mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 22:10:45 +02:00
Code Issues Releases Wiki Activity

- fixes for the following bugs:

Browse Source 
#5326
#5318
#5304
#5290
#5288
#5278
#5276
#5272
#5266
- also fixed the "Call-time pass-by-reference" bug #5252
- within this step changed the normalize calls to require references.
- added captcha size variables to the class scope (suggestion was posted at area51)


git-svn-id: file:///svn/phpbb/trunk@6584 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2006-11-15 15:35:50 +00:00
parent 979e36077f
commit 548cc2c10b
38 changed files with 240 additions and 234 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/acp/acp_bbcodes.php
View File

@@ -76,7 +76,7 @@ class acp_bbcodes
$bbcode_match = request_var('bbcode_match', '');
$bbcode_tpl = htmlspecialchars_decode(request_var('bbcode_tpl', ''));
$bbcode_helpline = request_var('bbcode_helpline', '');
$bbcode_helpline = request_var('bbcode_helpline', '', true);
break;
}

6
phpBB/includes/acp/acp_board.php
View File

@@ -346,11 +346,7 @@ class acp_board
}
$this->new_config = $config;
$cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => ''), true) : $this->new_config;
if (isset($_REQUEST['config']))
{
utf8_normalize_nfc(&$cfg_array);
}
$cfg_array = (isset($_REQUEST['config'])) ? utf8_normalize_nfc(request_var('config', array('' => ''), true)) : $this->new_config;
$error = array();
// We validate the complete config if whished

3
phpBB/includes/acp/acp_forums.php
View File

@@ -615,8 +615,8 @@ class acp_forums
$forum_data = $this->get_forum_info($forum_id);
$subforums_id = array();
$subforums = get_forum_branch($forum_id, 'children');
foreach ($subforums as $row)
{
$subforums_id[] = $row['forum_id'];
@@ -647,6 +647,7 @@ class acp_forums
'FORUM_NAME' => $forum_data['forum_name'],
'S_FORUM_POST' => ($forum_data['forum_type'] == FORUM_POST) ? true : false,
'S_FORUM_LINK' => ($forum_data['forum_type'] == FORUM_LINK) ? true : false,
'S_HAS_SUBFORUMS' => ($forum_data['right_id'] - $forum_data['left_id'] > 1) ? true : false,
'S_FORUMS_LIST' => $forums_list,
'S_ERROR' => (sizeof($errors)) ? true : false,

6
phpBB/includes/acp/acp_language.php
View File

@@ -107,11 +107,11 @@ class acp_language
$hidden_data = build_hidden_fields(array(
'file' => $this->language_file,
'dir' => $this->language_directory,
'method' => $method,
'entry' => $_POST['entry']),
true
'method' => $method)
);
$hidden_data .= build_hidden_fields(array('entry' => $_POST['entry']), true, STRIP);
$template->assign_vars(array(
'S_UPLOAD' => true,
'NAME' => $method,

14
phpBB/includes/acp/acp_users.php
View File

@@ -983,15 +983,13 @@ class acp_users
'yim' => request_var('yim', $user_row['user_yim']),
'jabber' => request_var('jabber', $user_row['user_jabber']),
'website' => request_var('website', $user_row['user_website']),
'location' => request_var('location', $user_row['user_from'], true),
'occupation' => request_var('occupation', $user_row['user_occ'], true),
'interests' => request_var('interests', $user_row['user_interests'], true),
'location' => utf8_normalize_nfc(request_var('location', $user_row['user_from'], true)),
'occupation' => utf8_normalize_nfc(request_var('occupation', $user_row['user_occ'], true)),
'interests' => utf8_normalize_nfc(request_var('interests', $user_row['user_interests'], true)),
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
);
utf8_normalize_nfc(array(&$data['location'], &$data['occupation'], &$data['interests']));
if ($user_row['user_birthday'])
{
@@ -1551,10 +1549,8 @@ class acp_users
$enable_bbcode = ($config['allow_sig_bbcode']) ? request_var('enable_bbcode', $this->optionget($user_row, 'bbcode')) : false;
$enable_smilies = ($config['allow_sig_smilies']) ? request_var('enable_smilies', $this->optionget($user_row, 'smilies')) : false;
$enable_urls = request_var('enable_urls', true);
$signature = request_var('signature', $user_row['user_sig'], true);
utf8_normalize_nfc(&$signature);
$signature = utf8_normalize_nfc(request_var('signature', $user_row['user_sig'], true));
$preview = (isset($_POST['preview'])) ? true : false;
if ($submit || $preview)

8
phpBB/includes/acp/acp_words.php
View File

@@ -68,12 +68,10 @@ class acp_words
break;
case 'save':
$word_id = request_var('id', 0);
$word = request_var('word', '', true);
$replacement = request_var('replacement', '', true);
$word_id = request_var('id', 0);
$word = utf8_normalize_nfc(request_var('word', '', true));
$replacement = utf8_normalize_nfc(request_var('replacement', '', true));
utf8_normalize_nfc(array(&$word, &$replacement));
if (!$word || !$replacement)
{
trigger_error($user->lang['ENTER_WORD'] . adm_back_link($this->u_action), E_USER_WARNING);

