aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/message_parser.php
diff options
context:
space:
mode:
authorMaat <maat-pub@mageia.biz>2020-05-08 18:29:30 +0200
committerMaat <maat-pub@mageia.biz>2020-05-08 21:36:04 +0200
commit36bc1870f21fac04736a1049c1d5b8e127d729f4 (patch)
tree9d102331eeaf1ef3cd23e656320d7c08e65757ed /phpBB/includes/message_parser.php
parent8875d385d0579b451dac4d9bda465172b4f69ee0 (diff)
parent149375253685b3a38996f63015a74b7a0f53aa14 (diff)
downloadforums-36bc1870f21fac04736a1049c1d5b8e127d729f4.tar
forums-36bc1870f21fac04736a1049c1d5b8e127d729f4.tar.gz
forums-36bc1870f21fac04736a1049c1d5b8e127d729f4.tar.bz2
forums-36bc1870f21fac04736a1049c1d5b8e127d729f4.tar.xz
forums-36bc1870f21fac04736a1049c1d5b8e127d729f4.zip
Merge remote-tracking branch 'upstream/prep-release-3.1.11'
Diffstat (limited to 'phpBB/includes/message_parser.php')
-rw-r--r--phpBB/includes/message_parser.php392
1 files changed, 327 insertions, 65 deletions
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php
index a134fab5d3..bbd5e84233 100644
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@@ -1,10 +1,13 @@
<?php
/**
*
-* @package phpBB3
-* @version $Id$
-* @copyright (c) 2005 phpBB Group
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
*
*/
@@ -18,13 +21,25 @@ if (!defined('IN_PHPBB'))
if (!class_exists('bbcode'))
{
+ // The following lines are for extensions which include message_parser.php
+ // while $phpbb_root_path and $phpEx are out of the script scope
+ // which may lead to the 'Undefined variable' and 'failed to open stream' errors
+ if (!isset($phpbb_root_path))
+ {
+ global $phpbb_root_path;
+ }
+
+ if (!isset($phpEx))
+ {
+ global $phpEx;
+ }
+
include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
}
/**
* BBCODE FIRSTPASS
* BBCODE first pass class (functions for parsing messages for db storage)
-* @package phpBB3
*/
class bbcode_firstpass extends bbcode
{
@@ -104,6 +119,8 @@ class bbcode_firstpass extends bbcode
*/
function bbcode_init($allow_custom_bbcode = true)
{
+ global $phpbb_dispatcher;
+
static $rowset;
// This array holds all bbcode data. BBCodes will be processed in this
@@ -111,6 +128,9 @@ class bbcode_firstpass extends bbcode
// [quote] in second position.
// To parse multiline URL we enable dotall option setting only for URL text
// but not for link itself, thus [url][/url] is not affected.
+ //
+ // To perform custom validation in extension, use $this->validate_bbcode_by_extension()
+ // method which accepts variable number of parameters
$this->bbcodes = array(
'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")),
'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:=&quot;(.*?)&quot;)?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")),
@@ -163,6 +183,21 @@ class bbcode_firstpass extends bbcode
'regexp' => array($row['first_pass_match'] => str_replace('$uid', $this->bbcode_uid, $row['first_pass_replace']))
);
}
+
+ $bbcodes = $this->bbcodes;
+
+ /**
+ * Event to modify the bbcode data for later parsing
+ *
+ * @event core.modify_bbcode_init
+ * @var array bbcodes Array of bbcode data for use in parsing
+ * @var array rowset Array of bbcode data from the database
+ * @since 3.1.0-a3
+ */
+ $vars = array('bbcodes', 'rowset');
+ extract($phpbb_dispatcher->trigger_event('core.modify_bbcode_init', compact($vars)));
+
+ $this->bbcodes = $bbcodes;
}
/**
@@ -210,7 +245,7 @@ class bbcode_firstpass extends bbcode
if ($config['max_' . $this->mode . '_font_size'] && $config['max_' . $this->mode . '_font_size'] < $stx)
{
- $this->warn_msg[] = sprintf($user->lang['MAX_FONT_SIZE_EXCEEDED'], $config['max_' . $this->mode . '_font_size']);
+ $this->warn_msg[] = $user->lang('MAX_FONT_SIZE_EXCEEDED', (int) $config['max_' . $this->mode . '_font_size']);
return '[size=' . $stx . ']' . $in . '[/size]';
}
@@ -294,7 +329,7 @@ class bbcode_firstpass extends bbcode
$in = str_replace(' ', '%20', $in);
// Checking urls
- if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in))
+ if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in))
{
return '[img]' . $in . '[/img]';
}
@@ -319,13 +354,13 @@ class bbcode_firstpass extends bbcode
if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $stats[1])
{
$error = true;
- $this->warn_msg[] = sprintf($user->lang['MAX_IMG_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']);
+ $this->warn_msg[] = $user->lang('MAX_IMG_HEIGHT_EXCEEDED', (int) $config['max_' . $this->mode . '_img_height']);
}
if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $stats[0])
{
$error = true;
- $this->warn_msg[] = sprintf($user->lang['MAX_IMG_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']);
+ $this->warn_msg[] = $user->lang('MAX_IMG_WIDTH_EXCEEDED', (int) $config['max_' . $this->mode . '_img_width']);
}
}
}
@@ -362,8 +397,8 @@ class bbcode_firstpass extends bbcode
$in = str_replace(' ', '%20', $in);
// Make sure $in is a URL.
