From 1621f12a15855b3e1b98d58b6e8effe959926b46 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Thu, 4 Dec 2025 00:02:58 +0100 Subject: Fix HTML encoding in preview filters (alternative) (#8259) Alternative to https://github.com/FreshRSS/FreshRSS/pull/8222 Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8222 Co-authored-by: Inverle --- app/Controllers/categoryController.php | 4 ++-- app/Controllers/configureController.php | 6 +++--- app/Controllers/subscriptionController.php | 4 ++-- app/Controllers/tagController.php | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/app/Controllers/categoryController.php b/app/Controllers/categoryController.php index 5b1dd9d17..fd148bf05 100644 --- a/app/Controllers/categoryController.php +++ b/app/Controllers/categoryController.php @@ -110,7 +110,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController { $category->_attribute('read_when_same_title_in_category', null); } - $category->_filtersAction('read', Minz_Request::paramTextToArray('filteractions_read')); + $category->_filtersAction('read', Minz_Request::paramTextToArray('filteractions_read')); // Keep as HTML if (Minz_Request::paramBoolean('use_default_purge_options')) { $category->_attribute('archiving', null); @@ -177,7 +177,7 @@ class FreshRSS_category_Controller extends FreshRSS_ActionController { Minz_Error::error(400); return; } - $filteractions = Minz_Request::paramTextToArray('filteractions_read'); + $filteractions = Minz_Request::paramTextToArray('filteractions_read', plaintext: true); $filteractions = array_map(fn(string $action): string => trim($action), $filteractions); $filteractions = array_filter($filteractions, fn(string $action): bool => $action !== ''); $search = "c:$id ("; diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php index 451e98a8b..86943e663 100644 --- a/app/Controllers/configureController.php +++ b/app/Controllers/configureController.php @@ -164,8 +164,8 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController { 'site' => Minz_Request::paramBoolean('mark_open_site'), 'focus' => Minz_Request::paramBoolean('mark_focus'), ]; - FreshRSS_Context::userConf()->_filtersAction('read', Minz_Request::paramTextToArray('filteractions_read')); - FreshRSS_Context::userConf()->_filtersAction('star', Minz_Request::paramTextToArray('filteractions_star')); + FreshRSS_Context::userConf()->_filtersAction('read', Minz_Request::paramTextToArray('filteractions_read')); // Keep as HTML + FreshRSS_Context::userConf()->_filtersAction('star', Minz_Request::paramTextToArray('filteractions_star')); // Keep as HTML FreshRSS_Context::userConf()->save(); invalidateHttpCache(); @@ -183,7 +183,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController { public function viewFilterAction(): void { $search = ''; $filters_name = Minz_Request::paramString('filters_name', plaintext: true); - $filteractions = Minz_Request::paramTextToArray($filters_name); + $filteractions = Minz_Request::paramTextToArray($filters_name, plaintext: true); $filteractions = array_map(fn(string $action): string => trim($action), $filteractions); $filteractions = array_filter($filteractions, fn(string $action): bool => $action !== ''); foreach ($filteractions as $action) { diff --git a/app/Controllers/subscriptionController.php b/app/Controllers/subscriptionController.php index a6928e32e..ad9b05787 100644 --- a/app/Controllers/subscriptionController.php +++ b/app/Controllers/subscriptionController.php @@ -247,7 +247,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController { ]); } - $feed->_filtersAction('read', Minz_Request::paramTextToArray('filteractions_read')); + $feed->_filtersAction('read', Minz_Request::paramTextToArray('filteractions_read')); // Keep as HTML $feed->_kind(Minz_Request::paramInt('feed_kind') ?: FreshRSS_Feed::KIND_RSS); if ($feed->kind() === FreshRSS_Feed::KIND_HTML_XPATH || $feed->kind() === FreshRSS_Feed::KIND_XML_XPATH) { @@ -415,7 +415,7 @@ class FreshRSS_subscription_Controller extends FreshRSS_ActionController { Minz_Error::error(400); return; } - $filteractions = Minz_Request::paramTextToArray('filteractions_read'); + $filteractions = Minz_Request::paramTextToArray('filteractions_read', plaintext: true); $filteractions = array_map(fn(string $action): string => trim($action), $filteractions); $filteractions = array_filter($filteractions, fn(string $action): bool => $action !== ''); $search = "f:$id ("; diff --git a/app/Controllers/tagController.php b/app/Controllers/tagController.php index aaeff7f75..d5216b746 100644 --- a/app/Controllers/tagController.php +++ b/app/Controllers/tagController.php @@ -118,7 +118,7 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController { } if ($ok) { - $tag->_filtersAction('label', Minz_Request::paramTextToArray('filteractions_label')); + $tag->_filtersAction('label', Minz_Request::paramTextToArray('filteractions_label')); // Keep as HTML $ok = $tagDAO->updateTagAttributes($tag->id(), $tag->attributes()) !== false; } -- cgit v1.2.3