aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB
diff options
context:
space:
mode:
authorPaul S. Owen <psotfx@users.sourceforge.net>2001-11-26 01:27:00 +0000
committerPaul S. Owen <psotfx@users.sourceforge.net>2001-11-26 01:27:00 +0000
commit5f01741bc48921906b7abad2e9de31a6883bb9b2 (patch)
treead899d70cbab5956a6a268349e3592945e944e0f /phpBB
parentadb6ff9f58ad59bbd04ab455f322d439cf0621c5 (diff)
downloadforums-5f01741bc48921906b7abad2e9de31a6883bb9b2.tar
forums-5f01741bc48921906b7abad2e9de31a6883bb9b2.tar.gz
forums-5f01741bc48921906b7abad2e9de31a6883bb9b2.tar.bz2
forums-5f01741bc48921906b7abad2e9de31a6883bb9b2.tar.xz
forums-5f01741bc48921906b7abad2e9de31a6883bb9b2.zip
stripslash email messages + remove &nbsp;'s from usernames, email addresses
git-svn-id: file:///svn/phpbb/trunk@1444 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/profile.php28
1 files changed, 16 insertions, 12 deletions
diff --git a/phpBB/profile.php b/phpBB/profile.php
index 7ed4ec653f..3cacb443a0 100644
--- a/phpBB/profile.php
+++ b/phpBB/profile.php
@@ -470,10 +470,11 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
if( $mode == "editprofile" )
{
$user_id = intval($HTTP_POST_VARS['user_id']);
- $current_email = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['current_email'])));
+ $current_email = trim(strip_tags(htmlspecialchars(str_replace("&nbsp;", " ",$HTTP_POST_VARS['current_email']))));
}
- $username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags($HTTP_POST_VARS['username'])) : "";
- $email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : "";
+
+ $username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags(str_replace("&nbsp;", " ", $HTTP_POST_VARS['username']))) : "";
+ $email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars(str_replace("&nbsp;", " ",$HTTP_POST_VARS['email'])))) : "";
$password_current = (!empty($HTTP_POST_VARS['cur_password'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['cur_password']))) : "";
$password = (!empty($HTTP_POST_VARS['new_password'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['new_password']))) : "";
@@ -774,16 +775,19 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
}
else
{
+ $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
+
$error = true;
- $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Avatar_imagesize'] : $lang['Avatar_imagesize'];
+ $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
}
}
}
else
{
+ $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
+
$error = true;
- $error_filesize = $lang['Avatar_filesize'] . " " . round($board_config['avatar_filesize'] / 1024) . " " . $lang['kB'];
- $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $error_filesize : $error_filesize;
+ $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
}
}
else
@@ -1112,13 +1116,13 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
$emailer->use_template($email_template);
$emailer->email_address($email);
- $emailer->set_subject($lang['Welcome_subject']);
+ $emailer->set_subject(sprintf($lang['Welcome_subject'], $board_config['sitename']));
$emailer->extra_headers($email_headers);
if( $coppa )
{
$emailer->assign_vars(array(
- "WELCOME_MSG" => $lang['Welcome_subject'],
+ "WELCOME_MSG" => sprintf($lang['Welcome_subject'], $board_config['sitename']),
"USERNAME" => $username,
"PASSWORD" => $password_confirm,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
@@ -1140,7 +1144,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
else
{
$emailer->assign_vars(array(
- "WELCOME_MSG" => $lang['Welcome_subject'],
+ "WELCOME_MSG" => sprintf($lang['Welcome_subject'], $board_config['sitename']),
"USERNAME" => $username,
"PASSWORD" => $password_confirm,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
@@ -1160,7 +1164,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
- "WELCOME_MSG" => $lang['Welcome_subject'],
+ "WELCOME_MSG" => sprintf($lang['Welcome_subject'], $board_config['sitename']),
"USERNAME" => $username,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
@@ -1861,7 +1865,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
if( !empty($HTTP_POST_VARS['subject']) )
{
- $subject = trim(strip_tags($HTTP_POST_VARS['subject']));
+ $subject = trim(strip_tags(stripslashes($HTTP_POST_VARS['subject'])));
}
else
{
@@ -1871,7 +1875,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
if( !empty($HTTP_POST_VARS['message']) )
{
- $message = trim(strip_tags($HTTP_POST_VARS['message']));
+ $message = trim(strip_tags(stripslashes($HTTP_POST_VARS['message'])));
}
else
{
generated by cgit v1.2.1 (git 2.21.0) at 2026-01-04 01:26:12 +0000