Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes #281.

Browse Source 
Entry titles and categories are sanitized before being written to the
cache. Thus, we need to sanitize them before searching the cache for
them :)
This commit is contained in:
azett 2024-03-16 21:49:17 +01:00
parent 13aaa4fbce
commit cea800779f
1 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
fp-plugins/prettyurls/plugin.prettyurls.php
View File

@ -42,9 +42,9 @@ class Plugin_PrettyURLs {
var $date_handled = false; var $date_handled = false;
var $categories = null; var $categories = null;
var $baseurl = null; var $baseurl = null;
var $mode = null; var $mode = null;
var $fp_params; var $fp_params;
@ -159,13 +159,16 @@ class Plugin_PrettyURLs {
if (!$this->categories) if (!$this->categories)
return; return;
// $this->categories contains sanitized category names, so we have to sanitize before the search
$sanitizedtitle = sanitize_title($matches [1]);
if (PRETTYURLS_TITLES) { if (PRETTYURLS_TITLES) {
if ($c = array_search($matches [1], $this->categories)) if ($c = array_search($sanitizedtitle, $this->categories))
$this->fp_params ['cat'] = $c; $this->fp_params ['cat'] = $c;
else else
return $matches [0]; return $matches [0];
} else { } else {
$this->fp_params ['cat'] = $matches [1]; $this->fp_params ['cat'] = $sanitizedtitle;
} }
} }
@ -188,8 +191,11 @@ class Plugin_PrettyURLs {
} }
function handle_entry($matches) { function handle_entry($matches) {
// the cache contains (md5'ed) sanitized entry names, so we have to sanitize before handling it
$sanitizedtitle = sanitize_title($matches [1]);
if (!PRETTYURLS_TITLES) { if (!PRETTYURLS_TITLES) {
$this->fp_params ['entry'] = $matches [1]; $this->fp_params ['entry'] = $sanitizedtitle;
return; return;
} }
@ -200,8 +206,8 @@ class Plugin_PrettyURLs {
$this->fp_params ['entry'] = 'a'; $this->fp_params ['entry'] = 'a';
} }
if ($this->cache_get($this->fp_params ['y'], $this->fp_params ['m'], $this->fp_params ['d'], md5($matches [1]))) { if ($this->cache_get($this->fp_params ['y'], $this->fp_params ['m'], $this->fp_params ['d'], md5($sanitizedtitle))) {
$this->fp_params ['entry'] = $this->index [$this->fp_params ['y']] [$this->fp_params ['m']] [$this->fp_params ['d']] [md5($matches [1])]; $this->fp_params ['entry'] = $this->index [$this->fp_params ['y']] [$this->fp_params ['m']] [$this->fp_params ['d']] [md5($sanitizedtitle)];
} else { } else {
// a bit hackish: we make up a fake url when there is no match, // a bit hackish: we make up a fake url when there is no match,
// so that at the higher level the system will 404... // so that at the higher level the system will 404...