mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-06 07:35:29 +02:00
Code Issues Releases Wiki Activity

tried to begin adjusting all string functions where applicable - still a *lot* to do.

Browse Source 
i hope i catched all relevant sections and did not mess something up.


git-svn-id: file:///svn/phpbb/trunk@6452 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2006-10-07 12:36:31 +00:00
parent e87f740a9e
commit f8528a659c
24 changed files with 67 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/acp/acp_attachments.php
View File

@ -451,7 +451,7 @@ class acp_attachments
{ {
$sql = 'SELECT group_id $sql = 'SELECT group_id
FROM ' . EXTENSION_GROUPS_TABLE . " FROM ' . EXTENSION_GROUPS_TABLE . "
WHERE LOWER(group_name) = '" . $db->sql_escape(strtolower($new_group_name)) . "'"; WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
if ($db->sql_fetchrow($result)) if ($db->sql_fetchrow($result))

12
phpBB/includes/acp/acp_bbcodes.php
View File

@ -122,12 +122,12 @@ class acp_bbcodes
{ {
$sql = 'SELECT 1 as test $sql = 'SELECT 1 as test
FROM ' . BBCODES_TABLE . " FROM ' . BBCODES_TABLE . "
WHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'"; WHERE LOWER(bbcode_tag) = '" . $db->sql_escape(utf8_strtolower($data['bbcode_tag'])) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$info = $db->sql_fetchrow($result); $info = $db->sql_fetchrow($result);
$db->sql_freeresult($result); $db->sql_freeresult($result);
if ($info['test'] === '1' || in_array(strtolower($data['bbcode_tag']), $hard_coded)) if ($info['test'] === '1' || in_array(utf8_strtolower($data['bbcode_tag']), $hard_coded))
{ {
trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING); trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING);
} }
@ -358,10 +358,10 @@ class acp_bbcodes
// Lowercase tags // Lowercase tags
$bbcode_tag = preg_replace('/.*?\[([a-z0-9_-]+=?).*/i', '$1', $bbcode_match); $bbcode_tag = preg_replace('/.*?\[([a-z0-9_-]+=?).*/i', '$1', $bbcode_match);
$fp_match = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $fp_match); $fp_match = preg_replace('#\[/?' . $bbcode_tag . '#ie', "utf8_strtolower('\$0')", $fp_match);
$fp_replace = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $fp_replace); $fp_replace = preg_replace('#\[/?' . $bbcode_tag . '#ie', "utf8_strtolower('\$0')", $fp_replace);
$sp_match = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $sp_match); $sp_match = preg_replace('#\[/?' . $bbcode_tag . '#ie', "utf8_strtolower('\$0')", $sp_match);
$sp_replace = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $sp_replace); $sp_replace = preg_replace('#\[/?' . $bbcode_tag . '#ie', "utf8_strtolower('\$0')", $sp_replace);
return array( return array(
'bbcode_tag' => $bbcode_tag, 'bbcode_tag' => $bbcode_tag,

4
phpBB/includes/acp/acp_permission_roles.php
View File

@ -146,13 +146,13 @@ class acp_permission_roles
$sql = 'SELECT role_id $sql = 'SELECT role_id
FROM ' . ACL_ROLES_TABLE . " FROM ' . ACL_ROLES_TABLE . "
WHERE role_type = '" . $db->sql_escape($permission_type) . "' WHERE role_type = '" . $db->sql_escape($permission_type) . "'
AND LOWER(role_name) = '" . $db->sql_escape(strtolower($role_name)) . "'"; AND LOWER(role_name) = '" . $db->sql_escape(utf8_strtolower($role_name)) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result); $row = $db->sql_fetchrow($result);
$db->sql_freeresult($result); $db->sql_freeresult($result);
// Make sure we only print out the error if we add the role or change it's name // Make sure we only print out the error if we add the role or change it's name
if ($row && ($mode == 'add' || ($mode == 'edit' && strtolower($role_row['role_name']) != strtolower($role_name)))) if ($row && ($mode == 'add' || ($mode == 'edit' && utf8_strtolower($role_row['role_name']) != utf8_strtolower($role_name))))
{ {
trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING); trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING);
} }

