From af738dbc2a48713f59779410955282aa5760b741 Mon Sep 17 00:00:00 2001 From: David M Date: Fri, 4 Jan 2008 18:35:49 +0000 Subject: Ch-ch-ch-changes - Made us more DB independent by making many queries capability based instead of DB specific - Finished PHP5ifying of the acm_file class, now with some (hopefully) enhancements to its performance - Sped up viewforum considerably (also goes towards mcp_forum) I really hope I didn't explode CVS... git-svn-id: file:///svn/phpbb/trunk@8301 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 26 ++++---------------------- 1 file changed, 4 insertions(+), 22 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 6e601e1499..82755b1f15 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1251,28 +1251,10 @@ class parse_message extends bbcode_firstpass // NOTE: obtain_* function? chaching the table contents? // For now setting the ttl to 10 minutes - switch ($db->sql_layer) - { - case 'mssql': - case 'mssql_odbc': - $sql = 'SELECT * - FROM ' . SMILIES_TABLE . ' - ORDER BY LEN(code) DESC'; - break; - - case 'firebird': - $sql = 'SELECT * - FROM ' . SMILIES_TABLE . ' - ORDER BY CHAR_LENGTH(code) DESC'; - break; - - // LENGTH supported by MySQL, IBM DB2, Oracle and Access for sure... - default: - $sql = 'SELECT * - FROM ' . SMILIES_TABLE . ' - ORDER BY LENGTH(code) DESC'; - break; - } + $sql = 'SELECT * + FROM ' . SMILIES_TABLE . ' + ORDER BY ' . $db->sql_function('length_varchar', 'code') . ' DESC'; + $result = $db->sql_query($sql, 600); while ($row = $db->sql_fetchrow($result)) -- cgit v1.2.1 From f0dea060972a48460ce64d3cdf885d82383763c6 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 5 Jan 2008 16:10:10 +0000 Subject: Correctly check empty subjects/messages (Bug #17915) Do not check usernames against word censor list. Disallowed usernames is already checked and word censor belong to posts. (Bug #17745) Additionally include non-postable forums for moderators forums shown within the teams list. (Bug #17265) git-svn-id: file:///svn/phpbb/trunk@8306 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 82755b1f15..418a26776a 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -913,9 +913,14 @@ class bbcode_firstpass extends bbcode $url = ($var1) ? $var1 : $var2; - if (!$url || ($var1 && !$var2)) + if ($var1 && !$var2) { - return ''; + $var2 = $var1; + } + + if (!$url) + { + return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]'; } $valid = false; @@ -1088,7 +1093,7 @@ class parse_message extends bbcode_firstpass } // Check for "empty" message - if ($mode !== 'sig' && !utf8_clean_string($this->message)) + if ($mode !== 'sig' && utf8_clean_string($this->message) === '') { $this->warn_msg[] = $user->lang['TOO_FEW_CHARS']; return $this->warn_msg; -- cgit v1.2.1 From 140746089594307c9bc2ad084ea2355dcbddbe16 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 29 Jan 2008 15:57:56 +0000 Subject: Merging revisions #r8346, #r8347 and #r8348 git-svn-id: file:///svn/phpbb/trunk@8349 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 418a26776a..e13864d1dd 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -983,7 +983,7 @@ class bbcode_firstpass extends bbcode // Is the user trying to link to a php file in this domain and script path? if (strpos($url, ".{$phpEx}") !== false && strpos($url, $check_path) !== false) { - $server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'); + $server_name = $user->host; // Forcing server vars is the only way to specify/override the protocol if ($config['force_server_vars'] || !$server_name) @@ -1084,7 +1084,7 @@ class parse_message extends bbcode_firstpass if ($config['max_' . $mode . '_chars'] > 0) { $msg_len = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message)); - + if ((!$msg_len && $mode !== 'sig') || $config['max_' . $mode . '_chars'] && $msg_len > $config['max_' . $mode . '_chars']) { $this->warn_msg[] = (!$msg_len) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $msg_len, $config['max_' . $mode . '_chars']); @@ -1254,12 +1254,11 @@ class parse_message extends bbcode_firstpass $match = $replace = array(); // NOTE: obtain_* function? chaching the table contents? - + // For now setting the ttl to 10 minutes $sql = 'SELECT * FROM ' . SMILIES_TABLE . ' ORDER BY ' . $db->sql_function('length_varchar', 'code') . ' DESC'; - $result = $db->sql_query($sql, 600); while ($row = $db->sql_fetchrow($result)) -- cgit v1.2.1 From 0c5839a0b9c1eab048ea91afa92c9d98919f4888 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 23 Feb 2008 15:32:34 +0000 Subject: merge revisions #r8392 and #r8393 git-svn-id: file:///svn/phpbb/trunk@8394 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index e13864d1dd..a923e9fca3 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -198,7 +198,7 @@ class bbcode_firstpass extends bbcode if (!$this->check_bbcode('size', $in)) { - return ''; + return $in; } if ($config['max_' . $this->mode . '_font_size'] && $config['max_' . $this->mode . '_font_size'] < $stx) @@ -224,7 +224,7 @@ class bbcode_firstpass extends bbcode { if (!$this->check_bbcode('color', $in)) { - return ''; + return $in; } return '[color=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/color:' . $this->bbcode_uid . ']'; @@ -237,7 +237,7 @@ class bbcode_firstpass extends bbcode { if (!$this->check_bbcode('u', $in)) { - return ''; + return $in; } return '[u:' . $this->bbcode_uid . ']' . $in . '[/u:' . $this->bbcode_uid . ']'; @@ -250,7 +250,7 @@ class bbcode_firstpass extends bbcode { if (!$this->check_bbcode('b', $in)) { - return ''; + return $in; } return '[b:' . $this->bbcode_uid . ']' . $in . '[/b:' . $this->bbcode_uid . ']'; @@ -263,7 +263,7 @@ class bbcode_firstpass extends bbcode { if (!$this->check_bbcode('i', $in)) { - return ''; + return $in; } return '[i:' . $this->bbcode_uid . ']' . $in . '[/i:' . $this->bbcode_uid . ']'; @@ -278,7 +278,7 @@ class bbcode_firstpass extends bbcode if (!$this->check_bbcode('img', $in)) { - return ''; + return $in; } $in = trim($in); @@ -340,7 +340,7 @@ class bbcode_firstpass extends bbcode if (!$this->check_bbcode('flash', $in)) { - return ''; + return $in; } $in = trim($in); @@ -377,7 +377,7 @@ class bbcode_firstpass extends bbcode { if (!$this->check_bbcode('attachment', $in)) { - return ''; + return $in; } return '[attachment=' . $stx . ':' . $this->bbcode_uid . ']' . trim($in) . '[/attachment:' . $this->bbcode_uid . ']'; @@ -457,7 +457,7 @@ class bbcode_firstpass extends bbcode { if (!$this->check_bbcode('code', $in)) { - return ''; + return $in; } // We remove the hardcoded elements from the code block here because it is not used in code blocks @@ -550,7 +550,7 @@ class bbcode_firstpass extends bbcode { if (!$this->check_bbcode('list', $in)) { - return ''; + return $in; } // $tok holds characters to stop at. Since the string starts with a '[' we'll get everything up to the first ']' which should be the opening [list] tag @@ -684,7 +684,8 @@ class bbcode_firstpass extends bbcode * #14667 - [quote]test[/quote] test ] and [ test [quote]test[/quote] (correct: parsed) * #14770 - [quote="["]test[/quote] (correct: parsed) * [quote="[i]test[/i]"]test[/quote] (correct: parsed) - * [quote="[quote]test[/quote]"]test[/quote] (correct: NOT parsed) + * [quote="[quote]test[/quote]"]test[/quote] (correct: parsed - Username displayed as [quote]test[/quote]) + * #20735 - [quote]test[/[/b]quote] test [/quote][/quote] test - (correct: quoted: "test[/[/b]quote] test" / non-quoted: "[/quote] test" - also failed if layout distorted) */ $in = str_replace("\r\n", "\n", str_replace('\"', '"', trim($in))); @@ -737,7 +738,7 @@ class bbcode_firstpass extends bbcode $out .= ' '; }*/ } - else if (preg_match('#^quote(?:="(.*?)")?$#is', $buffer, $m)) + else if (preg_match('#^quote(?:="(.*?)")?$#is', $buffer, $m) && substr($out, -1, 1) == '[') { $this->parsed_items['quote']++; -- cgit v1.2.1 From 8c64d7c32afa5a8c28522ac0d99faa78a75ebefc Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Thu, 13 Mar 2008 15:25:20 +0000 Subject: merging #r8426 to #r8430 git-svn-id: file:///svn/phpbb/trunk@8431 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index a923e9fca3..7d3977c507 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1089,7 +1089,7 @@ class parse_message extends bbcode_firstpass if ((!$msg_len && $mode !== 'sig') || $config['max_' . $mode . '_chars'] && $msg_len > $config['max_' . $mode . '_chars']) { $this->warn_msg[] = (!$msg_len) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $msg_len, $config['max_' . $mode . '_chars']); - return $this->warn_msg; + return (!$update_this_message) ? $return_message : $this->warn_msg; } } @@ -1097,7 +1097,7 @@ class parse_message extends bbcode_firstpass if ($mode !== 'sig' && utf8_clean_string($this->message) === '') { $this->warn_msg[] = $user->lang['TOO_FEW_CHARS']; - return $this->warn_msg; + return (!$update_this_message) ? $return_message : $this->warn_msg; } // Prepare BBcode (just prepares some tags for better parsing) @@ -1146,7 +1146,7 @@ class parse_message extends bbcode_firstpass if ($config['max_' . $mode . '_urls'] && $num_urls > $config['max_' . $mode . '_urls']) { $this->warn_msg[] = sprintf($user->lang['TOO_MANY_URLS'], $config['max_' . $mode . '_urls']); - return $this->warn_msg; + return (!$update_this_message) ? $return_message : $this->warn_msg; } if (!$update_this_message) @@ -1584,7 +1584,6 @@ class parse_message extends bbcode_firstpass $this->message = $poll['poll_option_text']; $bbcode_bitfield = $this->bbcode_bitfield; - $poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false); $bbcode_bitfield = base64_encode(base64_decode($bbcode_bitfield) | base64_decode($this->bbcode_bitfield)); -- cgit v1.2.1 From 2f4a618900e2c3b6ea14c68cbeb5897cd2ac1a04 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Thu, 29 May 2008 12:25:56 +0000 Subject: ok... i hope i haven't messed too much with the code and everything is still working. Changes: - Ascraeus now uses constants for the phpbb root path and the php extension. This ensures more security for external applications and modifications (no more overwriting of root path and extension possible through insecure mods and register globals enabled) as well as no more globalizing needed. - A second change implemented here is an additional short-hand-notation for append_sid(). It is allowed to omit the root path and extension now (for example calling append_sid('memberlist')) - in this case the root path and extension get added automatically. The hook is called after these are added. git-svn-id: file:///svn/phpbb/trunk@8572 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 7d3977c507..286ccd8152 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -18,7 +18,7 @@ if (!defined('IN_PHPBB')) if (!class_exists('bbcode')) { - include($phpbb_root_path . 'includes/bbcode.' . $phpEx); + include(PHPBB_ROOT_PATH . 'includes/bbcode.' . PHP_EXT); } /** @@ -970,7 +970,7 @@ class bbcode_firstpass extends bbcode */ function path_in_domain($url) { - global $config, $phpEx, $user; + global $config, $user; if ($config['force_server_vars']) { @@ -982,7 +982,7 @@ class bbcode_firstpass extends bbcode } // Is the user trying to link to a php file in this domain and script path? - if (strpos($url, ".{$phpEx}") !== false && strpos($url, $check_path) !== false) + if (strpos($url, '.' . PHP_EXT) !== false && strpos($url, $check_path) !== false) { $server_name = $user->host; @@ -993,14 +993,14 @@ class bbcode_firstpass extends bbcode } // Check again in correct order... - $pos_ext = strpos($url, ".{$phpEx}"); + $pos_ext = strpos($url, '.' . PHP_EXT); $pos_path = strpos($url, $check_path); $pos_domain = strpos($url, $server_name); if ($pos_domain !== false && $pos_path >= $pos_domain && $pos_ext >= $pos_path) { // Ok, actually we allow linking to some files (this may be able to be extended in some way later...) - if (strpos($url, '/' . $check_path . '/download/file.' . $phpEx) !== 0) + if (strpos($url, '/' . $check_path . '/download/file.' . PHP_EXT) !== 0) { return false; } @@ -1300,7 +1300,7 @@ class parse_message extends bbcode_firstpass */ function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false) { - global $config, $auth, $user, $phpbb_root_path, $phpEx, $db; + global $config, $auth, $user, $db; $error = array(); @@ -1390,7 +1390,7 @@ class parse_message extends bbcode_firstpass // Perform actions on temporary attachments if ($delete_file) { - include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); + include_once(PHPBB_ROOT_PATH . 'includes/functions_admin.' . PHP_EXT); $index = array_keys(request_var('delete_file', array(0 => 0))); $index = (!empty($index)) ? $index[0] : false; @@ -1488,7 +1488,7 @@ class parse_message extends bbcode_firstpass */ function get_submitted_attachment_data($check_user_id = false) { - global $user, $db, $phpbb_root_path, $phpEx, $config; + global $user, $db, $config; $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); $attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array(); -- cgit v1.2.1 From 7524ca52497a05b9079983c0fc7239a7e6e9a643 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 7 Jun 2008 13:42:06 +0000 Subject: do not allow [flash=0,0]... not implemented for images due to the reliance on getimagesize() - as usual both sizes are able to be limited by the maximum/minimum image size configuration options git-svn-id: file:///svn/phpbb/trunk@8614 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 286ccd8152..d9c5dbaa31 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -346,6 +346,12 @@ class bbcode_firstpass extends bbcode $in = trim($in); $error = false; + // Do not allow 0-sizes generally being entered + if ($width <= 0 || $height <= 0) + { + return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]'; + } + // Apply the same size checks on flash files as on images if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) { -- cgit v1.2.1 From ad739a358ca7b593fc5f2bfc77e2058b4ea59163 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Mon, 23 Jun 2008 18:22:44 +0000 Subject: merge? merge. git-svn-id: file:///svn/phpbb/trunk@8672 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index d9c5dbaa31..a31e7b094c 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -400,7 +400,10 @@ class bbcode_firstpass extends bbcode case 'php': $remove_tags = false; - $code = str_replace(array('<', '>'), array('<', '>'), $code); + + $str_from = array('<', '>', '[', ']', '.', ':', ':'); + $str_to = array('<', '>', '[', ']', '.', ':', ':'); + $code = str_replace($str_from, $str_to, $code); if (!preg_match('/\<\?.*?\?\>/is', $code)) { -- cgit v1.2.1 From 589db44b5695730678f41c8d5868c73d4726054e Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 24 Aug 2008 10:04:15 +0000 Subject: Merge of the language-specific custom path change Revision #r8782 git-svn-id: file:///svn/phpbb/trunk@8786 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index a31e7b094c..d3b0c87c9a 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -391,7 +391,7 @@ class bbcode_firstpass extends bbcode /** * Parse code text from code tag - * @private + * @access private */ function bbcode_parse_code($stx, &$code) { -- cgit v1.2.1 From ef0c0d4c82dadfb856357f6ae906263420d84791 Mon Sep 17 00:00:00 2001 From: Chris Smith Date: Thu, 13 Nov 2008 13:04:54 +0000 Subject: been a while :( ... merge in r8997, r8998, r8999, r9000, r9001, r9002, r9003, r9004, r9005, r9007, r9008, r9009, r9010, r9011, r9012, r9013, r9014, r9015, r9022, r9023, r9029, r9030, r9034, r9048, r9049, r9054, r9056 git-svn-id: file:///svn/phpbb/trunk@9064 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index d3b0c87c9a..abcab9c000 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -604,10 +604,10 @@ class bbcode_firstpass extends bbcode $out .= array_pop($list_end_tags) . ']'; $tok = '['; } - else if (preg_match('#^list(=[0-9a-z])?$#i', $buffer, $m)) + else if (preg_match('#^list(=[0-9a-z]+)?