3a5963..ca129ab81 100644 --- a/include/functions.php +++ b/include/functions.php @@ -2656,7 +2656,7 @@ $allowed_elements = array('a', 'address', 'audio', 'article', 'b', 'big', 'blockquote', 'body', 'br', 'cite', - 'code', 'dd', 'del', 'details', 'div', 'dl', + 'code', 'dd', 'del', 'details', 'div', 'dl', 'font', 'dt', 'em', 'footer', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'header', 'html', 'i', 'img', 'ins', 'kbd', 'li', 'nav', 'ol', 'p', 'pre', 'q', 's','small', -- cgit v1.2.3-54-g00ecf From 4e4048024a2007527eaf713408c03e83f319b4ed Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 20 Mar 2013 22:18:56 +0400 Subject: iframe sandbox: allow scripts --- include/functions.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include/functions.php') diff --git a/include/functions.php b/include/functions.php index ca129ab81..417a05c23 100644 --- a/include/functions.php +++ b/include/functions.php @@ -2634,7 +2634,8 @@ $entries = $xpath->query('//iframe'); foreach ($entries as $entry) { - $entry->setAttribute('sandbox', true); + $entry->setAttribute('sandbox', 'allow-scripts'); + } global $pluginhost; -- cgit v1.2.3-54-g00ecf From 2a3b6de0efd66a9643bce7ded70288d0ddf9fb24 Mon Sep 17 00:00:00 2001 From: Joschasa Date: Wed, 20 Mar 2013 22:59:08 +0100 Subject: remove deprecated theme_image() --- classes/dlg.php | 6 ++---- classes/feeds.php | 16 ++++++---------- classes/rpc.php | 2 +- include/functions.php | 21 ++++++++------------- index.php | 8 ++++---- plugins/close_button/init.php | 2 +- plugins/flattr/init.php | 2 +- plugins/googleplus/init.php | 2 +- plugins/identica/init.php | 2 +- plugins/mail/init.php | 2 +- plugins/mailto/init.php | 2 +- plugins/note/init.php | 2 +- plugins/owncloud/init.php | 2 +- plugins/pinterest/init.php | 2 +- plugins/pocket/init.php | 2 +- plugins/share/init.php | 2 +- plugins/tweet/init.php | 2 +- 17 files changed, 33 insertions(+), 44 deletions(-) (limited to 'include/functions.php') diff --git a/classes/dlg.php b/classes/dlg.php index 74eb9f633..3bb2caba4 100644 --- a/classes/dlg.php +++ b/classes/dlg.php @@ -236,8 +236,7 @@ class Dlg extends Handler_Protected { print "
"; + id='feed_add_spinner' src='images/indicator_white.gif'>"; print "
+ id='feed_browser_spinner' src='images/indicator_white.gif'> diff --git a/classes/feeds.php b/classes/feeds.php index 0568eb985..50a265544 100644 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -321,24 +321,22 @@ class Feeds extends Handler_Protected { if ($line["marked"] == "t" || $line["marked"] == "1") { $marked_pic = "link, 'images/mark_set.svg')."\" + src=\"images/mark_set.svg\" class=\"markedPic\" alt=\"Unstar article\" onclick='javascript:toggleMark($id)'>"; } else { $marked_pic = "link, 'images/mark_unset.svg')."\" + src=\"images/mark_unset.svg\" class=\"markedPic\" alt=\"Star article\" onclick='javascript:toggleMark($id)'>"; } if ($line["published"] == "t" || $line["published"] == "1") { - $published_pic = "link, - 'images/pub_set.svg')."\" + $published_pic = "\"Unpublish"; } else { - $published_pic = "link, - 'images/pub_unset.svg')."\" + $published_pic = "\"Publish"; } @@ -363,8 +361,7 @@ class Feeds extends Handler_Protected { $score = $line["score"]; - $score_pic = theme_image($this->link, - "images/" . get_score_pic($score)); + $score_pic = "images/" . get_score_pic($score); /* $score_title = __("(Click to change)"); $score_pic = "link, - 'images/tag.png')."' alt='Tags' title='Tags'> + $reply['content'] .