diff options
| author | JoshyPHP <s9e.dev@gmail.com> | 2015-05-30 01:02:12 +0200 |
|---|---|---|
| committer | JoshyPHP <s9e.dev@gmail.com> | 2015-06-27 02:52:26 +0200 |
| commit | 817db2f13526842e04aeabe4fcd6d809dce2d0a2 (patch) | |
| tree | 50bfc83d6b64cc3543a446ee22b5eb32c143d6eb /phpBB/includes/message_parser.php | |
| parent | 7d7b536874aa7eae7a6c5451d1ed8ee1dc62a1df (diff) | |
| download | forums-817db2f13526842e04aeabe4fcd6d809dce2d0a2.tar forums-817db2f13526842e04aeabe4fcd6d809dce2d0a2.tar.gz forums-817db2f13526842e04aeabe4fcd6d809dce2d0a2.tar.bz2 forums-817db2f13526842e04aeabe4fcd6d809dce2d0a2.tar.xz forums-817db2f13526842e04aeabe4fcd6d809dce2d0a2.zip | |
[ticket/13880] Automatically remove quotes that are nested too deep
PHPBB3-13880
Diffstat (limited to 'phpBB/includes/message_parser.php')
| -rw-r--r-- | phpBB/includes/message_parser.php | 72 |
1 files changed, 50 insertions, 22 deletions
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 42ca9bf09d..6f462b7a9e 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -791,28 +791,6 @@ class bbcode_firstpass extends bbcode else if (preg_match('#^quote(?:="(.*?)")?$#is', $buffer, $m) && substr($out, -1, 1) == '[') { $this->parsed_items['quote']++; - - // the buffer holds a valid opening tag - if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth']) - { - if ($config['max_quote_depth'] == 1) - { - // Depth 1 - no nesting is allowed - $error_ary['quote_depth'] = $user->lang('QUOTE_NO_NESTING'); - } - else - { - // There are too many nested quotes - $error_ary['quote_depth'] = $user->lang('QUOTE_DEPTH_EXCEEDED', (int) $config['max_quote_depth']); - } - - $out .= $buffer . $tok; - $tok = '[]'; - $buffer = ''; - - continue; - } - array_push($close_tags, '/quote:' . $this->bbcode_uid); if (isset($m[1]) && $m[1]) @@ -1277,6 +1255,12 @@ class parse_message extends bbcode_firstpass return $update_this_message ? $this->warn_msg : $return_message; } + // Remove quotes that are nested too deep + if ($config['max_quote_depth'] > 0) + { + $this->remove_nested_quotes($config['max_quote_depth']); + } + // Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length. // The maximum length check happened before any parsings. if ($mode === 'post' && utf8_clean_string($this->message) === '') @@ -1856,6 +1840,50 @@ class parse_message extends bbcode_firstpass } /** + * Remove nested quotes at given depth in current parsed message + * + * @param integer $max_depth Depth limit + * @return null + */ + public function remove_nested_quotes($max_depth) + { + // Capture all [quote] and [/quote] tags + preg_match_all('(\\[/?quote(?:=[^]]+)?:' . $this->bbcode_uid . '\\])', $this->message, $matches, PREG_OFFSET_CAPTURE); + + // Iterate over the quote tags to mark the ranges that must be removed + $depth = 0; + $ranges = array(); + $start_pos = 0; + foreach ($matches[0] as $match) + { + if ($match[0][1] === '/') + { + --$depth; + if ($depth == $max_depth) + { + $end_pos = $match[1] + strlen($match[0]); + $length = $end_pos - $start_pos; + $ranges[] = array($start_pos, $length); + } + } + else + { + ++$depth; + if ($depth == $max_depth + 1) + { + $start_pos = $match[1]; + } + } + } + + foreach (array_reverse($ranges) as $range) + { + list($start_pos, $length) = $range; + $this->message = substr_replace($this->message, '', $start_pos, $length); + } + } + + /** * Setter function for passing the plupload object * * @param \phpbb\plupload\plupload $plupload The plupload object |