1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-04 15:57:45 +02:00

- fixed some bugs

- changed attachment handling a bit
- tried to remove target tags out of the code
- do not add session ids to urls for bots as well as not creating a new session on each page view for them

I bet i introduced some bugs too. ;)


git-svn-id: file:///svn/phpbb/trunk@6364 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2006-09-13 16:08:36 +00:00
parent 35c5fe21cb
commit b76222cb6e
104 changed files with 949 additions and 533 deletions

View File

@@ -364,15 +364,11 @@ class bbcode_firstpass extends bbcode
// We remove the hardcoded elements from the code block here because it is not used in code blocks
// Having it here saves us one preg_replace per message containing [code] blocks
// Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too...
$htm_match = array(
'#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
'#<!\-\- m \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- m \-\->#',
'#<!\-\- w \-\-><a href="http:\/\/(.*?)" target="_blank">.*?</a><!\-\- w \-\->#',
'#<!\-\- l \-\-><a href="(.*?)">.*?</a><!\-\- l \-\->#',
'#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
'#&\#([0-9]+);#',
);
$htm_replace = array('\1', '\1', '\1', '\1', '\1', '&amp;#\1;');
$htm_match = get_preg_expression('bbcode_htm');
$htm_match[3] = '#&\#([0-9]+);#';
unset($htm_match[4]);
$htm_replace = array('\1', '\2', '\1', '&amp;#\1;');
$out = '';
@@ -853,6 +849,7 @@ class parse_message extends bbcode_firstpass
var $allow_img_bbcode = true;
var $allow_flash_bbcode = true;
var $allow_quote_bbcode = true;
var $allow_url_bbcode = true;
var $mode;
@@ -873,7 +870,7 @@ class parse_message extends bbcode_firstpass
/**
* Parse Message
*/
function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $update_this_message = true, $mode = 'post')
function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post')
{
global $config, $db, $user;
@@ -884,6 +881,7 @@ class parse_message extends bbcode_firstpass
$this->allow_img_bbcode = $allow_img_bbcode;
$this->allow_flash_bbcode = $allow_flash_bbcode;
$this->allow_quote_bbcode = $allow_quote_bbcode;
$this->allow_url_bbcode = $allow_url_bbcode;
// If false, then $this->message won't be altered, the text will be returned instead.
if (!$update_this_message)
@@ -920,7 +918,7 @@ class parse_message extends bbcode_firstpass
if ($allow_bbcode && strpos($this->message, '[') !== false)
{
$this->bbcode_init();
$disallow = array('img', 'flash', 'quote');
$disallow = array('img', 'flash', 'quote', 'url');
foreach ($disallow as $bool)
{
if (!${'allow_' . $bool . '_bbcode'})
@@ -991,7 +989,7 @@ class parse_message extends bbcode_firstpass
if ($this->message_status == 'plain')
{
// Force updating message - of course.
$this->parse($allow_bbcode, $allow_magic_url, $allow_smilies, $this->allow_img_bbcode, $this->allow_flash_bbcode, $this->allow_quote_bbcode, true);
$this->parse($allow_bbcode, $allow_magic_url, $allow_smilies, $this->allow_img_bbcode, $this->allow_flash_bbcode, $this->allow_quote_bbcode, $this->allow_url_bbcode, true);
}
// Parse BBcode
@@ -1100,7 +1098,7 @@ class parse_message extends bbcode_firstpass
{
// (assertion)
$match[] = '#(?<=^|[\n ]|\.)' . preg_quote($row['code'], '#') . '#';
$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILIES_PATH}/' . $row['smiley_url'] . '" border="0" alt="' . $row['emotion'] . '" title="' . $row['emotion'] . '" /><!-- s' . $row['code'] . ' -->';
$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILIES_PATH}/' . $row['smiley_url'] . '" alt="' . $row['emotion'] . '" title="' . $row['emotion'] . '" /><!-- s' . $row['code'] . ' -->';
}
$db->sql_freeresult($result);
}
@@ -1127,7 +1125,7 @@ class parse_message extends bbcode_firstpass
*/
function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
{
global $config, $auth, $user, $phpbb_root_path, $phpEx;
global $config, $auth, $user, $phpbb_root_path, $phpEx, $db;
$error = array();
@@ -1152,7 +1150,7 @@ class parse_message extends bbcode_firstpass
if ($filedata['post_attach'] && !sizeof($error))
{
$new_entry = array(
$sql_ary = array(