43
phpBB/includes/captcha/captcha_gd.php
View File

@@ -16,33 +16,18 @@
*/
class captcha
{
var $width = 360;
var $height = 96;
function execute($code)
{
global $config;
$stats = gd_info();
if (substr($stats['GD Version'], 0, 7) === 'bundled')
{
$bundled = true;
}
else
{
$bundled = false;
}
$bundled = (substr($stats['GD Version'], 0, 7) === 'bundled') ? true : false;
preg_match('/[\\d.]+/', $stats['GD Version'], $version);
if (version_compare($version[0], '2.0.1', '>='))
{
$gd_version = 2;
}
else
{
$gd_version = 1;
}
// set dimension of image
$lx = 360;
$ly = 96;
$gd_version = (version_compare($version[0], '2.0.1', '>=')) ? 2 : 1;
// create the image, stay compat with older versions of GD
if ($gd_version === 2)
@@ -56,7 +41,7 @@ class captcha
$func2 = 'imagecolorclosest';
}
$image = $func1($lx, $ly);
$image = $func1($this->width, $this->height);
if ($bundled)
{
@@ -65,7 +50,7 @@ class captcha
// set background color
$back = imagecolorallocate($image, mt_rand(224, 255), mt_rand(224, 255), mt_rand(224, 255));
imagefilledrectangle($image, 0, 0, $lx, $ly, $back);
imagefilledrectangle($image, 0, 0, $this->width, $this->height, $back);
// allocates the 216 websafe color palette to the image
if ($gd_version === 1)
@@ -82,7 +67,6 @@ class captcha
}
}
// fill with noise or grid
if ($config['captcha_gd_noise'])
{
@@ -92,7 +76,7 @@ class captcha
$size = mt_rand(8, 23);
$angle = mt_rand(0, 360);
$x = mt_rand(0, 360);
$y = mt_rand(0, (int)($ly - ($size / 5)));
$y = mt_rand(0, (int)($this->height - ($size / 5)));
$color = $func2($image, mt_rand(160, 224), mt_rand(160, 224), mt_rand(160, 224));
$text = chr(mt_rand(45, 250));
imagettftext($image, $size, $angle, $x, $y, $color, $this->get_font(), $text);
@@ -101,15 +85,16 @@ class captcha
else
{
// generate grid
for ($i = 0; $i < $lx; $i += 13)
for ($i = 0; $i < $this->width; $i += 13)
{
$color = $func2($image, mt_rand(160, 224), mt_rand(160, 224), mt_rand(160, 224));
imageline($image, $i, 0, $i, $ly, $color);
imageline($image, $i, 0, $i, $this->height, $color);
}
for ($i = 0; $i < $ly; $i += 11)
for ($i = 0; $i < $this->height; $i += 11)
{
$color = $func2($image, mt_rand(160, 224), mt_rand(160, 224), mt_rand(160, 224));
imageline($image, 0, $i, $lx, $i, $color);
imageline($image, 0, $i, $this->width, $i, $color);
}
}
@@ -120,7 +105,7 @@ class captcha
$text = strtoupper($code[$i]);
$angle = mt_rand(-30, 30);
$size = mt_rand(20, 40);
$y = mt_rand((int)($size * 1.5), (int)($ly - ($size / 7)));
$y = mt_rand((int)($size * 1.5), (int)($this->height - ($size / 7)));
$color = $func2($image, mt_rand(0, 127), mt_rand(0, 127), mt_rand(0, 127));
$shadow = $func2($image, mt_rand(127, 254), mt_rand(127, 254), mt_rand(127, 254));

20
phpBB/includes/captcha/captcha_non_gd.php
View File

@@ -17,6 +17,8 @@
class captcha
{
var $filtered_pngs;
var $width = 320;
var $height = 50;
/**
* Define filtered pngs on init
@@ -32,9 +34,7 @@ class captcha
*/
function execute($code)
{
$total_width = 320;
$total_height = 50;
$img_height = 40;
$img_height = $this->height - 10;
$img_width = 0;
list($usec, $sec) = explode(' ', microtime());
@@ -45,7 +45,7 @@ class captcha
for ($i = 0; $i < $code_len; $i++)
{
$char = $code{$i};
$char = $code[$i];
$width = mt_rand(0, 4);
$raw_width = $this->filtered_pngs[$char]['width'];
@@ -59,11 +59,11 @@ class captcha
}
}
$offset_x = mt_rand(0, $total_width - $img_width);
$offset_y = mt_rand(0, $total_height - $img_height);
$offset_x = mt_rand(0, $this->width - $img_width);
$offset_y = mt_rand(0, $this->height - $img_height);
$image = '';
for ($i = 0; $i < $total_height; $i++)
for ($i = 0; $i < $this->height; $i++)
{
$image .= chr(0);
@@ -79,14 +79,14 @@ class captcha
$image .= $this->randomise(substr($hold_chars[$code{$j}][$i - $offset_y - 1], 1), $char_widths[$j]);
}
for ($j = $offset_x + $img_width; $j < $total_width; $j++)
for ($j = $offset_x + $img_width; $j < $this->width; $j++)
{
$image .= chr(mt_rand(140, 255));
}
}
else
{
for ($j = 0; $j < $total_width; $j++)
for ($j = 0; $j < $this->width; $j++)
{
$image .= chr(mt_rand(140, 255));
}
@@ -94,7 +94,7 @@ class captcha
}
unset($hold_chars);
$image = $this->create_png($image, $total_width, $total_height);
$image = $this->create_png($image, $this->width, $this->height);
// Output image
header('Content-Type: image/png');