4
phpBB/includes/acp/acp_reasons.php
View File

@ -65,7 +65,7 @@ class acp_reasons
{ {
$reason_row['reason_title'] = 'other'; $reason_row['reason_title'] = 'other';
} }
else if (strtolower($row['reason_title']) != strtolower($reason_row['reason_title'])) else if (utf8_strtolower($row['reason_title']) != utf8_strtolower($reason_row['reason_title']))
{ {
$check_double = true; $check_double = true;
} }
@ -76,7 +76,7 @@ class acp_reasons
{ {
$sql = 'SELECT reason_id $sql = 'SELECT reason_id
FROM ' . REPORTS_REASONS_TABLE . " FROM ' . REPORTS_REASONS_TABLE . "
WHERE LOWER(reason_title) = '" . strtolower($db->sql_escape($reason_row['reason_title'])) . "'"; WHERE LOWER(reason_title) = '" . $db->sql_escape(utf8_strtolower($reason_row['reason_title'])) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result); $row = $db->sql_fetchrow($result);
$db->sql_freeresult($result); $db->sql_freeresult($result);

12
phpBB/includes/acp/acp_styles.php
View File

@ -2059,12 +2059,12 @@ pagination_sep = \'{PAGINATION_SEP}\'
if (!sizeof($error)) if (!sizeof($error))
{ {
// Check length settings // Check length settings
if (strlen($name) > 30) if (utf8_strlen($name) > 30)
{ {
$error[] = $user->lang[$l_type . '_ERR_NAME_LONG']; $error[] = $user->lang[$l_type . '_ERR_NAME_LONG'];
} }
if (strlen($copyright) > 60) if (utf8_strlen($copyright) > 60)
{ {
$error[] = $user->lang[$l_type . '_ERR_COPY_LONG']; $error[] = $user->lang[$l_type . '_ERR_COPY_LONG'];
} }
@ -2824,12 +2824,12 @@ pagination_sep = \'{PAGINATION_SEP}\'
} }
// Check length settings // Check length settings
if (strlen($name) > 30) if (utf8_strlen($name) > 30)
{ {
$error[] = $user->lang['STYLE_ERR_NAME_LONG']; $error[] = $user->lang['STYLE_ERR_NAME_LONG'];
} }
if (strlen($copyright) > 60) if (utf8_strlen($copyright) > 60)
{ {
$error[] = $user->lang['STYLE_ERR_COPY_LONG']; $error[] = $user->lang['STYLE_ERR_COPY_LONG'];
} }
@ -2934,12 +2934,12 @@ pagination_sep = \'{PAGINATION_SEP}\'
} }
// Check length settings // Check length settings
if (strlen($name) > 30) if (utf8_strlen($name) > 30)
{ {
$error[] = $user->lang[$l_type . '_ERR_NAME_LONG']; $error[] = $user->lang[$l_type . '_ERR_NAME_LONG'];
} }
if (strlen($copyright) > 60) if (utf8_strlen($copyright) > 60)
{ {
$error[] = $user->lang[$l_type . '_ERR_COPY_LONG']; $error[] = $user->lang[$l_type . '_ERR_COPY_LONG'];
} }

4
phpBB/includes/auth.php
View File

@ -396,7 +396,7 @@ class auth
$hold_str .= str_repeat("\n", $f - $last_f); $hold_str .= str_repeat("\n", $f - $last_f);
// Convert bitstring for storage - we do not use binary/bytes because PHP's string functions are not fully binary safe // Convert bitstring for storage - we do not use binary/bytes because PHP's string functions are not fully binary safe
for ($i = 0; $i < strlen($bitstring); $i += 31) for ($i = 0, $bit_length = strlen($bitstring); $i < $bit_length; $i += 31)
{ {
$hold_str .= str_pad(base_convert(str_pad(substr($bitstring, $i, 31), 31, 0, STR_PAD_RIGHT), 2, 36), 6, 0, STR_PAD_LEFT); $hold_str .= str_pad(base_convert(str_pad(substr($bitstring, $i, 31), 31, 0, STR_PAD_RIGHT), 2, 36), 6, 0, STR_PAD_LEFT);
} }
@ -714,7 +714,7 @@ class auth
$sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
FROM ' . USERS_TABLE . " FROM ' . USERS_TABLE . "
WHERE LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'"; WHERE LOWER(username) = '" . $db->sql_escape(utf8_strtolower($username)) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result); $row = $db->sql_fetchrow($result);
$db->sql_freeresult($result); $db->sql_freeresult($result);

