- Some fixes

git-svn-id: file:///svn/phpbb/trunk@6077 89ea8834-ac86-4346-8a33-228a782c2dd0
author: David M <davidmj@users.sourceforge.net> 2006-06-17 06:50:58 +0000
committer: David M <davidmj@users.sourceforge.net> 2006-06-17 06:50:58 +0000
commit: 1cc7445017f0f5083c04121008433c04b82d6770 (patch)
tree: bb9187a5df22ef6765b8a93ca9d5bc3962b804df /phpBB/includes/acp/acp_bbcodes.php
parent: a32c084507f26423a87b4ffd049e406e4039870c (diff)
download: forums-1cc7445017f0f5083c04121008433c04b82d6770.tar
forums-1cc7445017f0f5083c04121008433c04b82d6770.tar.gz
forums-1cc7445017f0f5083c04121008433c04b82d6770.tar.bz2
forums-1cc7445017f0f5083c04121008433c04b82d6770.tar.xz
forums-1cc7445017f0f5083c04121008433c04b82d6770.zip
1 files changed, 19 insertions, 1 deletions
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php
index 382a836a63..edc8a594da 100644
--- a/phpBB/includes/acp/acp_bbcodes.php
+++ b/phpBB/includes/acp/acp_bbcodes.php
@@ -56,7 +56,7 @@ class acp_bbcodes
 			break;
 
 			case 'modify':
-				$sql = 'SELECT bbcode_id
+				$sql = 'SELECT bbcode_id, bbcode_tag
 					FROM ' . BBCODES_TABLE . '
 					WHERE bbcode_id = ' . $bbcode_id;
 				$result = $db->sql_query($sql);
@@ -111,6 +111,24 @@ class acp_bbcodes
 
 				$data = $this->build_regexp($bbcode_match, $bbcode_tpl);
 
+				// Make sure the user didn't pick a "bad" name for the BBCode tag.
+				$hard_coded = array('code', 'quote', 'quote=', 'attachment', 'attachment=', 'b', 'i', 'url', 'url=', 'img', 'size', 'size=', 'color', 'color=', 'u', 'list', 'list=', 'email', 'email=', 'flash', 'flash=');
+
+				if (($action == 'modify' && $data['bbcode_tag'] !== $row['bbcode_tag']) || ($action == 'create'))
+				{
+					$sql = 'SELECT 1 as test
+						FROM ' . BBCODES_TABLE . "
+						WHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'";
+					$result = $db->sql_query($sql);
+					$info = $db->sql_fetchrow($result);
+					$db->sql_freeresult($result);
+
+					if ($info['test'] === '1' || in_array(strtolower($data['bbcode_tag']), $hard_coded))
+					{
+						trigger_error('BBCODE_INVALID_TAG_NAME');
+					}
+				}
+
 				$sql_ary = array(
 					'bbcode_tag'				=> $data['bbcode_tag'],
 					'bbcode_match'				=> $bbcode_match,
author	David M <davidmj@users.sourceforge.net>	2006-06-17 06:50:58 +0000
committer	David M <davidmj@users.sourceforge.net>	2006-06-17 06:50:58 +0000
commit	1cc7445017f0f5083c04121008433c04b82d6770 (patch)
tree	bb9187a5df22ef6765b8a93ca9d5bc3962b804df /phpBB/includes/acp/acp_bbcodes.php
parent	a32c084507f26423a87b4ffd049e406e4039870c (diff)
download	forums-1cc7445017f0f5083c04121008433c04b82d6770.tar forums-1cc7445017f0f5083c04121008433c04b82d6770.tar.gz forums-1cc7445017f0f5083c04121008433c04b82d6770.tar.bz2 forums-1cc7445017f0f5083c04121008433c04b82d6770.tar.xz forums-1cc7445017f0f5083c04121008433c04b82d6770.zip