39
phpBB/includes/functions.php
View File

@@ -614,6 +614,10 @@ else
if (!function_exists('htmlspecialchars_decode'))
{
/**
* A wrapper for htmlspecialchars_decode
* @ignore
*/
function htmlspecialchars_decode($string, $quote_style = ENT_COMPAT)
{
return strtr($string, array_flip(get_html_translation_table(HTML_SPECIALCHARS, $quote_style)));
@@ -2493,14 +2497,14 @@ function extension_allowed($forum_id, $extension, &$extensions)
/**
* Little helper for the build_hidden_fields function
*/
function _build_hidden_fields($key, $value, $specialchar)
function _build_hidden_fields($key, $value, $specialchar, $stripslashes)
{
$hidden_fields = '';
if (!is_array($value))
{
$key = ($specialchar) ? htmlspecialchars($key) : $key;
$value = ($specialchar) ? htmlspecialchars($value) : $value;
$value = ($stripslashes) ? stripslashes($value) : $value;
$value = ($specialchar) ? htmlspecialchars($value, ENT_COMPAT, 'UTF-8') : $value;
$hidden_fields .= '<input type="hidden" name="' . $key . '" value="' . $value . '" />' . "\n";
}
@@ -2508,7 +2512,10 @@ function _build_hidden_fields($key, $value, $specialchar)
{
foreach ($value as $_key => $_value)
{
$hidden_fields .= _build_hidden_fields($key . '[' . $_key . ']', $_value, $specialchar);
$_key = ($stripslashes) ? stripslashes($_key) : $key;
$_key = ($specialchar) ? htmlspecialchars($_key, ENT_COMPAT, 'UTF-8') : $_key;
$hidden_fields .= _build_hidden_fields($key . '[' . $_key . ']', $_value, $specialchar, $stripslashes);
}
}
@@ -2517,14 +2524,23 @@ function _build_hidden_fields($key, $value, $specialchar)
/**
* Build simple hidden fields from array
*
* @param array $field_ary an array of values to build the hidden field from
* @param bool $specialchar if true, keys and values get specialchared
* @param bool $stripslashes if true, keys and values get stripslashed
*
* @return string the hidden fields
*/
function build_hidden_fields($field_ary, $specialchar = false)
function build_hidden_fields($field_ary, $specialchar = false, $stripslashes = false)
{
$s_hidden_fields = '';
foreach ($field_ary as $name => $vars)
{
$s_hidden_fields .= _build_hidden_fields($name, $vars, $specialchar);
$name = ($stripslashes) ? stripslashes($name) : $name;
$name = ($specialchar) ? htmlspecialchars($name, ENT_COMPAT, 'UTF-8') : $name;
$s_hidden_fields .= _build_hidden_fields($name, $vars, $specialchar, $stripslashes);
}
return $s_hidden_fields;
@@ -2773,6 +2789,12 @@ function phpbb_checkdnsrr($host, $type = '')
@exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host), $output);
// If output is empty, the nslookup failed
if (empty($output))
{
return NULL;
}
foreach ($output as $line)
{
if (!trim($line))
@@ -3344,7 +3366,8 @@ function page_footer($run_cron = true)
}
$template->assign_vars(array(
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '',
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '',
'TRANSLATION_INFO' => (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '',
'U_ACP' => ($auth->acl_get('a_') && $user->data['is_registered']) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", '', true, $user->session_id) : '')
);
@@ -3385,7 +3408,7 @@ function page_footer($run_cron = true)
if ($cron_type)
{
$template->assign_var('RUN_CRON_TASK', '<img src="' . $phpbb_root_path . 'cron.' . $phpEx . '?cron_type=' . $cron_type . '" width="1" height="1" alt="cron" />');
$template->assign_var('RUN_CRON_TASK', '<img src="' . append_sid($phpbb_root_path . 'cron.' . $phpEx, 'cron_type=' . $cron_type) . '" width="1" height="1" alt="cron" />');
}
}