2
phpBB/includes/db/dbal.php
View File

@ -425,7 +425,7 @@ class dbal
$this->sql_transaction('rollback'); $this->sql_transaction('rollback');
} }
if (strlen($message) > 1024) if (utf8_strlen($message) > 1024)
{ {
// We need to define $msg_long_text here to circumvent text stripping. // We need to define $msg_long_text here to circumvent text stripping.
global $msg_long_text; global $msg_long_text;

22
phpBB/includes/functions.php
View File

@ -653,7 +653,7 @@ function tz_select($default = '', $truncate = false)
{ {
if ($truncate) if ($truncate)
{ {
$zone = (strlen($zone) > 70) ? substr($zone, 0, 70) . '...' : $zone; $zone = (utf8_strlen($zone) > 70) ? utf8_substr($zone, 0, 70) . '...' : $zone;
} }
if (is_numeric($offset)) if (is_numeric($offset))
@ -1793,7 +1793,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
$admin = ($admin) ? 1 : 0; $admin = ($admin) ? 1 : 0;
// Check if the supplied username is equal to the one stored within the database if re-authenticating // Check if the supplied username is equal to the one stored within the database if re-authenticating
if ($admin && strtolower($username) != strtolower($user->data['username'])) if ($admin && utf8_strtolower($username) != utf8_strtolower($user->data['username']))
{ {
// We log the attempt to use a different username... // We log the attempt to use a different username...
add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); add_log('admin', 'LOG_ADMIN_AUTH_FAIL');
@ -2696,22 +2696,8 @@ function truncate_string($string, $max_length = 60, $allow_reply = true)
$string = substr($string, 4); $string = substr($string, 4);
} }
// split the multibyte characters first $_chars = utf8_str_split(html_entity_decode($string));
$string_ary = preg_split('/(&#[0-9]+;)/', $string, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY); $chars = array_map('htmlspecialchars', $_chars);
// Now go through the array and split the other characters
foreach ($string_ary as $key => $value)
{
if (strpos($value, '&#') === 0)
{
$chars[] = $value;
continue;
}
// decode html entities and put them back later
$_chars = str_split(html_entity_decode($value));
$chars = array_merge($chars, array_map('htmlspecialchars', $_chars));
}
// Now check the length ;) // Now check the length ;)
if (sizeof($chars) > $max_length) if (sizeof($chars) > $max_length)

4
phpBB/includes/functions_profile_fields.php
View File

@ -161,11 +161,11 @@ class custom_profile
return 'FIELD_REQUIRED'; return 'FIELD_REQUIRED';
} }
if ($field_data['field_minlen'] && strlen($field_value) < $field_data['field_minlen']) if ($field_data['field_minlen'] && utf8_strlen($field_value) < $field_data['field_minlen'])
{ {
return 'FIELD_TOO_SHORT'; return 'FIELD_TOO_SHORT';
} }
else if ($field_data['field_maxlen'] && strlen($field_value) > $field_data['field_maxlen']) else if ($field_data['field_maxlen'] && utf8_strlen($field_value) > $field_data['field_maxlen'])
{ {
return 'FIELD_TOO_LONG'; return 'FIELD_TOO_LONG';
} }

