From 485247e9011e08a6ff0b9a2ff3d7a60bad515a26 Mon Sep 17 00:00:00 2001 From: zach Date: Mon, 3 Nov 2008 16:16:53 -0500 Subject: Twitter-compatible API - properly encode and decode UTF-8 HTML entities darcs-hash:20081103211653-462f3-58a0ad41ab0426c21aceb04b4a91dc52559018d0.gz --- actions/twitapistatuses.php | 11 ++++------- lib/util.php | 2 +- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index 68d6bb622..539a0b1b3 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -193,10 +193,10 @@ class TwitapistatusesAction extends TwitterapiAction { # FriendFeed's SUP protocol # Also added RSS and Atom feeds - + $suplink = common_local_url('sup', NULL, $user->id); header('X-SUP-ID: '.$suplink); - + # XXX: since $notice = $user->getNotices((($page-1)*20), $count, $since_id, $before_id); @@ -234,10 +234,6 @@ class TwitapistatusesAction extends TwitterapiAction { return; } - foreach ($_POST as $p => $v) { - common_debug("_POST: $p = $v"); - } - $this->auth_user = $apidata['user']; $user = $this->auth_user; $status = $this->trimmed('status'); @@ -298,7 +294,8 @@ class TwitapistatusesAction extends TwitterapiAction { } } - $notice = Notice::saveNew($user->id, $status, $source, 1, $reply_to); + $notice = Notice::saveNew($user->id, html_entity_decode($status, ENT_NOQUOTES, 'UTF-8'), + $source, 1, $reply_to); if (is_string($notice)) { $this->server_error($notice); diff --git a/lib/util.php b/lib/util.php index 44c75156c..88841d3f6 100644 --- a/lib/util.php +++ b/lib/util.php @@ -708,7 +708,7 @@ function common_render_content($text, $notice) { } function common_render_text($text) { - $r = htmlspecialchars($text); + $r = htmlentities($text, ENT_NOQUOTES, 'UTF-8'); $r = preg_replace('/[\x{0}-\x{8}\x{b}-\x{c}\x{e}-\x{19}]/', '', $r); $r = preg_replace_callback('@https?://[^\]>\s]+@', 'common_render_uri_thingy', $r); -- cgit v1.2.3-54-g00ecf