diff --git a/components/Conversation/Conversation.php b/components/Conversation/Conversation.php index ec44b47e29..6a7878359b 100644 --- a/components/Conversation/Conversation.php +++ b/components/Conversation/Conversation.php @@ -92,8 +92,7 @@ class Conversation extends Component $query_string = $request->getQueryString(); // Concatenating get parameter to redirect the user to where he came from - $reply_action_url .= !\is_null($query_string) ? '?from=' : '&from='; - $reply_action_url .= mb_substr($query_string, 2); + $reply_action_url .= '?from=' . urlencode($request->getRequestUri()); $reply_action = [ 'url' => $reply_action_url, diff --git a/components/Posting/Posting.php b/components/Posting/Posting.php index 8b1521a400..de1072e473 100644 --- a/components/Posting/Posting.php +++ b/components/Posting/Posting.php @@ -191,6 +191,7 @@ class Posting extends Component array $attachments = [], array $processed_attachments = [], array $process_note_content_extra_args = [], + bool $notify = true, ): Note { $scope ??= VisibilityScope::EVERYWHERE; // TODO: If site is private, default to LOCAL $rendered = null; @@ -281,7 +282,10 @@ class Posting extends Component } DB::flush(); - Event::handle('NewNotification', [$actor, $activity, ['object' => $mentioned], _m('{nickname} created a note {note_id}.', ['nickname' => $actor->getNickname(), 'note_id' => $activity->getObjectId()])]); + + if ($notify) { + Event::handle('NewNotification', [$actor, $activity, ['object' => $mentioned], _m('{nickname} created a note {note_id}.', ['nickname' => $actor->getNickname(), 'note_id' => $activity->getObjectId()])]); + } return $note; } diff --git a/plugins/Favourite/Favourite.php b/plugins/Favourite/Favourite.php index ca85cbf9c6..ed1f3cfb15 100644 --- a/plugins/Favourite/Favourite.php +++ b/plugins/Favourite/Favourite.php @@ -109,7 +109,7 @@ class Favourite extends NoteHandlerPlugin $query_string = $request->getQueryString(); // Concatenating get parameter to redirect the user to where he came from - $favourite_action_url .= !\is_null($query_string) ? '?from=' . mb_substr($query_string, 2) : ''; + $favourite_action_url .= '?from=' . urlencode($request->getRequestUri()); $extra_classes = $is_favourite ? 'note-actions-set' : 'note-actions-unset'; $favourite_action = [ diff --git a/plugins/RepeatNote/RepeatNote.php b/plugins/RepeatNote/RepeatNote.php index 92f6ced5c9..9964de54b9 100644 --- a/plugins/RepeatNote/RepeatNote.php +++ b/plugins/RepeatNote/RepeatNote.php @@ -65,6 +65,7 @@ class RepeatNote extends NoteHandlerPlugin language: \is_null($lang_id = $note->getLanguageId()) ? null : Language::getById($lang_id)->getLocale(), processed_attachments: $note->getAttachmentsWithTitle(), process_note_content_extra_args: $extra_args, + notify: false, ); DB::persist(NoteRepeat::create([ @@ -191,11 +192,8 @@ class RepeatNote extends NoteHandlerPlugin ? Router::url('repeat_remove', $args, $type) : Router::url('repeat_add', $args, $type); - // TODO clean this up - // SECURITY: open redirect? - $query_string = $request->getQueryString(); // Concatenating get parameter to redirect the user to where he came from - $repeat_action_url .= !\is_null($query_string) ? '?from=' . mb_substr($query_string, 2) : ''; + $repeat_action_url .= '?from=' . urlencode($request->getRequestUri()); $extra_classes = $is_repeat ? 'note-actions-set' : 'note-actions-unset'; $repeat_action = [ @@ -291,7 +289,7 @@ class RepeatNote extends NoteHandlerPlugin } } elseif ($type_object instanceof Note) { $note = $type_object; - $note_id = ${$note}->getId(); + $note_id = $note->getId(); } else { return Event::next; }