$#i', $buffer, $m)) { // sub-list, add a closing tag - if (empty($m[1]) || preg_match('/^(?:disc|square|circle)$/i', $m[1])) + if (empty($m[1]) || preg_match('/^=(?:disc|square|circle)$/i', $m[1])) { array_push($list_end_tags, '/list:u:' . $this->bbcode_uid); } -- cgit v1.2.1 From 07e9b83a3de0264916a058b9cf180b91b297604f Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Mon, 24 Nov 2008 00:20:33 +0000 Subject: - updated all code to use the request class instead of any direct access to super globals - disabled super globals in common.php. See commit r9101 for more information - cleaned up/simplified a few lines along the way. git-svn-id: file:///svn/phpbb/trunk@9102 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index abcab9c000..b272750310 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1317,8 +1317,8 @@ class parse_message extends bbcode_firstpass $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false; - $add_file = (isset($_POST['add_file'])) ? true : false; - $delete_file = (isset($_POST['delete_file'])) ? true : false; + $add_file = request::is_set_post('add_file'); + $delete_file = request::is_set_post('delete_file'); // First of all adjust comments if changed $actual_comment_list = utf8_normalize_nfc(request_var('comment_list', array(''), true)); @@ -1500,7 +1500,7 @@ class parse_message extends bbcode_firstpass global $user, $db, $config; $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); - $attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array(); + $attachment_data = request::variable('attachment_data', array(0 => array('' => '')), true, request::POST); $this->attachment_data = array(); $check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id; @@ -1536,11 +1536,11 @@ class parse_message extends bbcode_firstpass while ($row = $db->sql_fetchrow($result)) { - $pos = $not_orphan[$row['attach_id']]; + $pos = $not_orphan[(int) $row['attach_id']]; $this->attachment_data[$pos] = $row; - set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true); + $this->attachment_data[$pos]['attach_comment'] = utf8_normalize_nfc($attachment_data[$pos]['attach_comment']); - unset($not_orphan[$row['attach_id']]); + unset($not_orphan[(int) $row['attach_id']]); } $db->sql_freeresult($result); } @@ -1562,11 +1562,11 @@ class parse_message extends bbcode_firstpass while ($row = $db->sql_fetchrow($result)) { - $pos = $orphan[$row['attach_id']]; + $pos = $orphan[(int) $row['attach_id']]; $this->attachment_data[$pos] = $row; - set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true); + $this->attachment_data[$pos]['attach_comment'] = utf8_normalize_nfc($attachment_data[$pos]['attach_comment']); - unset($orphan[$row['attach_id']]); + unset($orphan[(int) $row['attach_id']]); } $db->sql_freeresult($result); } -- cgit v1.2.1 From 5b9a3c9a7d8f8e4590dddf4440ac82c30ef3f730 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Thu, 25 Dec 2008 14:47:57 +0000 Subject: add nils' request and super globals class rename request:: to phpbb_request:: git-svn-id: file:///svn/phpbb/trunk@9230 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index b272750310..5bbadd4d4c 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1317,8 +1317,8 @@ class parse_message extends bbcode_firstpass $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false; - $add_file = request::is_set_post('add_file'); - $delete_file = request::is_set_post('delete_file'); + $add_file = phpbb_request::is_set_post('add_file'); + $delete_file = phpbb_request::is_set_post('delete_file'); // First of all adjust comments if changed $actual_comment_list = utf8_normalize_nfc(request_var('comment_list', array(''), true)); @@ -1500,7 +1500,7 @@ class parse_message extends bbcode_firstpass global $user, $db, $config; $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); - $attachment_data = request::variable('attachment_data', array(0 => array('' => '')), true, request::POST); + $attachment_data = phpbb_request::variable('attachment_data', array(0 => array('' => '')), true, phpbb_request::POST); $this->attachment_data = array(); $check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id; -- cgit v1.2.1 From 19aed179e53f9660a7202e2e50816e1cef0f7be9 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 28 Dec 2008 23:30:09 +0000 Subject: $config to phpbb::$config git-svn-id: file:///svn/phpbb/trunk@9242 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 80 +++++++++++++++++++-------------------- 1 file changed, 39 insertions(+), 41 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 5bbadd4d4c..14b87c05b2 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -194,16 +194,16 @@ class bbcode_firstpass extends bbcode */ function bbcode_size($stx, $in) { - global $user, $config; + global $user; if (!$this->check_bbcode('size', $in)) { return $in; } - if ($config['max_' . $this->mode . '_font_size'] && $config['max_' . $this->mode . '_font_size'] < $stx) + if (phpbb::$config['max_' . $this->mode . '_font_size'] && phpbb::$config['max_' . $this->mode . '_font_size'] < $stx) { - $this->warn_msg[] = sprintf($user->lang['MAX_FONT_SIZE_EXCEEDED'], $config['max_' . $this->mode . '_font_size']); + $this->warn_msg[] = sprintf($user->lang['MAX_FONT_SIZE_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_font_size']); return '[size=' . $stx . ']' . $in . '[/size]'; } @@ -274,7 +274,7 @@ class bbcode_firstpass extends bbcode */ function bbcode_img($in) { - global $user, $config; + global $user; if (!$this->check_bbcode('img', $in)) { @@ -298,7 +298,7 @@ class bbcode_firstpass extends bbcode $in = 'http://' . $in; } - if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) + if (phpbb::$config['max_' . $this->mode . '_img_height'] || phpbb::$config['max_' . $this->mode . '_img_width']) { $stats = @getimagesize($in); @@ -309,16 +309,16 @@ class bbcode_firstpass extends bbcode } else { - if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $stats[1]) + if (phpbb::$config['max_' . $this->mode . '_img_height'] && phpbb::$config['max_' . $this->mode . '_img_height'] < $stats[1]) { $error = true; - $this->warn_msg[] = sprintf($user->lang['MAX_IMG_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']); + $this->warn_msg[] = sprintf($user->lang['MAX_IMG_HEIGHT_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_img_height']); } - if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $stats[0]) + if (phpbb::$config['max_' . $this->mode . '_img_width'] && phpbb::$config['max_' . $this->mode . '_img_width'] < $stats[0]) { $error = true; - $this->warn_msg[] = sprintf($user->lang['MAX_IMG_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']); + $this->warn_msg[] = sprintf($user->lang['MAX_IMG_WIDTH_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_img_width']); } } } @@ -336,7 +336,7 @@ class bbcode_firstpass extends bbcode */ function bbcode_flash($width, $height, $in) { - global $user, $config; + global $user; if (!$this->check_bbcode('flash', $in)) { @@ -353,18 +353,18 @@ class bbcode_firstpass extends bbcode } // Apply the same size checks on flash files as on images - if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) + if (phpbb::$config['max_' . $this->mode . '_img_height'] || phpbb::$config['max_' . $this->mode . '_img_width']) { - if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $height) + if (phpbb::$config['max_' . $this->mode . '_img_height'] && phpbb::$config['max_' . $this->mode . '_img_height'] < $height) { $error = true; - $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']); + $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_HEIGHT_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_img_height']); } - if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $width) + if (phpbb::$config['max_' . $this->mode . '_img_width'] && phpbb::$config['max_' . $this->mode . '_img_width'] < $width) { $error = true; - $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']); + $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_WIDTH_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_img_width']); } } @@ -685,7 +685,7 @@ class bbcode_firstpass extends bbcode */ function bbcode_quote($in) { - global $config, $user; + global $user; /** * If you change this code, make sure the cases described within the following reports are still working: @@ -752,10 +752,10 @@ class bbcode_firstpass extends bbcode $this->parsed_items['quote']++; // the buffer holds a valid opening tag - if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth']) + if (phpbb::$config['max_quote_depth'] && sizeof($close_tags) >= phpbb::$config['max_quote_depth']) { // there are too many nested quotes - $error_ary['quote_depth'] = sprintf($user->lang['QUOTE_DEPTH_EXCEEDED'], $config['max_quote_depth']); + $error_ary['quote_depth'] = sprintf($user->lang['QUOTE_DEPTH_EXCEEDED'], phpbb::$config['max_quote_depth']); $out .= $buffer . $tok; $tok = '[]'; @@ -916,8 +916,6 @@ class bbcode_firstpass extends bbcode */ function validate_url($var1, $var2) { - global $config; - $var1 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var1))); $var2 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var2))); @@ -979,11 +977,11 @@ class bbcode_firstpass extends bbcode */ function path_in_domain($url) { - global $config, $user; + global $user; - if ($config['force_server_vars']) + if (phpbb::$config['force_server_vars']) { - $check_path = $config['script_path']; + $check_path = phpbb::$config['script_path']; } else { @@ -996,9 +994,9 @@ class bbcode_firstpass extends bbcode $server_name = $user->host; // Forcing server vars is the only way to specify/override the protocol - if ($config['force_server_vars'] || !$server_name) + if (phpbb::$config['force_server_vars'] || !$server_name) { - $server_name = $config['server_name']; + $server_name = phpbb::$config['server_name']; } // Check again in correct order... @@ -1061,7 +1059,7 @@ class parse_message extends bbcode_firstpass */ function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post') { - global $config, $db, $user; + global $db, $user; $mode = ($mode != 'post') ? 'sig' : 'post'; @@ -1091,13 +1089,13 @@ class parse_message extends bbcode_firstpass $this->message = preg_replace($match, $replace, trim($this->message)); // Message length check. 0 disables this check completely. - if ($config['max_' . $mode . '_chars'] > 0) + if (phpbb::$config['max_' . $mode . '_chars'] > 0) { $msg_len = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message)); - if ((!$msg_len && $mode !== 'sig') || $config['max_' . $mode . '_chars'] && $msg_len > $config['max_' . $mode . '_chars']) + if ((!$msg_len && $mode !== 'sig') || phpbb::$config['max_' . $mode . '_chars'] && $msg_len > phpbb::$config['max_' . $mode . '_chars']) { - $this->warn_msg[] = (!$msg_len) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $msg_len, $config['max_' . $mode . '_chars']); + $this->warn_msg[] = (!$msg_len) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $msg_len, phpbb::$config['max_' . $mode . '_chars']); return (!$update_this_message) ? $return_message : $this->warn_msg; } } @@ -1128,7 +1126,7 @@ class parse_message extends bbcode_firstpass // Parse smilies if ($allow_smilies) { - $this->smilies($config['max_' . $mode . '_smilies']); + $this->smilies(phpbb::$config['max_' . $mode . '_smilies']); } $num_urls = 0; @@ -1145,16 +1143,16 @@ class parse_message extends bbcode_firstpass { $this->magic_url(generate_board_url()); - if ($config['max_' . $mode . '_urls']) + if (phpbb::$config['max_' . $mode . '_urls']) { $num_urls += preg_match_all('#\' . $row['code'] . ''; } - $db->sql_freeresult($result); + phpbb::$db->sql_freeresult($result); } if (sizeof($match)) @@ -1343,10 +1343,10 @@ class parse_message extends bbcode_firstpass 'poster_id' => phpbb::$user->data['user_id'], ); - $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); + phpbb::$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . phpbb::$db->sql_build_array('INSERT', $sql_ary)); $new_entry = array( - 'attach_id' => $db->sql_nextid(), + 'attach_id' => phpbb::$db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment'=> $this->filename_data['filecomment'], @@ -1394,9 +1394,9 @@ class parse_message extends bbcode_firstpass WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . ' AND is_orphan = 1 AND poster_id = ' . phpbb::$user->data['user_id']; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + $result = phpbb::$db->sql_query($sql); + $row = phpbb::$db->sql_fetchrow($result); + phpbb::$db->sql_freeresult($result); if ($row) { @@ -1407,7 +1407,7 @@ class parse_message extends bbcode_firstpass phpbb_unlink($row['physical_filename'], 'thumbnail'); } - $db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']); + phpbb::$db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']); } } else @@ -1445,10 +1445,10 @@ class parse_message extends bbcode_firstpass 'poster_id' => phpbb::$user->data['user_id'], ); - $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); + phpbb::$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . phpbb::$db->sql_build_array('INSERT', $sql_ary)); $new_entry = array( - 'attach_id' => $db->sql_nextid(), + 'attach_id' => phpbb::$db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment'=> $this->filename_data['filecomment'], @@ -1508,11 +1508,11 @@ class parse_message extends bbcode_firstpass // Get the attachment data, based on the poster id... $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment FROM ' . ATTACHMENTS_TABLE . ' - WHERE ' . $db->sql_in_set('attach_id', array_keys($not_orphan)) . ' + WHERE ' . phpbb::$db->sql_in_set('attach_id', array_keys($not_orphan)) . ' AND poster_id = ' . $check_user_id; - $result = $db->sql_query($sql); + $result = phpbb::$db->sql_query($sql); - while ($row = $db->sql_fetchrow($result)) + while ($row = phpbb::$db->sql_fetchrow($result)) { $pos = $not_orphan[(int) $row['attach_id']]; $this->attachment_data[$pos] = $row; @@ -1520,7 +1520,7 @@ class parse_message extends bbcode_firstpass unset($not_orphan[(int) $row['attach_id']]); } - $db->sql_freeresult($result); + phpbb::$db->sql_freeresult($result); } if (sizeof($not_orphan)) @@ -1533,12 +1533,12 @@ class parse_message extends bbcode_firstpass { $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment FROM ' . ATTACHMENTS_TABLE . ' - WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan)) . ' + WHERE ' . phpbb::$db->sql_in_set('attach_id', array_keys($orphan)) . ' AND poster_id = ' . phpbb::$user->data['user_id'] . ' AND is_orphan = 1'; - $result = $db->sql_query($sql); + $result = phpbb::$db->sql_query($sql); - while ($row = $db->sql_fetchrow($result)) + while ($row = phpbb::$db->sql_fetchrow($result)) { $pos = $orphan[(int) $row['attach_id']]; $this->attachment_data[$pos] = $row; @@ -1546,7 +1546,7 @@ class parse_message extends bbcode_firstpass unset($orphan[(int) $row['attach_id']]); } - $db->sql_freeresult($result); + phpbb::$db->sql_freeresult($result); } if (sizeof($orphan)) -- cgit v1.2.1 From 4cbf6bc703bdadf716197b68a89b3438247ff022 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 22 Mar 2009 16:34:26 +0000 Subject: Merge most changes from 3.0.x branch since the 25th december. (Captcha changes for refreshing captcha image not included) git-svn-id: file:///svn/phpbb/trunk@9404 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index dd44e403f4..9a13d2d14c 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -684,6 +684,7 @@ class bbcode_firstpass extends bbcode * [quote="[i]test[/i]"]test[/quote] (correct: parsed) * [quote="[quote]test[/quote]"]test[/quote] (correct: parsed - Username displayed as [quote]test[/quote]) * #20735 - [quote]test[/[/b]quote] test [/quote][/quote] test - (correct: quoted: "test[/[/b]quote] test" / non-quoted: "[/quote] test" - also failed if layout distorted) + * #40565 - [quote="a"]a[/quote][quote="a]a[/quote] (correct: first quote tag parsed, second quote tag unparsed) */ $in = str_replace("\r\n", "\n", str_replace('\"', '"', trim($in))); @@ -694,7 +695,7 @@ class bbcode_firstpass extends bbcode } // To let the parser not catch tokens within quote_username quotes we encode them before we start this... - $in = preg_replace('#quote="(.*?)"\]#ie', "'quote="' . str_replace(array('[', ']'), array('[', ']'), '\$1') . '"]'", $in); + $in = preg_replace('#quote="(.*?)"\]#ie', "'quote="' . str_replace(array('[', ']', '\\\"'), array('[', ']', '\"'), '\$1') . '"]'", $in); $tok = ']'; $out = '['; @@ -847,6 +848,8 @@ class bbcode_firstpass extends bbcode } while ($in); + $out .= $buffer; + if (sizeof($close_tags)) { $out .= '[' . implode('][', $close_tags) . ']'; @@ -1085,13 +1088,6 @@ class parse_message extends bbcode_firstpass } } - // Check for "empty" message - if ($mode !== 'sig' && utf8_clean_string($this->message) === '') - { - $this->warn_msg[] = phpbb::$user->lang['TOO_FEW_CHARS']; - return (!$update_this_message) ? $return_message : $this->warn_msg; - } - // Prepare BBcode (just prepares some tags for better parsing) if ($allow_bbcode && strpos($this->message, '[') !== false) { @@ -1134,6 +1130,14 @@ class parse_message extends bbcode_firstpass } } + // Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length. + // The maximum length check happened before any parsings. + if ($mode !== 'sig' && utf8_clean_string($this->message) === '') + { + $this->warn_msg[] = $user->lang['TOO_FEW_CHARS']; + return (!