mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-16 13:44:12 +02:00
Code Issues Releases Wiki Activity

[ticket/16524] Filter out-of-bounds UTF8 characters for profile fields

Browse Source 
PHPBB3-16524
This commit is contained in:
rxu
2020-06-10 17:41:59 +07:00
committed by Marc Alexander
parent 2afa989500
commit acd824d432
6 changed files with 58 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
phpBB/phpbb/profilefields/manager.php
View File

@@ -254,6 +254,17 @@ class manager
/** @var \phpbb\profilefields\type\type_interface $profile_field */
$profile_field = $this->type_collection[$row['field_type']];
$cp_data['pf_' . $row['field_ident']] = $profile_field->get_profile_field($row);
/**
* Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL with UCR/NCR
* using their Numeric Character Reference's Hexadecimal notation.
* Check the permissions for using Emojis first.
*/
if ($this->auth->acl_get('u_emoji'))
{
$cp_data['pf_' . $row['field_ident']] = utf8_encode_ucr($cp_data['pf_' . $row['field_ident']]);
}
$check_value = $cp_data['pf_' . $row['field_ident']];
if (($cp_result = $profile_field->validate_profile_field($check_value, $row)) !== false)