diff options
| author | natec <natec@users.sourceforge.net> | 2001-11-25 23:31:04 +0000 |
|---|---|---|
| committer | natec <natec@users.sourceforge.net> | 2001-11-25 23:31:04 +0000 |
| commit | dbb0ce8eeeeb9091d814e673b047253909c0d8c7 (patch) | |
| tree | 910c94ff8472fabd8cb09a083dd67f71408765e7 /phpBB/includes | |
| parent | a25d1820f584595a8d55398358f4ebfd8e165773 (diff) | |
| download | forums-dbb0ce8eeeeb9091d814e673b047253909c0d8c7.tar forums-dbb0ce8eeeeb9091d814e673b047253909c0d8c7.tar.gz forums-dbb0ce8eeeeb9091d814e673b047253909c0d8c7.tar.bz2 forums-dbb0ce8eeeeb9091d814e673b047253909c0d8c7.tar.xz forums-dbb0ce8eeeeb9091d814e673b047253909c0d8c7.zip | |
Fixed bug 478218 -- [ and ] in usernames qith quote= bbcode. Usernames can no longer contain the double-quote character. Also removed a dupe from lang_main file.
git-svn-id: file:///svn/phpbb/trunk@1441 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/bbcode.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 7 |
2 files changed, 9 insertions, 4 deletions
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index f86167deff..11c9ea88c1 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -167,7 +167,7 @@ function bbencode_second_pass($text, $uid) $text = str_replace("[quote:$uid]", $bbcode_tpl['quote_open'], $text); $text = str_replace("[/quote:$uid]", $bbcode_tpl['quote_close'], $text); - $text = preg_replace("/\[quote:$uid=(.*?)\]/si", $bbcode_tpl['quote_username_open'], $text); + $text = preg_replace("/\[quote:$uid=\"?(.*?)\"?\]/si", $bbcode_tpl['quote_username_open'], $text); // [b] and [/b] for bolding text. $text = str_replace("[b:$uid]", $bbcode_tpl['b_open'], $text); @@ -240,7 +240,7 @@ function bbencode_first_pass($text, $uid) // [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff. $text = bbencode_first_pass_pda($text, $uid, '[quote]', '[/quote]', '', false, ''); - $text = bbencode_first_pass_pda($text, $uid, '/\[quote=(.*?)\]/is', '[/quote]', '', false, '', "[quote:$uid=\\1]"); + $text = bbencode_first_pass_pda($text, $uid, '/\[quote=(\\\\".*?\\\\")\]/is', '[/quote]', '', false, '', "[quote:$uid=\\1]"); // [list] and [list=x] for (un)ordered lists. $open_tag = array(); @@ -276,8 +276,6 @@ function bbencode_first_pass($text, $uid) // Remove our padding from the string.. $text = substr($text, 1); - // Add the uid tag to the start of the string.. - //$text = '[uid=' . $uid . ']' . $text; return $text; diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 0f4961d6e2..4c93d6a6f7 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -476,6 +476,7 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add // // Check to see if the username has been taken, or if it is disallowed. +// Also checks if it includes the " character, which we don't allow in usernames. // Used for registering, changing names, and posting anonymously with a username // function validate_username($username) @@ -550,6 +551,12 @@ function validate_username($username) } } + // Don't allow " in username. + if ( strstr($username, '"') ) + { + return FALSE; + } + return(TRUE); } |