diff options
Diffstat (limited to 'classes/article.php')
-rwxr-xr-x | classes/article.php | 33 |
1 files changed, 28 insertions, 5 deletions
diff --git a/classes/article.php b/classes/article.php index c23a1b820..67b1a4a05 100755 --- a/classes/article.php +++ b/classes/article.php @@ -306,9 +306,9 @@ class Article extends Handler_Protected { $sth->execute([$int_id, $_SESSION['uid']]); foreach ($tags as $tag) { - $tag = sanitize_tag($tag); + $tag = Article::sanitize_tag($tag); - if (!tag_is_valid($tag)) { + if (!Article::tag_is_valid($tag)) { continue; } @@ -446,7 +446,7 @@ class Article extends Handler_Protected { foreach ($result as $line) { foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_ENCLOSURE_ENTRY) as $plugin) { - $line = $plugin->hook_enclosure_entry($line); + $line = $plugin->hook_enclosure_entry($line, $id); } $url = $line["content_url"]; @@ -673,10 +673,12 @@ class Article extends Handler_Protected { $rv = array(); + $cache = new DiskCache("images"); + while ($line = $sth->fetch()) { - if (file_exists(CACHE_DIR . '/images/' . sha1($line["content_url"]))) { - $line["content_url"] = get_self_url_prefix() . '/public.php?op=cached_url&hash=' . sha1($line["content_url"]); + if ($cache->exists(sha1($line["content_url"]))) { + $line["content_url"] = $cache->getUrl(sha1($line["content_url"])); } array_push($rv, $line); @@ -800,4 +802,25 @@ class Article extends Handler_Protected { return $rv; } + static function sanitize_tag($tag) { + $tag = trim($tag); + + $tag = mb_strtolower($tag, 'utf-8'); + + $tag = preg_replace('/[,\'\"\+\>\<]/', "", $tag); + + if (DB_TYPE == "mysql") { + $tag = preg_replace('/[\x{10000}-\x{10FFFF}]/u', "\xEF\xBF\xBD", $tag); + } + + return $tag; + } + + static function tag_is_valid($tag) { + if (!$tag || is_numeric($tag) || mb_strlen($tag) > 250) + return false; + + return true; + } + } |