X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=index.php;h=85486eb50d72ea16be69fe59e261612356e2a435;hb=22760c5422d2566c905908d01c5dd42169a5c547;hp=61b71129810114d95dbb9697ae5e649de2fa475a;hpb=81a91579ba8eb7b5a203722baf927a3653b5cb94;p=github%2Fshaarli%2FShaarli.git diff --git a/index.php b/index.php index 61b71129..85486eb5 100644 --- a/index.php +++ b/index.php @@ -805,6 +805,9 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history) $tagList = array(); foreach($tags as $key => $value) { + if (in_array($key, $filteringTags)) { + continue; + } // Tag font size scaling: // default 15 and 30 logarithm bases affect scaling, // 22 and 6 are arbitrary font sizes for max and min sizes. @@ -829,12 +832,17 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history) exit; } - // -------- Tag cloud + // -------- Tag list if ($targetPage == Router::$PAGE_TAGLIST) { $visibility = ! empty($_SESSION['privateonly']) ? 'private' : 'all'; $filteringTags = isset($_GET['searchtags']) ? explode(' ', $_GET['searchtags']) : []; $tags = $LINKSDB->linksCountPerTag($filteringTags, $visibility); + foreach ($filteringTags as $tag) { + if (array_key_exists($tag, $tags)) { + unset($tags[$tag]); + } + } if (! empty($_GET['sort']) && $_GET['sort'] === 'alpha') { alphabetical_sort($tags, false, true); @@ -1256,13 +1264,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history) // Remove duplicates. $tags = implode(' ', array_unique(explode(' ', $tags))); - $url = trim($_POST['lf_url']); - if (! startsWith($url, 'http:') && ! startsWith($url, 'https:') - && ! startsWith($url, 'ftp:') && ! startsWith($url, 'magnet:') - && ! startsWith($url, '?') && ! startsWith($url, 'javascript:') - ) { - $url = 'http://' . $url; - } + $url = whitelist_protocols(trim($_POST['lf_url']), $conf->get('security.allowed_protocols')); $link = array( 'id' => $id, @@ -1431,7 +1433,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history) 'url' => $url, 'description' => $description, 'tags' => $tags, - 'private' => $private + 'private' => $private, ); } else { $link['linkdate'] = $link['created']->format(LinkDB::LINK_DATE_FORMAT); @@ -1622,7 +1624,15 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history) function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) { // Used in templates - $searchtags = !empty($_GET['searchtags']) ? escape(normalize_spaces($_GET['searchtags'])) : ''; + if (isset($_GET['searchtags'])) { + if (! empty($_GET['searchtags'])) { + $searchtags = escape(normalize_spaces($_GET['searchtags'])); + } else { + $searchtags = false; + } + } else { + $searchtags = ''; + } $searchterm = !empty($_GET['searchterm']) ? escape(normalize_spaces($_GET['searchterm'])) : ''; // Smallhash filter @@ -1637,7 +1647,11 @@ function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) } else { // Filter links according search parameters. $visibility = ! empty($_SESSION['privateonly']) ? 'private' : 'all'; - $linksToDisplay = $LINKSDB->filterSearch($_GET, false, $visibility); + $request = [ + 'searchtags' => $searchtags, + 'searchterm' => $searchterm, + ]; + $linksToDisplay = $LINKSDB->filterSearch($request, false, $visibility); } // ---- Handle paging. @@ -1684,7 +1698,7 @@ function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) } // Compute paging navigation - $searchtagsUrl = empty($searchtags) ? '' : '&searchtags=' . urlencode($searchtags); + $searchtagsUrl = $searchtags === '' ? '' : '&searchtags=' . urlencode($searchtags); $searchtermUrl = empty($searchterm) ? '' : '&searchterm=' . urlencode($searchterm); $previous_page_url = ''; if ($i != count($keys)) {