$update_this_message) ? $return_message : $this->warn_msg; + } + // Check number of links if (phpbb::$config['max_' . $mode . '_urls'] && $num_urls > phpbb::$config['max_' . $mode . '_urls']) { -- cgit v1.2.1 From 1042152a55ab2d0764c446949a77f085ab7a77f3 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 18 Apr 2009 15:09:19 +0000 Subject: Merge changes made in revisions #r9405 to #r9467 2009-04-18 git-svn-id: file:///svn/phpbb/trunk@9468 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 9a13d2d14c..39c65e054d 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1037,11 +1037,7 @@ class parse_message extends bbcode_firstpass { // Init BBCode UID $this->bbcode_uid = substr(base_convert(unique_id(), 16, 36), 0, BBCODE_UID_LEN); - - if ($message) - { - $this->message = $message; - } + $this->message = $message; } /** -- cgit v1.2.1 From bf8ac19eaa8d74f9dfd6d597190f5664e7339382 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 4 Oct 2009 18:13:59 +0000 Subject: Move trunk/phpBB to old_trunk/phpBB git-svn-id: file:///svn/phpbb/trunk@10210 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 1623 ------------------------------------- 1 file changed, 1623 deletions(-) delete mode 100644 phpBB/includes/message_parser.php (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php deleted file mode 100644 index 39c65e054d..0000000000 --- a/phpBB/includes/message_parser.php +++ /dev/null @@ -1,1623 +0,0 @@ -bbcodes) - { - $this->bbcode_init(); - } - - $this->bbcode_bitfield = ''; - $bitfield = new bitfield(); - - foreach ($this->bbcodes as $bbcode_name => $bbcode_data) - { - if (isset($bbcode_data['disabled']) && $bbcode_data['disabled']) - { - foreach ($bbcode_data['regexp'] as $regexp => $replacement) - { - if (preg_match($regexp, $this->message)) - { - $this->warn_msg[] = sprintf(phpbb::$user->lang['UNAUTHORISED_BBCODE'] , '[' . $bbcode_name . ']'); - continue; - } - } - } - else - { - foreach ($bbcode_data['regexp'] as $regexp => $replacement) - { - // The pattern gets compiled and cached by the PCRE extension, - // it should not demand recompilation - if (preg_match($regexp, $this->message)) - { - $this->message = preg_replace($regexp, $replacement, $this->message); - $bitfield->set($bbcode_data['bbcode_id']); - } - } - } - } - - $this->bbcode_bitfield = $bitfield->get_base64(); - } - - /** - * Prepare some bbcodes for better parsing - */ - function prepare_bbcodes() - { - // Ok, seems like users instead want the no-parsing of urls, smilies, etc. after and before and within quote tags being tagged as "not a bug". - // Fine by me ;) Will ease our live... but do not come back and cry at us, we won't hear you. - - /* Add newline at the end and in front of each quote block to prevent parsing errors (urls, smilies, etc.) - if (strpos($this->message, '[quote') !== false && strpos($this->message, '[/quote]') !== false) - { - $this->message = str_replace("\r\n", "\n", $this->message); - - // We strip newlines and spaces after and before quotes in quotes (trimming) and then add exactly one newline - $this->message = preg_replace('#\[quote(=".*?")?\]\s*(.*?)\s*\[/quote\]#siu', '[quote\1]' . "\n" . '\2' ."\n[/quote]", $this->message); - } - */ - - // Add other checks which needs to be placed before actually parsing anything (be it bbcodes, smilies, urls...) - } - - /** - * Init bbcode data for later parsing - */ - function bbcode_init() - { - static $rowset; - - // This array holds all bbcode data. BBCodes will be processed in this - // order, so it is important to keep [code] in first position and - // [quote] in second position. - $this->bbcodes = array( - 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#ise' => "\$this->bbcode_code('\$1', '\$2')")), - 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#ise' => "\$this->bbcode_quote('\$0')")), - 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#ise' => "\$this->bbcode_attachment('\$1', '\$2')")), - 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#ise' => "\$this->bbcode_strong('\$1')")), - 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#ise' => "\$this->bbcode_italic('\$1')")), - 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](.*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")), - 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#iUe' => "\$this->bbcode_img('\$1')")), - 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#ise' => "\$this->bbcode_size('\$1', '\$2')")), - 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!ise' => "\$this->bbcode_color('\$1', '\$2')")), - 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#ise' => "\$this->bbcode_underline('\$1')")), - 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#ise' => "\$this->bbcode_parse_list('\$0')")), - 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#ise' => "\$this->validate_email('\$1', '\$2')")), - 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')")) - ); - - // Zero the parsed items array - $this->parsed_items = array(); - - foreach ($this->bbcodes as $tag => $bbcode_data) - { - $this->parsed_items[$tag] = 0; - } - - if (!is_array($rowset)) - { - $rowset = array(); - - $sql = 'SELECT * - FROM ' . BBCODES_TABLE; - $result = phpbb::$db->sql_query($sql); - - while ($row = phpbb::$db->sql_fetchrow($result)) - { - $rowset[] = $row; - } - phpbb::$db->sql_freeresult($result); - } - - foreach ($rowset as $row) - { - $this->bbcodes[$row['bbcode_tag']] = array( - 'bbcode_id' => (int) $row['bbcode_id'], - 'regexp' => array($row['first_pass_match'] => str_replace('$uid', $this->bbcode_uid, $row['first_pass_replace'])) - ); - } - } - - /** - * Making some pre-checks for bbcodes as well as increasing the number of parsed items - */ - function check_bbcode($bbcode, &$in) - { - // when using the /e modifier, preg_replace slashes double-quotes but does not - // seem to slash anything else - $in = str_replace("\r\n", "\n", str_replace('\"', '"', $in)); - - // Trimming here to make sure no empty bbcodes are parsed accidently - if (trim($in) == '') - { - return false; - } - - $this->parsed_items[$bbcode]++; - - return true; - } - - /** - * Transform some characters in valid bbcodes - */ - function bbcode_specialchars($text) - { - $str_from = array('<', '>', '[', ']', '.', ':'); - $str_to = array('<', '>', '[', ']', '.', ':'); - - return str_replace($str_from, $str_to, $text); - } - - /** - * Parse size tag - */ - function bbcode_size($stx, $in) - { - if (!$this->check_bbcode('size', $in)) - { - return $in; - } - - if (phpbb::$config['max_' . $this->mode . '_font_size'] && phpbb::$config['max_' . $this->mode . '_font_size'] < $stx) - { - $this->warn_msg[] = sprintf(phpbb::$user->lang['MAX_FONT_SIZE_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_font_size']); - - return '[size=' . $stx . ']' . $in . '[/size]'; - } - - // Do not allow size=0 - if ($stx <= 0) - { - return '[size=' . $stx . ']' . $in . '[/size]'; - } - - return '[size=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/size:' . $this->bbcode_uid . ']'; - } - - /** - * Parse color tag - */ - function bbcode_color($stx, $in) - { - if (!$this->check_bbcode('color', $in)) - { - return $in; - } - - return '[color=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/color:' . $this->bbcode_uid . ']'; - } - - /** - * Parse u tag - */ - function bbcode_underline($in) - { - if (!$this->check_bbcode('u', $in)) - { - return $in; - } - - return '[u:' . $this->bbcode_uid . ']' . $in . '[/u:' . $this->bbcode_uid . ']'; - } - - /** - * Parse b tag - */ - function bbcode_strong($in) - { - if (!$this->check_bbcode('b', $in)) - { - return $in; - } - - return '[b:' . $this->bbcode_uid . ']' . $in . '[/b:' . $this->bbcode_uid . ']'; - } - - /** - * Parse i tag - */ - function bbcode_italic($in) - { - if (!$this->check_bbcode('i', $in)) - { - return $in; - } - - return '[i:' . $this->bbcode_uid . ']' . $in . '[/i:' . $this->bbcode_uid . ']'; - } - - /** - * Parse img tag - */ - function bbcode_img($in) - { - if (!$this->check_bbcode('img', $in)) - { - return $in; - } - - $in = trim($in); - $error = false; - - $in = str_replace(' ', '%20', $in); - - // Checking urls - if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in)) - { - return '[img]' . $in . '[/img]'; - } - - // Try to cope with a common user error... not specifying a protocol but only a subdomain - if (!preg_match('#^[a-z0-9]+://#i', $in)) - { - $in = 'http://' . $in; - } - - if (phpbb::$config['max_' . $this->mode . '_img_height'] || phpbb::$config['max_' . $this->mode . '_img_width']) - { - $stats = @getimagesize($in); - - if ($stats === false) - { - $error = true; - $this->warn_msg[] = phpbb::$user->lang['UNABLE_GET_IMAGE_SIZE']; - } - else - { - if (phpbb::$config['max_' . $this->mode . '_img_height'] && phpbb::$config['max_' . $this->mode . '_img_height'] < $stats[1]) - { - $error = true; - $this->warn_msg[] = sprintf(phpbb::$user->lang['MAX_IMG_HEIGHT_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_img_height']); - } - - if (phpbb::$config['max_' . $this->mode . '_img_width'] && phpbb::$config['max_' . $this->mode . '_img_width'] < $stats[0]) - { - $error = true; - $this->warn_msg[] = sprintf(phpbb::$user->lang['MAX_IMG_WIDTH_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_img_width']); - } - } - } - - if ($error || $this->path_in_domain($in)) - { - return '[img]' . $in . '[/img]'; - } - - return '[img:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($in) . '[/img:' . $this->bbcode_uid . ']'; - } - - /** - * Parse flash tag - */ - function bbcode_flash($width, $height, $in) - { - if (!$this->check_bbcode('flash', $in)) - { - return $in; - } - - $in = trim($in); - $error = false; - - // Do not allow 0-sizes generally being entered - if ($width <= 0 || $height <= 0) - { - return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]'; - } - - // Apply the same size checks on flash files as on images - if (phpbb::$config['max_' . $this->mode . '_img_height'] || phpbb::$config['max_' . $this->mode . '_img_width']) - { - if (phpbb::$config['max_' . $this->mode . '_img_height'] && phpbb::$config['max_' . $this->mode . '_img_height'] < $height) - { - $error = true; - $this->warn_msg[] = sprintf(phpbb::$user->lang['MAX_FLASH_HEIGHT_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_img_height']); - } - - if (phpbb::$config['max_' . $this->mode . '_img_width'] && phpbb::$config['max_' . $this->mode . '_img_width'] < $width) - { - $error = true; - $this->warn_msg[] = sprintf(phpbb::$user->lang['MAX_FLASH_WIDTH_EXCEEDED'], phpbb::$config['max_' . $this->mode . '_img_width']); - } - } - - if ($error || $this->path_in_domain($in)) - { - return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]'; - } - - return '[flash=' . $width . ',' . $height . ':' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($in) . '[/flash:' . $this->bbcode_uid . ']'; - } - - /** - * Parse inline attachments [ia] - */ - function bbcode_attachment($stx, $in) - { - if (!$this->check_bbcode('attachment', $in)) - { - return $in; - } - - return '[attachment=' . $stx . ':' . $this->bbcode_uid . ']' . trim($in) . '[/attachment:' . $this->bbcode_uid . ']'; - } - - /** - * Parse code text from code tag - * @access private - */ - function bbcode_parse_code($stx, &$code) - { - switch (strtolower($stx)) - { - case 'php': - - $remove_tags = false; - - $str_from = array('<', '>', '[', ']', '.', ':', ':'); - $str_to = array('<', '>', '[', ']', '.', ':', ':'); - $code = str_replace($str_from, $str_to, $code); - - if (!preg_match('/\<\?.*?\?\>/is', $code)) - { - $remove_tags = true; - $code = ""; - } - - $conf = array('highlight.bg', 'highlight.comment', 'highlight.default', 'highlight.html', 'highlight.keyword', 'highlight.string'); - foreach ($conf as $ini_var) - { - @ini_set($ini_var, str_replace('highlight.', 'syntax', $ini_var)); - } - - // Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results - $code = htmlspecialchars_decode($code); - $code = highlight_string($code, true); - - $str_from = array('', '', '','[', ']', '.', ':'); - $str_to = array('', '', '', '[', ']', '.', ':'); - - if ($remove_tags) - { - $str_from[] = '<?php '; - $str_to[] = ''; - $str_from[] = '<?php '; - $str_to[] = ''; - } - - $code = str_replace($str_from, $str_to, $code); - $code = preg_replace('#^()\n?(.*?)\n?()$#is', '$1$2$3', $code); - - if ($remove_tags) - { - $code = preg_replace('#()?\?>()#', '$1 $2', $code); - } - - $code = preg_replace('#^(.*)#s', '$2', $code); - $code = preg_replace('#(?:\s++| )*+$#u', '', $code); - - // remove newline at the end - if (!empty($code) && substr($code, -1) == "\n") - { - $code = substr($code, 0, -1); - } - - return "[code=$stx:" . $this->bbcode_uid . ']' . $code . '[/code:' . $this->bbcode_uid . ']'; - break; - - default: - return '[code:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($code) . '[/code:' . $this->bbcode_uid . ']'; - break; - } - } - - /** - * Parse code tag - * Expects the argument to start right after the opening [code] tag and to end with [/code] - */ - function bbcode_code($stx, $in) - { - if (!$this->check_bbcode('code', $in)) - { - return $in; - } - - // We remove the hardcoded elements from the code block here because it is not used in code blocks - // Having it here saves us one preg_replace per message containing [code] blocks - // Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too... - $htm_match = get_preg_expression('bbcode_htm'); - unset($htm_match[4], $htm_match[5]); - $htm_replace = array('\1', '\1', '\2', '\1'); - - $out = $code_block = ''; - $open = 1; - - while ($in) - { - // Determine position and tag length of next code block - preg_match('#(.*?)(\[code(?:=([a-z]+))?\])(.+)#is', $in, $buffer); - $pos = (isset($buffer[1])) ? strlen($buffer[1]) : false; - $tag_length = (isset($buffer[2])) ? strlen($buffer[2]) : false; - - // Determine position of ending code tag - $pos2 = stripos($in, '[/code]'); - - // Which is the next block, ending code or code block - if ($pos !== false && $pos < $pos2) - { - // Open new block - if (!$open) - { - $out .= substr($in, 0, $pos); - $in = substr($in, $pos); - $stx = (isset($buffer[3])) ? $buffer[3] : ''; - $code_block = ''; - } - else - { - // Already opened block, just append to the current block - $code_block .= substr($in, 0, $pos) . ((isset($buffer[2])) ? $buffer[2] : ''); - $in = substr($in, $pos); - } - - $in = substr($in, $tag_length); - $open++; - } - else - { - // Close the block - if ($open == 1) - { - $code_block .= substr($in, 0, $pos2); - $code_block = preg_replace($htm_match, $htm_replace, $code_block); - - // Parse this code block - $out .= $this->bbcode_parse_code($stx, $code_block); - $code_block = ''; - $open--; - } - else if ($open) - { - // Close one open tag... add to the current code block - $code_block .= substr($in, 0, $pos2 + 7); - $open--; - } - else - { - // end code without opening code... will be always outside code block - $out .= substr($in, 0, $pos2 + 7); - } - - $in = substr($in, $pos2 + 7); - } - } - - // if now $code_block has contents we need to parse the remaining code while removing the last closing tag to match up. - if ($code_block) - { - $code_block = substr($code_block, 0, -7); - $code_block = preg_replace($htm_match, $htm_replace, $code_block); - - $out .= $this->bbcode_parse_code($stx, $code_block); - } - - return $out; - } - - /** - * Parse list bbcode - * Expects the argument to start with a tag - */ - function bbcode_parse_list($in) - { - if (!$this->check_bbcode('list', $in)) - { - return $in; - } - - // $tok holds characters to stop at. Since the string starts with a '[' we'll get everything up to the first ']' which should be the opening [list] tag - $tok = ']'; - $out = '['; - - // First character is [ - $in = substr($in, 1); - $list_end_tags = $item_end_tags = array(); - - do - { - $pos = strlen($in); - - for ($i = 0, $tok_len = strlen($tok); $i < $tok_len; ++$i) - { - $tmp_pos = strpos($in, $tok[$i]); - - if ($tmp_pos !== false && $tmp_pos < $pos) - { - $pos = $tmp_pos; - } - } - - $buffer = substr($in, 0, $pos); - $tok = $in[$pos]; - - $in = substr($in, $pos + 1); - - if ($tok == ']') - { - // if $tok is ']' the buffer holds a tag - if (strtolower($buffer) == '/list' && sizeof($list_end_tags)) - { - // valid [/list] tag, check nesting so that we don't hit false positives - if (sizeof($item_end_tags) && sizeof($item_end_tags) >= sizeof($list_end_tags)) - { - // current li tag has not been closed - $out = preg_replace('/\n?\[$/', '[', $out) . array_pop($item_end_tags) . ']['; - } - - $out .= array_pop($list_end_tags) . ']'; - $tok = '['; - } - else if (preg_match('#^list(=[0-9a-z]+)?$#i', $buffer, $m)) - { - // sub-list, add a closing tag - if (empty($m[1]) || preg_match('/^=(?:disc|square|circle)$/i', $m[1])) - { - array_push($list_end_tags, '/list:u:' . $this->bbcode_uid); - } - else - { - array_push($list_end_tags, '/list:o:' . $this->bbcode_uid); - } - $out .= 'list' . substr($buffer, 4) . ':' . $this->bbcode_uid . ']'; - $tok = '['; - } - else - { - if (($buffer == '*' || substr($buffer, -2) == '[*') && sizeof($list_end_tags)) - { - // the buffer holds a bullet tag and we have a [list] tag open - if (sizeof($item_end_tags) >= sizeof($list_end_tags)) - { - if (substr($buffer, -2) == '[*') - { - $out .= substr($buffer, 0, -2) . '['; - } - // current li tag has not been closed - if (preg_match('/\n\[$/', $out, $m)) - { - $out = preg_replace('/\n\[$/', '[', $out); - $buffer = array_pop($item_end_tags) . "]\n[*:" . $this->bbcode_uid; - } - else - { - $buffer = array_pop($item_end_tags) . '][*:' . $this->bbcode_uid; - } - } - else - { - $buffer = '*:' . $this->bbcode_uid; - } - - $item_end_tags[] = '/*:m:' . $this->bbcode_uid; - } - else if ($buffer == '/*') - { - array_pop($item_end_tags); - $buffer = '/*:' . $this->bbcode_uid; - } - - $out .= $buffer . $tok; - $tok = '[]'; - } - } - else - { - // Not within a tag, just add buffer to the return string - $out .= $buffer . $tok; - $tok = ($tok == '[') ? ']' : '[]'; - } - } - while ($in); - - // do we have some tags open? close them now - if (sizeof($item_end_tags)) - { - $out .