mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

- Prevent {URL} token in custom BBCodes from make_clickable messing [Bug #14151]

Browse Source 
- Added alternative tokens to custom BBCodes which are safe for CSS/Javascript and changed TEXT token to entitise opening and closing parantheses.


git-svn-id: file:///svn/phpbb/trunk@8056 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann
2007-08-19 21:29:31 +00:00
parent c06b3ce84a
commit 23e3766497
4 changed files with 18 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
phpBB/includes/acp/acp_bbcodes.php
View File

@@ -295,16 +295,22 @@ class acp_bbcodes
// @todo Make sure to change this too if something changed in message parsing
$tokens = array(
'URL' => array(
'!([a-z0-9]+://)?([^< "\r\n\t\]]*?)!ie' => "(('\$1') ? '\$1\$2' : 'http://\$2')"
'!(?:(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))!ie' => "\$this->bbcode_specialchars(('\$1') ? '\$1' : 'http://\$2')"
),
'LOCAL_URL' => array(
'!([^:]+/[^< "\r\n\t\]]*?)!' => '$1'
'!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e' => "\$this->bbcode_specialchars('$1')"
),
'EMAIL' => array(
'!([a-z0-9]+[a-z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-z0-9]+[a-z0-9\-\._]*\.[a-z]+))!i' => '$1'
'!([a-z0-9]+[a-z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-z0-9]+[a-z0-9\-\._]*\.[a-z]+))!i' => "\$this->bbcode_specialchars('$1')"
),
'TEXT' => array(
'!(.*?)!es' => "str_replace(\"\\r\\n\",\"\\n\", str_replace('\\\"', '\"', str_replace('\\'', '&#39;', trim('\$1'))))"
'!(.*?)!es' => "str_replace(array(\"\\r\\n\", '\\\"', '\\'', '(', ')'), array(\"\\n\", '\"', '&#39;', '&#40;', '&#41;'), trim('\$1'))"
),
'SIMPLETEXT' => array(
'!([a-zA-Z0-9-+.,_ ]+)!' => "$1"
),
'IDENTIFIER' => array(
'!([a-zA-Z0-9-_]+)!' => "$1"
),
'COLOR' => array(
'!([a-z]+|#[0-9abcdef]+)!i' => '$1'

2
phpBB/includes/bbcode.php
View File

@@ -332,7 +332,7 @@ class bbcode
// In order to use templates with custom bbcodes we need
// to replace all {VARS} to corresponding backreferences
// Note that backreferences are numbered from bbcode_match
if (preg_match_all('/\{(URL|EMAIL|TEXT|COLOR|NUMBER)[0-9]*\}/', $rowset[$bbcode_id]['bbcode_match'], $m))
if (preg_match_all('/\{(URL|LOCAL_URL|EMAIL|TEXT|SIMPLETEXT|IDENTIFIER|COLOR|NUMBER)[0-9]*\}/', $rowset[$bbcode_id]['bbcode_match'], $m))
{
foreach ($m[0] as $i => $tok)
{