From 46ec3348ca9ad381dcecfd01a1e6620e83abde82 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Wed, 20 Mar 2013 21:22:20 +0400
Subject: harmful tags: enable font

---
 include/functions.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/functions.php b/include/functions.php
index d9a3a5963..ca129ab81 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -2656,7 +2656,7 @@
 
 		$allowed_elements = array('a', 'address', 'audio', 'article',
 			'b', 'big', 'blockquote', 'body', 'br', 'cite',
-			'code', 'dd', 'del', 'details', 'div', 'dl',
+			'code', 'dd', 'del', 'details', 'div', 'dl', 'font',
 			'dt', 'em', 'footer', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
 			'header', 'html', 'i', 'img', 'ins', 'kbd',
 			'li', 'nav', 'ol', 'p', 'pre', 'q', 's','small',
-- 
cgit v1.2.3


From 4e4048024a2007527eaf713408c03e83f319b4ed Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Wed, 20 Mar 2013 22:18:56 +0400
Subject: iframe sandbox: allow scripts

---
 include/functions.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/functions.php b/include/functions.php
index ca129ab81..417a05c23 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -2634,7 +2634,8 @@
 
 		$entries = $xpath->query('//iframe');
 		foreach ($entries as $entry) {
-			$entry->setAttribute('sandbox', true);
+			$entry->setAttribute('sandbox', 'allow-scripts');
+
 		}
 
 		global $pluginhost;
-- 
cgit v1.2.3


From 2a3b6de0efd66a9643bce7ded70288d0ddf9fb24 Mon Sep 17 00:00:00 2001
From: Joschasa <joschasa@lavabit.com>
Date: Wed, 20 Mar 2013 22:59:08 +0100
Subject: remove deprecated theme_image()

---
 include/functions.php | 21 ++++++++-------------
 1 file changed, 8 insertions(+), 13 deletions(-)

(limited to 'include')

diff --git a/include/functions.php b/include/functions.php
index 417a05c23..c91735488 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -786,11 +786,6 @@
 		}
 	}
 
-	// Deprecated, TODO: remove
-	function theme_image($link, $filename) {
-		return $filename;
-	}
-
 	function convert_timestamp($timestamp, $source_tz, $dest_tz) {
 
 		try {
@@ -1825,10 +1820,10 @@
 	function make_init_params($link) {
 		$params = array();
 
-		$params["sign_progress"] = theme_image($link, "images/indicator_white.gif");
-		$params["sign_progress_tiny"] = theme_image($link, "images/indicator_tiny.gif");
-		$params["sign_excl"] = theme_image($link, "images/sign_excl.svg");
-		$params["sign_info"] = theme_image($link, "images/sign_info.svg");
+		$params["sign_progress"] = "images/indicator_white.gif";
+		$params["sign_progress_tiny"] = "images/indicator_tiny.gif";
+		$params["sign_excl"] = "images/sign_excl.svg";
+		$params["sign_info"] = "images/sign_info.svg";
 
 		foreach (array("ON_CATCHUP_SHOW_NEXT_FEED", "HIDE_READ_FEEDS",
 			"ENABLE_FEED_CATS", "FEEDS_SORT_BY_UNREAD", "CONFIRM_FEED_CATCHUP",
@@ -2839,19 +2834,19 @@
 	function format_warning($msg, $id = "") {
 		global $link;
 		return "<div class=\"warning\" id=\"$id\">
-			<img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>";
+			<img src=\"images/sign_excl.svg\">$msg</div>";
 	}
 
 	function format_notice($msg, $id = "") {
 		global $link;
 		return "<div class=\"notice\" id=\"$id\">
-			<img src=\"".theme_image($link, "images/sign_info.svg")."\">$msg</div>";
+			<img src=\"images/sign_info.svg\">$msg</div>";
 	}
 
 	function format_error($msg, $id = "") {
 		global $link;
 		return "<div class=\"error\" id=\"$id\">
-			<img src=\"".theme_image($link, "images/sign_excl.svg")."\">$msg</div>";
+			<img src=\"images/sign_excl.svg\">$msg</div>";
 	}
 
 	function print_notice($msg) {
@@ -3040,7 +3035,7 @@
 			if (!$entry_comments) $entry_comments = "&nbsp;"; # placeholder
 
 			$rv['content'] .= "<div class='postTags' style='float : right'>
-				<img src='".theme_image($link, 'images/tag.png')."'
+				<img src='images/tag.png'
 				class='tagsPic' alt='Tags' title='Tags'>&nbsp;";
 
 			if (!$zoom_mode) {
-- 
cgit v1.2.3


From ca5d9be49fb6f9cf06ebf8e305c4c1e290f710da Mon Sep 17 00:00:00 2001
From: Joschasa <joschasa@lavabit.com>
Date: Thu, 21 Mar 2013 00:36:30 +0100
Subject: Remove deprecated $match_on

---
 include/functions.php | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

(limited to 'include')

diff --git a/include/functions.php b/include/functions.php
index c91735488..1a106be0b 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -2060,7 +2060,7 @@
 		return $data;
 	}
 
-	function search_to_sql($link, $search, $match_on) {
+	function search_to_sql($link, $search) {
 
 		$search_query_part = "";
 
@@ -2107,13 +2107,9 @@
 				//$k = date("Y-m-d", strtotime(substr($k, 1)));
 
 				array_push($query_keywords, "(".SUBSTRING_FOR_DATE."(updated,1,LENGTH('$k')) $not = '$k')");
-			} else if ($match_on == "both") {
+			} else {
 				array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%')
 						OR UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))");
-			} else if ($match_on == "title") {
-				array_push($query_keywords, "(UPPER(ttrss_entries.title) $not LIKE UPPER('%$k%'))");
-			} else if ($match_on == "content") {
-				array_push($query_keywords, "(UPPER(ttrss_entries.content) $not LIKE UPPER('%$k%'))");
 			}
 		}
 
@@ -2150,7 +2146,7 @@
 		return $rv;
 	}
 
-	function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $match_on, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) {
+	function queryFeedHeadlines($link, $feed, $limit, $view_mode, $cat_view, $search, $search_mode, $override_order = false, $offset = 0, $owner_uid = 0, $filter = false, $since_id = 0, $include_children = false, $ignore_vfeed_group = false) {
 
 		if (!$owner_uid) $owner_uid = $_SESSION["uid"];
 
@@ -2167,7 +2163,7 @@
 						$search_query_part = "ref_id = -1 AND ";
 
 				} else {
-					$search_query_part = search_to_sql($link, $search, $match_on);
+					$search_query_part = search_to_sql($link, $search);
 					$search_query_part .= " AND ";
 				}
 
-- 
cgit v1.2.3