diff --git a/api/v1/database/mastodon/accounts/search/mod.php b/api/v1/database/mastodon/accounts/search/mod.php index 900e64a..495168a 100644 --- a/api/v1/database/mastodon/accounts/search/mod.php +++ b/api/v1/database/mastodon/accounts/search/mod.php @@ -157,7 +157,7 @@ if (filedb_exists('cache', $susp_file)) if (isset($_GET['profile']) && trim($_GET['profile']) != '') { $q = trim($_GET['profile']); - $q = base64_decode($q); + $q = urldecode(base64_decode($q)); $qt = null; if ($q === '') { $q = ''; diff --git a/views/instance.php b/views/instance.php index 3d93432..c750b71 100644 --- a/views/instance.php +++ b/views/instance.php @@ -186,7 +186,7 @@ window.view.instance = { profile = ''; else if (prof_stype === 'expr') profile = 'expr: '+profile; - data.profile = btoa(profile); + data.profile = btoa(encodeURIComponent(profile)); var instances = E.element('#filters-current textarea[name=instances]').value.trim(); if (instances !== '') { data.instances = instances; @@ -238,7 +238,7 @@ window.view.instance = { d.user_filter = 'remote'; E.element('#filters-current input[name=user_filter][value='+d.user_filter+']').click(); if (d.profile === undefined) d.profile = ''; - d.profile = atob(d.profile); + d.profile = decodeURIComponent(atob(d.profile)); if (d.profile === '') E.element('#filters-current #profile-search-type-empty').click(); else if (d.profile.startsWith('expr:')) { @@ -340,6 +340,7 @@ window.view.instance = { if (js.error !== undefined) return toast.error(js.error); const filter = window.view.instance.do.filter_users.get_current_filter(); if (filter === undefined) return; + const filter_profile = decodeURIComponent(atob(filter.profile)); E.template('users-all', function(TPL) { var html = ''; for (var i = 0; i < js['data'].length; i++) { @@ -367,9 +368,9 @@ window.view.instance = { for (var j = 0; j < it.fields.length; j++) { var t = '{name}{value}{verifiedColumn}'; t = t.replaceAll('{name}', window.view.instance.html_add_search_spans( - html2text(it.fields[j].name), atob(filter.profile))); + html2text(it.fields[j].name), filter_profile)); t = t.replaceAll('{value}', window.view.instance.html_add_search_spans( - html2text(it.fields[j].value), atob(filter.profile))); + html2text(it.fields[j].value), filter_profile)); t = t.replaceAll('{verified}', it.fields[j].verified_at !== undefined ? 'verified' : ''); t = t.replaceAll('{verifiedColumn}', it.fields[j].verified_at !== undefined ? '' : ''); @@ -382,7 +383,7 @@ window.view.instance = { tpl = tpl.replaceAll('{accountAdminLink}', 'javascript:void(0)'); tpl = tpl.replaceAll('{note}', it.note.trim() === '' ? '<empty>' : window.view.instance.html_add_search_spans( - html2text(it.note), atob(filter.profile))); + html2text(it.note), filter_profile)); html += tpl; } return html;