Event-Federation/wordpress-activitypub
Event-Federation/wordpress-activitypub
7
1
Fork 0
Code Issues 3 Pull requests Projects Releases Wiki Activity Actions

always escape output

Browse source
This commit is contained in:
Matthias Pfefferle 2023-01-23 20:59:39 +01:00
parent fe4e0961c8
commit c93f02615d
4 changed files with 12 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
includes/class-shortcodes.php
View file

@ -214,17 +214,13 @@ class Shortcodes {
$atts = shortcode_atts( $atts = shortcode_atts(
array( array(
'type' => 'html', 'type' => 'url',
), ),
$atts, $atts,
$tag $tag
); );
if ( 'raw' === $atts['type'] ) { if ( 'url' === $atts['type'] ) {
return \get_permalink( $post->ID );
}
if ( 'esc' === $atts['type'] ) {
return \esc_url( \get_permalink( $post->ID ) ); return \esc_url( \get_permalink( $post->ID ) );
} }
@ -249,17 +245,13 @@ class Shortcodes {
$atts = shortcode_atts( $atts = shortcode_atts(
array( array(
'type' => 'html', 'type' => 'url',
), ),
$atts, $atts,
$tag $tag
); );
if ( 'raw' === $atts['type'] ) { if ( 'url' === $atts['type'] ) {
return \wp_get_shortlink( $post->ID );
}
if ( 'esc' === $atts['type'] ) {
return \esc_url( \wp_get_shortlink( $post->ID ) ); return \esc_url( \wp_get_shortlink( $post->ID ) );
} }
@ -306,7 +298,7 @@ class Shortcodes {
return ''; return '';
} }
return $image; return \esc_url( $image );
} }
/** /**
@ -387,7 +379,7 @@ class Shortcodes {
return ''; return '';
} }
return $url; return \esc_url( $url );
} }
/** /**
@ -400,7 +392,7 @@ class Shortcodes {
* @return string * @return string
*/ */
public static function blogurl( $atts, $content, $tag ) { public static function blogurl( $atts, $content, $tag ) {
return \get_bloginfo( 'url' ); return \esc_url( \get_bloginfo( 'url' ) );
} }
/** /**

4
includes/model/class-post.php
View file

@ -306,8 +306,8 @@ class Post {
$content = \str_replace( '%title%', '[ap_title]', $content ); $content = \str_replace( '%title%', '[ap_title]', $content );
$content = \str_replace( '%excerpt%', '[ap_excerpt]', $content ); $content = \str_replace( '%excerpt%', '[ap_excerpt]', $content );
$content = \str_replace( '%content%', '[ap_content]', $content ); $content = \str_replace( '%content%', '[ap_content]', $content );
$content = \str_replace( '%permalink%', '[ap_permalink]', $content ); $content = \str_replace( '%permalink%', '[ap_permalink type="html"]', $content );
$content = \str_replace( '%shortlink%', '[ap_shortlink]', $content ); $content = \str_replace( '%shortlink%', '[ap_shortlink type="html"]', $content );
$content = \str_replace( '%hashtags%', '[ap_hashtags]', $content ); $content = \str_replace( '%hashtags%', '[ap_hashtags]', $content );
$content = \str_replace( '%tags%', '[ap_hashtags]', $content ); $content = \str_replace( '%tags%', '[ap_hashtags]', $content );

1
readme.txt
View file

@ -91,6 +91,7 @@ Project maintained on GitHub at [pfefferle/wordpress-activitypub](https://github
= v.next = = v.next =
* Add configuration item for number of images to attach. props [@mexon](https://github.com/mexon) * Add configuration item for number of images to attach. props [@mexon](https://github.com/mexon)
* Use shortcodes instead of custom templates, to setup the Activity Post-Content. props [@toolstack](https://github.com/toolstack)
= 0.15.0 = = 0.15.0 =

4
templates/settings.php
View file

@ -64,9 +64,9 @@
<li><code>[ap_title]</code> - <?php \esc_html_e( 'The post\'s title.', 'activitypub' ); ?></li> <li><code>[ap_title]</code> - <?php \esc_html_e( 'The post\'s title.', 'activitypub' ); ?></li>
<li><code>[ap_content]</code> - <?php \esc_html_e( 'The post\'s content.', 'activitypub' ); ?></li> <li><code>[ap_content]</code> - <?php \esc_html_e( 'The post\'s content.', 'activitypub' ); ?></li>
<li><code>[ap_excerpt <i>lenght=400</i>]</code> - <?php \esc_html_e( 'The post\'s excerpt (default 400 chars). length parameter is optional.', 'activitypub' ); ?></li> <li><code>[ap_excerpt <i>lenght=400</i>]</code> - <?php \esc_html_e( 'The post\'s excerpt (default 400 chars). length parameter is optional.', 'activitypub' ); ?></li>
<li><code>[ap_permalink <i>type=xxx</i>]</code> - <?php \esc_html_e( 'The post\'s permalink. Type can be either: raw (the raw url, no escaping), esc (the html escaped url), html (default, an a tag to the url).', 'activitypub' ); ?></li> <li><code>[ap_permalink <i>type=url</i>]</code> - <?php \esc_html_e( 'The post\'s permalink. Type can be either: url (default, the escaped url), html (an a tag to the url).', 'activitypub' ); ?></li>
<?php // translators: ?> <?php // translators: ?>
<li><code>[ap_shortlink <i>type=xxx</i>]</code> - <?php echo \wp_kses( \__( 'The post\'s shortlink. I can recommend <a href="https://wordpress.org/plugins/hum/" target="_blank">Hum</a>, to prettify the Shortlinks. Type can be either: raw (the raw url, no escaping), esc (the html escaped url), html (default, an a tag to the url).', 'activitypub' ), 'default' ); ?></li> <li><code>[ap_shortlink <i>type=url</i>]</code> - <?php echo \wp_kses( \__( 'The post\'s shortlink. I can recommend <a href="https://wordpress.org/plugins/hum/" target="_blank">Hum</a>, to prettify the Shortlinks. Type can be either: url (default, the escaped url), html (an a tag to the url).', 'activitypub' ), 'default' ); ?></li>
<li><code>[ap_hashtags]</code> - <?php \esc_html_e( 'The post\'s tags as hashtags.', 'activitypub' ); ?></li> <li><code>[ap_hashtags]</code> - <?php \esc_html_e( 'The post\'s tags as hashtags.', 'activitypub' ); ?></li>
<li><code>[ap_hashcats]</code> - <?php \esc_html_e( 'The post\'s categories as hashtags.', 'activitypub' ); ?></li> <li><code>[ap_hashcats]</code> - <?php \esc_html_e( 'The post\'s categories as hashtags.', 'activitypub' ); ?></li>
<li><code>[ap_image <i>type=full</i>]</code> - <?php \esc_html_e( 'The URL for the post\'s featured image, defaults to full size. The type attribute can be any of the following: thumbnail, medium, large, full', 'activitypub' ); ?></li> <li><code>[ap_image <i>type=full</i>]</code> - <?php \esc_html_e( 'The URL for the post\'s featured image, defaults to full size. The type attribute can be any of the following: thumbnail, medium, large, full', 'activitypub' ); ?></li>