- if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) &&
- !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in))
+ if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) &&
+ !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in))
{
return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]';
}
@@ -374,13 +409,13 @@ class bbcode_firstpass extends bbcode
if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $height)
{
$error = true;
- $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']);
+ $this->warn_msg[] = $user->lang('MAX_FLASH_HEIGHT_EXCEEDED', (int) $config['max_' . $this->mode . '_img_height']);
}
if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $width)
{
$error = true;
- $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']);
+ $this->warn_msg[] = $user->lang('MAX_FLASH_WIDTH_EXCEEDED', (int) $config['max_' . $this->mode . '_img_width']);
}
}
@@ -703,17 +738,6 @@ class bbcode_firstpass extends bbcode
{
global $config, $user;
- /**
- * If you change this code, make sure the cases described within the following reports are still working:
- * #3572 - [quote="[test]test"]test [ test[/quote] - (correct: parsed)
- * #14667 - [quote]test[/quote] test ] and [ test [quote]test[/quote] (correct: parsed)
- * #14770 - [quote="["]test[/quote] (correct: parsed)
- * [quote="[i]test[/i]"]test[/quote] (correct: parsed)
- * [quote="[quote]test[/quote]"]test[/quote] (correct: parsed - Username displayed as [quote]test[/quote])
- * #20735 - [quote]test[/[/b]quote] test [/quote][/quote] test - (correct: quoted: "test[/[/b]quote] test" / non-quoted: "[/quote] test" - also failed if layout distorted)
- * #40565 - [quote="a"]a[/quote][quote="a]a[/quote] (correct: first quote tag parsed, second quote tag unparsed)
- */
-
$in = str_replace("\r\n", "\n", str_replace('\"', '"', trim($in)));
if (!$in)
@@ -767,20 +791,6 @@ class bbcode_firstpass extends bbcode
else if (preg_match('#^quote(?:=&quot;(.*?)&quot;)?$#is', $buffer, $m) && substr($out, -1, 1) == '[')
{
$this->parsed_items['quote']++;
-
- // the buffer holds a valid opening tag
- if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth'])
- {
- // there are too many nested quotes
- $error_ary['quote_depth'] = sprintf($user->lang['QUOTE_DEPTH_EXCEEDED'], $config['max_quote_depth']);
-
- $out .= $buffer . $tok;
- $tok = '[]';
- $buffer = '';
-
- continue;
- }
-
array_push($close_tags, '/quote:' . $this->bbcode_uid);
if (isset($m[1]) && $m[1])
@@ -957,9 +967,9 @@ class bbcode_firstpass extends bbcode
$url = str_replace(' ', '%20', $url);
// Checking urls
- if (preg_match('#^' . get_preg_expression('url') . '$#i', $url) ||
- preg_match('#^' . get_preg_expression('www_url') . '$#i', $url) ||
- preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#i', $url))
+ if (preg_match('#^' . get_preg_expression('url') . '$#iu', $url) ||
+ preg_match('#^' . get_preg_expression('www_url') . '$#iu', $url) ||
+ preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#iu', $url))
{
$valid = true;
}
@@ -1044,7 +1054,6 @@ class bbcode_firstpass extends bbcode
/**
* Main message parser for posting, pm, etc. takes raw message
* and parses it for attachments, bbcode and smilies
-* @package phpBB3
*/
class parse_message extends bbcode_firstpass
{
@@ -1062,6 +1071,18 @@ class parse_message extends bbcode_firstpass
var $mode;
/**
+ * The plupload object used for dealing with attachments
+ * @var \phpbb\plupload\plupload
+ */
+ protected $plupload;
+
+ /**
+ * The mimetype guesser object used for attachment mimetypes
+ * @var \phpbb\mimetype\guesser
+ */
+ protected $mimetype_guesser;
+
+ /**
* Init - give message here or manually
*/
function parse_message($message = '')
@@ -1076,7 +1097,7 @@ class parse_message extends bbcode_firstpass
*/
function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post')
{
- global $config, $db, $user;
+ global $config, $db, $user, $phpbb_dispatcher;
$this->mode = $mode;
@@ -1117,7 +1138,7 @@ class parse_message extends bbcode_firstpass
// Maximum message length check. 0 disables this check completely.
