mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-01-31 05:37:59 +01:00
Code Issues Releases Wiki Activity

$message is now processed in its unslashed form. Should not break anything...

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@3831 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Ludovic Arnaud 2003-04-13 23:20:26 +00:00
parent 39dd567f90
commit 25711806b3
3 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/functions_posting.php
View File

@ -783,7 +783,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
{
$post_sql = array_merge($post_sql, array(
'post_checksum' => $post_data['message_md5'],
'post_text' => stripslashes($message),
'post_text' => $message,
'post_encoding' => $user->lang['ENCODING']
));
}

11
phpBB/includes/message_parser.php
View File

@ -155,8 +155,10 @@ class parse_message
function bbcode_init()
{
// Always parse [code] first
// [quote] moved to the second position
$this->bbcode_array = array(
8 => array('#\[code\](.+\[/code\])#ise' => '$this->bbcode_code("\1")'),
0 => array('#\[quote(=".*?")?\](.+?)\[/quote\]#ise' => '"[quote:$this->bbcode_uid" . $this->bbcode_quote("\1") . "]\2[/quote:$this->bbcode_uid]"'),
10 => array('#\[email(=.*?)?\](.*?)\[/email\]#ise' => '$this->validate_email("\1", "\2")'),
9 => array('#\[list(=[a-z|0-1]+)?\].*\[/list\]#ise' => '$this->bbcode_list("\0")'),
7 => array('#\[u\](.*?)\[/u\]#is' => '[u:' . $this->bbcode_uid . ']\1[/u:' . $this->bbcode_uid . ']'),
@ -168,8 +170,7 @@ class parse_message
=> '[img:' . $this->bbcode_uid . ']\1\2[/img:' . $this->bbcode_uid . ']'),
3 => array('#\[url=?(.*?)?\](.*?)\[/url\]#ise' => '$this->validate_url("\1", "\2")'),
2 => array('#\[i\](.*?)\[/i\]#is' => '[i:' . $this->bbcode_uid . ']\1[/i:' . $this->bbcode_uid . ']'),
1 => array('#\[b\](.*?)\[/b\]#is' => '[b:' . $this->bbcode_uid . ']\1[/b:' . $this->bbcode_uid . ']'),
0 => array('#\[quote(=".*?")?\](.*?)\[/quote\]#is' => '[quote:' . $this->bbcode_uid . '\1]\2[/quote:' . $this->bbcode_uid . ']')
1 => array('#\[b\](.*?)\[/b\]#is' => '[b:' . $this->bbcode_uid . ']\1[/b:' . $this->bbcode_uid . ']')
);
/**************
@ -183,6 +184,12 @@ class parse_message
}
function bbcode_quote($username)
{
// Will do some stuff at some point (will hopefully prevent from breaking out quotes)
return $username;
}
function bbcode_code($in)
{
$str_from = array('<', '>', '"', ':', '[', ']', '(', ')', '{', '}', '.', '@');

6
phpBB/posting.php
View File

@ -445,7 +445,7 @@ if (($submit) || ($preview) || ($refresh))
$subject = phpbb_strtolower($subject);
}
$message_parser->message = (!empty($_POST['message'])) ? trim($_POST['message']) : '';
$message_parser->message = (!empty($_POST['message'])) ? trim(stripslashes($_POST['message'])) : '';
$username = (!empty($_POST['username'])) ? trim($_POST['username']) : '';
$topic_type = (!empty($_POST['topic_type'])) ? intval($_POST['topic_type']) : POST_NORMAL;
$icon_id = (!empty($_POST['icon'])) ? intval($_POST['icon']) : 0;
@ -649,7 +649,7 @@ if (($submit) || ($preview) || ($refresh))
submit_post($mode, $message_parser->message, $subject, $username, $topic_type, $message_parser->bbcode_uid, $poll, $attachment_data, $post_data);
}
$post_text = stripslashes($message_parser->message);
$post_text = $message_parser->message;
$post_subject = $topic_title = stripslashes($subject);
}
@ -674,7 +674,7 @@ if ($preview)
include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
$bbcode = new bbcode($message_parser->bbcode_uid, $message_parser->bbcode_bitfield);
$preview_message = format_display(stripslashes($message_parser->message), $enable_html, $enable_bbcode, $message_parser->bbcode_uid, $enable_urls, $enable_smilies, $enable_sig);
$preview_message = format_display($message_parser->message, $enable_html, $enable_bbcode, $message_parser->bbcode_uid, $enable_urls, $enable_smilies, $enable_sig);
$preview_subject = (sizeof($censors)) ? preg_replace($censors['match'], $censors['replace'], $subject) : $subject;