26
phpBB/includes/functions_admin.php
View File

@@ -482,6 +482,7 @@ function delete_topics($where_type, $where_ids, $auto_sync = true)
{
global $db, $config;
$approved_topics = 0;
$forum_ids = $topic_ids = array();
if (is_array($where_ids))
@@ -502,7 +503,7 @@ function delete_topics($where_type, $where_ids, $auto_sync = true)
'posts' => delete_posts($where_type, $where_ids, false, true)
);
$sql = 'SELECT topic_id, forum_id
$sql = 'SELECT topic_id, forum_id, topic_approved
FROM ' . TOPICS_TABLE . '
WHERE ' . $db->sql_in_set($where_type, $where_ids);
$result = $db->sql_query($sql);
@@ -511,6 +512,11 @@ function delete_topics($where_type, $where_ids, $auto_sync = true)
{
$forum_ids[] = $row['forum_id'];
$topic_ids[] = $row['topic_id'];
if ($row['topic_approved'])
{
$approved_topics++;
}
}
$db->sql_freeresult($result);
@@ -545,7 +551,10 @@ function delete_topics($where_type, $where_ids, $auto_sync = true)
sync('topic_reported', $where_type, $where_ids);
}
set_config('num_topics', $config['num_topics'] - sizeof($return['topics']), true);
if ($approved_topics)
{
set_config('num_topics', $config['num_topics'] - $approved_topics, true);
}
return $return;
}
@@ -571,9 +580,10 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync =
return false;
}
$approved_posts = 0;
$post_ids = $topic_ids = $forum_ids = $post_counts = array();
$sql = 'SELECT post_id, poster_id, post_postcount, topic_id, forum_id
$sql = 'SELECT post_id, poster_id, post_approved, post_postcount, topic_id, forum_id
FROM ' . POSTS_TABLE . '
WHERE ' . $db->sql_in_set($where_type, array_map('intval', $where_ids));
$result = $db->sql_query($sql);
@@ -589,6 +599,11 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync =
{
$post_counts[$row['poster_id']] = (!empty($post_counts[$row['poster_id']])) ? $post_counts[$row['poster_id']] + 1 : 1;
}
if ($row['post_approved'])
{
$approved_posts++;
}
}
$db->sql_freeresult($result);
@@ -658,7 +673,10 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync =
sync('forum', 'forum_id', $forum_ids, true);
}
set_config('num_posts', $config['num_posts'] - sizeof($post_ids), true);
if ($approved_posts)
{
set_config('num_posts', $config['num_posts'] - $approved_posts, true);
}
return sizeof($post_ids);
}

2
phpBB/includes/functions_display.php
View File

@@ -974,7 +974,7 @@ function display_custom_bbcodes()
'BBCODE_NAME' => "'[{$row['bbcode_tag']}]', '[/" . str_replace('=', '', $row['bbcode_tag']) . "]'",
'BBCODE_ID' => $num_predefined_bbcodes + ($i * 2),
'BBCODE_TAG' => $row['bbcode_tag'],
'BBCODE_HELPLINE' => str_replace(array('&amp;', '&quot;', '&#039;', '&lt;', '&gt;'), array('\&', '\"', '\\\'', '<', '>'), $row['bbcode_helpline']))
'BBCODE_HELPLINE' => str_replace(array('&amp;', '&quot;', "'", '&lt;', '&gt;'), array('\&', '\"', '\\\'', '<', '>'), $row['bbcode_helpline']))
);
$i++;

5
phpBB/includes/functions_profile_fields.php
View File

@@ -579,7 +579,7 @@ class custom_profile
if (gettype($value) == 'string')
{
utf8_normalize_nfc(&$value);
$value = utf8_normalize_nfc($value);
}
}
@@ -865,8 +865,7 @@ class custom_profile
case FIELD_STRING:
case FIELD_TEXT:
$var = request_var($var_name, $profile_row['field_default_value'], true);
utf8_normalize_nfc(&$var);
$var = utf8_normalize_nfc(request_var($var_name, $profile_row['field_default_value'], true));
break;
case FIELD_INT:

4
phpBB/includes/mcp/mcp_topic.php
View File

@@ -32,14 +32,12 @@ function mcp_topic_view($id, $mode, $action)
// Set up some vars
$icon_id = request_var('icon', 0);
$subject = request_var('subject', '', true);
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$start = request_var('start', 0);
$to_topic_id = request_var('to_topic_id', 0);
$to_forum_id = request_var('to_forum_id', 0);
$post_id_list = request_var('post_id_list', array(0));
utf8_normalize_nfc(&$subject);
// Split Topic?
if ($action == 'split_all' || $action == 'split_beyond')
{

