mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-03 05:07:27 +02:00
Code Issues Releases Wiki Activity

Additional [php] protection

Browse Source
This commit is contained in:
mcfly
2007-11-10 19:24:42 +00:00
parent 8815507e0b
commit 74ffda4223
2 changed files with 13 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
e107_files/bbcode/php.bb
View File

@@ -1,4 +1,9 @@
$search = array("&quot;", "&#039;", "&#036;", '<br />', E_NL, "-&gt;"); if(!$postID) { return ''; }
$replace = array('"', "'", "$", "\n", "\n", "->"); if($postID == 'admin' || check_class($pref['php_bbcode'], '', $postID))
$code_text = str_replace($search, $replace, $code_text); {
return eval($code_text); $search = array("&quot;", "&#039;", "&#036;", '<br />', E_NL, "-&gt;");
$replace = array('"', "'", "$", "\n", "\n", "->");
$code_text = str_replace($search, $replace, $code_text);
return eval($code_text);
}
return '';

8
e107_handlers/e_parse_class.php
View File

@@ -11,9 +11,9 @@
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/e107_handlers/e_parse_class.php,v $ | $Source: /cvs_backup/e107_0.8/e107_handlers/e_parse_class.php,v $
| $Revision: 1.20 $ | $Revision: 1.21 $
| $Date: 2007-11-08 22:46:49 $ | $Date: 2007-11-10 19:24:42 $
| $Author: e107steved $ | $Author: mcfly_e107 $
+----------------------------------------------------------------------------+ +----------------------------------------------------------------------------+
*/ */
if (!defined('e107_INIT')) { exit; } if (!defined('e107_INIT')) { exit; }
@@ -161,7 +161,7 @@ class e_parse
$data = str_replace('\\', '&#092;', $data); $data = str_replace('\\', '&#092;', $data);
$ret = preg_replace("/&amp;#(\d*?);/", "&#\\1;", $data); $ret = preg_replace("/&amp;#(\d*?);/", "&#\\1;", $data);
} }
if (!check_class($pref['php_bbcode']) || (is_numeric($original_author) && !check_class($pref['php_bbcode'], '', $original_author)) || strpos($mod, 'no_php') !== false) if (strpos($mod, 'no_php') !== false)
{ {
$ret = str_replace(array("[php]", "[/php]"), array("&#91;php&#93;", "&#91;/php&#93;"), $ret); $ret = str_replace(array("[php]", "[/php]"), array("&#91;php&#93;", "&#91;/php&#93;"), $ret);
} }