'physical_filename' => $filedata['physical_filename'],
'attach_comment' => $this->filename_data['filecomment'],
'real_filename' => $filedata['real_filename'],
@@ -1160,8 +1158,19 @@ class parse_message extends bbcode_firstpass
'mimetype' => $filedata['mimetype'],
'filesize' => $filedata['filesize'],
'filetime' => $filedata['filetime'],
'attach_id' => 0,
'thumbnail' => $filedata['thumbnail']
'thumbnail' => $filedata['thumbnail'],
'is_orphan' => 1,
'in_message' => ($is_message) ? 1 : 0,
'poster_id' => $user->data['user_id'],
);
$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
$new_entry = array(
'attach_id' => $db->sql_nextid(),
'is_orphan' => 1,
'real_filename' => $filedata['real_filename'],
'attach_comment'=> $this->filename_data['filecomment'],
);
$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
@@ -1195,26 +1204,44 @@ class parse_message extends bbcode_firstpass
$index = (int) key($_POST['delete_file']);
// delete selected attachment
if (!$this->attachment_data[$index]['attach_id'])
if (!empty($this->attachment_data[$index]))
{
phpbb_unlink($this->attachment_data[$index]['physical_filename'], 'file');
if ($this->attachment_data[$index]['thumbnail'])
// delete selected attachment
if ($this->attachment_data[$index]['is_orphan'])
{
phpbb_unlink($this->attachment_data[$index]['physical_filename'], 'thumbnail');
$sql = 'SELECT attach_id, physical_filename, thumbnail
FROM ' . ATTACHMENTS_TABLE . '
WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . '
AND is_orphan = 1
AND poster_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
phpbb_unlink($row['physical_filename'], 'file');
if ($row['thumbnail'])
{
phpbb_unlink($row['physical_filename'], 'thumbnail');
}
$db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']);
}
}
else
{
delete_attachments('attach', array(intval($this->attachment_data[$index]['attach_id'])));
}
}
else
{
delete_attachments('attach', array(intval($this->attachment_data[$index]['attach_id'])));
}
unset($this->attachment_data[$index]);
$this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $this->message);
unset($this->attachment_data[$index]);
$this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $this->message);
// Reindex Array
$this->attachment_data = array_values($this->attachment_data);
// Reindex Array
$this->attachment_data = array_values($this->attachment_data);
}
}
else if ($edit_comment || $add_file || $preview)
{
@@ -1236,7 +1263,7 @@ class parse_message extends bbcode_firstpass
if (!sizeof($error))
{
$new_entry = array(
$sql_ary = array(
'physical_filename' => $filedata['physical_filename'],
'attach_comment' => $this->filename_data['filecomment'],
'real_filename' => $filedata['real_filename'],
@@ -1244,8 +1271,19 @@ class parse_message extends bbcode_firstpass
'mimetype' => $filedata['mimetype'],
'filesize' => $filedata['filesize'],
'filetime' => $filedata['filetime'],
'attach_id' => 0,
'thumbnail' => $filedata['thumbnail']
'thumbnail' => $filedata['thumbnail'],
'is_orphan' => 1,
'in_message' => ($is_message) ? 1 : 0,
'poster_id' => $user->data['user_id'],
);
$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
$new_entry = array(
'attach_id' => $db->sql_nextid(),
'is_orphan' => 1,
'real_filename' => $filedata['real_filename'],
'attach_comment'=> $this->filename_data['filecomment'],
);
$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
@@ -1275,99 +1313,83 @@ class parse_message extends bbcode_firstpass
global $user, $db, $phpbb_root_path, $phpEx, $config;
$this->filename_data['filecomment'] = request_var('filecomment', '', true);
$this->attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
$attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
$this->attachment_data = array();
$check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;
// Regenerate data array...
$attach_ids = $filenames = array();
foreach ($this->attachment_data as $pos => $var_ary)
if (!sizeof($attachment_data))
{
if ($var_ary['attach_id'])
return;
}
$not_orphan = $orphan = array();
foreach ($attachment_data as $pos => $var_ary)
{
if ($var_ary['is_orphan'])
{
$attach_ids[(int) $this->attachment_data[$pos]['attach_id']] = $pos;