= '[' . implode('][', $item_end_tags) . ']'; - } - if (sizeof($list_end_tags)) - { - $out .= '[' . implode('][', $list_end_tags) . ']'; - } - - return $out; - } - - /** - * Parse quote bbcode - * Expects the argument to start with a tag - */ - function bbcode_quote($in) - { - /** - * If you change this code, make sure the cases described within the following reports are still working: - * #3572 - [quote="[test]test"]test [ test[/quote] - (correct: parsed) - * #14667 - [quote]test[/quote] test ] and [ test [quote]test[/quote] (correct: parsed) - * #14770 - [quote="["]test[/quote] (correct: parsed) - * [quote="[i]test[/i]"]test[/quote] (correct: parsed) - * [quote="[quote]test[/quote]"]test[/quote] (correct: parsed - Username displayed as [quote]test[/quote]) - * #20735 - [quote]test[/[/b]quote] test [/quote][/quote] test - (correct: quoted: "test[/[/b]quote] test" / non-quoted: "[/quote] test" - also failed if layout distorted) - * #40565 - [quote="a"]a[/quote][quote="a]a[/quote] (correct: first quote tag parsed, second quote tag unparsed) - */ - - $in = str_replace("\r\n", "\n", str_replace('\"', '"', trim($in))); - - if (!$in) - { - return ''; - } - - // To let the parser not catch tokens within quote_username quotes we encode them before we start this... - $in = preg_replace('#quote="(.*?)"\]#ie', "'quote="' . str_replace(array('[', ']', '\\\"'), array('[', ']', '\"'), '\$1') . '"]'", $in); - - $tok = ']'; - $out = '['; - - $in = substr($in, 1); - $close_tags = $error_ary = array(); - $buffer = ''; - - do - { - $pos = strlen($in); - for ($i = 0, $tok_len = strlen($tok); $i < $tok_len; ++$i) - { - $tmp_pos = strpos($in, $tok[$i]); - if ($tmp_pos !== false && $tmp_pos < $pos) - { - $pos = $tmp_pos; - } - } - - $buffer .= substr($in, 0, $pos); - $tok = $in[$pos]; - $in = substr($in, $pos + 1); - - if ($tok == ']') - { - if (strtolower($buffer) == '/quote' && sizeof($close_tags) && substr($out, -1, 1) == '[') - { - // we have found a closing tag - $out .= array_pop($close_tags) . ']'; - $tok = '['; - $buffer = ''; - - /* Add space at the end of the closing tag if not happened before to allow following urls/smilies to be parsed correctly - * Do not try to think for the user. :/ Do not parse urls/smilies if there is no space - is the same as with other bbcodes too. - * Also, we won't have any spaces within $in anyway, only adding up spaces -> #10982 - if (!$in || $in[0] !== ' ') - { - $out .= ' '; - }*/ - } - else if (preg_match('#^quote(?:="(.*?)")?$#is', $buffer, $m) && substr($out, -1, 1) == '[') - { - $this->parsed_items['quote']++; - - // the buffer holds a valid opening tag - if (phpbb::$config['max_quote_depth'] && sizeof($close_tags) >= phpbb::$config['max_quote_depth']) - { - // there are too many nested quotes - $error_ary['quote_depth'] = sprintf(phpbb::$user->lang['QUOTE_DEPTH_EXCEEDED'], phpbb::$config['max_quote_depth']); - - $out .= $buffer . $tok; - $tok = '[]'; - $buffer = ''; - - continue; - } - - array_push($close_tags, '/quote:' . $this->bbcode_uid); - - if (isset($m[1]) && $m[1]) - { - $username = str_replace(array('[', ']'), array('[', ']'), $m[1]); - $username = preg_replace('#\[(?!b|i|u|color|url|email|/b|/i|/u|/color|/url|/email)#iU', '[$1', $username); - - $end_tags = array(); - $error = false; - - preg_match_all('#\[((?:/)?(?:[a-z]+))#i', $username, $tags); - foreach ($tags[1] as $tag) - { - if ($tag[0] != '/') - { - $end_tags[] = '/' . $tag; - } - else - { - $end_tag = array_pop($end_tags); - $error = ($end_tag != $tag) ? true : false; - } - } - - if ($error) - { - $username = $m[1]; - } - - $out .= 'quote="' . $username . '":' . $this->bbcode_uid . ']'; - } - else - { - $out .= 'quote:' . $this->bbcode_uid . ']'; - } - - $tok = '['; - $buffer = ''; - } - else if (preg_match('#^quote="(.*?)#is', $buffer, $m)) - { - // the buffer holds an invalid opening tag - $buffer .= ']'; - } - else - { - $out .= $buffer . $tok; - $tok = '[]'; - $buffer = ''; - } - } - else - { -/** -* Old quote code working fine, but having errors listed in bug #3572 -* -* $out .= $buffer . $tok; -* $tok = ($tok == '[') ? ']' : '[]'; -* $buffer = ''; -*/ - - $out .= $buffer . $tok; - - if ($tok == '[') - { - // Search the text for the next tok... if an ending quote comes first, then change tok to [] - $pos1 = stripos($in, '[/quote'); - // If the token ] comes first, we change it to ] - $pos2 = strpos($in, ']'); - // If the token [ comes first, we change it to [ - $pos3 = strpos($in, '['); - - if ($pos1 !== false && ($pos2 === false || $pos1 < $pos2) && ($pos3 === false || $pos1 < $pos3)) - { - $tok = '[]'; - } - else if ($pos3 !== false && ($pos2 === false || $pos3 < $pos2)) - { - $tok = '['; - } - else - { - $tok = ']'; - } - } - else - { - $tok = '[]'; - } - $buffer = ''; - } - } - while ($in); - - $out .= $buffer; - - if (sizeof($close_tags)) - { - $out .= '[' . implode('][', $close_tags) . ']'; - } - - foreach ($error_ary as $error_msg) - { - $this->warn_msg[] = $error_msg; - } - - return $out; - } - - /** - * Validate email - */ - function validate_email($var1, $var2) - { - $var1 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var1))); - $var2 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var2))); - - $txt = $var2; - $email = ($var1) ? $var1 : $var2; - - $validated = true; - - if (!preg_match('/^' . get_preg_expression('email') . '$/i', $email)) - { - $validated = false; - } - - if (!$validated) - { - return '[email' . (($var1) ? "=$var1" : '') . ']' . $var2 . '[/email]'; - } - - $this->parsed_items['email']++; - - if ($var1) - { - $retval = '[email=' . $this->bbcode_specialchars($email) . ':' . $this->bbcode_uid . ']' . $txt . '[/email:' . $this->bbcode_uid . ']'; - } - else - { - $retval = '[email:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($email) . '[/email:' . $this->bbcode_uid . ']'; - } - - return $retval; - } - - /** - * Validate url - * - * @param string $var1 optional url parameter for url bbcode: [url(=$var1)]$var2[/url] - * @param string $var2 url bbcode content: [url(=$var1)]$var2[/url] - */ - function validate_url($var1, $var2) - { - $var1 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var1))); - $var2 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var2))); - - $url = ($var1) ? $var1 : $var2; - - if ($var1 && !$var2) - { - $var2 = $var1; - } - - if (!$url) - { - return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]'; - } - - $valid = false; - - $url = str_replace(' ', '%20', $url); - - // Checking urls - if (preg_match('#^' . get_preg_expression('url') . '$#i', $url) || - preg_match('#^' . get_preg_expression('www_url') . '$#i', $url) || - preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#i', $url)) - { - $valid = true; - } - - if ($valid) - { - $this->parsed_items['url']++; - - // if there is no scheme, then add http schema - if (!preg_match('#^[a-z][a-z\d+\-.]*:/{2}#i', $url)) - { - $url = 'http://' . $url; - } - - // Is this a link to somewhere inside this board? If so then remove the session id from the url - if (strpos($url, generate_board_url()) !== false && strpos($url, 'sid=') !== false) - { - $url = preg_replace('/(&|\?)sid=[0-9a-f]{32}&/', '\1', $url); - $url = preg_replace('/(&|\?)sid=[0-9a-f]{32}$/', '', $url); - $url = append_sid($url); - } - - return ($var1) ? '[url=' . $this->bbcode_specialchars($url) . ':' . $this->bbcode_uid . ']' . $var2 . '[/url:' . $this->bbcode_uid . ']' : '[url:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($url) . '[/url:' . $this->bbcode_uid . ']'; - } - - return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]'; - } - - /** - * Check if url is pointing to this domain/script_path/php-file - * - * @param string $url the url to check - * @return true if the url is pointing to this domain/script_path/php-file, false if not - * - * @access private - */ - function path_in_domain($url) - { - if (phpbb::$config['force_server_vars']) - { - $check_path = phpbb::$config['script_path']; - } - else - { - $check_path = (phpbb::$user->page['root_script_path'] != '/') ? substr(phpbb::$user->page['root_script_path'], 0, -1) : '/'; - } - - // Is the user trying to link to a php file in this domain and script path? - if (strpos($url, '.' . PHP_EXT) !== false && strpos($url, $check_path) !== false) - { - $server_name = phpbb::$user->system['host']; - - // Forcing server vars is the only way to specify/override the protocol - if (phpbb::$config['force_server_vars'] || !$server_name) - { - $server_name = phpbb::$config['server_name']; - } - - // Check again in correct order... - $pos_ext = strpos($url, '.' . PHP_EXT); - $pos_path = strpos($url, $check_path); - $pos_domain = strpos($url, $server_name); - - if ($pos_domain !== false && $pos_path >= $pos_domain && $pos_ext >= $pos_path) - { - // Ok, actually we allow linking to some files (this may be able to be extended in some way later...) - if (strpos($url, '/' . $check_path . '/download/file.' . PHP_EXT) !== 0) - { - return false; - } - - return true; - } - } - - return false; - } -} - -/** -* Main message parser for posting, pm, etc. takes raw message -* and parses it for attachments, bbcode and smilies -* @package phpBB3 -*/ -class parse_message extends bbcode_firstpass -{ - var $attachment_data = array(); - var $filename_data = array(); - - // Helps ironing out user error - var $message_status = ''; - - var $allow_img_bbcode = true; - var $allow_flash_bbcode = true; - var $allow_quote_bbcode = true; - var $allow_url_bbcode = true; - - var $mode; - - /** - * Init - give message here or manually - */ - function parse_message($message = '') - { - // Init BBCode UID - $this->bbcode_uid = substr(base_convert(unique_id(), 16, 36), 0, BBCODE_UID_LEN); - $this->message = $message; - } - - /** - * Parse Message - */ - function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post') - { - $mode = ($mode != 'post') ? 'sig' : 'post'; - - $this->mode = $mode; - - $this->allow_img_bbcode = $allow_img_bbcode; - $this->allow_flash_bbcode = $allow_flash_bbcode; - $this->allow_quote_bbcode = $allow_quote_bbcode; - $this->allow_url_bbcode = $allow_url_bbcode; - - // If false, then $this->message won't be altered, the text will be returned instead. - if (!$update_this_message) - { - $tmp_message = $this->message; - $return_message = &$this->message; - } - - if ($this->message_status == 'display') - { - $this->decode_message(); - } - - // Do some general 'cleanup' first before processing message, - // e.g. remove excessive newlines(?), smilies(?) - $match = array('#(script|about|applet|activex|chrome):#i'); - $replace = array("\\1:"); - $this->message = preg_replace($match, $replace, trim($this->message)); - - // Message length check. 0 disables this check completely. - if (phpbb::$config['max_' . $mode . '_chars'] > 0) - { - $msg_len = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message)); - - if ((!$msg_len && $mode !== 'sig') || phpbb::$config['max_' . $mode . '_chars'] && $msg_len > phpbb::$config['max_' . $mode . '_chars']) - { - $this->warn_msg[] = (!$msg_len) ? phpbb::$user->lang['TOO_FEW_CHARS'] : sprintf(phpbb::$user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $msg_len, phpbb::$config['max_' . $mode . '_chars']); - return (!$update_this_message) ? $return_message : $this->warn_msg; - } - } - - // Prepare BBcode (just prepares some tags for better parsing) - if ($allow_bbcode && strpos($this->message, '[') !== false) - { - $this->bbcode_init(); - $disallow = array('img', 'flash', 'quote', 'url'); - foreach ($disallow as $bool) - { - if (!${'allow_' . $bool . '_bbcode'}) - { - $this->bbcodes[$bool]['disabled'] = true; - } - } - - $this->prepare_bbcodes(); - } - - // Parse smilies - if ($allow_smilies) - { - $this->smilies(phpbb::$config['max_' . $mode . '_smilies']); - } - - $num_urls = 0; - - // Parse BBCode - if ($allow_bbcode && strpos($this->message, '[') !== false) - { - $this->parse_bbcode(); - $num_urls += $this->parsed_items['url']; - } - - // Parse URL's - if ($allow_magic_url) - { - $this->magic_url(generate_board_url()); - - if (phpbb::$config['max_' . $mode . '_urls']) - { - $num_urls += preg_match_all('#\' . $row['code'] . ''; - } - phpbb::$db->sql_freeresult($result); - } - - if (sizeof($match)) - { - if ($max_smilies) - { - $num_matches = preg_match_all('#' . implode('|', $match) . '#', $this->message, $matches); - unset($matches); - - if ($num_matches !== false && $num_matches > $max_smilies) - { - $this->warn_msg[] = sprintf(phpbb::$user->lang['TOO_MANY_SMILIES'], $max_smilies); - return; - } - } - - // Make sure the delimiter # is added in front and at the end of every element within $match - $this->message = trim(preg_replace(explode(chr(0), '#' . implode('#' . chr(0) . '#', $match) . '#'), $replace, $this->message)); - } - } - - /** - * Parse Attachments - */ - function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false) - { - $error = array(); - - $num_attachments = sizeof($this->attachment_data); - $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); - $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false; - - $add_file = phpbb_request::is_set_post('add_file'); - $delete_file = phpbb_request::is_set_post('delete_file'); - - // First of all adjust comments if changed - $actual_comment_list = utf8_normalize_nfc(request_var('comment_list', array(''), true)); - - foreach ($actual_comment_list as $comment_key => $comment) - { - if (!isset($this->attachment_data[$comment_key])) - { - continue; - } - - if ($this->attachment_data[$comment_key]['attach_comment'] != $actual_comment_list[$comment_key]) - { - $this->attachment_data[$comment_key]['attach_comment'] = $actual_comment_list[$comment_key]; - } - } - - $cfg = array(); - $cfg['max_attachments'] = ($is_message) ? phpbb::$config['max_attachments_pm'] : phpbb::$config['max_attachments']; - $forum_id = ($is_message) ? 0 : $forum_id; - - if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $upload_file) - { - if ($num_attachments < $cfg['max_attachments'] || phpbb::$acl->acl_get('a_') || phpbb::$acl->acl_get('m_', $forum_id)) - { - $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message); - $error = $filedata['error']; - - if ($filedata['post_attach'] && !sizeof($error)) - { - $sql_ary = array( - 'physical_filename' => $filedata['physical_filename'], - 'attach_comment' => $this->filename_data['filecomment'], - 'real_filename' => $filedata['real_filename'], - 'extension' => $filedata['extension'], - 'mimetype' => $filedata['mimetype'], - 'filesize' => $filedata['filesize'], - 'filetime' => $filedata['filetime'], - 'thumbnail' => $filedata['thumbnail'], - 'is_orphan' => 1, - 'in_message' => ($is_message) ? 1 : 0, - 'poster_id' => phpbb::$user->data['user_id'], - ); - - phpbb::$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . phpbb::$db->sql_build_array('INSERT', $sql_ary)); - - $new_entry = array( - 'attach_id' => phpbb::$db->sql_nextid(), - 'is_orphan' => 1, - 'real_filename' => $filedata['real_filename'], - 'attach_comment'=> $this->filename_data['filecomment'], - ); - - $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); - $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); - - $this->filename_data['filecomment'] = ''; - - // This Variable is set to false here, because Attachments are entered into the - // Database in two modes, one if the id_list is 0 and the second one if post_attach is true - // Since post_attach is automatically switched to true if an Attachment got added to the filesystem, - // but we are assigning an id of 0 here, we have to reset the post_attach variable to false. - // - // This is very relevant, because it could happen that the post got not submitted, but we do not - // know this circumstance here. We could be at the posting page or we could be redirected to the entered - // post. :) - $filedata['post_attach'] = false; - } - } - else - { - $error[] = sprintf(phpbb::$user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']); - } - } - - if ($preview || $refresh || sizeof($error)) - { - // Perform actions on temporary attachments - if ($delete_file) - { - include_once(PHPBB_ROOT_PATH . 'includes/functions_admin.' . PHP_EXT); - - $index = array_keys(request_var('delete_file', array(0 => 0))); - $index = (!empty($index)) ? $index[0] : false; - - if ($index !== false && !empty($this->attachment_data[$index])) - { - // delete selected attachment - if ($this->attachment_data[$index]['is_orphan']) - { - $sql = 'SELECT attach_id, physical_filename, thumbnail - FROM ' . ATTACHMENTS_TABLE . ' - WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . ' - AND is_orphan = 1 - AND poster_id = ' . phpbb::$user->data['user_id']; - $result = phpbb::$db->sql_query($sql); - $row = phpbb::$db->sql_fetchrow($result); - phpbb::$db->sql_freeresult($result); - - if ($row) - { - phpbb_unlink($row['physical_filename'], 'file'); - - if ($row['thumbnail']) - { - phpbb_unlink($row['physical_filename'], 'thumbnail'); - } - - phpbb::$db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']); - } - } - else - { - delete_attachments('attach', array(intval($this->attachment_data[$index]['attach_id']))); - } - - unset($this->attachment_data[$index]); - $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $this->message); - - // Reindex Array - $this->attachment_data = array_values($this->attachment_data); - } - } - else if (($add_file || $preview) && $upload_file) - { - if ($num_attachments < $cfg['max_attachments'] || phpbb::$acl->acl_gets('m_', 'a_', $forum_id)) - { - $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message); - $error = array_merge($error, $filedata['error']); - - if (!sizeof($error)) - { - $sql_ary = array( - 'physical_filename' => $filedata['physical_filename'], - 'attach_comment' => $this->filename_data['filecomment'], - 'real_filename' => $filedata['real_filename'], - 'extension' => $filedata['extension'], - 'mimetype' => $filedata['mimetype'], - 'filesize' => $filedata['filesize'], - 'filetime' => $filedata['filetime'], - 'thumbnail' => $filedata['thumbnail'], - 'is_orphan' => 1, - 'in_message' => ($is_message) ? 