18
phpBB/includes/functions_user.php
View File

@ -594,7 +594,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
$username = trim($username); $username = trim($username);
if ($username != '') if ($username != '')
{ {
$sql_usernames[] = strtolower($username); $sql_usernames[] = utf8_strtolower($username);
} }
} }
@ -1044,11 +1044,11 @@ function validate_string($string, $optional = false, $min = 0, $max = 0)
return false; return false;
} }
if ($min && strlen($string) < $min) if ($min && utf8_strlen($string) < $min)
{ {
return 'TOO_SHORT'; return 'TOO_SHORT';
} }
else if ($max && strlen($string) > $max) else if ($max && utf8_strlen($string) > $max)
{ {
return 'TOO_LONG'; return 'TOO_LONG';
} }
@ -1112,7 +1112,7 @@ function validate_username($username)
{ {
global $config, $db, $user; global $config, $db, $user;
if (strtolower($user->data['username']) == strtolower($username)) if (utf8_strtolower($user->data['username']) == utf8_strtolower($username))
{ {
return false; return false;
} }
@ -1124,7 +1124,7 @@ function validate_username($username)
$sql = 'SELECT username $sql = 'SELECT username
FROM ' . USERS_TABLE . " FROM ' . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($db->sql_escape($username)) . "'"; WHERE LOWER(username) = '" . utf8_strtolower($db->sql_escape($username)) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result); $row = $db->sql_fetchrow($result);
$db->sql_freeresult($result); $db->sql_freeresult($result);
@ -1136,7 +1136,7 @@ function validate_username($username)
$sql = 'SELECT group_name $sql = 'SELECT group_name
FROM ' . GROUPS_TABLE . " FROM ' . GROUPS_TABLE . "
WHERE LOWER(group_name) = '" . strtolower($db->sql_escape($username)) . "'"; WHERE LOWER(group_name) = '" . utf8_strtolower($db->sql_escape($username)) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result); $row = $db->sql_fetchrow($result);
$db->sql_freeresult($result); $db->sql_freeresult($result);
@ -1515,12 +1515,12 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow
$group_only_ary = array('group_receive_pm', 'group_legend', 'group_message_limit'); $group_only_ary = array('group_receive_pm', 'group_legend', 'group_message_limit');
// Check data // Check data
if (!strlen($name) || strlen($name) > 40) if (!utf8_strlen($name) || utf8_strlen($name) > 40)
{ {
$error[] = (!strlen($name)) ? $user->lang['GROUP_ERR_USERNAME'] : $user->lang['GROUP_ERR_USER_LONG']; $error[] = (!utf8_strlen($name)) ? $user->lang['GROUP_ERR_USERNAME'] : $user->lang['GROUP_ERR_USER_LONG'];
} }
if (strlen($desc) > 255) if (utf8_strlen($desc) > 255)
{ {
$error[] = $user->lang['GROUP_ERR_DESC_LONG']; $error[] = $user->lang['GROUP_ERR_DESC_LONG'];
} }

2
phpBB/includes/mcp/mcp_post.php
View File

@ -246,7 +246,7 @@ function mcp_post_details($id, $mode, $action)
while ($row = $db->sql_fetchrow($result)) while ($row = $db->sql_fetchrow($result))
{ {
$users_ary[$row['user_id']]['username'] = $row['username']; $users_ary[$row['user_id']]['username'] = $row['username'];
$usernames_ary[strtolower($row['username'])] = $users_ary[$row['user_id']]; $usernames_ary[utf8_strtolower($row['username'])] = $users_ary[$row['user_id']];
} }
$db->sql_freeresult($result); $db->sql_freeresult($result);

6
phpBB/includes/message_parser.php
View File

@ -445,7 +445,7 @@ class bbcode_firstpass extends bbcode
$code = preg_replace('#(?:[\n\r\s\t]|&nbsp;)*</span>$#', '</span>', $code); $code = preg_replace('#(?:[\n\r\s\t]|&nbsp;)*</span>$#', '</span>', $code);
// remove newline at the end // remove newline at the end
if (!empty($code) && $code{strlen($code)-1} == "\n") if (!empty($code) && $code{utf8_strlen($code)-1} == "\n")
{ {
$code = substr($code, 0, -1); $code = substr($code, 0, -1);
} }
@ -597,7 +597,7 @@ class bbcode_firstpass extends bbcode
do do
{ {
$pos = strlen($in); $pos = strlen($in);
for ($i = 0; $i < strlen($tok); ++$i) for ($i = 0, $tok_len = strlen($tok); $i < $tok_len; ++$i)
{ {
$tmp_pos = strpos($in, $tok{$i}); $tmp_pos = strpos($in, $tok{$i});
if ($tmp_pos !== false && $tmp_pos < $pos) if ($tmp_pos !== false && $tmp_pos < $pos)
@ -912,7 +912,7 @@ class parse_message extends bbcode_firstpass
// Message length check. -1 disables this check completely. // Message length check. -1 disables this check completely.
if ($config['max_' . $mode . '_chars'] != -1) if ($config['max_' . $mode . '_chars'] != -1)
{ {
$msg_len = ($mode == 'post') ? strlen($this->message) : strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#is', ' ', $this->message)); $msg_len = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#is', ' ', $this->message));
if ((!$msg_len && $mode !== 'sig') || $config['max_' . $mode . '_chars'] && $msg_len > $config['max_' . $mode . '_chars']) if ((!$msg_len && $mode !== 'sig') || $config['max_' . $mode . '_chars'] && $msg_len > $config['max_' . $mode . '_chars'])
{ {