= "Tags $tags_str (+)"; diff --git a/classes/rpc.php b/classes/rpc.php index b297bbade..139f1fe49 100644 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -663,7 +663,7 @@ class RPC extends Handler_Protected { score = '$score' WHERE ref_id IN ($ids) AND owner_uid = " . $_SESSION["uid"]); print json_encode(array("id" => $id, - "score_pic" => theme_image($link, get_score_pic($score)))); + "score_pic" => get_score_pic($score))); } function setpanelmode() { diff --git a/include/functions.php b/include/functions.php index 417a05c23..c91735488 100644 --- a/include/functions.php +++ b/include/functions.php @@ -786,11 +786,6 @@ } } - // Deprecated, TODO: remove - function theme_image($link, $filename) { - return $filename; - } - function convert_timestamp($timestamp, $source_tz, $dest_tz) { try { @@ -1825,10 +1820,10 @@ function make_init_params($link) { $params = array(); - $params["sign_progress"] = theme_image($link, "images/indicator_white.gif"); - $params["sign_progress_tiny"] = theme_image($link, "images/indicator_tiny.gif"); - $params["sign_excl"] = theme_image($link, "images/sign_excl.svg"); - $params["sign_info"] = theme_image($link, "images/sign_info.svg"); + $params["sign_progress"] = "images/indicator_white.gif"; + $params["sign_progress_tiny"] = "images/indicator_tiny.gif"; + $params["sign_excl"] = "images/sign_excl.svg"; + $params["sign_info"] = "images/sign_info.svg"; foreach (array("ON_CATCHUP_SHOW_NEXT_FEED", "HIDE_READ_FEEDS", "ENABLE_FEED_CATS", "FEEDS_SORT_BY_UNREAD", "CONFIRM_FEED_CATCHUP", @@ -2839,19 +2834,19 @@ function format_warning($msg, $id = "") { global $link; return "
- $msg
"; + $msg
"; } function format_notice($msg, $id = "") { global $link; return "
- $msg
"; + $msg"; } function format_error($msg, $id = "") { global $link; return "
- $msg
"; + $msg"; } function print_notice($msg) { @@ -3040,7 +3035,7 @@ if (!$entry_comments) $entry_comments = " "; # placeholder $rv['content'] .= "
- Tags "; if (!$zoom_mode) { diff --git a/index.php b/index.php index 57a370d91..4cbd756a3 100644 --- a/index.php +++ b/index.php @@ -128,11 +128,11 @@ @@ -201,12 +201,12 @@ diff --git a/plugins/close_button/init.php b/plugins/close_button/init.php index bf4183320..ff2027bc7 100644 --- a/plugins/close_button/init.php +++ b/plugins/close_button/init.php @@ -18,7 +18,7 @@ class Close_Button extends Plugin { function hook_article_button($line) { if (!get_pref($this->link, "COMBINED_DISPLAY_MODE")) { - $rv = "link, 'plugins/close_button/button.png')."\" + $rv = ""; diff --git a/plugins/flattr/init.php b/plugins/flattr/init.php index d5e4ad025..b91019880 100644 --- a/plugins/flattr/init.php +++ b/plugins/flattr/init.php @@ -25,7 +25,7 @@ class Flattr extends Plugin { $encoded = urlencode($article_link); $r = file_get_contents("https://api.flattr.com/rest/v2/things/lookup/?url=$encoded"); $response = json_decode($r, true); - $image = "link, 'plugins/flattr/flattr.png')."\" + $image = ""; // if Flattr has it in the catalogue, we display the button diff --git a/plugins/googleplus/init.php b/plugins/googleplus/init.php index 3d6c60887..7ae6d1456 100644 --- a/plugins/googleplus/init.php +++ b/plugins/googleplus/init.php @@ -23,7 +23,7 @@ class GooglePlus extends Plugin { function hook_article_button($line) { $article_id = $line["id"]; - $rv = "link, 'plugins/googleplus/googleplus.png')."