diff options
| author | the_systech <the_systech@users.sourceforge.net> | 2002-01-24 15:32:06 +0000 |
|---|---|---|
| committer | the_systech <the_systech@users.sourceforge.net> | 2002-01-24 15:32:06 +0000 |
| commit | f332b92ec05c8777295e317fb45dd6d105a45bc5 (patch) | |
| tree | 8847e8f1a906b9320049fa21d397daf992ef5130 /phpBB/admin/admin_smilies.php | |
| parent | ddb00d817340cc5f62b05bcb9eab2b55d51adfb0 (diff) | |
| download | forums-f332b92ec05c8777295e317fb45dd6d105a45bc5.tar forums-f332b92ec05c8777295e317fb45dd6d105a45bc5.tar.gz forums-f332b92ec05c8777295e317fb45dd6d105a45bc5.tar.bz2 forums-f332b92ec05c8777295e317fb45dd6d105a45bc5.tar.xz forums-f332b92ec05c8777295e317fb45dd6d105a45bc5.zip | |
Fix for bug #505883
git-svn-id: file:///svn/phpbb/trunk@1936 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/admin/admin_smilies.php')
| -rw-r--r-- | phpBB/admin/admin_smilies.php | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php index 95f0011301..dcf05c0200 100644 --- a/phpBB/admin/admin_smilies.php +++ b/phpBB/admin/admin_smilies.php @@ -144,6 +144,11 @@ if( isset($HTTP_GET_VARS['import_pack']) || isset($HTTP_POST_VARS['import_pack'] for( $j = 2; $j < count($smile_data); $j++) { + // + // Replace > and < with the proper html_entities for matching. + // + $smile_data[$j] = str_replace("<", "<", $smile_data[$j]); + $smile_data[$j] = str_replace(">", ">", $smile_data[$j]); $k = $smile_data[$j]; if( $smiles[$k] == 1 ) @@ -396,6 +401,11 @@ else if ( $mode != "" ) $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url']; $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion']; $smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : intval($HTTP_GET_VARS['smile_id']); + // + // Convert < and > to proper htmlentities for parsing. + // + $smile_code = str_replace('<', '<', $smile_code); + $smile_code = str_replace('>', '>', $smile_code); // // Proceed with updating the smiley table. @@ -428,6 +438,12 @@ else if ( $mode != "" ) $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion']; // + // Convert < and > to proper htmlentities for parsing. + // + $smile_code = str_replace('<', '<', $smile_code); + $smile_code = str_replace('>', '>', $smile_code); + + // // Save the data to the smiley table. // $sql = "INSERT INTO " . SMILIES_TABLE . " (code, smile_url, emoticon) @@ -487,13 +503,19 @@ else // for($i = 0; $i < count($smilies); $i++) { + // + // Replace htmlentites for < and > with actual character. + // + $smilies[$i]['code'] = str_replace('<', '<', $smilies[$i]['code']); + $smilies[$i]['code'] = str_replace('>', '>', $smilies[$i]['code']); + $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; $template->assign_block_vars("smiles", array( "ROW_COLOR" => "#" . $row_color, "ROW_CLASS" => $row_class, - + "SMILEY_IMG" => $phpbb_root_path . $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'], "CODE" => $smilies[$i]['code'], "EMOT" => $smilies[$i]['emoticon'], @@ -514,4 +536,4 @@ else // include('page_footer_admin.'.$phpEx); -?>
\ No newline at end of file +?> |