1 : 0, - 'poster_id' => phpbb::$user->data['user_id'], - ); - - phpbb::$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . phpbb::$db->sql_build_array('INSERT', $sql_ary)); - - $new_entry = array( - 'attach_id' => phpbb::$db->sql_nextid(), - 'is_orphan' => 1, - 'real_filename' => $filedata['real_filename'], - 'attach_comment'=> $this->filename_data['filecomment'], - ); - - $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); - $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); - $this->filename_data['filecomment'] = ''; - } - } - else - { - $error[] = sprintf(phpbb::$user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']); - } - } - } - - foreach ($error as $error_msg) - { - $this->warn_msg[] = $error_msg; - } - } - - /** - * Get Attachment Data - */ - function get_submitted_attachment_data($check_user_id = false) - { - $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); - $attachment_data = phpbb_request::variable('attachment_data', array(0 => array('' => '')), true, phpbb_request::POST); - $this->attachment_data = array(); - - $check_user_id = ($check_user_id === false) ? phpbb::$user->data['user_id'] : $check_user_id; - - if (!sizeof($attachment_data)) - { - return; - } - - $not_orphan = $orphan = array(); - - foreach ($attachment_data as $pos => $var_ary) - { - if ($var_ary['is_orphan']) - { - $orphan[(int) $var_ary['attach_id']] = $pos; - } - else - { - $not_orphan[(int) $var_ary['attach_id']] = $pos; - } - } - - // Regenerate already posted attachments - if (sizeof($not_orphan)) - { - // Get the attachment data, based on the poster id... - $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment - FROM ' . ATTACHMENTS_TABLE . ' - WHERE ' . phpbb::$db->sql_in_set('attach_id', array_keys($not_orphan)) . ' - AND poster_id = ' . $check_user_id; - $result = phpbb::$db->sql_query($sql); - - while ($row = phpbb::$db->sql_fetchrow($result)) - { - $pos = $not_orphan[(int) $row['attach_id']]; - $this->attachment_data[$pos] = $row; - $this->attachment_data[$pos]['attach_comment'] = utf8_normalize_nfc($attachment_data[$pos]['attach_comment']); - - unset($not_orphan[(int) $row['attach_id']]); - } - phpbb::$db->sql_freeresult($result); - } - - if (sizeof($not_orphan)) - { - trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR); - } - - // Regenerate newly uploaded attachments - if (sizeof($orphan)) - { - $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment - FROM ' . ATTACHMENTS_TABLE . ' - WHERE ' . phpbb::$db->sql_in_set('attach_id', array_keys($orphan)) . ' - AND poster_id = ' . phpbb::$user->data['user_id'] . ' - AND is_orphan = 1'; - $result = phpbb::$db->sql_query($sql); - - while ($row = phpbb::$db->sql_fetchrow($result)) - { - $pos = $orphan[(int) $row['attach_id']]; - $this->attachment_data[$pos] = $row; - $this->attachment_data[$pos]['attach_comment'] = utf8_normalize_nfc($attachment_data[$pos]['attach_comment']); - - unset($orphan[(int) $row['attach_id']]); - } - phpbb::$db->sql_freeresult($result); - } - - if (sizeof($orphan)) - { - trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR); - } - - ksort($this->attachment_data); - } - - /** - * Parse Poll - */ - function parse_poll(&$poll) - { - $poll_max_options = $poll['poll_max_options']; - - // Parse Poll Option text ;) - $tmp_message = $this->message; - $this->message = $poll['poll_option_text']; - $bbcode_bitfield = $this->bbcode_bitfield; - - $poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], (phpbb::$config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, phpbb::$config['allow_post_links'], false); - - $bbcode_bitfield = base64_encode(base64_decode($bbcode_bitfield) | base64_decode($this->bbcode_bitfield)); - $this->message = $tmp_message; - - // Parse Poll Title - $tmp_message = $this->message; - $this->message = $poll['poll_title']; - $this->bbcode_bitfield = $bbcode_bitfield; - - $poll['poll_options'] = explode("\n", trim($poll['poll_option_text'])); - $poll['poll_options_size'] = sizeof($poll['poll_options']); - - if (!$poll['poll_title'] && $poll['poll_options_size']) - { - $this->warn_msg[] = phpbb::$user->lang['NO_POLL_TITLE']; - } - else - { - if (utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message)) > 100) - { - $this->warn_msg[] = phpbb::$user->lang['POLL_TITLE_TOO_LONG']; - } - $poll['poll_title'] = $this->parse($poll['enable_bbcode'], (phpbb::$config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, phpbb::$config['allow_post_links'], false); - if (strlen($poll['poll_title']) > 255) - { - $this->warn_msg[] = phpbb::$user->lang['POLL_TITLE_COMP_TOO_LONG']; - } - } - - $this->bbcode_bitfield = base64_encode(base64_decode($bbcode_bitfield) | base64_decode($this->bbcode_bitfield)); - $this->message = $tmp_message; - unset($tmp_message); - - if (sizeof($poll['poll_options']) == 1) - { - $this->warn_msg[] = phpbb::$user->lang['TOO_FEW_POLL_OPTIONS']; - } - else if ($poll['poll_options_size'] > (int) phpbb::$config['max_poll_options']) - { - $this->warn_msg[] = phpbb::$user->lang['TOO_MANY_POLL_OPTIONS']; - } - else if ($poll_max_options > $poll['poll_options_size']) - { - $this->warn_msg[] = phpbb::$user->lang['TOO_MANY_USER_OPTIONS']; - } - - $poll['poll_max_options'] = ($poll['poll_max_options'] < 1) ? 1 : (($poll['poll_max_options'] > phpbb::$config['max_poll_options']) ? phpbb::$config['max_poll_options'] : $poll['poll_max_options']); - } -} - -?> \ No newline at end of file -- cgit v1.2.1 From 2e17e448deed073f8614bb555a8ef20c57291c2a Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 4 Oct 2009 18:14:59 +0000 Subject: Copy 3.0.x branch to trunk git-svn-id: file:///svn/phpbb/trunk@10211 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 1685 +++++++++++++++++++++++++++++++++++++ 1 file changed, 1685 insertions(+) create mode 100644 phpBB/includes/message_parser.php (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php new file mode 100644 index 0000000000..3df582d640 --- /dev/null +++ b/phpBB/includes/message_parser.php @@ -0,0 +1,1685 @@ +bbcodes) + { + $this->bbcode_init(); + } + + global $user; + + $this->bbcode_bitfield = ''; + $bitfield = new bitfield(); + + foreach ($this->bbcodes as $bbcode_name => $bbcode_data) + { + if (isset($bbcode_data['disabled']) && $bbcode_data['disabled']) + { + foreach ($bbcode_data['regexp'] as $regexp => $replacement) + { + if (preg_match($regexp, $this->message)) + { + $this->warn_msg[] = sprintf($user->lang['UNAUTHORISED_BBCODE'] , '[' . $bbcode_name . ']'); + continue; + } + } + } + else + { + foreach ($bbcode_data['regexp'] as $regexp => $replacement) + { + // The pattern gets compiled and cached by the PCRE extension, + // it should not demand recompilation + if (preg_match($regexp, $this->message)) + { + $this->message = preg_replace($regexp, $replacement, $this->message); + $bitfield->set($bbcode_data['bbcode_id']); + } + } + } + } + + $this->bbcode_bitfield = $bitfield->get_base64(); + } + + /** + * Prepare some bbcodes for better parsing + */ + function prepare_bbcodes() + { + // Ok, seems like users instead want the no-parsing of urls, smilies, etc. after and before and within quote tags being tagged as "not a bug". + // Fine by me ;) Will ease our live... but do not come back and cry at us, we won't hear you. + + /* Add newline at the end and in front of each quote block to prevent parsing errors (urls, smilies, etc.) + if (strpos($this->message, '[quote') !== false && strpos($this->message, '[/quote]') !== false) + { + $this->message = str_replace("\r\n", "\n", $this->message); + + // We strip newlines and spaces after and before quotes in quotes (trimming) and then add exactly one newline + $this->message = preg_replace('#\[quote(=".*?")?\]\s*(.*?)\s*\[/quote\]#siu', '[quote\1]' . "\n" . '\2' ."\n[/quote]", $this->message); + } + */ + + // Add other checks which needs to be placed before actually parsing anything (be it bbcodes, smilies, urls...) + } + + /** + * Init bbcode data for later parsing + */ + function bbcode_init() + { + static $rowset; + + // This array holds all bbcode data. BBCodes will be processed in this + // order, so it is important to keep [code] in first position and + // [quote] in second position. + $this->bbcodes = array( + 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#ise' => "\$this->bbcode_code('\$1', '\$2')")), + 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#ise' => "\$this->bbcode_quote('\$0')")), + 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#ise' => "\$this->bbcode_attachment('\$1', '\$2')")), + 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#ise' => "\$this->bbcode_strong('\$1')")), + 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#ise' => "\$this->bbcode_italic('\$1')")), + 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\]((?s).*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")), + 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#iUe' => "\$this->bbcode_img('\$1')")), + 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#ise' => "\$this->bbcode_size('\$1', '\$2')")), + 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!ise' => "\$this->bbcode_color('\$1', '\$2')")), + 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#ise' => "\$this->bbcode_underline('\$1')")), + 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#ise' => "\$this->bbcode_parse_list('\$0')")), + 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#ise' => "\$this->validate_email('\$1', '\$2')")), + 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')")) + ); + + // Zero the parsed items array + $this->parsed_items = array(); + + foreach ($this->bbcodes as $tag => $bbcode_data) + { + $this->parsed_items[$tag] = 0; + } + + if (!is_array($rowset)) + { + global $db; + $rowset = array(); + + $sql = 'SELECT * + FROM ' . BBCODES_TABLE; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $rowset[] = $row; + } + $db->sql_freeresult($result); + } + + foreach ($rowset as $row) + { + $this->bbcodes[$row['bbcode_tag']] = array( + 'bbcode_id' => (int) $row['bbcode_id'], + 'regexp' => array($row['first_pass_match'] => str_replace('$uid', $this->bbcode_uid, $row['first_pass_replace'])) + ); + } + } + + /** + * Making some pre-checks for bbcodes as well as increasing the number of parsed items + */ + function check_bbcode($bbcode, &$in) + { + // when using the /e modifier, preg_replace slashes double-quotes but does not + // seem to slash anything else + $in = str_replace("\r\n", "\n", str_replace('\"', '"', $in)); + + // Trimming here to make sure no empty bbcodes are parsed accidently + if (trim($in) == '') + { + return false; + } + + $this->parsed_items[$bbcode]++; + + return true; + } + + /** + * Transform some characters in valid bbcodes + */ + function bbcode_specialchars($text) + { + $str_from = array('<', '>', '[', ']', '.', ':'); + $str_to = array('<', '>', '[', ']', '.', ':'); + + return str_replace($str_from, $str_to, $text); + } + + /** + * Parse size tag + */ + function bbcode_size($stx, $in) + { + global $user, $config; + + if (!$this->check_bbcode('size', $in)) + { + return $in; + } + + if ($config['max_' . $this->mode . '_font_size'] && $config['max_' . $this->mode . '_font_size'] < $stx) + { + $this->warn_msg[] = sprintf($user->lang['MAX_FONT_SIZE_EXCEEDED'], $config['max_' . $this->mode . '_font_size']); + + return '[size=' . $stx . ']' . $in . '[/size]'; + } + + // Do not allow size=0 + if ($stx <= 0) + { + return '[size=' . $stx . ']' . $in . '[/size]'; + } + + return '[size=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/size:' . $this->bbcode_uid . ']'; + } + + /** + * Parse color tag + */ + function bbcode_color($stx, $in) + { + if (!$this->check_bbcode('color', $in)) + { + return $in; + } + + return '[color=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/color:' . $this->bbcode_uid . ']'; + } + + /** + * Parse u tag + */ + function bbcode_underline($in) + { + if (!$this->check_bbcode('u', $in)) + { + return $in; + } + + return '[u:' . $this->bbcode_uid . ']' . $in . '[/u:' . $this->bbcode_uid . ']'; + } + + /** + * Parse b tag + */ + function bbcode_strong($in) + { + if (!$this->check_bbcode('b', $in)) + { + return $in; + } + + return '[b:' . $this->bbcode_uid . ']' . $in . '[/b:' . $this->bbcode_uid . ']'; + } + + /** + * Parse i tag + */ + function bbcode_italic($in) + { + if (!$this->check_bbcode('i', $in)) + { + return $in; + } + + return '[i:' . $this->bbcode_uid . ']' . $in . '[/i:' . $this->bbcode_uid . ']'; + } + + /** + * Parse img tag + */ + function bbcode_img($in) + { + global $user, $config; + + if (!$this->check_bbcode('img', $in)) + { + return $in; + } + + $in = trim($in); + $error = false; + + $in = str_replace(' ', '%20', $in); + + // Checking urls + if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in)) + { + return '[img]' . $in . '[/img]'; + } + + // Try to cope with a common user error... not specifying a protocol but only a subdomain + if (!preg_match('#^[a-z0-9]+://#i', $in)) + { + $in = 'http://' . $in; + } + + if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) + { + $stats = @getimagesize($in); + + if ($stats === false) + { + $error = true; + $this->warn_msg[] = $user->lang['UNABLE_GET_IMAGE_SIZE']; + } + else + { + if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $stats[1]) + { + $error = true; + $this->warn_msg[] = sprintf($user->lang['MAX_IMG_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']); + } + + if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $stats[0]) + { + $error = true; + $this->warn_msg[] = sprintf($user->lang['MAX_IMG_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']); + } + } + } + + if ($error || $this->path_in_domain($in)) + { + return '[img]' . $in . '[/img]'; + } + + return '[img:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($in) . '[/img:' . $this->bbcode_uid . ']'; + } + + /** + * Parse flash tag + */ + function bbcode_flash($width, $height, $in) + { + global $user, $config; + + if (!$this->check_bbcode('flash', $in)) + { + return $in; + } + + $in = trim($in); + $error = false; + + // Do not allow 0-sizes generally being entered + if ($width <= 0 || $height <= 0) + { + return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]'; + } + + // Apply the same size checks on flash files as on images + if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) + { + if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $height) + { + $error = true; + $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']); + } + + if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $width) + { + $error = true; + $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']); + } + } + + if ($error || $this->path_in_domain($in)) + { + return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]'; + } + + return '[flash=' . $width . ',' . $height . ':' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($in) . '[/flash:' . $this->bbcode_uid . ']'; + } + + /** + * Parse inline attachments [ia] + */ + function bbcode_attachment($stx, $in) + { + if (!$this->check_bbcode('attachment', $in)) + { + return $in; + } + + return '[attachment=' . $stx . ':' . $this->bbcode_uid . ']' . trim($in) . '[/attachment:' . $this->bbcode_uid . ']'; + } + + /** + * Parse code text from code tag + * @access private + */ + function bbcode_parse_code($stx, &$code) + { + switch (strtolower($stx)) + { + case 'php': + + $remove_tags = false; + + $str_from = array('<', '>', '[', ']', '.', ':', ':'); + $str_to = array('<', '>', '[', ']', '.', ':', ':'); + $code = str_replace($str_from, $str_to, $code); + + if (!preg_match('/\<\?.*?\?\>/is', $code)) + { + $remove_tags = true; + $code = ""; + } + + $conf = array('highlight.bg', 'highlight.comment', 'highlight.default', 'highlight.html', 'highlight.keyword', 'highlight.string'); + foreach ($conf as $ini_var) + { + @ini_set($ini_var, str_replace('highlight.', 'syntax', $ini_var)); + } + + // Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results + $code = htmlspecialchars_decode($code); + $code = highlight_string($code, true); + + $str_from = array('', '', '','[', ']', '.', ':'); + $str_to = array('', '', '', '[', ']', '.', ':'); + + if ($remove_tags) + { + $str_from[] = '<?php '; + $str_to[] = ''; + $str_from[] = '<?php '; + $str_to[] = ''; + } + + $code = str_replace($str_from, $str_to, $code); + $code = preg_replace('#^()\n?