4
phpBB/includes/search/fulltext_mysql.php
View File

@ -153,7 +153,7 @@ class fulltext_mysql extends search_backend
$clean_word = preg_replace('#^[+\-|]#', '', $word); $clean_word = preg_replace('#^[+\-|]#', '', $word);
// check word length // check word length
$clean_len = strlen(str_replace('*', '', $clean_word)); $clean_len = utf8_strlen(str_replace('*', '', $clean_word));
if (($clean_len < $config['fulltext_mysql_min_word_len']) || ($clean_len > $config['fulltext_mysql_max_word_len'])) if (($clean_len < $config['fulltext_mysql_min_word_len']) || ($clean_len > $config['fulltext_mysql_max_word_len']))
{ {
$this->common_words[] = $word; $this->common_words[] = $word;
@ -203,7 +203,7 @@ class fulltext_mysql extends search_backend
for ($i = 0, $n = sizeof($text); $i < $n; $i++) for ($i = 0, $n = sizeof($text); $i < $n; $i++)
{ {
$text[$i] = trim($text[$i]); $text[$i] = trim($text[$i]);
if (strlen($text[$i]) < $config['fulltext_mysql_min_word_len'] || strlen($text[$i]) > $config['fulltext_mysql_max_word_len']) if (utf8_strlen($text[$i]) < $config['fulltext_mysql_min_word_len'] || utf8_strlen($text[$i]) > $config['fulltext_mysql_max_word_len'])
{ {
unset($text[$i]); unset($text[$i]);
} }

2
phpBB/includes/search/fulltext_native.php
View File

@ -91,7 +91,7 @@ class fulltext_native extends search_backend
} }
$open_bracket = $space = false; $open_bracket = $space = false;
for ($i = 0, $n = strlen($keywords); $i < $n; $i++) for ($i = 0, $n = utf8_strlen($keywords); $i < $n; $i++)
{ {
if ($open_bracket !== false) if ($open_bracket !== false)
{ {

4
phpBB/includes/ucp/ucp_pm_compose.php
View File

@ -448,9 +448,9 @@ function compose_pm($id, $mode, $action)
{ {
$subject = request_var('subject', '', true); $subject = request_var('subject', '', true);
if (strcmp($subject, strtoupper($subject)) == 0 && $subject) if ($subject && strcmp($subject, utf8_strtoupper($subject)) === 0)
{ {
$subject = strtolower($subject); $subject = utf8_strtolower($subject);
} }
$message_parser->message = request_var('message', '', true); $message_parser->message = request_var('message', '', true);

2
phpBB/includes/ucp/ucp_pm_options.php
View File

@ -653,7 +653,7 @@ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule
{ {
$sql = 'SELECT user_id $sql = 'SELECT user_id
FROM ' . USERS_TABLE . " FROM ' . USERS_TABLE . "
WHERE LOWER(username) = '" . $db->sql_escape(strtolower($rule_string)) . "'"; WHERE LOWER(username) = '" . $db->sql_escape(utf8_strtolower($rule_string)) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$rule_user_id = (int) $db->sql_fetchfield('user_id'); $rule_user_id = (int) $db->sql_fetchfield('user_id');
$db->sql_freeresult($result); $db->sql_freeresult($result);

2
phpBB/includes/ucp/ucp_remind.php
View File

@ -31,7 +31,7 @@ class ucp_remind
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type, user_type, user_lang $sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type, user_type, user_lang
FROM ' . USERS_TABLE . " FROM ' . USERS_TABLE . "
WHERE user_email = '" . $db->sql_escape($email) . "' WHERE user_email = '" . $db->sql_escape($email) . "'
AND LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'"; AND LOWER(username) = '" . $db->sql_escape(utf8_strtolower($username)) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result); $user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result); $db->sql_freeresult($result);

