mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

Merge pull request #40 from phpbb/ticket/security/211

Browse Source 
[ticket/security/211] Make sure website URL only uses http & https schemes
This commit is contained in:
Marc Alexander
2017-12-31 16:37:58 +01:00
parent 92350db572 342a7cbd55
commit 7dfd57077a
7 changed files with 114 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
phpBB/phpbb/profilefields/type/type_url.php
View File

@@ -64,11 +64,24 @@ class type_url extends type_string
return false;
}
if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $field_value))
if (!preg_match('#^' . get_preg_expression('url_http') . '$#iu', $field_value))
{
return $this->user->lang('FIELD_INVALID_URL', $this->get_field_name($field_data['lang_name']));
}
return false;
}
/**
* {@inheritDoc}
*/
public function get_profile_value($field_value, $field_data)
{
if (!preg_match('#^' . get_preg_expression('url_http') . '$#iu', $field_value))
{
return null;
}
return parent::get_profile_value($field_value, $field_data);
}
}