(.*?)\n?()$#is', '$1$2$3', $code); + + if ($remove_tags) + { + $code = preg_replace('#()?\?>()#', '$1 $2', $code); + } + + $code = preg_replace('#^(.*)#s', '$2', $code); + $code = preg_replace('#(?:\s++| )*+$#u', '', $code); + + // remove newline at the end + if (!empty($code) && substr($code, -1) == "\n") + { + $code = substr($code, 0, -1); + } + + return "[code=$stx:" . $this->bbcode_uid . ']' . $code . '[/code:' . $this->bbcode_uid . ']'; + break; + + default: + return '[code:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($code) . '[/code:' . $this->bbcode_uid . ']'; + break; + } + } + + /** + * Parse code tag + * Expects the argument to start right after the opening [code] tag and to end with [/code] + */ + function bbcode_code($stx, $in) + { + if (!$this->check_bbcode('code', $in)) + { + return $in; + } + + // We remove the hardcoded elements from the code block here because it is not used in code blocks + // Having it here saves us one preg_replace per message containing [code] blocks + // Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too... + $htm_match = get_preg_expression('bbcode_htm'); + unset($htm_match[4], $htm_match[5]); + $htm_replace = array('\1', '\1', '\2', '\1'); + + $out = $code_block = ''; + $open = 1; + + while ($in) + { + // Determine position and tag length of next code block + preg_match('#(.*?)(\[code(?:=([a-z]+))?\])(.+)#is', $in, $buffer); + $pos = (isset($buffer[1])) ? strlen($buffer[1]) : false; + $tag_length = (isset($buffer[2])) ? strlen($buffer[2]) : false; + + // Determine position of ending code tag + $pos2 = stripos($in, '[/code]'); + + // Which is the next block, ending code or code block + if ($pos !== false && $pos < $pos2) + { + // Open new block + if (!$open) + { + $out .= substr($in, 0, $pos); + $in = substr($in, $pos); + $stx = (isset($buffer[3])) ? $buffer[3] : ''; + $code_block = ''; + } + else + { + // Already opened block, just append to the current block + $code_block .= substr($in, 0, $pos) . ((isset($buffer[2])) ? $buffer[2] : ''); + $in = substr($in, $pos); + } + + $in = substr($in, $tag_length); + $open++; + } + else + { + // Close the block + if ($open == 1) + { + $code_block .= substr($in, 0, $pos2); + $code_block = preg_replace($htm_match, $htm_replace, $code_block); + + // Parse this code block + $out .= $this->bbcode_parse_code($stx, $code_block); + $code_block = ''; + $open--; + } + else if ($open) + { + // Close one open tag... add to the current code block + $code_block .= substr($in, 0, $pos2 + 7); + $open--; + } + else + { + // end code without opening code... will be always outside code block + $out .= substr($in, 0, $pos2 + 7); + } + + $in = substr($in, $pos2 + 7); + } + } + + // if now $code_block has contents we need to parse the remaining code while removing the last closing tag to match up. + if ($code_block) + { + $code_block = substr($code_block, 0, -7); + $code_block = preg_replace($htm_match, $htm_replace, $code_block); + + $out .= $this->bbcode_parse_code($stx, $code_block); + } + + return $out; + } + + /** + * Parse list bbcode + * Expects the argument to start with a tag + */ + function bbcode_parse_list($in) + { + if (!$this->check_bbcode('list', $in)) + { + return $in; + } + + // $tok holds characters to stop at. Since the string starts with a '[' we'll get everything up to the first ']' which should be the opening [list] tag + $tok = ']'; + $out = '['; + + // First character is [ + $in = substr($in, 1); + $list_end_tags = $item_end_tags = array(); + + do + { + $pos = strlen($in); + + for ($i = 0, $tok_len = strlen($tok); $i < $tok_len; ++$i) + { + $tmp_pos = strpos($in, $tok[$i]); + + if ($tmp_pos !== false && $tmp_pos < $pos) + { + $pos = $tmp_pos; + } + } + + $buffer = substr($in, 0, $pos); + $tok = $in[$pos]; + + $in = substr($in, $pos + 1); + + if ($tok == ']') + { + // if $tok is ']' the buffer holds a tag + if (strtolower($buffer) == '/list' && sizeof($list_end_tags)) + { + // valid [/list] tag, check nesting so that we don't hit false positives + if (sizeof($item_end_tags) && sizeof($item_end_tags) >= sizeof($list_end_tags)) + { + // current li tag has not been closed + $out = preg_replace('/\n?\[$/', '[', $out) . array_pop($item_end_tags) . ']['; + } + + $out .= array_pop($list_end_tags) . ']'; + $tok = '['; + } + else if (preg_match('#^list(=[0-9a-z]+)?$#i', $buffer, $m)) + { + // sub-list, add a closing tag + if (empty($m[1]) || preg_match('/^=(?:disc|square|circle)$/i', $m[1])) + { + array_push($list_end_tags, '/list:u:' . $this->bbcode_uid); + } + else + { + array_push($list_end_tags, '/list:o:' . $this->bbcode_uid); + } + $out .= 'list' . substr($buffer, 4) . ':' . $this->bbcode_uid . ']'; + $tok = '['; + } + else + { + if (($buffer == '*' || substr($buffer, -2) == '[*') && sizeof($list_end_tags)) + { + // the buffer holds a bullet tag and we have a [list] tag open + if (sizeof($item_end_tags) >= sizeof($list_end_tags)) + { + if (substr($buffer, -2) == '[*') + { + $out .= substr($buffer, 0, -2) . '['; + } + // current li tag has not been closed + if (preg_match('/\n\[$/', $out, $m)) + { + $out = preg_replace('/\n\[$/', '[', $out); + $buffer = array_pop($item_end_tags) . "]\n[*:" . $this->bbcode_uid; + } + else + { + $buffer = array_pop($item_end_tags) . '][*:' . $this->bbcode_uid; + } + } + else + { + $buffer = '*:' . $this->bbcode_uid; + } + + $item_end_tags[] = '/*:m:' . $this->bbcode_uid; + } + else if ($buffer == '/*') + { + array_pop($item_end_tags); + $buffer = '/*:' . $this->bbcode_uid; + } + + $out .= $buffer . $tok; + $tok = '[]'; + } + } + else + { + // Not within a tag, just add buffer to the return string + $out .= $buffer . $tok; + $tok = ($tok == '[') ? ']' : '[]'; + } + } + while ($in); + + // do we have some tags open? close them now + if (sizeof($item_end_tags)) + { + $out .= '[' . implode('][', $item_end_tags) . ']'; + } + if (sizeof($list_end_tags)) + { + $out .= '[' . implode('][', $list_end_tags) . ']'; + } + + return $out; + } + + /** + * Parse quote bbcode + * Expects the argument to start with a tag + */ + function bbcode_quote($in) + { + global $config, $user; + + /** + * If you change this code, make sure the cases described within the following reports are still working: + * #3572 - [quote="[test]test"]test [ test[/quote] - (correct: parsed) + * #14667 - [quote]test[/quote] test ] and [ test [quote]test[/quote] (correct: parsed) + * #14770 - [quote="["]test[/quote] (correct: parsed) + * [quote="[i]test[/i]"]test[/quote] (correct: parsed) + * [quote="[quote]test[/quote]"]test[/quote] (correct: parsed - Username displayed as [quote]test[/quote]) + * #20735 - [quote]test[/[/b]quote] test [/quote][/quote] test - (correct: quoted: "test[/[/b]quote] test" / non-quoted: "[/quote] test" - also failed if layout distorted) + * #40565 - [quote="a"]a[/quote][quote="a]a[/quote] (correct: first quote tag parsed, second quote tag unparsed) + */ + + $in = str_replace("\r\n", "\n", str_replace('\"', '"', trim($in))); + + if (!$in) + { + return ''; + } + + // To let the parser not catch tokens within quote_username quotes we encode them before we start this... + $in = preg_replace('#quote="(.*?)"\]#ie', "'quote="' . str_replace(array('[', ']', '\\\"'), array('[', ']', '\"'), '\$1') . '"]'", $in); + + $tok = ']'; + $out = '['; + + $in = substr($in, 1); + $close_tags = $error_ary = array(); + $buffer = ''; + + do + { + $pos = strlen($in); + for ($i = 0, $tok_len = strlen($tok); $i < $tok_len; ++$i) + { + $tmp_pos = strpos($in, $tok[$i]); + if ($tmp_pos !== false && $tmp_pos < $pos) + { + $pos = $tmp_pos; + } + } + + $buffer .= substr($in, 0, $pos); + $tok = $in[$pos]; + $in = substr($in, $pos + 1); + + if ($tok == ']') + { + if (strtolower($buffer) == '/quote' && sizeof($close_tags) && substr($out, -1, 1) == '[') + { + // we have found a closing tag + $out .= array_pop($close_tags) . ']'; + $tok = '['; + $buffer = ''; + + /* Add space at the end of the closing tag if not happened before to allow following urls/smilies to be parsed correctly + * Do not try to think for the user. :/ Do not parse urls/smilies if there is no space - is the same as with other bbcodes too. + * Also, we won't have any spaces within $in anyway, only adding up spaces -> #10982 + if (!$in || $in[0] !== ' ') + { + $out .= ' '; + }*/ + } + else if (preg_match('#^quote(?:="(.*?)")?$#is', $buffer, $m) && substr($out, -1, 1) == '[') + { + $this->parsed_items['quote']++; + + // the buffer holds a valid opening tag + if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth']) + { + // there are too many nested quotes + $error_ary['quote_depth'] = sprintf($user->lang['QUOTE_DEPTH_EXCEEDED'], $config['max_quote_depth']); + + $out .= $buffer . $tok; + $tok = '[]'; + $buffer = ''; + + continue; + } + + array_push($close_tags, '/quote:' . $this->bbcode_uid); + + if (isset($m[1]) && $m[1]) + { + $username = str_replace(array('[', ']'), array('[', ']'), $m[1]); + $username = preg_replace('#\[(?!b|i|u|color|url|email|/b|/i|/u|/color|/url|/email)#iU', '[$1', $username); + + $end_tags = array(); + $error = false; + + preg_match_all('#\[((?:/)?(?:[a-z]+))#i', $username, $tags); + foreach ($tags[1] as $tag) + { + if ($tag[0] != '/') + { + $end_tags[] = '/' . $tag; + } + else + { + $end_tag = array_pop($end_tags); + $error = ($end_tag != $tag) ? true : false; + } + } + + if ($error) + { + $username = $m[1]; + } + + $out .= 'quote="' . $username . '":' . $this->bbcode_uid . ']'; + } + else + { + $out .= 'quote:' . $this->bbcode_uid . ']'; + } + + $tok = '['; + $buffer = ''; + } + else if (preg_match('#^quote="(.*?)#is', $buffer, $m)) + { + // the buffer holds an invalid opening tag + $buffer .= ']'; + } + else + { + $out .= $buffer . $tok; + $tok = '[]'; + $buffer = ''; + } + } + else + { +/** +* Old quote code working fine, but having errors listed in bug #3572 +* +* $out .= $buffer . $tok; +* $tok = ($tok == '[') ? ']' : '[]'; +* $buffer = ''; +*/ + + $out .= $buffer . $tok; + + if ($tok == '[') + { + // Search the text for the next tok... if an ending quote comes first, then change tok to [] + $pos1 = stripos($in, '[/quote'); + // If the token ] comes first, we change it to ] + $pos2 = strpos($in, ']'); + // If the token [ comes first, we change it to [ + $pos3 = strpos($in, '['); + + if ($pos1 !== false && ($pos2 === false || $pos1 < $pos2) && ($pos3 === false || $pos1 < $pos3)) + { + $tok = '[]'; + } + else if ($pos3 !== false && ($pos2 === false || $pos3 < $pos2)) + { + $tok = '['; + } + else + { + $tok = ']'; + } + } + else + { + $tok = '[]'; + } + $buffer = ''; + } + } + while ($in); + + $out .= $buffer; + + if (sizeof($close_tags)) + { + $out .= '[' . implode('][', $close_tags) . ']'; + } + + foreach ($error_ary as $error_msg) + { + $this->warn_msg[] = $error_msg; + } + + return $out; + } + + /** + * Validate email + */ + function validate_email($var1, $var2) + { + $var1 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var1))); + $var2 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var2))); + + $txt = $var2; + $email = ($var1) ? $var1 : $var2; + + $validated = true; + + if (!preg_match('/^' . get_preg_expression('email') . '$/i', $email)) + { + $validated = false; + } + + if (!$validated) + { + return '[email' . (($var1) ? "=$var1" : '') . ']' . $var2 . '[/email]'; + } + + $this->parsed_items['email']++; + + if ($var1) + { + $retval = '[email=' . $this->bbcode_specialchars($email) . ':' . $this->bbcode_uid . ']' . $txt . '[/email:' . $this->bbcode_uid . ']'; + } + else + { + $retval = '[email:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($email) . '[/email:' . $this->bbcode_uid . ']'; + } + + return $retval; + } + + /** + * Validate url + * + * @param string $var1 optional url parameter for url bbcode: [url(=$var1)]$var2[/url] + * @param string $var2 url bbcode content: [url(=$var1)]$var2[/url] + */ + function validate_url($var1, $var2) + { + global $config; + + $var1 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var1))); + $var2 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var2))); + + $url = ($var1) ? $var1 : $var2; + + if ($var1 && !$var2) + { + $var2 = $var1; + } + + if (!$url) + { + return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]'; + } + + $valid = false; + + $url = str_replace(' ', '%20', $url); + + // Checking urls + if (preg_match('#^' . get_preg_expression('url') . '$#i', $url) || + preg_match('#^' . get_preg_expression('www_url') . '$#i', $url) || + preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#i', $url)) + { + $valid = true; + } + + if ($valid) + { + $this->parsed_items['url']++; + + // if there is no scheme, then add http schema + if (!preg_match('#^[a-z][a-z\d+\-.]*:/{2}#i', $url)) + { + $url = 'http://' . $url; + } + + // Is this a link to somewhere inside this board? If so then remove the session id from the url + if (strpos($url, generate_board_url()) !== false && strpos($url, 'sid=') !== false) + { + $url = preg_replace('/(&|\?)sid=[0-9a-f]{32}&/', '\1', $url); + $url = preg_replace('/(&|\?)sid=[0-9a-f]{32}$/', '', $url); + $url = append_sid($url); + } + + return ($var1) ? '[url=' . $this->bbcode_specialchars($url) . ':' . $this->bbcode_uid . ']' . $var2 . '[/url:' . $this->bbcode_uid . ']' : '[url:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($url) . '[/url:' . $this->bbcode_uid . ']'; + } + + return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]'; + } + + /** + * Check if url is pointing to this domain/script_path/php-file + * + * @param string $url the url to check + * @return true if the url is pointing to this domain/script_path/php-file, false if not + * + * @access private + */ + function path_in_domain($url) + { + global $config, $phpEx, $user; + + if ($config['force_server_vars']) + { + $check_path = $config['script_path']; + } + else + { + $check_path = ($user->page['root_script_path'] != '/') ? substr($user->page['root_script_path'], 0, -1) : '/'; + } + + // Is the user trying to link to a php file in this domain and script path? + if (strpos($url, ".{$phpEx}") !== false && strpos($url, $check_path) !== false) + { + $server_name = $user->host; + + // Forcing server vars is the only way to specify/override the protocol + if ($config['force_server_vars'] || !$server_name) + { + $server_name = $config['server_name']; + } + + // Check again in correct order... + $pos_ext = strpos($url, ".{$phpEx}"); + $pos_path = strpos($url, $check_path); + $pos_domain = strpos($url, $server_name); + + if ($pos_domain !== false && $pos_path >= $pos_domain && $pos_ext >= $pos_path) + { + // Ok, actually we allow linking to some files (this may be able to be extended in some way later...) + if (strpos($url, '/' . $check_path . '/download/file.' . $phpEx) !== 0) + { + return false; + } + + return true; + } + } + + return false; + } +} + +/** +* Main message parser for posting, pm, etc. takes raw message +* and parses it for attachments, bbcode and smilies +* @package phpBB3 +*/ +class parse_message extends bbcode_firstpass +{ + var $attachment_data = array(); + var $filename_data = array(); + + // Helps ironing out user error + var $message_status = ''; + + var $allow_img_bbcode = true; + var $allow_flash_bbcode = true; + var $allow_quote_bbcode = true; + var $allow_url_bbcode = true; + + var $mode; + + /** + * Init - give message here or manually + */ + function parse_message($message = '') + { + // Init BBCode UID + $this->bbcode_uid = substr(base_convert(unique_id(), 16, 36), 0, BBCODE_UID_LEN); + $this->message = $message; + } + + /** + * Parse Message + */ + function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post') + { + global $config, $db, $user; + + $this->mode = $mode; + + if (!isset($config['max_' . $mode . '_chars'])) + { + $config['max_' . $mode . '_chars'] = 0; + } + if (!isset($config['max_' . $mode . '_smilies'])) + { + $config['max_' . $mode . '_smilies'] = 0; + } + if (!isset($config['max_' . $mode . '_urls'])) + { + $config['max_' . $mode . '_urls'] = 0; + } + + $this->allow_img_bbcode = $allow_img_bbcode; + $this->allow_flash_bbcode = $allow_flash_bbcode; + $this->allow_quote_bbcode = $allow_quote_bbcode; + $this->allow_url_bbcode = $allow_url_bbcode; + + // If false, then $this->message won't be altered, the text will be returned instead. + if (!$update_this_message) + { + $tmp_message = $this->message; + $return_message = &$this->message; + } + + if ($this->message_status == 'display') + { + $this->decode_message(); + } + + // Do some general 'cleanup' first before processing message, + // e.g. remove excessive newlines(?), smilies(?) + $match = array('#(script|about|applet|activex|chrome):#i'); + $replace = array("\\1:"); + $this->message = preg_replace($match, $replace, trim($this->message)); + + // Store message length... + $message_length = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message)); + + // Maximum message length check. 0 disables this check completely. + if ((int) $config['max_' . $mode . '_chars'] > 0 && $message_length > (int) $config['max_' . $mode . '_chars']) + { + $this->warn_msg[] = sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $message_length, (int) $config['max_' . $mode . '_chars']); + return (!