2
phpBB/includes/ucp/ucp_resend.php
View File

@ -31,7 +31,7 @@ class ucp_resend
$sql = 'SELECT user_id, group_id, username, user_email, user_type, user_lang, user_actkey $sql = 'SELECT user_id, group_id, username, user_email, user_type, user_lang, user_actkey
FROM ' . USERS_TABLE . " FROM ' . USERS_TABLE . "
WHERE user_email = '" . $db->sql_escape($email) . "' WHERE user_email = '" . $db->sql_escape($email) . "'
AND LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'"; AND LOWER(username) = '" . $db->sql_escape(utf8_strtolower($username)) . "'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result); $user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result); $db->sql_freeresult($result);

8
phpBB/includes/ucp/ucp_zebra.php
View File

@ -42,7 +42,7 @@ class ucp_zebra
if ($data['add']) if ($data['add'])
{ {
$data['add'] = array_map('trim', array_map('strtolower', explode("\n", $data['add']))); $data['add'] = array_map('trim', array_map('utf8_strtolower', explode("\n", $data['add'])));
// Do these name/s exist on a list already? If so, ignore ... we could be // Do these name/s exist on a list already? If so, ignore ... we could be
// 'nice' and automatically handle names added to one list present on // 'nice' and automatically handle names added to one list present on
@ -59,11 +59,11 @@ class ucp_zebra
{ {
if ($row['friend']) if ($row['friend'])
{ {
$friends[] = strtolower($row['username']); $friends[] = utf8_strtolower($row['username']);
} }
else else
{ {
$foes[] = strtolower($row['username']); $foes[] = utf8_strtolower($row['username']);
} }
} }
$db->sql_freeresult($result); $db->sql_freeresult($result);
@ -88,7 +88,7 @@ class ucp_zebra
// remove the user himself from the username array // remove the user himself from the username array
$n = sizeof($data['add']); $n = sizeof($data['add']);
$data['add'] = array_diff($data['add'], array(strtolower($user->data['username']))); $data['add'] = array_diff($data['add'], array(utf8_strtolower($user->data['username'])));
if (sizeof($data['add']) < $n) if (sizeof($data['add']) < $n)
{ {

25
phpBB/includes/utf/utf_tools.php
View File

@ -6,6 +6,10 @@
* @copyright (c) 2006 phpBB Group * @copyright (c) 2006 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License * @license http://opensource.org/licenses/gpl-license.php GNU Public License
* *
* @todo make sure the replacements are called correctly
* already done: strtolower, strtoupper, ucfirst, str_split, strrpos, strlen (hopefully!)
* remaining: clean_username, htmlentities (no longer needed for internal data?), htmlspecialchars (using charset), html_entity_decode (own function to reverse htmlspecialchars and not htmlentities)
* substr, strpos, strspn, chr, ord
*/ */
/** /**
@ -136,6 +140,7 @@ if (extension_loaded('mbstring'))
* @param string needle * @param string needle
* @param integer (optional) offset (from left) * @param integer (optional) offset (from left)
* @return mixed integer position or FALSE on failure * @return mixed integer position or FALSE on failure
* @ignore
*/ */
if (version_compare(phpversion(), '5.2.0', '>=')) if (version_compare(phpversion(), '5.2.0', '>='))
{ {
@ -209,15 +214,7 @@ if (extension_loaded('mbstring'))
/** /**
* UTF-8 aware alternative to strtolower * UTF-8 aware alternative to strtolower
* Make a string lowercase * @ignore
* Note: The concept of a characters "case" only exists is some alphabets
* such as Latin, Greek, Cyrillic, Armenian and archaic Georgian - it does
* not exist in the Chinese alphabet, for example. See Unicode Standard
* Annex #21: Case Mappings
*
* @author Andreas Gohr <andi@splitbrain.org>
* @param string
* @return mixed either string in lowercase or FALSE is UTF-8 invalid
*/ */
function utf8_strtolower($str) function utf8_strtolower($str)
{ {
@ -226,15 +223,7 @@ if (extension_loaded('mbstring'))
/** /**
* UTF-8 aware alternative to strtoupper * UTF-8 aware alternative to strtoupper
* Make a string uppercase * @ignore
* Note: The concept of a characters "case" only exists is some alphabets
* such as Latin, Greek, Cyrillic, Armenian and archaic Georgian - it does
* not exist in the Chinese alphabet, for example. See Unicode Standard
* Annex #21: Case Mappings
*
* @author Andreas Gohr <andi@splitbrain.org>
* @param string
* @return mixed either string in lowercase or FALSE is UTF-8 invalid
*/ */
function utf8_strtoupper($str) function utf8_strtoupper($str)
{ {