\" + $rv = ""; diff --git a/plugins/identica/init.php b/plugins/identica/init.php index c260334af..c9aa4118e 100644 --- a/plugins/identica/init.php +++ b/plugins/identica/init.php @@ -23,7 +23,7 @@ class Identica extends Plugin { function hook_article_button($line) { $article_id = $line["id"]; - $rv = "link, 'plugins/identica/identica.png')."\" + $rv = ""; diff --git a/plugins/mail/init.php b/plugins/mail/init.php index 84fd5d3b2..30a417a1b 100644 --- a/plugins/mail/init.php +++ b/plugins/mail/init.php @@ -22,7 +22,7 @@ class Mail extends Plugin { } function hook_article_button($line) { - return "Zoom"; diff --git a/plugins/mailto/init.php b/plugins/mailto/init.php index bbc0dffa4..8d175ae1c 100644 --- a/plugins/mailto/init.php +++ b/plugins/mailto/init.php @@ -22,7 +22,7 @@ class MailTo extends Plugin { } function hook_article_button($line) { - return "Zoom"; diff --git a/plugins/note/init.php b/plugins/note/init.php index 560796a69..83db94248 100644 --- a/plugins/note/init.php +++ b/plugins/note/init.php @@ -22,7 +22,7 @@ class Note extends Plugin { function hook_article_button($line) { - return "link, "plugins/note/note.png")."\" + return ""; diff --git a/plugins/owncloud/init.php b/plugins/owncloud/init.php index b846241b8..48377e9d9 100644 --- a/plugins/owncloud/init.php +++ b/plugins/owncloud/init.php @@ -68,7 +68,7 @@ class OwnCloud extends Plugin { } function hook_article_button($line) { - return "link, "plugins/owncloud/owncloud.png")."\" + return ""; diff --git a/plugins/pinterest/init.php b/plugins/pinterest/init.php index aef9d8511..96c730e84 100644 --- a/plugins/pinterest/init.php +++ b/plugins/pinterest/init.php @@ -23,7 +23,7 @@ class Pinterest extends Plugin { function hook_article_button($line) { $article_id = $line["id"]; - $rv = "link, 'plugins/pinterest/pinterest.png')."\" + $rv = ""; diff --git a/plugins/pocket/init.php b/plugins/pocket/init.php index 3fc51dd91..688a6258d 100644 --- a/plugins/pocket/init.php +++ b/plugins/pocket/init.php @@ -24,7 +24,7 @@ class Pocket extends Plugin { function hook_article_button($line) { $article_id = $line["id"]; - $rv = "link, 'plugins/pocket/pocket.png')."\" + $rv = ""; diff --git a/plugins/share/init.php b/plugins/share/init.php index e1151849b..f52d2a4fa 100644 --- a/plugins/share/init.php +++ b/plugins/share/init.php @@ -21,7 +21,7 @@ class Share extends Plugin { } function hook_article_button($line) { - return "link, 'plugins/share/share.png')."\" + return ""; diff --git a/plugins/tweet/init.php b/plugins/tweet/init.php index e7f8ce949..2d20c7187 100644 --- a/plugins/tweet/init.php +++ b/plugins/tweet/init.php @@ -23,7 +23,7 @@ class Tweet extends Plugin { function hook_article_button($line) { $article_id = $line["id"]; - $rv = "link, 'plugins/tweet/tweet.png')."\" + $rv = ""; -- cgit v1.2.3-54-g00ecf From ca5d9be49fb6f9cf06ebf8e305c4c1e290f710da Mon Sep 17 00:00:00 2001 From: Joschasa Date: Thu, 21 Mar 2013 00:36:30 +0100 Subject: Remove deprecated $match_on --- classes/api.php | 7 +++---- classes/feeds.php | 9 ++++----- classes/handler/public.php | 7 +++---- classes/pref/filters.php | 6 +++--- include/functions.php | 12 ++++-------- mobile/mobile-functions.php | 4 +--- 6 files changed, 18 insertions(+), 27 deletions(-) (limited to 'include/functions.php') diff --git a/classes/api.php b/classes/api.php index 92e19e70a..5e7ec6573 100644 --- a/classes/api.php +++ b/classes/api.php @@ -194,11 +194,10 @@ class API extends Handler { $search = db_escape_string($_REQUEST["search"]); $search_mode = db_escape_string($_REQUEST["search_mode"]); - $match_on = db_escape_string($_REQUEST["match_on"]); $headlines = $this->api_get_headlines($this->link, $feed_id, $limit, $offset, $filter, $is_cat, $show_excerpt, $show_content, $view_mode, false, - $include_attachments, $since_id, $search, $search_mode, $match_on, + $include_attachments, $since_id, $search, $search_mode, $include_nested, $sanitize_content); print $this->wrap(self::STATUS_OK, $headlines); @@ -584,11 +583,11 @@ class API extends Handler { static function api_get_headlines($link, $feed_id, $limit, $offset, $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order, $include_attachments, $since_id, - $search = "", $search_mode = "", $match_on = "", + $search = "", $search_mode = "", $include_nested = false, $sanitize_content = true) { $qfh_ret = queryFeedHeadlines($link, $feed_id, $limit, - $view_mode, $is_cat, $search, $search_mode, $match_on, + $view_mode, $is_cat, $search, $search_mode, $order, $offset, 0, false, $since_id, $include_nested); $result = $qfh_ret[0]; diff --git a/classes/feeds.php b/classes/feeds.php index 50a265544..caf22322c 100644 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -22,7 +22,7 @@ class Feeds extends Handler_Protected { } private function format_headline_subtoolbar($feed_site_url, $feed_title, - $feed_id, $is_cat, $search, $match_on, + $feed_id, $is_cat, $search, $search_mode, $view_mode, $error) { $page_prev_link = "viewFeedGoPage(-1)"; @@ -50,7 +50,7 @@ class Feeds extends Handler_Protected { if ($is_cat) $cat_q = "&is_cat=$is_cat"; if ($search) { - $search_q = "&q=$search&m=$match_on&smode=$search_mode"; + $search_q = "&q=$search&smode=$search_mode"; } else { $search_q = ""; } @@ -209,7 +209,6 @@ class Feeds extends Handler_Protected { } @$search_mode = db_escape_string($_REQUEST["search_mode"]); - $match_on = "both"; // deprecated, TODO: remove if ($_REQUEST["debug"]) $timing_info = print_checkpoint("H0", $timing_info); @@ -219,7 +218,7 @@ class Feeds extends Handler_Protected { } // error_log("search_mode: " . $search_mode); $qfh_ret = queryFeedHeadlines($this->link, $feed, $limit, $view_mode, $cat_view, - $search, $search_mode, $match_on, $override_order, $offset, 0, + $search, $search_mode, $override_order, $offset, 0, false, 0, $include_children); if ($_REQUEST["debug"]) $timing_info = print_checkpoint("H1", $timing_info); @@ -233,7 +232,7 @@ class Feeds extends Handler_Protected { $reply['toolbar'] = $this->format_headline_subtoolbar($feed_site_url, $feed_title, - $feed, $cat_view, $search, $match_on, $search_mode, $view_mode, + $feed, $cat_view, $search, $search_mode, $view_mode, $last_error); $headlines_count = db_num_rows($result); diff --git a/classes/handler/public.php b/classes/handler/public.php index 4a9b0c48e..dc1e10049 100644 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -2,7 +2,7 @@ class Handler_Public extends Handler { private function generate_syndicated_feed($owner_uid, $feed, $is_cat, - $limit, $offset, $search, $search_mode, $match_on, + $limit, $offset, $search, $search_mode, $view_mode = false, $format = 'atom') { require_once "lib/MiniTemplator.class.php"; @@ -25,7 +25,7 @@ class Handler_Public extends Handler { $qfh_ret = queryFeedHeadlines($this->link, $feed, $limit, $view_mode, $is_cat, $search, $search_mode, - $match_on, "$date_sort_field DESC", $offset, $owner_uid, + "$date_sort_field DESC", $offset, $owner_uid, false, 0, false, true); $result = $qfh_ret[0]; @@ -314,7 +314,6 @@ class Handler_Public extends Handler { $offset = (int)db_escape_string($_REQUEST["offset"]); $search = db_escape_string($_REQUEST["q"]); - $match_on = db_escape_string($_REQUEST["m"]); $search_mode = db_escape_string($_REQUEST["smode"]); $view_mode = db_escape_string($_REQUEST["view-mode"]); @@ -338,7 +337,7 @@ class Handler_Public extends Handler { if ($owner_id) { $this->generate_syndicated_feed($owner_id, $feed, $is_cat, $limit, - $offset, $search, $search_mode, $match_on, $view_mode, $format); + $offset, $search, $search_mode, $view_mode, $format); } else { header('HTTP/1.1 403 Forbidden'); } diff --git a/classes/pref/filters.php b/classes/pref/filters.php index 20abae1d0..1921f2b97 100644 --- a/classes/pref/filters.php +++ b/classes/pref/filters.php @@ -47,7 +47,7 @@ class Pref_Filters extends Handler_Protected { $feed_title = getFeedTitle($this->link, $feed); $qfh_ret = queryFeedHeadlines($this->link, -4, 30, "", false, false, false, - false, "date_entered DESC", 0, $_SESSION["uid"], $filter); + "date_entered DESC", 0, $_SESSION["uid"], $filter); $result = $qfh_ret[0]; @@ -370,9 +370,9 @@ class Pref_Filters extends Handler_Protected { $result = db_query($this->link, "SELECT description FROM ttrss_filter_types WHERE id = ".(int)$rule["filter_type"]); - $match_on = db_fetch_result($result, 0, "description"); + $filter_type = db_fetch_result($result, 0, "description"); - return T_sprintf("%s on %s in %s", strip_tags($rule["reg_exp"]), $match_on, $feed); + return T_sprintf("%s on %s in %s", strip_tags($rule["reg_exp"]), $filter_type, $feed); } function printRuleName() { diff --git a/include/functions.php b/include/functions.php index c91735488..1a106be0b 100644 --- a/include/functions.php +++ b/include/functions.php @@ -2060,7 +2060,7 @@ return $data; } - function search_to_sql($link, $search, $match_on) { + function search_to_sql($link, $search) { $search_query_part = ""; @@ -2107,13 +2107,9 @@ //$k = date("Y-m-d", strtotime(substr($k, 1))); array_push($query_keywords, "(".SUBSTRING_FOR_DATE."(updated,1,LENGTH('$k')) $not = '$k')"); - } else if ($match_on == "both") { + } else { array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%') OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))"); - } else if ($match_on == "title") { - array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%'))"); - } else if ($match_on == "content") { - array_push($query_keywords, "(UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))"); } } @@ -2150,7 +2146,7 @@ return $rv; } - function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) { + function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) { if (!$owner_uid) $owner_uid = $_SESSION["uid"]; @@ -2167,7 +2163,7 @@ $search_query_part = "ref_id = -1 AND "; } else { - $search_query_part = search_to_sql($link, $search, $match_on); + $search_query_part = search_to_sql($link, $search); $search_query_part .= " AND "; } diff --git a/mobile/mobile-functions.php b/mobile/mobile-functions.php index 65bba55df..39b89fa9c 100644 --- a/mobile/mobile-functions.php +++ b/mobile/mobile-functions.php @@ -341,14 +341,12 @@ if ($search) { $search_mode = 'this_feed'; - $match_on = 'both'; } else { $search_mode = ''; - $match_on = ''; } $qfh_ret = queryFeedHeadlines($link, $feed_id, $limit, - $view_mode, $is_cat, $search, $search_mode, $match_on, + $view_mode, $is_cat, $search, $search_mode, "score DESC, date_entered ".(mobile_get_pref($link, 'REVERSE_HEADLINES') ? 'ASC' : 'DESC'), $offset); $result = $qfh_ret[0]; -- cgit v1.2.3-54-g00ecf