29
phpBB/includes/message_parser.php
View File

@@ -88,8 +88,11 @@ class bbcode_firstpass extends bbcode
{
$in = str_replace("\r\n", "\n", $this->message);
$this->message = preg_replace(array('#\[quote(=&quot;.*?&quot;)?\]([^\n])#is', '#([^\n])\[\/quote\]#is'), array("[quote\\1]\n\\2", "\\1\n[/quote]"), $this->message);
$this->message = preg_replace(array('#\[quote(=&quot;.*?&quot;)?\]([^\n])#is', '#([^\n])\[\/quote\]#is'), array("[quote\\1]\n\\2", "\\1\n[/quote]"), $this->message);
// We strip newlines and spaces after and before quotes in quotes (trimming)
$this->message = preg_replace(array('#\[quote(=&quot;.*?&quot;)?\]([\s|\n]+)#is', '#([\s|\n]+)\[\/quote\]#is'), array("[quote\\1]", "[/quote]"), $this->message);
// Now we add exactly one newline
$this->message = preg_replace(array('#\[quote(=&quot;.*?&quot;)?\]#is', '#\[\/quote\]#is'), array("[quote\\1]\n", "\n[/quote]"), $this->message);
}
// Add other checks which needs to be placed before actually parsing anything (be it bbcodes, smilies, urls...)
@@ -600,7 +603,7 @@ class bbcode_firstpass extends bbcode
$pos = strlen($in);
for ($i = 0, $tok_len = strlen($tok); $i < $tok_len; ++$i)
{
$tmp_pos = strpos($in, $tok{$i});
$tmp_pos = strpos($in, $tok[$i]);
if ($tmp_pos !== false && $tmp_pos < $pos)
{
$pos = $tmp_pos;
@@ -608,7 +611,7 @@ class bbcode_firstpass extends bbcode
}
$buffer .= substr($in, 0, $pos);
$tok = $in{$pos};
$tok = $in[$pos];
$in = substr($in, $pos + 1);
if ($tok == ']')
@@ -616,10 +619,15 @@ class bbcode_firstpass extends bbcode
if ($buffer == '/quote' && sizeof($close_tags))
{
// we have found a closing tag
// Add space at the end of the closing tag to allow following urls/smilies to be parsed correctly
$out .= array_pop($close_tags) . '] ';
$out .= array_pop($close_tags) . ']';
$tok = '[';
$buffer = '';
// Add space at the end of the closing tag if not happened before to allow following urls/smilies to be parsed correctly
if (!$in || $in[0] !== ' ')
{
$out .= ' ';
}
}
else if (preg_match('#^quote(?:=&quot;(.*?)&quot;)?$#is', $buffer, $m))
{
@@ -1138,8 +1146,7 @@ class parse_message extends bbcode_firstpass
$error = array();
$num_attachments = sizeof($this->attachment_data);
$this->filename_data['filecomment'] = request_var('filecomment', '', true);
utf8_normalize_nfc(&$this->filename_data['filecomment']);
$this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
$upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false;
$add_file = (isset($_POST['add_file'])) ? true : false;
@@ -1256,8 +1263,7 @@ class parse_message extends bbcode_firstpass
{
if ($edit_comment)
{
$actual_comment_list = request_var('comment_list', array(''), true);
utf8_normalize_nfc(&$actual_comment_list);
$actual_comment_list = utf8_normalize_nfc(request_var('comment_list', array(''), true));
$edit_comment = request_var('edit_comment', array(0 => ''));
$edit_comment = key($edit_comment);
@@ -1322,8 +1328,7 @@ class parse_message extends bbcode_firstpass
{
global $user, $db, $phpbb_root_path, $phpEx, $config;
$this->filename_data['filecomment'] = request_var('filecomment', '', true);
utf8_normalize_nfc(&$this->filename_data['filecomment']);
$this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
$attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
$this->attachment_data = array();

8
phpBB/includes/search/fulltext_native.php
View File

@@ -1296,6 +1296,8 @@ class fulltext_native extends search_backend
* @param string $allowed_chars String of special chars to allow
* @param string $encoding Text encoding
* @return string Cleaned up text, only alphanumeric chars are left
*
* @todo normalizer::cleanup being able to be used?
*/
function cleanup($text, $allowed_chars = null, $encoding = 'utf-8')
{
@@ -1303,9 +1305,7 @@ class fulltext_native extends search_backend
static $conv = array(), $conv_loaded = array();
$words = $allow = array();
/**
* Convert the text to UTF-8
*/
// Convert the text to UTF-8
$encoding = strtolower($encoding);
if ($encoding != 'utf-8')
{
@@ -1330,7 +1330,7 @@ class fulltext_native extends search_backend
* If we use it more widely, an instance of that class should be held in a
* a global variable instead
*/
$text = utf_normalizer::nfc($text);
utf_normalizer::nfc($text);
/**
* The first thing we do is:

9
phpBB/includes/session.php
View File

@@ -450,7 +450,6 @@ class session
$this->check_ban($this->data['user_id'], $this->ip);
}
$this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false;
$this->data['is_bot'] = ($bot) ? true : false;
@@ -471,6 +470,8 @@ class session
// Only update session DB a minute or so after last update or if page changes
if ($this->time_now - $this->data['session_time'] > 60 || ($this->update_session_page && $this->data['session_page'] != $this->page['page']))
{
$this->data['session_time'] = $this->data['session_last_visit'] = $this->time_now;
$sql_ary = array('session_time' => $this->time_now, 'session_last_visit' => $this->time_now, 'session_admin' => 0);
if ($this->update_session_page)
@@ -481,6 +482,12 @@ class session
$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE session_id = '" . $db->sql_escape($this->session_id) . "'";
$db->sql_query($sql);
// Update the last visit time
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_lastvisit = ' . (int) $this->data['session_time'] . '
WHERE user_id = ' . (int) $this->data['user_id'];
$db->sql_query($sql);
}
$SID = '?sid=';