$orphan[(int) $var_ary['attach_id']] = $pos;
}
else
{
$filenames[$pos] = '';
set_var($filenames[$pos], $this->attachment_data[$pos]['physical_filename'], 'string');
$filenames[$pos] = basename($filenames[$pos]);
$not_orphan[(int) $var_ary['attach_id']] = $pos;
}
}
$this->attachment_data = array();
// Regenerate already posted attachments...
if (sizeof($attach_ids))
// Regenerate already posted attachments
if (sizeof($not_orphan))
{
// Get the data from the attachments
$sql = 'SELECT attach_id, physical_filename, real_filename, extension, mimetype, filesize, filetime, thumbnail
// Get the attachment data, based on the poster id...
$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('attach_id', array_keys($attach_ids)) . '
WHERE ' . $db->sql_in_set('attach_id', array_keys($not_orphan)) . '
AND poster_id = ' . $check_user_id;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (isset($attach_ids[$row['attach_id']]))
{
$pos = $attach_ids[$row['attach_id']];
$this->attachment_data[$pos] = $row;
set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
$pos = $not_orphan[$row['attach_id']];
$this->attachment_data[$pos] = $row;
set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
unset($attach_ids[$row['attach_id']]);
}
unset($not_orphan[$row['attach_id']]);
}
$db->sql_freeresult($result);
}
if (sizeof($attach_ids))
{
trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
}
if (sizeof($not_orphan))
{
trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
}
// Regenerate newly uploaded attachments
if (sizeof($filenames))
if (sizeof($orphan))
{
include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
$sql = 'SELECT attach_id
$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('LOWER(physical_filename)', array_map('strtolower', $filenames));
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan)) . '
AND poster_id = ' . $user->data['user_id'] . '
AND is_orphan = 1';
$result = $db->sql_query($sql);
if ($row)
while ($row = $db->sql_fetchrow($result))
{
trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
}
foreach ($filenames as $pos => $physical_filename)
{
$this->attachment_data[$pos] = array(
'physical_filename' => $physical_filename,
'extension' => strtolower(filespec::get_extension($phpbb_root_path . $config['upload_path'] . '/' . $physical_filename)),
'filesize' => filespec::get_filesize($phpbb_root_path . $config['upload_path'] . '/' . $physical_filename),
'attach_id' => 0,
'thumbnail' => (file_exists($phpbb_root_path . $config['upload_path'] . '/thumb_' . $physical_filename)) ? 1 : 0,
);
$pos = $orphan[$row['attach_id']];
$this->attachment_data[$pos] = $row;
set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
set_var($this->attachment_data[$pos]['real_filename'], $_POST['attachment_data'][$pos]['real_filename'], 'string', true);
set_var($this->attachment_data[$pos]['filetime'], $_POST['attachment_data'][$pos]['filetime'], 'int');
if (strpos($_POST['attachment_data'][$pos]['mimetype'], 'image/') !== false)
{
set_var($this->attachment_data[$pos]['mimetype'], $_POST['attachment_data'][$pos]['mimetype'], 'string');
}
else
{
$this->attachment_data[$pos]['mimetype'] = filespec::get_mimetype($phpbb_root_path . $config['upload_path'] . '/' . $physical_filename);
}
unset($orphan[$row['attach_id']]);
}
$db->sql_freeresult($result);
}
if (sizeof($orphan))
{
trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
}
ksort($this->attachment_data);
}
/**
@@ -1384,8 +1406,7 @@ class parse_message extends bbcode_firstpass
$this->message = $poll['poll_option_text'];
$poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], $poll['enable_urls'], $poll['enable_smilies'], $poll['img_status'], false, false, false);
$poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false);
$this->message = $tmp_message;
@@ -1394,8 +1415,7 @@ class parse_message extends bbcode_firstpass
$this->message = $poll['poll_title'];
$poll['poll_title'] = $this->parse($poll['enable_bbcode'], $poll['enable_urls'], $poll['enable_smilies'], $poll['img_status'], false, false, false);
$poll['poll_title'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false);
$this->message = $tmp_message;