mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

- Prevent {URL} token in custom BBCodes from make_clickable messing [Bug #14151]

Browse Source 
- Added alternative tokens to custom BBCodes which are safe for CSS/Javascript and changed TEXT token to entitise opening and closing parantheses.


git-svn-id: file:///svn/phpbb/trunk@8056 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann
2007-08-19 21:29:31 +00:00
parent c06b3ce84a
commit 23e3766497
4 changed files with 18 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
phpBB/language/en/acp/posting.php
View File

@@ -49,14 +49,14 @@ $lang = array_merge($lang, array(
'BBCODE_TAG_TOO_LONG' => 'The tag name you selected is too long.',
'BBCODE_TAG_DEF_TOO_LONG' => 'The tag definition that you have entered is too long, please shorten your tag definition.',
'BBCODE_USAGE' => 'BBCode usage',
'BBCODE_USAGE_EXAMPLE' => '[hilight={COLOR}]{TEXT}[/hilight]<br /><br />[font={TEXT1}]{TEXT2}[/font]',
'BBCODE_USAGE_EXAMPLE' => '[hilight={COLOR}]{TEXT}[/hilight]<br /><br />[font={SIMPLETEXT1}]{SIMPLETEXT2}[/font]',
'BBCODE_USAGE_EXPLAIN' => 'Here you define how to use the BBCode. Replace any variable input by the corresponding token (%ssee below%s).',
'EXAMPLE' => 'Example:',
'EXAMPLES' => 'Examples:',
'HTML_REPLACEMENT' => 'HTML replacement',
'HTML_REPLACEMENT_EXAMPLE' => '&lt;span style="background-color: {COLOR};"&gt;{TEXT}&lt;/span&gt;<br /><br />&lt;span style="font-family: {TEXT1};"&gt;{TEXT2}&lt;/span&gt;',
'HTML_REPLACEMENT_EXAMPLE' => '&lt;span style="background-color: {COLOR};"&gt;{TEXT}&lt;/span&gt;<br /><br />&lt;span style="font-family: {SIMPLETEXT1};"&gt;{SIMPLETEXT2}&lt;/span&gt;',
'HTML_REPLACEMENT_EXPLAIN' => 'Here you define the default HTML replacement. Do not forget to put back tokens you used above!',
'TOKEN' => 'Token',
@@ -66,7 +66,9 @@ $lang = array_merge($lang, array(
'TOO_MANY_BBCODES' => 'You cannot create any more BBCodes. Please remove one or more BBCodes then try again.',
'tokens' => array(
'TEXT' => 'Any text, including foreign characters, numbers, etc…',
'TEXT' => 'Any text, including foreign characters, numbers, etc… You should not use this token in HTML tags. Instead try to use IDENTIFIER or SIMPLETEXT.',
'SIMPLETEXT' => 'Characters from the latin alphabet (A-Z), numbers, spaces, commas, dots, minus, plus, hyphen and underscore',
'IDENTIFIER' => 'Characters from the latin alphabet (A-Z), numbers, hyphen and underscore',
'NUMBER' => 'Any series of digits',
'EMAIL' => 'A valid e-mail address',
'URL' => 'A valid URL using any protocol (http, ftp, etc… cannot be used for javascript exploits). If none is given, &quot;http://&quot; is prefixed to the string.',