mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 22:10:45 +02:00
Code Issues Releases Wiki Activity

Fix possible scipting issue with username search

Browse Source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3179 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2002-12-06 14:35:36 +00:00
parent 0676814588
commit 3422dc8b8c
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
phpBB/includes/functions_search.php
View File

@@ -91,7 +91,7 @@ function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)
function split_words(&$entry, $mode = 'post')
{
$rex = ( $mode == 'post' ) ? "/\b(\w[\w']*\w+|\w+?)\b/" : '/(\*?[<5B>-<2D>a-z0-9]+\*?)|\b([<5B>-<2D>a-z0-9]+)\b/';
$rex = ( $mode == 'post' ) ? "/\b([\w<EFBFBD><EFBFBD>-<2D>][\w<EFBFBD><EFBFBD>-<2D>']*[\w<EFBFBD><EFBFBD>-<2D>]+|[\w<EFBFBD><EFBFBD>-<2D>]+?)\b/" : '/(\*?[a-z<><EFBFBD>-<2D>]+\*?)|\b([a-z<><EFBFBD>-<2D>]+)\b/';
preg_match_all($rex, $entry, $split_entries);
return $split_entries[1];
@@ -259,7 +259,8 @@ function remove_common($mode, $fraction, $word_id_list = array())
{
global $db;
$sql = ( $mode == 'global' ) ? "SELECT COUNT(post_id) AS total_posts FROM " . SEARCH_MATCH_TABLE . " GROUP BY post_id" : "SELECT SUM(forum_posts) AS total_posts FROM " . FORUMS_TABLE;
$sql = "SELECT COUNT(post_id) AS total_posts
FROM " . POSTS_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain post count', '', __LINE__, __FILE__, $sql);
@@ -459,7 +460,7 @@ function username_search($search_match)
);
$template->assign_vars(array(
'USERNAME' => ( !empty($search_match) ) ? $search_match : '',
'USERNAME' => ( !empty($search_match) ) ? strip_tags($search_match) : '',
'L_CLOSE_WINDOW' => $lang['Close_window'],
'L_SEARCH_USERNAME' => $lang['Find_username'],