From 64bc92e3ac8f5e66d2bc14206ede31e6679d8c13 Mon Sep 17 00:00:00 2001 From: nodiscc Date: Wed, 24 Jun 2015 01:04:50 +0200 Subject: [PATCH] move escape() and sanitizeLink() to application/Utils.php prevents 'PHP Fatal error: Call to undefined function sanitizeLink() in Shaarli/application/LinkDB.php on line 255' in tests --- application/Utils.php | 27 +++++++++++++++++++++++++++ index.php | 17 ----------------- 2 files changed, 27 insertions(+), 17 deletions(-) diff --git a/application/Utils.php b/application/Utils.php index 737f150..82220bf 100644 --- a/application/Utils.php +++ b/application/Utils.php @@ -42,4 +42,31 @@ function endsWith($haystack, $needle, $case=true) } return (strcasecmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0); } + +/** + * Same as nl2br(), but escapes < and > + */ +function nl2br_escaped($html) +{ + return str_replace('>','>',str_replace('<','<',nl2br($html))); +} + +/** + * htmlspecialchars wrapper + */ +function escape($str) +{ + return htmlspecialchars($str, ENT_COMPAT, 'UTF-8', false); +} + +/** + * Link sanitization before templating + */ +function sanitizeLink(&$link) +{ + $link['url'] = escape($link['url']); // useful? + $link['title'] = escape($link['title']); + $link['description'] = escape($link['description']); + $link['tags'] = escape($link['tags']); +} ?> diff --git a/index.php b/index.php index dd3ec3a..96a601d 100644 --- a/index.php +++ b/index.php @@ -269,23 +269,6 @@ function logm($message) file_put_contents($GLOBALS['config']['DATADIR'].'/log.txt',$t,FILE_APPEND); } -// Same as nl2br(), but escapes < and > -function nl2br_escaped($html) -{ - return str_replace('>','>',str_replace('<','<',nl2br($html))); -} - -function escape($str) { - return htmlspecialchars($str, ENT_COMPAT, 'UTF-8', false); -} - -function sanitizeLink(&$link) { - $link['url'] = escape($link['url']); // useful? - $link['title'] = escape($link['title']); - $link['description'] = escape($link['description']); - $link['tags'] = escape($link['tags']); -} - // In a string, converts URLs to clickable links. // Function inspired from http://www.php.net/manual/en/function.preg-replace.php#85722 function text2clickable($url)