From 231884c770e0371ad2f02f9f0f91e0573cd2a309 Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Wed, 13 Jun 2018 18:54:27 -0600
Subject: [PATCH] Update view entity encoding

---
 app/Http/Controllers/CommentController.php |  4 +--
 app/Http/Controllers/StatusController.php  |  2 +-
 resources/views/status/show.blade.php      | 39 +++++++++++++++++++---
 resources/views/status/template.blade.php  |  9 ++---
 4 files changed, 42 insertions(+), 12 deletions(-)

diff --git a/app/Http/Controllers/CommentController.php b/app/Http/Controllers/CommentController.php
index 1ec7bbf4d..8b8eded8e 100644
--- a/app/Http/Controllers/CommentController.php
+++ b/app/Http/Controllers/CommentController.php
@@ -34,8 +34,8 @@ class CommentController extends Controller
 
       $reply = new Status();
       $reply->profile_id = $profile->id;
-      $reply->caption = $comment;
-      $reply->rendered = e($comment);
+      $reply->caption = e(strip_tags($comment));
+      $reply->rendered = $comment;
       $reply->in_reply_to_id = $status->id;
       $reply->in_reply_to_profile_id = $status->profile_id;
       $reply->save();
diff --git a/app/Http/Controllers/StatusController.php b/app/Http/Controllers/StatusController.php
index 1ce080245..704beea6c 100644
--- a/app/Http/Controllers/StatusController.php
+++ b/app/Http/Controllers/StatusController.php
@@ -47,7 +47,7 @@ class StatusController extends Controller
 
       $status = new Status;
       $status->profile_id = $profile->id;
-      $status->caption = $request->caption;
+      $status->caption = strip_tags($request->caption);
       $status->is_nsfw = $cw;
 
       $status->save();
diff --git a/resources/views/status/show.blade.php b/resources/views/status/show.blade.php
index 80e7e41d3..8d2e27d67 100644
--- a/resources/views/status/show.blade.php
+++ b/resources/views/status/show.blade.php
@@ -16,17 +16,46 @@
       </div>
      </div>
       <div class="col-12 col-md-8 status-photo px-0">
-        @if($status->is_nsfw)
+        @if($status->is_nsfw && $status->media_count == 1)
         <details class="details-animated">
           <p>
             <summary>NSFW / Hidden Image</summary>
-            <a class="max-hide-overflow" href="{{$status->url()}}">
+            <a class="max-hide-overflow {{$status->firstMedia()->filter_class}}" href="{{$status->url()}}">
               <img class="card-img-top" src="{{$status->mediaUrl()}}">
             </a>
           </p>
         </details>
-        @else
-        <img src="{{$status->mediaUrl()}}" width="100%">
+        @elseif(!$status->is_nsfw && $status->media_count == 1)
+        <div class="{{$status->firstMedia()->filter_class}}">
+          <img src="{{$status->mediaUrl()}}" width="100%">
+        </div>
+        @elseif($status->is_nsfw && $status->media_count > 1)
+
+        @elseif(!$status->is_nsfw && $status->media_count > 1)
+          <div id="photoCarousel" class="carousel slide carousel-fade" data-ride="carousel">
+            <ol class="carousel-indicators">
+              @for($i = 0; $i < $status->media_count; $i++)
+              <li data-target="#photoCarousel" data-slide-to="{{$i}}" class="{{$i == 0 ? 'active' : ''}}"></li>
+              @endfor
+            </ol>
+            <div class="carousel-inner">
+              @foreach($status->media()->orderBy('order')->get() as $media)
+              <div class="carousel-item {{$loop->iteration == 1 ? 'active' : ''}}">
+                <figure class="{{$media->filter_class}}">
+                  <img class="d-block w-100" src="{{$media->url()}}" alt="{{$status->caption}}">
+                </figure>
+              </div>
+              @endforeach
+            </div>
+            <a class="carousel-control-prev" href="#photoCarousel" role="button" data-slide="prev">
+              <span class="carousel-control-prev-icon" aria-hidden="true"></span>
+              <span class="sr-only">Previous</span>
+            </a>
+            <a class="carousel-control-next" href="#photoCarousel" role="button" data-slide="next">
+              <span class="carousel-control-next-icon" aria-hidden="true"></span>
+              <span class="sr-only">Next</span>
+            </a>
+          </div>
         @endif
       </div>
       <div class="col-12 col-md-4 px-0 d-flex flex-column border-left border-md-left-0">
@@ -51,7 +80,7 @@
                 @foreach($status->comments->reverse()->take(10) as $item)
                 <p class="mb-0">
                   <span class="font-weight-bold pr-1"><bdi><a class="text-dark" href="{{$item->profile->url()}}">{{$item->profile->username}}</a></bdi></span>
-                  <span class="comment-text">{!!$item->rendered!!} <a href="{{$item->url()}}" class="text-dark small font-weight-bold float-right">{{$item->created_at->diffForHumans(null, true, true ,true)}}</a></span>
+                  <span class="comment-text">{!! $item->rendered ?? e($item->caption) !!} <a href="{{$item->url()}}" class="text-dark small font-weight-bold float-right">{{$item->created_at->diffForHumans(null, true, true ,true)}}</a></span>
                 </p>
                 @endforeach
               </div>
diff --git a/resources/views/status/template.blade.php b/resources/views/status/template.blade.php
index 2e56e6ee5..7a3910887 100644
--- a/resources/views/status/template.blade.php
+++ b/resources/views/status/template.blade.php
@@ -15,6 +15,7 @@
                 <a class="dropdown-item" href="#">Embed</a>
               @if(Auth::check())
                 @if(Auth::user()->profile->id === $item->profile->id || Auth::user()->is_admin == true)
+                <a class="dropdown-item" href="{{$item->editUrl()}}">Edit</a>
                 <form method="post" action="/i/delete">
                   @csrf
                   <input type="hidden" name="type" value="post">
@@ -32,13 +33,13 @@
         <details class="details-animated">
           <p>
             <summary>NSFW / Hidden Image</summary>
-            <a class="max-hide-overflow" href="{{$item->url()}}">
+            <a class="max-hide-overflow {{$item->firstMedia()->filter_class}}" href="{{$item->url()}}">
               <img class="card-img-top" src="{{$item->mediaUrl()}}">
             </a>
           </p>
         </details>
         @else
-        <a class="max-hide-overflow" href="{{$item->url()}}">
+        <a class="max-hide-overflow {{$item->firstMedia()->filter_class}}" href="{{$item->url()}}">
           <img class="card-img-top" src="{{$item->mediaUrl()}}">
         </a>
         @endif
@@ -84,7 +85,7 @@
                     <a class="text-dark" href="{{$status->profile->url()}}">{{$status->profile->username}}</a>
                   </bdi>
                 </span>
-                <span class="comment-text">{!!$status->rendered!!}</span>
+                <span class="comment-text">{!! $item->rendered ?? e($item->caption) !!}</span>
                 <span class="float-right">
                   <a href="{{$status->url()}}" class="text-dark small font-weight-bold">
                     {{$status->created_at->diffForHumans(null, true, true, true)}}
@@ -95,7 +96,7 @@
             @foreach($item->comments->reverse()->take(3) as $comment)
               <p class="mb-0">
                 <span class="font-weight-bold pr-1"><bdi><a class="text-dark" href="{{$comment->profile->url()}}">{{$comment->profile->username}}</a></bdi></span>
-                <span class="comment-text">{{ str_limit($comment->caption, 125) }}</span>
+                <span class="comment-text">{!! str_limit($item->rendered ?? e($item->caption), 150) !!}</span>
               </p>
             @endforeach
             @endif