diff options
| author | Callum Macrae <callum@lynxphp.com> | 2011-07-14 18:05:34 +0100 |
|---|---|---|
| committer | callumacrae <callum@lynxphp.com> | 2011-08-08 17:43:28 +0100 |
| commit | f9dbe33fa7917b6220a85a01ed9f395f3f1bb888 (patch) | |
| tree | f5adcdad7ee62c71eda47005bc301af5c4e50695 /phpBB/includes/functions_content.php | |
| parent | e4707a8be75263e610b00b3d600144e797f576d9 (diff) | |
| download | forums-f9dbe33fa7917b6220a85a01ed9f395f3f1bb888.tar forums-f9dbe33fa7917b6220a85a01ed9f395f3f1bb888.tar.gz forums-f9dbe33fa7917b6220a85a01ed9f395f3f1bb888.tar.bz2 forums-f9dbe33fa7917b6220a85a01ed9f395f3f1bb888.tar.xz forums-f9dbe33fa7917b6220a85a01ed9f395f3f1bb888.zip | |
[ticket/10240] Added code to strip control characters from messages.
It is possible to evade the word filter using control characters.
Seeing as control characters have no practical application in a bulletin
board software, it doesn't do any harm to remove them entirely. That is
what this commit does.
PHPBB3-10240
Diffstat (limited to 'phpBB/includes/functions_content.php')
| -rw-r--r-- | phpBB/includes/functions_content.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index faff9dd0de..872ee8c7cc 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -691,6 +691,9 @@ function censor_text($text) return ''; } + // Strip control characters + $text = preg_replace('/[\x00-\x0f]/', '', $text); + // We moved the word censor checks in here because we call this function quite often - and then only need to do the check once if (!isset($censors) || !is_array($censors)) { |