Ok, I've done so much here, I can hardly remember what I've done...

There are various security updates throughout the commit, along with a few bug fixes; I'll try to name them here. --- Bug #453: Fixed. Bug #485: Duplicate of #453, but still fixed. Bug #476: Ok, the typo is fixed. --- That should be it, but I'll have more fixes tomorrow. (Finally, I have figured out regular expressions!!!) --Doug git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@2645 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-05-06 07:35:29 +02:00 · 2002-06-23 02:47:56 +00:00 · 2002-06-23 02:47:56 +00:00 · 35e91d29d5
commit 35e91d29d5
parent 1d2a359ea1
7 changed files with 15 additions and 14 deletions
--- a/phpBB/admin/admin_smilies.php
+++ b/phpBB/admin/admin_smilies.php
@ -265,7 +265,7 @@ else if( isset($HTTP_POST_VARS['export_pack']) || isset($HTTP_GET_VARS['export_p
 	message_die(GENERAL_MESSAGE, $message);

 }
-else if( isset($HTTP_POST_VARS['add']) || isset($HTTP_GET_VARS['add'] )
+else if( isset($HTTP_POST_VARS['add']) || isset($HTTP_GET_VARS['add']) )
 {
 	//
 	// Admin has selected to add a smiley.
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@ -282,7 +282,7 @@ function bbencode_first_pass($text, $uid)
 	$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text);

 	// [img]image_url_here[/img] code..
-	$text = preg_replace("#\[img\]([http|https]+?://)([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/img\]#si", "[img:$uid]\\1\\2[/img:$uid]", $text);
+	$text = preg_replace("#\[img\](http(s)?://)([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/img\]#si", "[img:$uid]\\1\\3[/img:$uid]", $text);

 	// Remove our padding from the string..
 	$text = substr($text, 1);
@ -620,7 +620,7 @@ function make_clickable($text)
 	// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
 	// xxxx can only be alpha characters.
 	// yyyy is anything up to the first space, newline, or comma.
-	$ret = preg_replace("#([\n ])([a-z]+?)://([^\t <\n\r]+)#i", "\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>", $ret);
+	$ret = preg_replace("#([\n ])([a-z]+?)://([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)#i", "\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>", $ret);

 	// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
 	// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
@ -628,7 +628,7 @@ function make_clickable($text)
 	// zzzz is optional.. will contain everything up to the first space, newline, or comma.
 	// This is slightly restrictive - it's not going to match stuff like "forums.foo.com"
 	// This is to keep it from getting annoying and matching stuff that's not meant to be a link.
-	$ret = preg_replace("#([\n ])www\.([a-z0-9\-]+)\.([a-z0-9\-.\~]+)((?:/[^\t <\n\r]*)?)#i", "\\1<a href=\"http://www.\\2.\\3\\4\" target=\"_blank\">www.\\2.\\3\\4</a>", $ret);
+	$ret = preg_replace("#([\n ])www\.([a-z0-9\-]+)\.([a-z0-9\-.\~]+)((?:/[a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]*)?)#i", "\\1<a href=\"http://www.\\2.\\3\\4\" target=\"_blank\">www.\\2.\\3\\4</a>", $ret);

 	// matches an email@domain type address at the start of a line, or after a space.
 	// Note: Only the followed chars are valid; alphanums, "-", "_" and or ".".
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -670,5 +670,4 @@ function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '',

 	exit;
 }
-
 ?>
--- a/phpBB/includes/functions_post.php
+++ b/phpBB/includes/functions_post.php
@ -74,13 +74,9 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid
 				for($i = 0; $i < sizeof($allowed_html_tags); $i++)
 				{
 					$match_tag = trim($allowed_html_tags[$i]);
-
-					if ( preg_match('/^<\/?' . $match_tag . '\b/i', $hold_string) )
+					if ( preg_match('/^<\/?' . $match_tag . '(?!(\s*)style(\s*)\\=)/i', $hold_string) )
 					{
-						if ( !preg_match('/style[="](.*?)["]/i', $hold_string) )
-						{
-							$tagallowed = true;
-						}
+						$tagallowed = true;
 					}
 				}

--- a/phpBB/includes/usercp_avatar.php
+++ b/phpBB/includes/usercp_avatar.php
@ -69,12 +69,13 @@ function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)

 function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
 {
+	$avatar_filename = rawurlencode($avatar_filename);
 	if ( !preg_match('#^http:\/\/#i', $avatar_filename) )
 	{
 		$avatar_filename = 'http://' . $avatar_filename;
 	}

-	if ( !preg_match('#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+(:[0-9]+)*\/[^\"]*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
+	if ( !preg_match('#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+(:[0-9]+)*\/\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
 	{
 		$error = true;
 		$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
--- a/phpBB/includes/usercp_register.php
+++ b/phpBB/includes/usercp_register.php
@ -361,6 +361,11 @@ if ( isset($HTTP_POST_VARS['submit']) )
 		$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
 	}

+	if ( $website != '' )
+	{
+		rawurlencode($website);
+	}
+
 	if ( isset($HTTP_POST_VARS['avatardel']) && $mode == 'editprofile' )
 	{
 		$avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
--- a/phpBB/language/lang_english/lang_main.php
+++ b/phpBB/language/lang_english/lang_main.php
@ -630,7 +630,7 @@ $lang['Registration'] = 'Registration Agreement Terms';
 $lang['Reg_agreement'] = 'While the administrators and moderators of this forum will attempt to remove or edit any generally objectionable material as quickly as possible, it is impossible to review every message. Therefore you acknowledge that all posts made to these forums express the views and opinions of the author and not the administrators, moderators or webmaster (except for posts by these people) and hence will not be held liable.<br /><br />You agree not to post any abusive, obscene, vulgar, slanderous, hateful, threatening, sexually-orientated or any other material that may violate any applicable laws. Doing so may lead to you being immediately and permanently banned (and your service provider being informed). The IP address of all posts is recorded to aid in enforcing these conditions. You agree that the webmaster, administrator and moderators of this forum have the right to remove, edit, move or close any topic at any time should they see fit. As a user you agree to any information you	have entered above being stored in a database. While this information will not be disclosed to any third party without your consent the webmaster, administrator and moderators cannot be held responsible for any hacking attempt that may lead to the data being compromised.<br /><br />This forum system uses cookies to store information on your local computer. These cookies do not contain any of the information you have entered above, they serve only to improve your viewing pleasure. The email address is used only for confirming your registration details and password (and for sending new passwords should you forget your current one).<br /><br />By clicking Register below you agree to be bound by these conditions.';

 $lang['Agree_under_13'] = 'I Agree to these terms and am <b>under</b> 13 years of age';
-$lang['Agree_over_13'] = 'I Agree to these terms and am <b>over</b> 13 years of age';
+$lang['Agree_over_13'] = 'I Agree to these terms and am <b>over</b> or <b>exactly</b> 13 years of age';
 $lang['Agree_not'] = 'I do not agree to these terms';

 $lang['Wrong_activation'] = 'The activation key you supplied does not match any in the database';
@ -1005,4 +1005,4 @@ $lang['A_critical_error'] = 'A Critical Error Occurred';
 // That's all Folks!
 // -------------------------------------------------

-?>
+?>