diff options
Diffstat (limited to 'phpBB/posting.php')
| -rw-r--r-- | phpBB/posting.php | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/phpBB/posting.php b/phpBB/posting.php index e4ba0303cc..da70e64877 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -974,7 +974,10 @@ if ($submit || $preview || $refresh) } // Parse Attachments - before checksum is calculated - $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); + if ($message_parser->check_attachment_form_token($language, $request, 'posting')) + { + $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); + } /** * This event allows you to modify message text before parsing @@ -1178,11 +1181,23 @@ if ($submit || $preview || $refresh) $error[] = $user->lang['EMPTY_SUBJECT']; } - // Check for out-of-bounds characters that are currently - // not supported by utf8_bin in MySQL + /** + * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR. + * Using their Numeric Character Reference's Hexadecimal notation. + */ + $post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']); + + /** + * This should never happen again. + * Leaving the fallback here just in case there will be the need of it. + * + * Check for out-of-bounds characters that are currently + * not supported by utf8_bin in MySQL + */ if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches)) { - $character_list = implode('<br />', $matches[0]); + $character_list = implode('<br>', $matches[0]); + $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list); } |