aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb/textformatter
diff options
context:
space:
mode:
authorJoshyPHP <s9e.dev@gmail.com>2019-12-09 18:06:30 +0100
committerJoshyPHP <s9e.dev@gmail.com>2019-12-09 18:06:30 +0100
commit5813b5fbee2ac332f14dee2da7df9c3dfd6c2719 (patch)
tree9e762ba814ffa82d1e33cb7ee0b63cd9e7972a24 /phpBB/phpbb/textformatter
parent1f00e160ab69b2a709793abc1829cc6e91e07b93 (diff)
downloadforums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.tar
forums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.tar.gz
forums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.tar.bz2
forums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.tar.xz
forums-5813b5fbee2ac332f14dee2da7df9c3dfd6c2719.zip
[ticket/16252] Ignore non-BBCodes when looking for unauthorized markup
PHPBB3-16252
Diffstat (limited to 'phpBB/phpbb/textformatter')
-rw-r--r--phpBB/phpbb/textformatter/s9e/parser.php20
1 files changed, 19 insertions, 1 deletions
diff --git a/phpBB/phpbb/textformatter/s9e/parser.php b/phpBB/phpbb/textformatter/s9e/parser.php
index a36fc63141..f7e4668980 100644
--- a/phpBB/phpbb/textformatter/s9e/parser.php
+++ b/phpBB/phpbb/textformatter/s9e/parser.php
@@ -15,6 +15,7 @@ namespace phpbb\textformatter\s9e;
use s9e\TextFormatter\Parser\AttributeFilters\UrlFilter;
use s9e\TextFormatter\Parser\Logger;
+use s9e\TextFormatter\Parser\Tag;
/**
* s9e\TextFormatter\Parser adapter
@@ -219,7 +220,7 @@ class parser implements \phpbb\textformatter\parser_interface
{
$errors[] = array($msg, $context['max_' . strtolower($m[1])]);
}
- else if ($msg === 'Tag is disabled')
+ else if ($msg === 'Tag is disabled' && $this->is_a_bbcode($context['tag']))
{
$name = strtolower($context['tag']->getName());
$errors[] = array('UNAUTHORISED_BBCODE', '[' . $name . ']');
@@ -396,4 +397,21 @@ class parser implements \phpbb\textformatter\parser_interface
return $url;
}
+
+ /**
+ * Test whether given tag consumes text that looks like BBCode-styled markup
+ *
+ * @param Tag $tag Original tag
+ * @return bool
+ */
+ protected function is_a_bbcode(Tag $tag)
+ {
+ if ($tag->getLen() < 3)
+ {
+ return false;
+ }
+ $markup = substr($this->parser->getText(), $tag->getPos(), $tag->getLen());
+
+ return (bool) preg_match('(^\\[\\w++.*?\\]$)s', $markup);
+ }
}