diff options
| author | Nils Adermann <naderman@naderman.de> | 2007-08-19 21:29:31 +0000 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2007-08-19 21:29:31 +0000 |
| commit | 23e3766497d2c17213a5ff4ab52bcd1722f1cebb (patch) | |
| tree | 9bde7e04dbc6c2824f173a2b631ff67dc79dac9e /phpBB/includes | |
| parent | c06b3ce84ac21d45a59df601ac25169beefed81f (diff) | |
| download | forums-23e3766497d2c17213a5ff4ab52bcd1722f1cebb.tar forums-23e3766497d2c17213a5ff4ab52bcd1722f1cebb.tar.gz forums-23e3766497d2c17213a5ff4ab52bcd1722f1cebb.tar.bz2 forums-23e3766497d2c17213a5ff4ab52bcd1722f1cebb.tar.xz forums-23e3766497d2c17213a5ff4ab52bcd1722f1cebb.zip | |
- Prevent {URL} token in custom BBCodes from make_clickable messing [Bug #14151]
- Added alternative tokens to custom BBCodes which are safe for CSS/Javascript and changed TEXT token to entitise opening and closing parantheses.
git-svn-id: file:///svn/phpbb/trunk@8056 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_bbcodes.php | 14 | ||||
| -rw-r--r-- | phpBB/includes/bbcode.php | 2 |
2 files changed, 11 insertions, 5 deletions
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index ce0d12b356..235028fc3c 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -295,16 +295,22 @@ class acp_bbcodes // @todo Make sure to change this too if something changed in message parsing $tokens = array( 'URL' => array( - '!([a-z0-9]+://)?([^< "\r\n\t\]]*?)!ie' => "(('\$1') ? '\$1\$2' : 'http://\$2')" + '!(?:(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))!ie' => "\$this->bbcode_specialchars(('\$1') ? '\$1' : 'http://\$2')" ), 'LOCAL_URL' => array( - '!([^:]+/[^< "\r\n\t\]]*?)!' => '$1' + '!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e' => "\$this->bbcode_specialchars('$1')" ), 'EMAIL' => array( - '!([a-z0-9]+[a-z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-z0-9]+[a-z0-9\-\._]*\.[a-z]+))!i' => '$1' + '!([a-z0-9]+[a-z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-z0-9]+[a-z0-9\-\._]*\.[a-z]+))!i' => "\$this->bbcode_specialchars('$1')" ), 'TEXT' => array( - '!(.*?)!es' => "str_replace(\"\\r\\n\",\"\\n\", str_replace('\\\"', '\"', str_replace('\\'', ''', trim('\$1'))))" + '!(.*?)!es' => "str_replace(array(\"\\r\\n\", '\\\"', '\\'', '(', ')'), array(\"\\n\", '\"', ''', '(', ')'), trim('\$1'))" + ), + 'SIMPLETEXT' => array( + '!([a-zA-Z0-9-+.,_ ]+)!' => "$1" + ), + 'IDENTIFIER' => array( + '!([a-zA-Z0-9-_]+)!' => "$1" ), 'COLOR' => array( '!([a-z]+|#[0-9abcdef]+)!i' => '$1' diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index 4b8ad62a51..c877d56e2b 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -332,7 +332,7 @@ class bbcode // In order to use templates with custom bbcodes we need // to replace all {VARS} to corresponding backreferences // Note that backreferences are numbered from bbcode_match - if (preg_match_all('/\{(URL|EMAIL|TEXT|COLOR|NUMBER)[0-9]*\}/', $rowset[$bbcode_id]['bbcode_match'], $m)) + if (preg_match_all('/\{(URL|LOCAL_URL|EMAIL|TEXT|SIMPLETEXT|IDENTIFIER|COLOR|NUMBER)[0-9]*\}/', $rowset[$bbcode_id]['bbcode_match'], $m)) { foreach ($m[0] as $i => $tok) { |