if ((int) $config['max_' . $mode . '_chars'] > 0 && $message_length > (int) $config['max_' . $mode . '_chars'])
{
- $this->warn_msg[] = sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $message_length, (int) $config['max_' . $mode . '_chars']);
+ $this->warn_msg[] = $user->lang('CHARS_' . strtoupper($mode) . '_CONTAINS', $message_length) . '<br />' . $user->lang('TOO_MANY_CHARS_LIMIT', (int) $config['max_' . $mode . '_chars']);
return (!$update_this_message) ? $return_message : $this->warn_msg;
}
@@ -1126,11 +1147,63 @@ class parse_message extends bbcode_firstpass
{
if (!$message_length || $message_length < (int) $config['min_post_chars'])
{
- $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_FEW_CHARS_LIMIT'], $message_length, (int) $config['min_post_chars']);
+ $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : ($user->lang('CHARS_POST_CONTAINS', $message_length) . '<br />' . $user->lang('TOO_FEW_CHARS_LIMIT', (int) $config['min_post_chars']));
return (!$update_this_message) ? $return_message : $this->warn_msg;
}
}
+ /**
+ * This event can be used for additional message checks/cleanup before parsing
+ *
+ * @event core.message_parser_check_message
+ * @var bool allow_bbcode Do we allow BBCodes
+ * @var bool allow_magic_url Do we allow magic urls
+ * @var bool allow_smilies Do we allow smilies
+ * @var bool allow_img_bbcode Do we allow image BBCode
+ * @var bool allow_flash_bbcode Do we allow flash BBCode
+ * @var bool allow_quote_bbcode Do we allow quote BBCode
+ * @var bool allow_url_bbcode Do we allow url BBCode
+ * @var bool update_this_message Do we alter the parsed message
+ * @var string mode Posting mode
+ * @var string message The message text to parse
+ * @var string bbcode_bitfield The bbcode_bitfield before parsing
+ * @var string bbcode_uid The bbcode_uid before parsing
+ * @var bool return Do we return after the event is triggered if $warn_msg is not empty
+ * @var array warn_msg Array of the warning messages
+ * @since 3.1.2-RC1
+ * @changed 3.1.3-RC1 Added vars $bbcode_bitfield and $bbcode_uid
+ */
+ $message = $this->message;
+ $warn_msg = $this->warn_msg;
+ $return = false;
+ $bbcode_bitfield = $this->bbcode_bitfield;
+ $bbcode_uid = $this->bbcode_uid;
+ $vars = array(
+ 'allow_bbcode',
+ 'allow_magic_url',
+ 'allow_smilies',
+ 'allow_img_bbcode',
+ 'allow_flash_bbcode',
+ 'allow_quote_bbcode',
+ 'allow_url_bbcode',
+ 'update_this_message',
+ 'mode',
+ 'message',
+ 'bbcode_bitfield',
+ 'bbcode_uid',
+ 'return',
+ 'warn_msg',
+ );
+ extract($phpbb_dispatcher->trigger_event('core.message_parser_check_message', compact($vars)));
+ $this->message = $message;
+ $this->warn_msg = $warn_msg;
+ $this->bbcode_bitfield = $bbcode_bitfield;
+ $this->bbcode_uid = $bbcode_uid;
+ if ($return && !empty($this->warn_msg))
+ {
+ return (!$update_this_message) ? $return_message : $this->warn_msg;
+ }
+
// Prepare BBcode (just prepares some tags for better parsing)
if ($allow_bbcode && strpos($this->message, '[') !== false)
{
@@ -1173,6 +1246,21 @@ class parse_message extends bbcode_firstpass
}
}
+ // Check for out-of-bounds characters that are currently
+ // not supported by utf8_bin in MySQL
+ if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $this->message, $matches))
+ {
+ $character_list = implode('<br />', $matches[0]);
+ $this->warn_msg[] = $user->lang('UNSUPPORTED_CHARACTERS_MESSAGE', $character_list);
+ return $update_this_message ? $this->warn_msg : $return_message;
+ }
+
+ // Remove quotes that are nested too deep
+ if ($config['max_quote_depth'] > 0)
+ {
+ $this->remove_nested_quotes($config['max_quote_depth']);
+ }
+
// Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length.