$update_this_message) ? $return_message : $this->warn_msg; + } + + // Minimum message length check for post only + if ($mode === 'post') + { + if (!$message_length || $message_length < (int) $config['min_post_chars']) + { + $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_FEW_CHARS_LIMIT'], $message_length, (int) $config['min_post_chars']); + return (!$update_this_message) ? $return_message : $this->warn_msg; + } + } + + // Prepare BBcode (just prepares some tags for better parsing) + if ($allow_bbcode && strpos($this->message, '[') !== false) + { + $this->bbcode_init(); + $disallow = array('img', 'flash', 'quote', 'url'); + foreach ($disallow as $bool) + { + if (!${'allow_' . $bool . '_bbcode'}) + { + $this->bbcodes[$bool]['disabled'] = true; + } + } + + $this->prepare_bbcodes(); + } + + // Parse smilies + if ($allow_smilies) + { + $this->smilies($config['max_' . $mode . '_smilies']); + } + + $num_urls = 0; + + // Parse BBCode + if ($allow_bbcode && strpos($this->message, '[') !== false) + { + $this->parse_bbcode(); + $num_urls += $this->parsed_items['url']; + } + + // Parse URL's + if ($allow_magic_url) + { + $this->magic_url(generate_board_url()); + + if ($config['max_' . $mode . '_urls']) + { + $num_urls += preg_match_all('#\' . $row['code'] . ''; + } + $db->sql_freeresult($result); + } + + if (sizeof($match)) + { + if ($max_smilies) + { + $num_matches = preg_match_all('#(?<=^|[\n .])(?:' . implode('|', $match) . ')(?![^<>]*>)#', $this->message, $matches); + unset($matches); + + if ($num_matches !== false && $num_matches > $max_smilies) + { + $this->warn_msg[] = sprintf($user->lang['TOO_MANY_SMILIES'], $max_smilies); + return; + } + } + + // Make sure the delimiter # is added in front and at the end of every element within $match + $this->message = trim(preg_replace(explode(chr(0), '#(?<=^|[\n .])' . implode('(?![^<>]*>)#' . chr(0) . '#(?<=^|[\n .])', $match) . '(?![^<>]*>)#'), $replace, $this->message)); + } + } + + /** + * Parse Attachments + */ + function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false) + { + global $config, $auth, $user, $phpbb_root_path, $phpEx, $db; + + $error = array(); + + $num_attachments = sizeof($this->attachment_data); + $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); + $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false; + + $add_file = (isset($_POST['add_file'])) ? true : false; + $delete_file = (isset($_POST['delete_file'])) ? true : false; + + // First of all adjust comments if changed + $actual_comment_list = utf8_normalize_nfc(request_var('comment_list', array(''), true)); + + foreach ($actual_comment_list as $comment_key => $comment) + { + if (!isset($this->attachment_data[$comment_key])) + { + continue; + } + + if ($this->attachment_data[$comment_key]['attach_comment'] != $actual_comment_list[$comment_key]) + { + $this->attachment_data[$comment_key]['attach_comment'] = $actual_comment_list[$comment_key]; + } + } + + $cfg = array(); + $cfg['max_attachments'] = ($is_message) ? $config['max_attachments_pm'] : $config['max_attachments']; + $forum_id = ($is_message) ? 0 : $forum_id; + + if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $upload_file) + { + if ($num_attachments < $cfg['max_attachments'] || $auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) + { + $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message); + $error = $filedata['error']; + + if ($filedata['post_attach'] && !sizeof($error)) + { + $sql_ary = array( + 'physical_filename' => $filedata['physical_filename'], + 'attach_comment' => $this->filename_data['filecomment'], + 'real_filename' => $filedata['real_filename'], + 'extension' => $filedata['extension'], + 'mimetype' => $filedata['mimetype'], + 'filesize' => $filedata['filesize'], + 'filetime' => $filedata['filetime'], + 'thumbnail' => $filedata['thumbnail'], + 'is_orphan' => 1, + 'in_message' => ($is_message) ? 1 : 0, + 'poster_id' => $user->data['user_id'], + ); + + $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); + + $new_entry = array( + 'attach_id' => $db->sql_nextid(), + 'is_orphan' => 1, + 'real_filename' => $filedata['real_filename'], + 'attach_comment'=> $this->filename_data['filecomment'], + ); + + $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); + $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); + + $this->filename_data['filecomment'] = ''; + + // This Variable is set to false here, because Attachments are entered into the + // Database in two modes, one if the id_list is 0 and the second one if post_attach is true + // Since post_attach is automatically switched to true if an Attachment got added to the filesystem, + // but we are assigning an id of 0 here, we have to reset the post_attach variable to false. + // + // This is very relevant, because it could happen that the post got not submitted, but we do not + // know this circumstance here. We could be at the posting page or we could be redirected to the entered + // post. :) + $filedata['post_attach'] = false; + } + } + else + { + $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']); + } + } + + if ($preview || $refresh || sizeof($error)) + { + // Perform actions on temporary attachments + if ($delete_file) + { + include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); + + $index = array_keys(request_var('delete_file', array(0 => 0))); + $index = (!empty($index)) ? $index[0] : false; + + if ($index !== false && !empty($this->attachment_data[$index])) + { + // delete selected attachment + if ($this->attachment_data[$index]['is_orphan']) + { + $sql = 'SELECT attach_id, physical_filename, thumbnail + FROM ' . ATTACHMENTS_TABLE . ' + WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . ' + AND is_orphan = 1 + AND poster_id = ' . $user->data['user_id']; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + phpbb_unlink($row['physical_filename'], 'file'); + + if ($row['thumbnail']) + { + phpbb_unlink($row['physical_filename'], 'thumbnail'); + } + + $db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']); + } + } + else + { + delete_attachments('attach', array(intval($this->attachment_data[$index]['attach_id']))); + } + + unset($this->attachment_data[$index]); + $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $this->message); + + // Reindex Array + $this->attachment_data = array_values($this->attachment_data); + } + } + else if (($add_file || $preview) && $upload_file) + { + if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_', $forum_id)) + { + $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message); + $error = array_merge($error, $filedata['error']); + + if (!sizeof($error)) + { + $sql_ary = array( + 'physical_filename' => $filedata['physical_filename'], + 'attach_comment' => $this->filename_data['filecomment'], + 'real_filename' => $filedata['real_filename'], + 'extension' => $filedata['extension'], + 'mimetype' => $filedata['mimetype'], + 'filesize' => $filedata['filesize'], + 'filetime' => $filedata['filetime'], + 'thumbnail' => $filedata['thumbnail'], + 'is_orphan' => 1, + 'in_message' => ($is_message) ? 1 : 0, + 'poster_id' => $user->data['user_id'], + ); + + $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); + + $new_entry = array( + 'attach_id' => $db->sql_nextid(), + 'is_orphan' => 1, + 'real_filename' => $filedata['real_filename'], + 'attach_comment'=> $this->filename_data['filecomment'], + ); + + $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); + $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); + $this->filename_data['filecomment'] = ''; + } + } + else + { + $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']); + } + } + } + + foreach ($error as $error_msg) + { + $this->warn_msg[] = $error_msg; + } + } + + /** + * Get Attachment Data + */ + function get_submitted_attachment_data($check_user_id = false) + { + global $user, $db, $phpbb_root_path, $phpEx, $config; + + $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); + $attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array(); + $this->attachment_data = array(); + + $check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id; + + if (!sizeof($attachment_data)) + { + return; + } + + $not_orphan = $orphan = array(); + + foreach ($attachment_data as $pos => $var_ary) + { + if ($var_ary['is_orphan']) + { + $orphan[(int) $var_ary['attach_id']] = $pos; + } + else + { + $not_orphan[(int) $var_ary['attach_id']] = $pos; + } + } + + // Regenerate already posted attachments + if (sizeof($not_orphan)) + { + // Get the attachment data, based on the poster id... + $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment + FROM ' . ATTACHMENTS_TABLE . ' + WHERE ' . $db->sql_in_set('attach_id', array_keys($not_orphan)) . ' + AND poster_id = ' . $check_user_id; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $pos = $not_orphan[$row['attach_id']]; + $this->attachment_data[$pos] = $row; + set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true); + + unset($not_orphan[$row['attach_id']]); + } + $db->sql_freeresult($result); + } + + if (sizeof($not_orphan)) + { + trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR); + } + + // Regenerate newly uploaded attachments + if (sizeof($orphan)) + { + $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment + FROM ' . ATTACHMENTS_TABLE . ' + WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan)) . ' + AND poster_id = ' . $user->data['user_id'] . ' + AND is_orphan = 1'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $pos = $orphan[$row['attach_id']]; + $this->attachment_data[$pos] = $row; + set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true); + + unset($orphan[$row['attach_id']]); + } + $db->sql_freeresult($result); + } + + if (sizeof($orphan)) + { + trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR); + } + + ksort($this->attachment_data); + } + + /** + * Parse Poll + */ + function parse_poll(&$poll) + { + global $auth, $user, $config; + + $poll_max_options = $poll['poll_max_options']; + + // Parse Poll Option text ;) + $tmp_message = $this->message; + $this->message = $poll['poll_option_text']; + $bbcode_bitfield = $this->bbcode_bitfield; + + $poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false, 'poll'); + + $bbcode_bitfield = base64_encode(base64_decode($bbcode_bitfield) | base64_decode($this->bbcode_bitfield)); + $this->message = $tmp_message; + + // Parse Poll Title + $tmp_message = $this->message; + $this->message = $poll['poll_title']; + $this->bbcode_bitfield = $bbcode_bitfield; + + $poll['poll_options'] = explode("\n", trim($poll['poll_option_text'])); + $poll['poll_options_size'] = sizeof($poll['poll_options']); + + if (!$poll['poll_title'] && $poll['poll_options_size']) + { + $this->warn_msg[] = $user->lang['NO_POLL_TITLE']; + } + else + { + if (utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message)) > 100) + { + $this->warn_msg[] = $user->lang['POLL_TITLE_TOO_LONG']; + } + $poll['poll_title'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false, 'poll'); + if (strlen($poll['poll_title']) > 255) + { + $this->warn_msg[] = $user->lang['POLL_TITLE_COMP_TOO_LONG']; + } + } + + $this->bbcode_bitfield = base64_encode(base64_decode($bbcode_bitfield) | base64_decode($this->bbcode_bitfield)); + $this->message = $tmp_message; + unset($tmp_message); + + if (sizeof($poll['poll_options']) == 1) + { + $this->warn_msg[] = $user->lang['TOO_FEW_POLL_OPTIONS']; + } + else if ($poll['poll_options_size'] > (int) $config['max_poll_options']) + { + $this->warn_msg[] = $user->lang['TOO_MANY_POLL_OPTIONS']; + } + else if ($poll_max_options > $poll['poll_options_size']) + { + $this->warn_msg[] = $user->lang['TOO_MANY_USER_OPTIONS']; + } + + $poll['poll_max_options'] = ($poll['poll_max_options'] < 1) ? 1 : (($poll['poll_max_options'] > $config['max_poll_options']) ? $config['max_poll_options'] : $poll['poll_max_options']); + } +} + +?> \ No newline at end of file -- cgit v1.2.1 From b68de2323d6444b4b3685a98bbcb9500a38e45cb Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Wed, 16 Dec 2009 15:48:23 +0000 Subject: merge changes from 3.0.x branch git-svn-id: file:///svn/phpbb/trunk@10342 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 3df582d640..8979511d9a 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -115,7 +115,7 @@ class bbcode_firstpass extends bbcode 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#ise' => "\$this->bbcode_attachment('\$1', '\$2')")), 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#ise' => "\$this->bbcode_strong('\$1')")), 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#ise' => "\$this->bbcode_italic('\$1')")), - 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\]((?s).*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")), + 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](.*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")), 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#iUe' => "\$this->bbcode_img('\$1')")), 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#ise' => "\$this->bbcode_size('\$1', '\$2')")), 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!ise' => "\$this->bbcode_color('\$1', '\$2')")), @@ -1064,17 +1064,12 @@ class parse_message extends bbcode_firstpass $this->mode = $mode; - if (!isset($config['max_' . $mode . '_chars'])) + foreach (array('chars', 'smilies', 'urls', 'font_size', 'img_height', 'img_width') as $key) { - $config['max_' . $mode . '_chars'] = 0; - } - if (!isset($config['max_' . $mode . '_smilies'])) - { - $config['max_' . $mode . '_smilies'] = 0; - } - if (!isset($config['max_' . $mode . '_urls'])) - { - $config['max_' . $mode . '_urls'] = 0; + if (!isset($config['max_' . $mode . '_' . $key])) + { + $config['max_' . $mode . '_' . $key] = 0; + } } $this->allow_img_bbcode = $allow_img_bbcode; -- cgit v1.2.1 From fccd7f0ab5ab559dc89be6af9e582a986af8bb13 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Wed, 22 Sep 2010 21:58:20 +0200 Subject: [feature/request-class] Convert any direct access to $_* to use $request PHPBB3-9716 --- phpBB/includes/message_parser.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 952b55cc8c..e0b2bb1496 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1532,9 +1532,10 @@ class parse_message extends bbcode_firstpass function get_submitted_attachment_data($check_user_id = false) { global $user, $db, $phpbb_root_path, $phpEx, $config; + global $request; $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); - $attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array(); + $attachment_data = $request->variable('attachment_data', array(0 => array('' => '')), true, phpbb_request_interface::POST); $this->attachment_data = array(); $check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id; @@ -1572,7 +1573,7 @@ class parse_message extends bbcode_firstpass { $pos = $not_orphan[$row['attach_id']]; $this->attachment_data[$pos] = $row; - set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true); + $this->attachment_data[$pos]['attach_comment'] = $attachment_data[$pos]['attach_comment']; unset($not_orphan[$row['attach_id']]); } @@ -1598,7 +1599,7 @@ class parse_message extends bbcode_firstpass { $pos = $orphan[$row['attach_id']]; $this->attachment_data[$pos] = $row; - set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true); + $this->attachment_data[$pos]['attach_comment'] = $attachment_data[$pos]['attach_comment']; unset($orphan[$row['attach_id']]); } -- cgit v1.2.1 From af5b9a96409d788733fcb1ff367e0c7fb0583702 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Tue, 9 Nov 2010 08:59:25 +0100 Subject: [ticket/9556] Drop php closing tags, add trailing newline Closing tags converted using Oleg's script. remove-php-end-tags.py -a . Trailing newlines added using the following where $ext is file extension. find . -type f -name "*.$ext" -print | xargs printf "e %s\nw\n" | ed -s; Extensions: php, css, html, js, xml. PHPBB3-9556 --- phpBB/includes/message_parser.php | 2 -- 1 file changed, 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index e0b2bb1496..bdc794f167 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1678,5 +1678,3 @@ class parse_message extends bbcode_firstpass $poll['poll_max_options'] = ($poll['poll_max_options'] < 1) ? 1 : (($poll['poll_max_options'] > $config['max_poll_options']) ? $config['max_poll_options'] : $poll['poll_max_options']); } } - -?> \ No newline at end of file -- cgit v1.2.1 From 88ae40a4b19360645d5e5a614cc378e7cce4afe3 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 14 Sep 2011 00:28:52 +0200 Subject: [ticket/10345] Make use of the plural function in some basic places PHPBB3-10345 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index b3a48112ea..cb9a9d7d28 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -772,7 +772,7 @@ class bbcode_firstpass extends bbcode if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth']) { // there are too many nested quotes - $error_ary['quote_depth'] = sprintf($user->lang['QUOTE_DEPTH_EXCEEDED'], $config['max_quote_depth']); + $error_ary['quote_depth'] = $user->lang('QUOTE_DEPTH_EXCEEDED', (int) $config['max_quote_depth']); $out .