diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2013-07-10 17:24:49 +0200 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2013-07-10 17:24:49 +0200 |
| commit | 34ad665c8bad380c91d1f4c333f2fe482a263fec (patch) | |
| tree | 8d98a6eb7ed3f9744b629b2351b56c80462e48d2 | |
| parent | 2d7a91ebd630d6b9316f05cd8c153cd9dde5c3c9 (diff) | |
| parent | 9210d735a53e3c4a4de042b49dae361c436268e1 (diff) | |
| download | forums-34ad665c8bad380c91d1f4c333f2fe482a263fec.tar forums-34ad665c8bad380c91d1f4c333f2fe482a263fec.tar.gz forums-34ad665c8bad380c91d1f4c333f2fe482a263fec.tar.bz2 forums-34ad665c8bad380c91d1f4c333f2fe482a263fec.tar.xz forums-34ad665c8bad380c91d1f4c333f2fe482a263fec.zip | |
Merge branch 'ticket/8319' into ticket/8319-develop2
* ticket/8319:
[ticket/8319] Do not repeat the replacement
[ticket/8319] Add explanation for RELATIVE_URL and update LOCAL_URL
[ticket/8319] Update BBCodes that currently use the LOCAL_URL tag on update
[ticket/8319] Add new token RELATIVE_URL to allow foreign relative URL parts
[ticket/8319] Prepend Board URL to LOCAL_URL links to prevent abuse
Conflicts:
phpBB/install/database_update.php
| -rw-r--r-- | phpBB/includes/acp/acp_bbcodes.php | 14 | ||||
| -rw-r--r-- | phpBB/language/en/acp/posting.php | 3 |
2 files changed, 13 insertions, 4 deletions
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index e537d7a8b9..9c430b5a0b 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -112,8 +112,8 @@ class acp_bbcodes { $template->assign_block_vars('token', array( 'TOKEN' => '{' . $token . '}', - 'EXPLAIN' => $token_explain) - ); + 'EXPLAIN' => ($token === 'LOCAL_URL') ? sprintf($token_explain, generate_board_url() . '/') : $token_explain, + )); } return; @@ -347,6 +347,9 @@ class acp_bbcodes 'LOCAL_URL' => array( '!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e' => "\$this->bbcode_specialchars('$1')" ), + 'RELATIVE_URL' => array( + '!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e' => "\$this->bbcode_specialchars('$1')" + ), 'EMAIL' => array( '!(' . get_preg_expression('email') . ')!ie' => "\$this->bbcode_specialchars('$1')" ), @@ -373,6 +376,7 @@ class acp_bbcodes $sp_tokens = array( 'URL' => '(?i)((?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))(?-i)', 'LOCAL_URL' => '(?i)(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')(?-i)', + 'RELATIVE_URL' => '(?i)(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')(?-i)', 'EMAIL' => '(' . get_preg_expression('email') . ')', 'TEXT' => '(.*?)', 'SIMPLETEXT' => '([a-zA-Z0-9-+.,_ ]+)', @@ -429,7 +433,11 @@ class acp_bbcodes $fp_replace = str_replace($token, $replace, $fp_replace); $sp_match = str_replace(preg_quote($token, '!'), $sp_tokens[$token_type], $sp_match); - $sp_replace = str_replace($token, '${' . ($n + 1) . '}', $sp_replace); + + // Prepend the board url to local relative links + $replace_prepend = ($token_type === 'LOCAL_URL') ? generate_board_url() . '/' : ''; + + $sp_replace = str_replace($token, $replace_prepend . '${' . ($n + 1) . '}', $sp_replace); } $fp_match = '!' . $fp_match . '!' . $modifiers; diff --git a/phpBB/language/en/acp/posting.php b/phpBB/language/en/acp/posting.php index 89e171744f..ea3eadb0dd 100644 --- a/phpBB/language/en/acp/posting.php +++ b/phpBB/language/en/acp/posting.php @@ -83,7 +83,8 @@ $lang = array_merge($lang, array( 'NUMBER' => 'Any series of digits', 'EMAIL' => 'A valid email address', 'URL' => 'A valid URL using any protocol (http, ftp, etc… cannot be used for javascript exploits). If none is given, “http://” is prefixed to the string.', - 'LOCAL_URL' => 'A local URL. The URL must be relative to the topic page and cannot contain a server name or protocol.', + 'LOCAL_URL' => 'A local URL. The URL must be relative to the topic page and cannot contain a server name or protocol, as links are prefixed with “%s”', + 'RELATIVE_URL' => 'A relative URL. You can use this to match parts of a URL, but be careful: a full URL is a valid relative URL. When you want to use relative URLs of your board, use the LOCAL_URL token.', 'COLOR' => 'A HTML colour, can be either in the numeric form <samp>#FF1234</samp> or a <a href="http://www.w3.org/TR/CSS21/syndata.html#value-def-color">CSS colour keyword</a> such as <samp>fuchsia</samp> or <samp>InactiveBorder</samp>' ) )); |