diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/bbcode.php | 7 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/functions_content.php | 5 | ||||
| -rw-r--r-- | phpBB/includes/functions_transfer.php | 55 | ||||
| -rw-r--r-- | phpBB/styles/subsilver2/template/attachment.html | 2 |
5 files changed, 56 insertions, 19 deletions
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index d77bb3c4a7..9356e3e9b4 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -584,6 +584,13 @@ class bbcode $code = str_replace("\t", ' ', $code); $code = str_replace(' ', ' ', $code); $code = str_replace(' ', ' ', $code); + $code = str_replace("\n ", "\n ", $code); + + // keep space at the beginning + if (!empty($code) && $code[0] == ' ') + { + $code = ' ' . substr($code, 1); + } // remove newline at the beginning if (!empty($code) && $code[0] == "\n") diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 40d07ff770..6b6679bde5 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2708,12 +2708,6 @@ function send_status_line($code, $message) { $version = $_SERVER['SERVER_PROTOCOL']; } - else if (!empty($_SERVER['HTTP_VERSION'])) - { - // I cannot remember where I got this from. - // This code path may never be reachable in reality. - $version = $_SERVER['HTTP_VERSION']; - } else { $version = 'HTTP/1.0'; diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index faff9dd0de..b34976db2a 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -691,6 +691,9 @@ function censor_text($text) return ''; } + // Strip control characters + $text = preg_replace('/[\x00-\x0f]/', '', $text); + // We moved the word censor checks in here because we call this function quite often - and then only need to do the check once if (!isset($censors) || !is_array($censors)) { @@ -1107,7 +1110,7 @@ function extension_allowed($forum_id, $extension, &$extensions) * @param int $max_length Maximum length of string (multibyte character count as 1 char / Html entity count as 1 char) * @param int $max_store_length Maximum character length of string (multibyte character count as 1 char / Html entity count as entity chars). * @param bool $allow_reply Allow Re: in front of string -* NOTE: This parameter can cause undesired behavior (returning strings longer than $max_store_legnth) and is deprecated. +* NOTE: This parameter can cause undesired behavior (returning strings longer than $max_store_length) and is deprecated. * @param string $append String to be appended */ function truncate_string($string, $max_length = 60, $max_store_length = 255, $allow_reply = false, $append = '') diff --git a/phpBB/includes/functions_transfer.php b/phpBB/includes/functions_transfer.php index 046abede8e..5ab7a87efd 100644 --- a/phpBB/includes/functions_transfer.php +++ b/phpBB/includes/functions_transfer.php @@ -808,23 +808,56 @@ class ftp_fsock extends transfer */ function _open_data_connection() { - $this->_send_command('PASV', '', false); - - if (!$ip_port = $this->_check_command(true)) + // Try to find out whether we have a IPv4 or IPv6 (control) connection + if (function_exists('stream_socket_get_name')) { - return false; + $socket_name = stream_socket_get_name($this->connection, true); + $server_ip = substr($socket_name, 0, strrpos($socket_name, ':')); } - // open the connection to start sending the file - if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp)) + if (!isset($server_ip) || preg_match(get_preg_expression('ipv4'), $server_ip)) { - // bad ip and port - return false; + // Passive mode + $this->_send_command('PASV', '', false); + + if (!$ip_port = $this->_check_command(true)) + { + return false; + } + + // open the connection to start sending the file + if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp)) + { + // bad ip and port + return false; + } + + $temp = explode(',', $temp[0]); + $server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3]; + $server_port = $temp[4] * 256 + $temp[5]; + } + else + { + // Extended Passive Mode - RFC2428 + $this->_send_command('EPSV', '', false); + + if (!$epsv_response = $this->_check_command(true)) + { + return false; + } + + // Response looks like "229 Entering Extended Passive Mode (|||12345|)" + // where 12345 is the tcp port for the data connection + if (!preg_match('#\(\|\|\|([0-9]+)\|\)#', $epsv_response, $match)) + { + return false; + } + $server_port = (int) $match[1]; + + // fsockopen expects IPv6 address in square brackets + $server_ip = "[$server_ip]"; } - $temp = explode(',', $temp[0]); - $server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3]; - $server_port = $temp[4] * 256 + $temp[5]; $errno = 0; $errstr = ''; diff --git a/phpBB/styles/subsilver2/template/attachment.html b/phpBB/styles/subsilver2/template/attachment.html index b5b547b2e6..fca620b481 100644 --- a/phpBB/styles/subsilver2/template/attachment.html +++ b/phpBB/styles/subsilver2/template/attachment.html @@ -72,7 +72,7 @@ <param name="controller" value="true"> <param name="autoplay" value="false" /> <param name="type" value="video/quicktime"> - <embed name="qtstream_{_file.ATTACH_ID}" src="{_file.U_DOWNLOAD_LINK}" pluginspage="http://www.apple.com/quicktime/download/" enablejavascript="true" controller="true" width="320" height="285" type="video/quicktime" autoplay="false"> + <embed name="qtstream_{_file.ATTACH_ID}" src="{_file.U_DOWNLOAD_LINK}" pluginspage="http://www.apple.com/quicktime/download/" enablejavascript="true" controller="true" width="320" height="285" type="video/quicktime" autoplay="false"></embed> </object> <!-- ELSEIF _file.S_RM_FILE --> <object id="rmstream_{_file.ATTACH_ID}" classid="clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA" width="200" height="50"> |