diff options
| author | JoshyPHP <s9e.dev@gmail.com> | 2015-05-18 03:57:48 +0200 |
|---|---|---|
| committer | JoshyPHP <s9e.dev@gmail.com> | 2015-05-18 03:57:48 +0200 |
| commit | c1777f481101c0a311939f83f2afd38a0c09e394 (patch) | |
| tree | 8ef20d98dbb5aa58ae4b5a347f0b20e8905324c0 | |
| parent | c967ba7b9ba42d9cf72cd1bb0927ae5214894eda (diff) | |
| download | forums-c1777f481101c0a311939f83f2afd38a0c09e394.tar forums-c1777f481101c0a311939f83f2afd38a0c09e394.tar.gz forums-c1777f481101c0a311939f83f2afd38a0c09e394.tar.bz2 forums-c1777f481101c0a311939f83f2afd38a0c09e394.tar.xz forums-c1777f481101c0a311939f83f2afd38a0c09e394.zip | |
[ticket/11530] Remove extra quotes when depth limit is exceeded
PHPBB3-11530
| -rw-r--r-- | phpBB/includes/message_parser.php | 10 | ||||
| -rw-r--r-- | phpBB/posting.php | 13 | ||||
| -rw-r--r-- | tests/functional/posting_test.php | 81 |
3 files changed, 103 insertions, 1 deletions
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 9fe598d7fb..f018d735a7 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1250,6 +1250,16 @@ class parse_message extends bbcode_firstpass return (!$update_this_message) ? $return_message : $this->warn_msg; } + // Remove quotes that are nested too deep + if ($config['max_quote_depth'] > 0) + { + $this->message = $phpbb_container->get('text_formatter.utils')->remove_bbcode( + $this->message, + 'quote', + $config['max_quote_depth'] + ); + } + // Check for errors $errors = $parser->get_errors(); if ($errors) diff --git a/phpBB/posting.php b/phpBB/posting.php index 2d01922c80..a4fb4d7a8d 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1578,11 +1578,22 @@ if (!sizeof($error) && $preview) } } +// Remove quotes that would become nested too deep before decoding the text +$generate_quote = ($mode == 'quote' && !$submit && !$preview && !$refresh); +if ($generate_quote && $config['max_quote_depth'] > 0 && preg_match('#^<[rt][ >]#', $message_parser->message)) +{ + $message_parser->message = $phpbb_container->get('text_formatter.utils')->remove_bbcode( + $message_parser->message, + 'quote', + $config['max_quote_depth'] - 1 + ); +} + // Decode text for message display $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !sizeof($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid; $message_parser->decode_message($post_data['bbcode_uid']); -if ($mode == 'quote' && !$submit && !$preview && !$refresh) +if ($generate_quote) { if ($config['allow_bbcode']) { diff --git a/tests/functional/posting_test.php b/tests/functional/posting_test.php index 7acf375c5d..080ada5bb0 100644 --- a/tests/functional/posting_test.php +++ b/tests/functional/posting_test.php @@ -71,4 +71,85 @@ class phpbb_functional_posting_test extends phpbb_functional_test_case $crawler = self::request('GET', "viewtopic.php?t={$post['topic_id']}&sid={$this->sid}"); $this->assertContains('😀', $crawler->text()); } + + /** + * @testdox max_quote_depth is applied to the text populating the posting form + */ + public function test_quote_depth_form() + { + $text = '0[quote]1[quote]2[/quote]1[/quote]0'; + $expected = array( + 0 => '[quote="admin"]0[quote]1[quote]2[/quote]1[/quote]0[/quote]', + 1 => '[quote="admin"]00[/quote]', + 2 => '[quote="admin"]0[quote]11[/quote]0[/quote]', + 3 => '[quote="admin"]0[quote]1[quote]2[/quote]1[/quote]0[/quote]', + ); + + $this->login(); + $topic = $this->create_topic(2, 'Test Topic 1', 'Test topic'); + $post = $this->create_post(2, $topic['topic_id'], 'Re: Test Topic 1', $text); + $quote_url = "posting.php?mode=quote&f=2&t={$post['topic_id']}&p={$post['post_id']}&sid={$this->sid}"; + + $this->admin_login(); + foreach ($expected as $quote_depth => $expected_text) + { + $this->set_quote_depth($quote_depth); + $crawler = self::request('GET', $quote_url); + $this->assertContains($expected_text, $crawler->filter('textarea#message')->text()); + } + } + + /** + * @testdox max_quote_depth is applied to the text populating the posting form + */ + public function test_quote_depth_submit() + { + $text = 'depth:0[quote]depth:1[quote]depth:2[quote]depth:3[/quote][/quote][/quote]'; + $contains = array( + 0 => array('depth:0', 'depth:1', 'depth:2', 'depth:3'), + 1 => array('depth:0', 'depth:1'), + 2 => array('depth:0', 'depth:1', 'depth:2'), + 3 => array('depth:0', 'depth:1', 'depth:2', 'depth:3'), + ); + $not_contains = array( + 0 => array(), + 1 => array('depth:2', 'depth:3'), + 2 => array('depth:3'), + 3 => array(), + ); + + $this->login(); + $this->admin_login(); + $topic = $this->create_topic(2, 'Test Topic 1', 'Test topic'); + + for ($quote_depth = 0; $quote_depth <= 2; ++$quote_depth) + { + $this->set_quote_depth($quote_depth); + + $post = $this->create_post(2, $topic['topic_id'], 'Re: Test Topic 1', $text); + $url = "viewtopic.php?p={$post['post_id']}&sid={$this->sid}"; + + $crawler = self::request('GET', $url); + $text_content = $crawler->filter('#p' . $post['post_id'])->text(); + foreach ($contains[$quote_depth] as $contains_text) + { + $this->assertContains($contains_text, $text_content); + } + foreach ($not_contains[$quote_depth] as $not_contains_text) + { + $this->assertNotContains($not_contains_text, $text_content); + } + } + } + + protected function set_quote_depth($depth) + { + $crawler = self::request('GET', 'adm/index.php?sid=' . $this->sid . '&i=acp_board&mode=post'); + $form = $crawler->selectButton('Submit')->form(); + $values = $form->getValues(); + $values['config[max_quote_depth]'] = $depth; + $form->setValues($values); + $crawler = self::submit($form); + $this->assertEquals(1, $crawler->filter('.successbox')->count()); + } } |