6
phpBB/includes/ucp/ucp_main.php
View File

@@ -660,11 +660,9 @@ class ucp_main
if ($submit && $edit)
{
$draft_subject = request_var('subject', '', true);
$draft_message = request_var('message', '', true);
$draft_subject = utf8_normalize_nfc(request_var('subject', '', true));
$draft_message = utf8_normalize_nfc(request_var('message', '', true));
utf8_normalize_nfc(array(&$draft_subject, &$draft_message));
if ($draft_message && $draft_subject)
{
$draft_row = array(

12
phpBB/includes/ucp/ucp_pm_compose.php
View File

@@ -396,12 +396,10 @@ function compose_pm($id, $mode, $action)
// Save Draft
if ($save && $auth->acl_get('u_savedrafts'))
{
$subject = request_var('subject', '', true);
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$subject = (!$subject && $action != 'post') ? $user->lang['NEW_MESSAGE'] : $subject;
$message = request_var('message', '', true);
$message = utf8_normalize_nfc(request_var('message', '', true));
utf8_normalize_nfc(array(&$subject, &$message));
if ($subject && $message)
{
if (confirm_box(true))
@@ -476,11 +474,9 @@ function compose_pm($id, $mode, $action)
if ($submit || $preview || $refresh)
{
$subject = request_var('subject', '', true);
$message_parser->message = request_var('message', '', true);
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
utf8_normalize_nfc(array(&$subject, &$message_parser->message));
$icon_id = request_var('icon', 0);
$enable_bbcode = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;

16
phpBB/includes/ucp/ucp_pm_options.php
View File

@@ -247,12 +247,10 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
$rule_option = request_var('rule_option', 0);
$cond_option = request_var('cond_option', '');
$action_option = explode('|', request_var('action_option', ''));
$rule_string = ($cond_option != 'none') ? request_var('rule_string', '', true) : '';
$rule_string = ($cond_option != 'none') ? utf8_normalize_nfc(request_var('rule_string', '', true)) : '';
$rule_user_id = ($cond_option != 'none') ? request_var('rule_user_id', 0) : 0;
$rule_group_id = ($cond_option != 'none') ? request_var('rule_group_id', 0) : 0;
utf8_normalize_nfc(&$rule_string);
$action = (int) $action_option[0];
$folder_id = (int) $action_option[1];
@@ -640,10 +638,8 @@ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule
switch ($condition)
{
case 'text':
$rule_string = request_var('rule_string', '', true);
$rule_string = utf8_normalize_nfc(request_var('rule_string', '', true));
utf8_normalize_nfc(&$rule_string);
$template->assign_vars(array(
'S_TEXT_CONDITION' => true,
'CURRENT_STRING' => $rule_string,
@@ -656,10 +652,8 @@ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule
case 'user':
$rule_user_id = request_var('rule_user_id', 0);
$rule_string = request_var('rule_string', '', true);
$rule_string = utf8_normalize_nfc(request_var('rule_string', '', true));
utf8_normalize_nfc(&$rule_string);
if ($rule_string && !$rule_user_id)
{
$sql = 'SELECT user_id
@@ -701,10 +695,8 @@ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule
case 'group':
$rule_group_id = request_var('rule_group_id', 0);
$rule_string = request_var('rule_string', '', true);
$rule_string = utf8_normalize_nfc(request_var('rule_string', '', true));
utf8_normalize_nfc(&$rule_string);
$sql_and = ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')';
$sql = 'SELECT group_id, group_name, group_type
FROM ' . GROUPS_TABLE . "

12
phpBB/includes/ucp/ucp_profile.php
View File

@@ -250,16 +250,14 @@ class ucp_profile
'yim' => request_var('yim', $user->data['user_yim']),
'jabber' => request_var('jabber', $user->data['user_jabber']),
'website' => request_var('website', $user->data['user_website']),
'location' => request_var('location', $user->data['user_from'], true),
'occupation' => request_var('occupation', $user->data['user_occ'], true),
'interests' => request_var('interests', $user->data['user_interests'], true),
'location' => utf8_normalize_nfc(request_var('location', $user->data['user_from'], true)),
'occupation' => utf8_normalize_nfc(request_var('occupation', $user->data['user_occ'], true)),
'interests' => utf8_normalize_nfc(request_var('interests', $user->data['user_interests'], true)),
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
);
utf8_normalize_nfc(array(&$data['location'], &$data['occupation'], &$data['interests']));
if ($user->data['user_birthday'])
{
list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']);
@@ -412,9 +410,7 @@ class ucp_profile
$enable_bbcode = ($config['allow_sig_bbcode']) ? request_var('enable_bbcode', $user->optionget('bbcode')) : false;
$enable_smilies = ($config['allow_sig_smilies']) ? request_var('enable_smilies', $user->optionget('smilies')) : false;
$enable_urls = request_var('enable_urls', true);
$signature = request_var('signature', (string) $user->data['user_sig'], true);
utf8_normalize_nfc(&$signature);
$signature = utf8_normalize_nfc(request_var('signature', (string) $user->data['user_sig'], true));
if ($submit || $preview)
{