// The maximum length check happened before any parsings.
if ($mode === 'post' && utf8_clean_string($this->message) === '')
@@ -1204,6 +1292,8 @@ class parse_message extends bbcode_firstpass
*/
function format_display($allow_bbcode, $allow_magic_url, $allow_smilies, $update_this_message = true)
{
+ global $phpbb_dispatcher;
+
// If false, then the parsed message get returned but internal message not processed.
if (!$update_this_message)
{
@@ -1211,6 +1301,29 @@ class parse_message extends bbcode_firstpass
$return_message = &$this->message;
}
+ $text = $this->message;
+ $uid = $this->bbcode_uid;
+
+ /**
+ * Event to modify the text before it is parsed
+ *
+ * @event core.modify_format_display_text_before
+ * @var string text The message text to parse
+ * @var string uid The bbcode uid
+ * @var bool allow_bbcode Do we allow bbcodes
+ * @var bool allow_magic_url Do we allow magic urls
+ * @var bool allow_smilies Do we allow smilies
+ * @var bool update_this_message Do we update the internal message
+ * with the parsed result
+ * @since 3.1.6-RC1
+ */
+ $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message');
+ extract($phpbb_dispatcher->trigger_event('core.modify_format_display_text_before', compact($vars)));
+
+ $this->message = $text;
+ $this->bbcode_uid = $uid;
+ unset($text, $uid);
+
if ($this->message_status == 'plain')
{
// Force updating message - of course.
@@ -1232,6 +1345,28 @@ class parse_message extends bbcode_firstpass
$this->message = bbcode_nl2br($this->message);
$this->message = smiley_text($this->message, !$allow_smilies);
+ $text = $this->message;
+ $uid = $this->bbcode_uid;
+
+ /**
+ * Event to modify the text after it is parsed
+ *
+ * @event core.modify_format_display_text_after
+ * @var string text The message text to parse
+ * @var string uid The bbcode uid
+ * @var bool allow_bbcode Do we allow bbcodes
+ * @var bool allow_magic_url Do we allow magic urls
+ * @var bool allow_smilies Do we allow smilies
+ * @var bool update_this_message Do we update the internal message
+ * with the parsed result
+ * @since 3.1.0-a3
+ */
+ $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message');
+ extract($phpbb_dispatcher->trigger_event('core.modify_format_display_text_after', compact($vars)));
+
+ $this->message = $text;
+ $this->bbcode_uid = $uid;
+
if (!$update_this_message)
{
unset($this->message);
@@ -1296,7 +1431,7 @@ class parse_message extends bbcode_firstpass
// NOTE: obtain_* function? chaching the table contents?
// For now setting the ttl to 10 minutes
- switch ($db->sql_layer)
+ switch ($db->get_sql_layer())
{
case 'mssql':
case 'mssql_odbc':
@@ -1306,12 +1441,6 @@ class parse_message extends bbcode_firstpass
ORDER BY LEN(code) DESC';
break;
- case 'firebird':
- $sql = 'SELECT *
- FROM ' . SMILIES_TABLE . '
- ORDER BY CHAR_LENGTH(code) DESC';
- break;
-
// LENGTH supported by MySQL, IBM DB2, Oracle and Access for sure...
