diff options
author | JoshyPHP <s9e.dev@gmail.com> | 2019-12-09 18:06:30 +0100 |
---|---|---|
committer | JoshyPHP <s9e.dev@gmail.com> | 2019-12-09 18:06:30 +0100 |
commit | 5813b5fbee2ac332f14dee2da7df9c3dfd6c2719 (patch) | |
tree | 9e762ba814ffa82d1e33cb7ee0b63cd9e7972a24 /phpBB/phpbb/textformatter | |
parent | 1f00e160ab69b2a709793abc1829cc6e91e07b93 (diff) | |
download | forums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.tar forums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.tar.gz forums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.tar.bz2 forums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.tar.xz forums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.zip |
[ticket/16252] Ignore non-BBCodes when looking for unauthorized markup
PHPBB3-16252
Diffstat (limited to 'phpBB/phpbb/textformatter')
-rw-r--r-- | phpBB/phpbb/textformatter/s9e/parser.php | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/phpBB/phpbb/textformatter/s9e/parser.php b/phpBB/phpbb/textformatter/s9e/parser.php index a36fc63141..f7e4668980 100644 --- a/phpBB/phpbb/textformatter/s9e/parser.php +++ b/phpBB/phpbb/textformatter/s9e/parser.php @@ -15,6 +15,7 @@ namespace phpbb\textformatter\s9e; use s9e\TextFormatter\Parser\AttributeFilters\UrlFilter; use s9e\TextFormatter\Parser\Logger; +use s9e\TextFormatter\Parser\Tag; /** * s9e\TextFormatter\Parser adapter @@ -219,7 +220,7 @@ class parser implements \phpbb\textformatter\parser_interface { $errors[] = array($msg, $context['max_' . strtolower($m[1])]); } - else if ($msg === 'Tag is disabled') + else if ($msg === 'Tag is disabled' && $this->is_a_bbcode($context['tag'])) { $name = strtolower($context['tag']->getName()); $errors[] = array('UNAUTHORISED_BBCODE', '[' . $name . ']'); @@ -396,4 +397,21 @@ class parser implements \phpbb\textformatter\parser_interface return $url; } + + /** + * Test whether given tag consumes text that looks like BBCode-styled markup + * + * @param Tag $tag Original tag + * @return bool + */ + protected function is_a_bbcode(Tag $tag) + { + if ($tag->getLen() < 3) + { + return false; + } + $markup = substr($this->parser->getText(), $tag->getPos(), $tag->getLen()); + + return (bool) preg_match('(^\\[\\w++.*?\\]$)s', $markup); + } } |