77
phpBB/includes/utf/utf_normalizer.php
View File

@@ -67,10 +67,10 @@ class utf_normalizer
* The ultimate convenience function! Clean up invalid UTF-8 sequences,
* and convert to Normal Form C, canonical composition.
*
* @param string $str The dirty string
* @param string &$str The dirty string
* @return string The same string, all shiny and cleaned-up
*/
function cleanup($str)
function cleanup(&$str)
{
// The string below is the list of all autorized characters, sorted by frequency in latin text
$pos = strspn($str, "\x20\x65\x69\x61\x73\x6E\x74\x72\x6F\x6C\x75\x64\x5D\x5B\x63\x6D\x70\x27\x0A\x67\x7C\x68\x76\x2E\x66\x62\x2C\x3A\x3D\x2D\x71\x31\x30\x43\x32\x2A\x79\x78\x29\x28\x4C\x39\x41\x53\x2F\x50\x22\x45\x6A\x4D\x49\x6B\x33\x3E\x35\x54\x3C\x44\x34\x7D\x42\x7B\x38\x46\x77\x52\x36\x37\x55\x47\x4E\x3B\x4A\x7A\x56\x23\x48\x4F\x57\x5F\x26\x21\x4B\x3F\x58\x51\x25\x59\x5C\x09\x5A\x2B\x7E\x5E\x24\x40\x60\x7F\x0D");
@@ -79,7 +79,7 @@ class utf_normalizer
if ($pos == $len)
{
// ASCII strings with no special chars return immediately
return $str;
return;
}
// Note: we do not check for $GLOBALS['utf_canonical_decomp']. It is assumed they are always loaded together
@@ -91,23 +91,22 @@ class utf_normalizer
// Replace any byte in the range 0x00..0x1F, except for \r, \n and \t
// We replace those characters with a 0xFF byte, which is illegal in UTF-8 and will in turn be replaced with a UTF replacement char
return utf_normalizer::recompose(
strtr(
$str,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
),
$pos, $len, $GLOBALS['utf_nfc_qc'], $GLOBALS['utf_canonical_decomp']
$str = strtr(
$str,
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"
);
$str = utf_normalizer::recompose($str, $pos, $len, $GLOBALS['utf_nfc_qc'], $GLOBALS['utf_canonical_decomp']);
}
/**
* Validate and normalize a UTF string to NFC
*
* @param string $str Unchecked UTF string
* @param string &$str Unchecked UTF string
* @return string The string, validated and in normal form
*/
function nfc($str)
function nfc(&$str)
{
$pos = strspn($str, UTF8_ASCII_RANGE);
$len = strlen($str);
@@ -115,7 +114,7 @@ class utf_normalizer
if ($pos == $len)
{
// ASCII strings return immediately
return $str;
return;
}
if (!isset($GLOBALS['utf_nfc_qc']))
@@ -124,16 +123,16 @@ class utf_normalizer
include($phpbb_root_path . 'includes/utf/data/utf_nfc_qc.' . $phpEx);
}
return utf_normalizer::recompose($str, $pos, $len, $GLOBALS['utf_nfc_qc'], $GLOBALS['utf_canonical_decomp']);
$str = utf_normalizer::recompose($str, $pos, $len, $GLOBALS['utf_nfc_qc'], $GLOBALS['utf_canonical_decomp']);
}
/**
* Validate and normalize a UTF string to NFKC
*
* @param string $str Unchecked UTF string
* @param string &$str Unchecked UTF string
* @return string The string, validated and in normal form
*/
function nfkc($str)
function nfkc(&$str)
{
$pos = strspn($str, UTF8_ASCII_RANGE);
$len = strlen($str);
@@ -141,7 +140,7 @@ class utf_normalizer
if ($pos == $len)
{
// ASCII strings return immediately
return $str;
return;
}
if (!isset($GLOBALS['utf_nfkc_qc']))
@@ -156,16 +155,16 @@ class utf_normalizer
include($phpbb_root_path . 'includes/utf/data/utf_canonical_comp.' . $phpEx);
}
return utf_normalizer::recompose($str, $pos, $len, $GLOBALS['utf_nfkc_qc'], $GLOBALS['utf_compatibility_decomp']);
$str = utf_normalizer::recompose($str, $pos, $len, $GLOBALS['utf_nfkc_qc'], $GLOBALS['utf_compatibility_decomp']);
}
/**
* Validate and normalize a UTF string to NFD
*
* @param string $str Unchecked UTF string
* @param string &$str Unchecked UTF string
* @return string The string, validated and in normal form
*/
function nfd($str)
function nfd(&$str)
{
$pos = strspn($str, UTF8_ASCII_RANGE);
$len = strlen($str);
@@ -173,7 +172,7 @@ class utf_normalizer
if ($pos == $len)
{
// ASCII strings return immediately
return $str;
return;
}
if (!isset($GLOBALS['utf_canonical_decomp']))
@@ -182,16 +181,16 @@ class utf_normalizer
include($phpbb_root_path . 'includes/utf/data/utf_canonical_decomp.' . $phpEx);
}
return utf_normalizer::decompose($str, $pos, $len, $GLOBALS['utf_canonical_decomp']);
$str = utf_normalizer::decompose($str, $pos, $len, $GLOBALS['utf_canonical_decomp']);
}
/**
* Validate and normalize a UTF string to NFKD
*
* @param string $str Unchecked UTF string
* @param string &$str Unchecked UTF string
* @return string The string, validated and in normal form
*/
function nfkd($str)
function nfkd(&$str)
{
$pos = strspn($str, UTF8_ASCII_RANGE);
$len = strlen($str);
@@ -199,7 +198,7 @@ class utf_normalizer
if ($pos == $len)
{
// ASCII strings return immediately
return $str;
return;
}
if (!isset($GLOBALS['utf_compatibility_decomp']))
@@ -208,7 +207,7 @@ class utf_normalizer
include($phpbb_root_path . 'includes/utf/data/utf_compatibility_decomp.' . $phpEx);
}
return utf_normalizer::decompose($str, $pos, $len, $GLOBALS['utf_compatibility_decomp']);
$str = utf_normalizer::decompose($str, $pos, $len, $GLOBALS['utf_compatibility_decomp']);
}
@@ -239,14 +238,7 @@ class utf_normalizer
$tmp = '';
$i = $tmp_pos = $last_cc = 0;
if ($pos)
{
$buffer = array(++$i => $str[$pos - 1]);
}
else
{
$buffer = array();
}
$buffer = ($pos) ? array(++$i => $str[$pos - 1]) : array();
// UTF char length array
// This array is used to determine the length of a UTF character.
@@ -325,6 +317,9 @@ class utf_normalizer
{
// Current char isn't well-formed or legal: either one or several trailing bytes are missing, or the Unicode char
// has been encoded in a five- or six- byte sequence
/**
* @todo $trailing_bytes always == 5?
*/
if ($utf_char[0] >= "\xF8")
{
if ($utf_char[0] < "\xF8")
@@ -421,6 +416,9 @@ class utf_normalizer
default:
// Five- and six- byte sequences do not need being checked for here anymore
/**
* @todo $trailing_bytes always == 5?
*/
if ($utf_char > UTF8_MAX)
{
// Out of the Unicode range
@@ -1011,7 +1009,7 @@ class utf_normalizer
ksort($utf_sort);
}
foreach($utf_sort as $utf_chars)
foreach ($utf_sort as $utf_chars)
{
$tmp .= implode('', $utf_chars);
}
@@ -1365,17 +1363,17 @@ class utf_normalizer
// LIndex can only range from 0 to 18, therefore it cannot influence the first two bytes of the L Jamo, which allows us to hardcode them (based on LBase).
//
// The same goes for VIndex, but for TIndex there's a catch: the value of the third byte could exceed 0xBF and we would have to increment the second byte
if ($tIndex = $idx % UNICODE_HANGUL_TCOUNT)
if ($t_index = $idx % UNICODE_HANGUL_TCOUNT)
{
if ($tIndex < 25)
if ($t_index < 25)
{
$utf_char = "\xE1\x84\x00\xE1\x85\x00\xE1\x86\x00";
$utf_char[8] = chr(0xA7 + $tIndex);
$utf_char[8] = chr(0xA7 + $t_index);
}
else
{
$utf_char = "\xE1\x84\x00\xE1\x85\x00\xE1\x87\x00";
$utf_char[8] = chr(0x67 + $tIndex);
$utf_char[8] = chr(0x67 + $t_index);
}
}
else
@@ -1478,7 +1476,6 @@ class utf_normalizer
}
return $tmp;
}
else if ($tmp_pos)
{