default:
$sql = 'SELECT *
@@ -1364,13 +1493,14 @@ class parse_message extends bbcode_firstpass
*/
function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
{
- global $config, $auth, $user, $phpbb_root_path, $phpEx, $db;
+ global $config, $auth, $user, $phpbb_root_path, $phpEx, $db, $request;
$error = array();
$num_attachments = sizeof($this->attachment_data);
$this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
- $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false;
+ $upload = $request->file($form_name);
+ $upload_file = (!empty($upload) && $upload['name'] !== 'none' && trim($upload['name']));
$add_file = (isset($_POST['add_file'])) ? true : false;
$delete_file = (isset($_POST['delete_file'])) ? true : false;
@@ -1425,6 +1555,7 @@ class parse_message extends bbcode_firstpass
'is_orphan' => 1,
'real_filename' => $filedata['real_filename'],
'attach_comment'=> $this->filename_data['filecomment'],
+ 'filesize' => $filedata['filesize'],
);
$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
@@ -1445,12 +1576,17 @@ class parse_message extends bbcode_firstpass
}
else
{
- $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']);
+ $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']);
}
}
if ($preview || $refresh || sizeof($error))
{
+ if (isset($this->plupload) && $this->plupload->is_active())
+ {
+ $json_response = new \phpbb\json_response();
+ }
+
// Perform actions on temporary attachments
if ($delete_file)
{
@@ -1495,13 +1631,17 @@ class parse_message extends bbcode_firstpass
// Reindex Array
$this->attachment_data = array_values($this->attachment_data);
+ if (isset($this->plupload) && $this->plupload->is_active())
+ {
+ $json_response->send($this->attachment_data);
+ }
}
}
else if (($add_file || $preview) && $upload_file)
{
if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_', $forum_id))
{
- $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message);
+ $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message, false, $this->mimetype_guesser, $this->plupload);
$error = array_merge($error, $filedata['error']);
if (!sizeof($error))
@@ -1527,16 +1667,39 @@ class parse_message extends bbcode_firstpass
'is_orphan' => 1,
'real_filename' => $filedata['real_filename'],
'attach_comment'=> $this->filename_data['filecomment'],
+ 'filesize' => $filedata['filesize'],
);
$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
$this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message);
$this->filename_data['filecomment'] = '';
+
+ if (isset($this->plupload) && $this->plupload->is_active())
+ {
+ $download_url = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'mode=view&amp;id=' . $new_entry['attach_id']);
+
+ // Send the client the attachment data to maintain state
+ $json_response->send(array('data' => $this->attachment_data, 'download_url' => $download_url));
+ }
}
}
else
{
- $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']);
+ $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']);
+ }
+
+ if (!empty($error) && isset($this->plupload) && $this->plupload->is_active())
+ {
+ // If this is a plupload (and thus ajax) request, give the
+ // client the first error we have
+ $json_response->send(array(
+ 'jsonrpc' => '2.0',
+ 'id' => 'id',
+ 'error' => array(
+ 'code' => 105,
+ 'message' => current($error),
+ ),
+ ));
}
}
}
@@ -1553,9 +1716,10 @@ class parse_message extends bbcode_firstpass
function get_submitted_attachment_data($check_user_id = false)
{
global $user, $db, $phpbb_root_path, $phpEx, $config;
+ global $request;
$this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
- $attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
+ $attachment_data = $request->variable('attachment_data', array(0 => array('' => '')), true, \phpbb\request\request_interface::POST);
$this->attachment_data = array();
$check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;
@@ -1583,7 +1747,7 @@ class parse_message extends bbcode_firstpass
if (sizeof($not_orphan))
{
// Get the attachment data, based on the poster id...
