commit b68930018dc494edfc2a9d9f383c5a9ecb608106
parent 4c206df6d168ea30cc7db9c9d5517263e35ebbf6
Author: JayVii <jayvii[AT]posteo[DOT]de>
Date: Sun, 27 Oct 2024 00:22:41 +0200
fix: cleanup filenames properly
Diffstat:
3 files changed, 33 insertions(+), 15 deletions(-)
diff --git a/lib/helpers.php b/lib/helpers.php
@@ -19,13 +19,34 @@ function gather_get(string $key) {
}
function validate_input_string(string $in) {
- /* Only allows alphanumeric characters and any of "-_. " */
- $out = preg_replace(
- "/[^A-Za-z0-9äöüßÄÖÜß\-\_\.\s\;\,\=\@\#]/",
- "_",
+ /* Replace umlauts and similar */
+ $out = str_replace(
+ array(
+ "ä","ö","ü","ß", "Ä", "Ö", "Ü",
+ "é", "à", "è", "ù", "ç", "â", "ê", "î", "ô", "û", "ë", "ï", "ü",
+ "É", "À", "È", "Ù", "Ç", "Â", "Ê", "Î", "Ô", "Û", "Ë", "Ï", "Ü"
+ ),
+ array(
+ "ae", "oe", "ue", "ss", "Ae", "Oe", "Ue",
+ "e", "a", "e", "u", "c", "a", "e", "i", "o", "u", "e", "i", "u",
+ "E", "A", "E", "U", "C", "A", "E", "I", "O", "U", "E", "I", "U"
+ ),
$in
);
- return $out;
+ /* Only allows certain characters for parsing reasons */
+ $out = preg_replace(
+ "/[^a-z0-9\-\_\.\s\:\,\;]/i",
+ " ",
+ $out
+ );
+ /* Remove multi-spaces */
+ $out = preg_replace(
+ "/\s+/",
+ " ",
+ $out
+ );
+ /* return trimmed string */
+ return trim($out);
}
function sort_by_time(array $a, array $b) {
@@ -138,11 +159,8 @@ function page_title(
}
}
- /* decode html entities */
- $title = html_entity_decode($title);
-
/* return title */
- return $title;
+ return htmlspecialchars_decode(html_entity_decode($title));
}
function generate_filename(string $content) {
diff --git a/lib/list.php b/lib/list.php
@@ -27,11 +27,11 @@ function list_notes(
if ($filename["link"] !== false) {
?>
<a href="<?php echo $filename["link"]; ?>" target="_blank">
- <strong><?php echo htmlentities($filename["name"]); ?></strong>
+ <strong><?php echo $filename["name"]; ?></strong>
</a><br>
<?php } else { ?>
- <strong><?php echo htmlentities($filename["name"]); ?></strong><br>
+ <strong><?php echo $filename["name"]; ?></strong><br>
<?php } ?>
<!-- date marker -->
@@ -59,7 +59,7 @@ function list_notes(
<input
type="submit"
class="likeanchor"
- value="<?php echo htmlentities($filename["category"]); ?>"
+ value="<?php echo $filename["category"]; ?>"
>
</form>
diff --git a/lib/search.php b/lib/search.php
@@ -85,11 +85,11 @@ function search_notes(
if ($filename["link"] !== false) {
?>
<a href="<?php echo $filename["link"]; ?>" target="_blank">
- <strong><?php echo htmlentities($filename["name"]); ?></strong>
+ <strong><?php echo $filename["name"]; ?></strong>
</a><br>
<?php } else { ?>
- <strong><?php echo htmlentities($filename["name"]); ?></strong><br>
+ <strong><?php echo $filename["name"]; ?></strong><br>
<?php } ?>
<!-- matches marker -->
@@ -125,7 +125,7 @@ function search_notes(
<input
type="submit"
class="likeanchor"
- value="<?php echo htmlentities($filename["category"]); ?>"
+ value="<?php echo $filename["category"]; ?>"
>
</form>