41
phpBB/includes/utf/utf_tools.php
View File

@@ -933,30 +933,35 @@ function utf8_case_fold($text, $option = 'full')
* A wrapper function for the normalizer which takes care of including the class if required and modifies the passed strings
* to be in NFC (Normalization Form Composition).
*
* @param mixed $strings Either an array of references to strings, a reference to an array of strings or a reference to a single string
* @param mixed $strings a string or an array of strings to normalize
* @return mixed the normalized content, preserving array keys if array given.
*/
function utf8_normalize_nfc($strings)
{
if (!is_array($strings) || (sizeof($strings) > 0))
{
if (!class_exists('utf_normalizer'))
{
global $phpbb_root_path, $phpEx;
include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx);
}
if (empty($strings))
{
return $strings;
}
if (is_array($strings))
if (!class_exists('utf_normalizer'))
{
global $phpbb_root_path, $phpEx;
include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx);
}
if (!is_array($strings))
{
utf_normalizer::nfc($strings);
}
else if (is_array($strings))
{
foreach ($strings as $key => $string)
{
foreach ($strings as $key => $string)
{
$strings[$key] = utf_normalizer::nfc($strings[$key]);
}
}
else
{
$strings = utf_normalizer::nfc($strings);
utf_normalizer::nfc($strings[$key]);
}
}
return $strings;
}
/**
@@ -982,7 +987,7 @@ function utf8_clean_string($text)
include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx);
}
$text = utf_normalizer::nfc($text);
utf_normalizer::nfc($text);
static $homographs = array(
// cyrllic