8
phpBB/install/install_install.php
View File

@ -577,23 +577,23 @@ class install_install extends module
} }
// Test against the default username rules // Test against the default username rules
if ($admin_name != '' && strlen($admin_name) < 3) if ($admin_name != '' && utf8_strlen($admin_name) < 3)
{ {
$error[] = $lang['INST_ERR_USER_TOO_SHORT']; $error[] = $lang['INST_ERR_USER_TOO_SHORT'];
} }
if ($admin_name != '' && strlen($admin_name) > 20) if ($admin_name != '' && utf8_strlen($admin_name) > 20)
{ {
$error[] = $lang['INST_ERR_USER_TOO_LONG']; $error[] = $lang['INST_ERR_USER_TOO_LONG'];
} }
// Test against the default password rules // Test against the default password rules
if ($admin_pass1 != '' && strlen($admin_pass1) < 6) if ($admin_pass1 != '' && utf8_strlen($admin_pass1) < 6)
{ {
$error[] = $lang['INST_ERR_PASSWORD_TOO_SHORT']; $error[] = $lang['INST_ERR_PASSWORD_TOO_SHORT'];
} }
if ($admin_pass1 != '' && strlen($admin_pass1) > 30) if ($admin_pass1 != '' && utf8_strlen($admin_pass1) > 30)
{ {
$error[] = $lang['INST_ERR_PASSWORD_TOO_LONG']; $error[] = $lang['INST_ERR_PASSWORD_TOO_LONG'];
} }

2
phpBB/memberlist.php
View File

@ -332,7 +332,7 @@ switch ($mode)
{ {
$sql = 'SELECT * $sql = 'SELECT *
FROM ' . USERS_TABLE . " FROM ' . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($db->sql_escape($username)) . "' WHERE LOWER(username) = '" . utf8_strtolower($db->sql_escape($username)) . "'
AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')'; AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
} }
else else

4
phpBB/posting.php
View File

@ -532,9 +532,9 @@ if ($submit || $preview || $refresh)
// If subject is all-uppercase then we make all lowercase (we do not want to be yelled at too :P) // If subject is all-uppercase then we make all lowercase (we do not want to be yelled at too :P)
// Admins/Mods might want to create all-uppercase topics, therefore we do not apply this check to them (they should know better ;)) // Admins/Mods might want to create all-uppercase topics, therefore we do not apply this check to them (they should know better ;))
if ($post_data['post_subject'] && !$auth->acl_gets('a_', 'm_', $forum_id) && strcmp($post_data['post_subject'], strtoupper($post_data['post_subject'])) == 0) if ($post_data['post_subject'] && !$auth->acl_gets('a_', 'm_', $forum_id) && strcmp($post_data['post_subject'], utf8_strtoupper($post_data['post_subject'])) === 0)
{ {
$post_data['post_subject'] = strtolower($post_data['post_subject']); $post_data['post_subject'] = utf8_strtolower($post_data['post_subject']);
} }
$message_parser->message = request_var('message', '', true); $message_parser->message = request_var('message', '', true);

4
phpBB/search.php
View File

@ -616,7 +616,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
while ($row = $db->sql_fetchrow($result)) while ($row = $db->sql_fetchrow($result))
{ {
$rowset[] = $row; $rowset[] = $row;
if (($return_chars == -1) || (strlen($row['post_text']) < $return_chars + 3)) if (($return_chars == -1) || (utf8_strlen($row['post_text']) < $return_chars + 3))
{ {
$bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']); $bbcode_bitfield = $bbcode_bitfield | base64_decode($row['bbcode_bitfield']);
@ -777,7 +777,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
$row['post_subject'] = censor_text($row['post_subject']); $row['post_subject'] = censor_text($row['post_subject']);
$message = $row['post_text']; $message = $row['post_text'];
if (($return_chars != -1) && (strlen($message) >= $return_chars + 3)) if ($return_chars != -1 && utf8_strlen($message) >= ($return_chars + 3))
{ {
$message = censor_text($message); $message = censor_text($message);