diff options
author | Marc Alexander <admin@m-a-styles.de> | 2015-11-06 10:20:05 +0100 |
---|---|---|
committer | Marc Alexander <admin@m-a-styles.de> | 2015-11-06 10:20:05 +0100 |
commit | aca6e64669079abc385f3094d8b6c186d9b46082 (patch) | |
tree | c1470fdb697be918ae4247e405946afcd9fe1055 /phpBB/includes/functions_acp.php | |
parent | 8dbf3976fd40b295175a34a2605571b0786385db (diff) | |
download | forums-aca6e64669079abc385f3094d8b6c186d9b46082.tar forums-aca6e64669079abc385f3094d8b6c186d9b46082.tar.gz forums-aca6e64669079abc385f3094d8b6c186d9b46082.tar.bz2 forums-aca6e64669079abc385f3094d8b6c186d9b46082.tar.xz forums-aca6e64669079abc385f3094d8b6c186d9b46082.zip |
[ticket/14272] Only use maxlength and size for allowed input elements
PHPBB3-14272
Diffstat (limited to 'phpBB/includes/functions_acp.php')
-rw-r--r-- | phpBB/includes/functions_acp.php | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index d566336d26..bd12c3dd5c 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -254,6 +254,16 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) case 'text': case 'url': case 'email': + case 'tel': + case 'search': + // maxlength and size are only valid for these types and will be + // ignored for other input types. + $size = (int) $tpl_type[1]; + $maxlength = (int) $tpl_type[2]; + + $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '"' . (($tpl_type[0] === 'password') ? ' autocomplete="off"' : '') . ' />'; + break; + case 'color': case 'date': case 'time': @@ -261,39 +271,32 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) case 'datetime-local': case 'month': case 'range': - case 'search': - case 'tel': case 'week': - $size = (int) $tpl_type[1]; - $maxlength = (int) $tpl_type[2]; - - $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '"' . (($tpl_type[0] === 'password') ? ' autocomplete="off"' : '') . ' />'; + $tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '" name="' . $name . '" value="' . $new[$config_key] . '"' . (($tpl_type[0] === 'password') ? ' autocomplete="off"' : '') . ' />'; break; case 'number': - $min = $max = $maxlength = ''; + $max = ''; $min = ( isset($tpl_type[1]) ) ? (int) $tpl_type[1] : false; if ( isset($tpl_type[2]) ) { $max = (int) $tpl_type[2]; - $maxlength = strlen( (string) $max ); } - $tpl = '<input id="' . $key . '" type="number" maxlength="' . (( $maxlength != '' ) ? $maxlength : 255) . '"' . (( $min != '' ) ? ' min="' . $min . '"' : '') . (( $max != '' ) ? ' max="' . $max . '"' : '') . ' name="' . $name . '" value="' . $new[$config_key] . '" />'; + $tpl = '<input id="' . $key . '" type="number"' . (( $min != '' ) ? ' min="' . $min . '"' : '') . (( $max != '' ) ? ' max="' . $max . '"' : '') . ' name="' . $name . '" value="' . $new[$config_key] . '" />'; break; case 'dimension': - $min = $max = $maxlength = $size = ''; + $max = ''; $min = (int) $tpl_type[1]; if ( isset($tpl_type[2]) ) { $max = (int) $tpl_type[2]; - $size = $maxlength = strlen( (string) $max ); } - $tpl = '<input id="' . $key . '" type="number"' . (( $size != '' ) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength != '') ? $maxlength : 255) . '"' . (( $min !== '' ) ? ' min="' . $min . '"' : '') . (( $max != '' ) ? ' max="' . $max . '"' : '') . ' name="config[' . $config_key . '_width]" value="' . $new[$config_key . '_width'] . '" /> x <input type="number"' . (( $size != '' ) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength != '') ? $maxlength : 255) . '"' . (( $min !== '' ) ? ' min="' . $min . '"' : '') . (( $max != '' ) ? ' max="' . $max . '"' : '') . ' name="config[' . $config_key . '_height]" value="' . $new[$config_key . '_height'] . '" />'; + $tpl = '<input id="' . $key . '" type="number"' . (( $min !== '' ) ? ' min="' . $min . '"' : '') . (( $max != '' ) ? ' max="' . $max . '"' : '') . ' name="config[' . $config_key . '_width]" value="' . $new[$config_key . '_width'] . '" /> x <input type="number"' . (( $min !== '' ) ? ' min="' . $min . '"' : '') . (( $max != '' ) ? ' max="' . $max . '"' : '') . ' name="config[' . $config_key . '_height]" value="' . $new[$config_key . '_height'] . '" />'; break; case 'textarea': |