diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-11-18 16:08:11 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-11-18 16:08:11 +0000 |
| commit | eaa1b26bf097d2aa6086dc38abe7132d14aa26b1 (patch) | |
| tree | 78fd31e2d9f945ae51f8ce83e03c44eefd1e0bb1 | |
| parent | 9aa55fb94c5fdb364d1f19bb38a6027ef62a81cb (diff) | |
| download | forums-eaa1b26bf097d2aa6086dc38abe7132d14aa26b1.tar forums-eaa1b26bf097d2aa6086dc38abe7132d14aa26b1.tar.gz forums-eaa1b26bf097d2aa6086dc38abe7132d14aa26b1.tar.bz2 forums-eaa1b26bf097d2aa6086dc38abe7132d14aa26b1.tar.xz forums-eaa1b26bf097d2aa6086dc38abe7132d14aa26b1.zip | |
Slightly fairer sig length check, removes =.*? from BBCode and HTML tags - version 2
git-svn-id: file:///svn/phpbb/trunk@1361 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/profile.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/phpBB/profile.php b/phpBB/profile.php index 828c485960..7b25355a0b 100644 --- a/phpBB/profile.php +++ b/phpBB/profile.php @@ -488,7 +488,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) $location = (!empty($HTTP_POST_VARS['location'])) ? trim(strip_tags($HTTP_POST_VARS['location'])) : ""; $occupation = (!empty($HTTP_POST_VARS['occupation'])) ? trim(strip_tags($HTTP_POST_VARS['occupation'])) : ""; $interests = (!empty($HTTP_POST_VARS['interests'])) ? trim(strip_tags($HTTP_POST_VARS['interests'])) : ""; - $signature = (!empty($HTTP_POST_VARS['signature'])) ? trim(strip_tags(str_replace("<br />", "\n", $HTTP_POST_VARS['signature']))) : ""; + $signature = (!empty($HTTP_POST_VARS['signature'])) ? trim(str_replace("<br />", "\n", $HTTP_POST_VARS['signature'])) : ""; // Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to // empty strings if they fail. @@ -631,10 +631,10 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) if( $signature != "" ) { - $sig_length_check = preg_replace("/(\[.*?)(=.*?)\]/is", "\\1]", $signature); + $sig_length_check = preg_replace("/(\[.*?)(=.*?)\]/is", "\\1]", stripslashes($signature)); if( $allowhtml ) { - $sig_length_check = preg_replace("/(<.*?)(=.*?)([ \/]?" . ">)/is", "\\1\\3", $signature); + $sig_length_check = preg_replace("/(\<.*?)(=.*?)( .*?=.*?)?([ \/]?\>)/is", "\\1\\3\\4", $sig_length_check); } $signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : ""; |