- $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
+ $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment, filesize
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('attach_id', array_keys($not_orphan)) . '
AND poster_id = ' . $check_user_id;
@@ -1593,7 +1757,7 @@ class parse_message extends bbcode_firstpass
{
$pos = $not_orphan[$row['attach_id']];
$this->attachment_data[$pos] = $row;
- set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
+ $this->attachment_data[$pos]['attach_comment'] = $attachment_data[$pos]['attach_comment'];
unset($not_orphan[$row['attach_id']]);
}
@@ -1608,7 +1772,7 @@ class parse_message extends bbcode_firstpass
// Regenerate newly uploaded attachments
if (sizeof($orphan))
{
- $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
+ $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment, filesize
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan)) . '
AND poster_id = ' . $user->data['user_id'] . '
@@ -1619,7 +1783,7 @@ class parse_message extends bbcode_firstpass
{
$pos = $orphan[$row['attach_id']];
$this->attachment_data[$pos] = $row;
- set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
+ $this->attachment_data[$pos]['attach_comment'] = $attachment_data[$pos]['attach_comment'];
unset($orphan[$row['attach_id']]);
}
@@ -1658,7 +1822,7 @@ class parse_message extends bbcode_firstpass
$this->message = $poll['poll_title'];
$this->bbcode_bitfield = $bbcode_bitfield;
- $poll['poll_options'] = explode("\n", trim($poll['poll_option_text']));
+ $poll['poll_options'] = preg_split('/\s*?\n\s*/', trim($poll['poll_option_text']));
$poll['poll_options_size'] = sizeof($poll['poll_options']);
if (!$poll['poll_title'] && $poll['poll_options_size'])
@@ -1697,6 +1861,104 @@ class parse_message extends bbcode_firstpass
$poll['poll_max_options'] = ($poll['poll_max_options'] < 1) ? 1 : (($poll['poll_max_options'] > $config['max_poll_options']) ? $config['max_poll_options'] : $poll['poll_max_options']);
}
-}
-?> \ No newline at end of file
+ /**
+ * Remove nested quotes at given depth in current parsed message
+ *
+ * @param integer $max_depth Depth limit
+ * @return null
+ */
+ public function remove_nested_quotes($max_depth)
+ {
+ // Capture all [quote] and [/quote] tags
+ preg_match_all('(\\[/?quote(?:=&quot;(.*?)&quot;)?:' . $this->bbcode_uid . '\\])', $this->message, $matches, PREG_OFFSET_CAPTURE);
+
+ // Iterate over the quote tags to mark the ranges that must be removed
+ $depth = 0;
+ $ranges = array();
+ $start_pos = 0;
+ foreach ($matches[0] as $match)
+ {
+ if ($match[0][1] === '/')
+ {
+ --$depth;
+ if ($depth == $max_depth)
+ {
+ $end_pos = $match[1] + strlen($match[0]);
+ $length = $end_pos - $start_pos;
+ $ranges[] = array($start_pos, $length);
+ }
+ }
+ else
+ {
+ ++$depth;
+ if ($depth == $max_depth + 1)
+ {
+ $start_pos = $match[1];
+ }
+ }
+ }
+
+ foreach (array_reverse($ranges) as $range)
+ {
+ list($start_pos, $length) = $range;
+ $this->message = substr_replace($this->message, '', $start_pos, $length);
+ }
+ }
+
+ /**
+ * Setter function for passing the plupload object
+ *
+ * @param \phpbb\plupload\plupload $plupload The plupload object
+ *
+ * @return null
+ */
+ public function set_plupload(\phpbb\plupload\plupload $plupload)
+ {
+ $this->plupload = $plupload;
+ }
+
+ /**
+ * Setter function for passing the mimetype_guesser object
+ *
+ * @param \phpbb\mimetype\guesser $mimetype_guesser The mimetype_guesser object
+ *
+ * @return null
+ */
+ public function set_mimetype_guesser(\phpbb\mimetype\guesser $mimetype_guesser)
+ {
+ $this->mimetype_guesser = $mimetype_guesser;
+ }
+
+ /**
+ * Function to perform custom bbcode validation by extensions
+ * can be used in bbcode_init() to assign regexp replacement
+ * Example: 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->validate_bbcode_by_extension('\$1')")
+ *
+ * Accepts variable number of parameters
+ *
+ * @return mixed Validation result
+ */
+ public function validate_bbcode_by_extension()
+ {
+ global $phpbb_dispatcher;
+
+ $return = false;
+ $params_array = func_get_args();
+
+ /**
+ * Event to validate bbcode with the custom validating methods
+ * provided by extensions
+ *
+ * @event core.validate_bbcode_by_extension
+ * @var array params_array Array with the function parameters
+ * @var mixed return Validation result to return
+ *
+ * @since 3.1.5-RC1
+ */
+ $vars = array('params_array', 'return');
+ extract($phpbb_dispatcher->trigger_event('core.validate_bbcode_by_extension', compact($vars)));
+
+ return $return;
+ }
+}
generated by cgit v1.2.1 (git 2.21.0) at 2024-09-26 10:19:20 +0000