]> git.immae.eu Git - github/shaarli/Shaarli.git/blobdiff - index.php
projects / github / shaarli / Shaarli.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
make htmlpages
[github/shaarli/Shaarli.git] / index.php
diff --git a/index.php b/index.php
index cb0afbd0901a9efae11958dc7040f05172c40042..85486eb50d72ea16be69fe59e261612356e2a435 100644 (file)
--- a/index.php
+++ b/index.php
@@ -805,6 +805,9 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
 
         $tagList = array();
         foreach($tags as $key => $value) {
+            if (in_array($key, $filteringTags)) {
+                continue;
+            }
             // Tag font size scaling:
             //   default 15 and 30 logarithm bases affect scaling,
             //   22 and 6 are arbitrary font sizes for max and min sizes.
@@ -829,12 +832,17 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
         exit;
     }
 
-    // -------- Tag cloud
+    // -------- Tag list
     if ($targetPage == Router::$PAGE_TAGLIST)
     {
         $visibility = ! empty($_SESSION['privateonly']) ? 'private' : 'all';
         $filteringTags = isset($_GET['searchtags']) ? explode(' ', $_GET['searchtags']) : [];
         $tags = $LINKSDB->linksCountPerTag($filteringTags, $visibility);
+        foreach ($filteringTags as $tag) {
+            if (array_key_exists($tag, $tags)) {
+                unset($tags[$tag]);
+            }
+        }
 
         if (! empty($_GET['sort']) && $_GET['sort'] === 'alpha') {
             alphabetical_sort($tags, false, true);
@@ -1256,13 +1264,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
         // Remove duplicates.
         $tags = implode(' ', array_unique(explode(' ', $tags)));
 
-        $url = trim($_POST['lf_url']);
-        if (! startsWith($url, 'http:') && ! startsWith($url, 'https:')
-            && ! startsWith($url, 'ftp:') && ! startsWith($url, 'magnet:')
-            && ! startsWith($url, '?') && ! startsWith($url, 'javascript:')
-        ) {
-            $url = 'http://' . $url;
-        }
+        $url = whitelist_protocols(trim($_POST['lf_url']), $conf->get('security.allowed_protocols'));
 
         $link = array(
             'id' => $id,
The personal, minimalist, super-fast, database free, bookmarking service - community repo