Ok, several things accomplished here...

1) Improvements to deletion of users in admin_users. This includes bug 166 and Sourceforge tracker task #49374. 2) Two security holes were patched, both pointed out by Nick Cleaton <nick at cleaton dot net>. Thanks for letting us know, Nick! That's about it for now, and it took almost all day. :P Bye for now! -Doug git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@2632 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-07-30 13:30:25 +02:00 · 2002-06-12 05:33:54 +00:00
parent 922da96334
commit 1d354ca387
3 changed files with 115 additions and 5 deletions
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@@ -282,7 +282,7 @@ function bbencode_first_pass($text, $uid)
 	$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text);

 	// [img]image_url_here[/img] code..
-	$text = preg_replace("#\[img\](([a-z]+?)://([^ \"\n\r]+?))\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text);
+	$text = preg_replace("#\[img\]([http|https]+?://)([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/img\]#si", "[img:$uid]\\1\\2[/img:$uid]", $text);

 	// Remove our padding from the string..
 	$text = substr($text, 1);