= $buffer . $tok; $tok = '[]'; -- cgit v1.2.1 From 179662e949967090724c5e14ea4d4d399886a38a Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 20 Sep 2011 01:33:33 +0200 Subject: [ticket/10345] Use the plural function in some more places. I added two function avatar_explanation_string() and avatar_error_wrong_size() for easier handling of the "pixels"-languages, as they are used quite often. PHPBB3-10345 --- phpBB/includes/message_parser.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index cb9a9d7d28..5e8732e94d 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -210,7 +210,7 @@ class bbcode_firstpass extends bbcode if ($config['max_' . $this->mode . '_font_size'] && $config['max_' . $this->mode . '_font_size'] < $stx) { - $this->warn_msg[] = sprintf($user->lang['MAX_FONT_SIZE_EXCEEDED'], $config['max_' . $this->mode . '_font_size']); + $this->warn_msg[] = $user->lang('MAX_FONT_SIZE_EXCEEDED', (int) $config['max_' . $this->mode . '_font_size']); return '[size=' . $stx . ']' . $in . '[/size]'; } @@ -319,13 +319,13 @@ class bbcode_firstpass extends bbcode if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $stats[1]) { $error = true; - $this->warn_msg[] = sprintf($user->lang['MAX_IMG_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']); + $this->warn_msg[] = $user->lang('MAX_IMG_HEIGHT_EXCEEDED', (int) $config['max_' . $this->mode . '_img_height']); } if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $stats[0]) { $error = true; - $this->warn_msg[] = sprintf($user->lang['MAX_IMG_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']); + $this->warn_msg[] = $user->lang('MAX_IMG_WIDTH_EXCEEDED', (int) $config['max_' . $this->mode . '_img_width']); } } } @@ -374,13 +374,13 @@ class bbcode_firstpass extends bbcode if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $height) { $error = true; - $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']); + $this->warn_msg[] = $user->lang('MAX_FLASH_HEIGHT_EXCEEDED', (int) $config['max_' . $this->mode . '_img_height']); } if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $width) { $error = true; - $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']); + $this->warn_msg[] = $user->lang('MAX_FLASH_WIDTH_EXCEEDED', (int) $config['max_' . $this->mode . '_img_width']); } } @@ -1117,7 +1117,7 @@ class parse_message extends bbcode_firstpass // Maximum message length check. 0 disables this check completely. if ((int) $config['max_' . $mode . '_chars'] > 0 && $message_length > (int) $config['max_' . $mode . '_chars']) { - $this->warn_msg[] = sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $message_length, (int) $config['max_' . $mode . '_chars']); + $this->warn_msg[] = $user->lang('TOO_MANY_CHARS_' . strtoupper($mode), $message_length, (int) $config['max_' . $mode . '_chars']); return (!$update_this_message) ? $return_message : $this->warn_msg; } @@ -1126,7 +1126,7 @@ class parse_message extends bbcode_firstpass { if (!$message_length || $message_length < (int) $config['min_post_chars']) { - $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_FEW_CHARS_LIMIT'], $message_length, (int) $config['min_post_chars']); + $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : $user->lang('TOO_FEW_CHARS_LIMIT', $message_length, (int) $config['min_post_chars']); return (!$update_this_message) ? $return_message : $this->warn_msg; } } @@ -1445,7 +1445,7 @@ class parse_message extends bbcode_firstpass } else { - $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']); + $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']); } } @@ -1536,7 +1536,7 @@ class parse_message extends bbcode_firstpass } else { - $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']); + $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']); } } } -- cgit v1.2.1 From 7a04c9048c110f0bd21ea3e9e869e17b408d640e Mon Sep 17 00:00:00 2001 From: Unknown Date: Sat, 31 Dec 2011 13:32:52 +0000 Subject: [ticket/9916] Updating header license and removing Version $Id$ PHPBB3-9916 --- phpBB/includes/message_parser.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 5e8732e94d..6695047b56 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -2,9 +2,8 @@ /** * * @package phpBB3 -* @version $Id$ * @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ -- cgit v1.2.1 From 3eb88b026752512a79b641e3b55193972f221a45 Mon Sep 17 00:00:00 2001 From: Fyorl Date: Wed, 15 Aug 2012 15:06:37 +0100 Subject: [ticket/10939] Modified message_parser.php to not use $_FILES PHPBB3-10939 --- phpBB/includes/message_parser.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 6695047b56..1cd2a46fa1 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1363,13 +1363,14 @@ class parse_message extends bbcode_firstpass */ function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false) { - global $config, $auth, $user, $phpbb_root_path, $phpEx, $db; + global $config, $auth, $user, $phpbb_root_path, $phpEx, $db, $request; $error = array(); $num_attachments = sizeof($this->attachment_data); $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); - $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false; + $upload = $request->file($form_name); + $upload_file = (!empty($upload) && $upload['name'] !== 'none' && trim($upload['name'])); $add_file = (isset($_POST['add_file'])) ? true : false; $delete_file = (isset($_POST['delete_file'])) ? true : false; -- cgit v1.2.1 From ade9f831aa151de428c4d2b33fce48f9733db336 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Fri, 14 Dec 2012 12:58:57 +0100 Subject: [ticket/11250] Move quote special cases from class to unit tests PHPBB3-11250 --- phpBB/includes/message_parser.php | 11 ----------- 1 file changed, 11 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 1cd2a46fa1..44960dd78d 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -702,17 +702,6 @@ class bbcode_firstpass extends bbcode { global $config, $user; - /** - * If you change this code, make sure the cases described within the following reports are still working: - * #3572 - [quote="[test]test"]test [ test[/quote] - (correct: parsed) - * #14667 - [quote]test[/quote] test ] and [ test [quote]test[/quote] (correct: parsed) - * #14770 - [quote="["]test[/quote] (correct: parsed) - * [quote="[i]test[/i]"]test[/quote] (correct: parsed) - * [quote="[quote]test[/quote]"]test[/quote] (correct: parsed - Username displayed as [quote]test[/quote]) - * #20735 - [quote]test[/[/b]quote] test [/quote][/quote] test - (correct: quoted: "test[/[/b]quote] test" / non-quoted: "[/quote] test" - also failed if layout distorted) - * #40565 - [quote="a"]a[/quote][quote="a]a[/quote] (correct: first quote tag parsed, second quote tag unparsed) - */ - $in = str_replace("\r\n", "\n", str_replace('\"', '"', trim($in))); if (!$in) -- cgit v1.2.1 From da2752e4004b296ae5acdd08b7c0a758d8f61e9d Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Sun, 14 Jul 2013 13:30:52 -0400 Subject: [ticket/11700] Modify all code to use the new interface names PHPBB3-11700 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 44960dd78d..6971b786fb 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1545,7 +1545,7 @@ class parse_message extends bbcode_firstpass global $request; $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); - $attachment_data = $request->variable('attachment_data', array(0 => array('' => '')), true, phpbb_request_interface::POST); + $attachment_data = $request->variable('attachment_data', array(0 => array('' => '')), true, phpbb_request_request_interface::POST); $this->attachment_data = array(); $check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id; -- cgit v1.2.1 From b95fdacdd378877d277e261465da73deb06e50da Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Tue, 10 Sep 2013 14:01:09 +0200 Subject: [ticket/11700] Move all recent code to namespaces PHPBB3-11700 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 6971b786fb..3e348801c7 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1545,7 +1545,7 @@ class parse_message extends bbcode_firstpass global $request; $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); - $attachment_data = $request->variable('attachment_data', array(0 => array('' => '')), true, phpbb_request_request_interface::POST); + $attachment_data = $request->variable('attachment_data', array(0 => array('' => '')), true, \phpbb\request\request_interface::POST); $this->attachment_data = array(); $check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id; -- cgit v1.2.1 From 2050a39da793b9ed219beed868ec86ebade423f6 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Fri, 11 Oct 2013 17:40:16 +0200 Subject: [feature/plupload/integration] Integration of Plupload This commit is a highly-refactored and up-to-date version of Fyorl's work which was part of his Google Summer of Code 2012 project "Attachment Improvements". PHPBB3-10929 --- phpBB/includes/message_parser.php | 49 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 3e348801c7..acd31fd519 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1049,6 +1049,12 @@ class parse_message extends bbcode_firstpass var $mode; + /** + * The plupload object used for dealing with attachments + * @var \phpbb\plupload\plupload + */ + protected $plupload; + /** * Init - give message here or manually */ @@ -1440,6 +1446,11 @@ class parse_message extends bbcode_firstpass if ($preview || $refresh || sizeof($error)) { + if (isset($this->plupload) && $this->plupload->is_active()) + { + $json_response = new \phpbb\json_response(); + } + // Perform actions on temporary attachments if ($delete_file) { @@ -1484,13 +1495,17 @@ class parse_message extends bbcode_firstpass // Reindex Array $this->attachment_data = array_values($this->attachment_data); + if (isset($this->plupload) && $this->plupload->is_active()) + { + $json_response->send($this->attachment_data); + } } } else if (($add_file || $preview) && $upload_file) { if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_', $forum_id)) { - $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message); + $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message, false, $this->plupload); $error = array_merge($error, $filedata['error']); if (!sizeof($error)) @@ -1521,12 +1536,32 @@ class parse_message extends bbcode_firstpass $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); $this->filename_data['filecomment'] = ''; + + if (isset($this->plupload) && $this->plupload->is_active()) + { + // Send the client the attachment data to maintain state + $json_response->send($this->attachment_data); + } } } else { $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']); } + + if (!empty($error) && isset($this->plupload) && $this->plupload->is_active()) + { + // If this is a plupload (and thus ajax) request, give the + // client the first error we have + $json_response->send(array( + 'jsonrpc' => '2.0', + 'id' => 'id', + 'error' => array( + 'code' => 105, + 'message' => current($error), + ), + )); + } } } @@ -1687,4 +1722,16 @@ class parse_message extends bbcode_firstpass $poll['poll_max_options'] = ($poll['poll_max_options'] < 1) ? 1 : (($poll['poll_max_options'] > $config['max_poll_options']) ? $config['max_poll_options'] : $poll['poll_max_options']); } + + /** + * Setter function for passing the plupload object + * + * @param \phpbb\plupload\plupload $plupload The plupload object + * + * @return null + */ + public function set_plupload(\phpbb\plupload\plupload $plupload) + { + $this->plupload = $plupload; + } } -- cgit v1.2.1 From e179f25154d3098361bf079774a6dc92aeb4e4ab Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Wed, 4 Dec 2013 16:45:02 -0800 Subject: [ticket/12060] Add event core.modify_bbcode_init Use this event to modify the bbcode data for later parsing PHPBB3-12060 --- phpBB/includes/message_parser.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index acd31fd519..bce6321022 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -103,6 +103,8 @@ class bbcode_firstpass extends bbcode */ function bbcode_init($allow_custom_bbcode = true) { + global $phpbb_dispatcher; + static $rowset; // This array holds all bbcode data. BBCodes will be processed in this @@ -162,6 +164,21 @@ class bbcode_firstpass extends bbcode 'regexp' => array($row['first_pass_match'] => str_replace('$uid', $this->bbcode_uid, $row['first_pass_replace'])) ); } + + $bbcodes = $this->bbcodes; + + /** + * Use this event to modify the bbcode data for later parsing + * + * @event core.modify_bbcode_init + * @var array bbcodes The array of bbcode data for use in parsing + * @var array rowset The array of bbcode data from the database + * @since 3.1-A3 + */ + $vars = array('bbcodes', 'rowset'); + extract($phpbb_dispatcher->trigger_event('core.modify_bbcode_init', compact($vars))); + + $this->bbcodes = $bbcodes; } /** -- cgit v1.2.1 From feb4ae13f4415ceb759d0c5e8c7be47213e3fc53 Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Wed, 4 Dec 2013 16:45:30 -0800 Subject: [ticket/12060] Add event core.modify_text_for_format_display_after Use this event to modify the text after it is parsed PHPBB3-12060 --- phpBB/includes/message_parser.php | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index bce6321022..3e64f17a52 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1215,6 +1215,8 @@ class parse_message extends bbcode_firstpass */ function format_display($allow_bbcode, $allow_magic_url, $allow_smilies, $update_this_message = true) { + global $phpbb_dispatcher; + // If false, then the parsed message get returned but internal message not processed. if (!$update_this_message) { @@ -1243,6 +1245,26 @@ class parse_message extends bbcode_firstpass $this->message = bbcode_nl2br($this->message); $this->message = smiley_text($this->message, !$allow_smilies); + $text = $this->message; + $uid = $this->bbcode_uid; + + /** + * Use this event to modify the text after it is parsed + * + * @event core.modify_text_for_format_display_after + * @var string text The text to parse + * @var string uid The BBCode UID + * @var bool allow_bbcode Allow BBCodes switch + * @var bool allow_magic_url Allow magic urls switch + * @var bool allow_smilies Allow smilies switch + * @since 3.1-A3 + */ + $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies'); + extract($phpbb_dispatcher->trigger_event('core.modify_text_for_format_display_after', compact($vars))); + + $this->message = $text; + $this->bbcode_uid = $uid; + if (!$update_this_message) { unset($this->message); -- cgit v1.2.1 From 0156136c85f474b44b4fcb84b52c5c13d6b2fae6 Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Thu, 12 Dec 2013 09:56:00 -0800 Subject: [ticket/12060] Add $update_this_message var to the core event PHPBB3-12060 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 3e64f17a52..04fadf33e8 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1259,7 +1259,7 @@ class parse_message extends bbcode_firstpass * @var bool allow_smilies Allow smilies switch * @since 3.1-A3 */ - $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies'); + $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message'); extract($phpbb_dispatcher->trigger_event('core.modify_text_for_format_display_after', compact($vars))); $this->message = $text; -- cgit v1.2.1 From b6eb1f66e169cd0cae3fc2c617588cb9e7c9c53b Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Thu, 12 Dec 2013 10:37:11 -0800 Subject: [ticket/12060] Update docblock for core event due to addition of another var PHPBB3-12060 --- phpBB/includes/message_parser.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 04fadf33e8..5c543d8498 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1252,11 +1252,12 @@ class parse_message extends bbcode_firstpass * Use this event to modify the text after it is parsed * * @event core.modify_text_for_format_display_after - * @var string text The text to parse - * @var string uid The BBCode UID - * @var bool allow_bbcode Allow BBCodes switch - * @var bool allow_magic_url Allow magic urls switch - * @var bool allow_smilies Allow smilies switch + * @var string text The text to parse + * @var string uid The BBCode UID + * @var bool allow_bbcode Allow BBCodes switch + * @var bool allow_magic_url Allow magic urls switch + * @var bool allow_smilies Allow smilies switch + * @var bool update_this_message Update message switch * @since 3.1-A3 */ $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message'); -- cgit v1.2.1 From 75831dc2d0bb79007db14d0c2a86cbb024d98a31 Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Thu, 12 Dec 2013 14:09:30 -0800 Subject: [ticket/12060] Change @since in event docblocks PHPBB3-12060 --- phpBB/includes/message_parser.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 5c543d8498..096d39b9bb 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -173,7 +173,7 @@ class bbcode_firstpass extends bbcode * @event core.modify_bbcode_init * @var array bbcodes The array of bbcode data for use in parsing * @var array rowset The array of bbcode data from the database - * @since 3.1-A3 + * @since 3.1.0-A3 */ $vars = array('bbcodes', 'rowset'); extract($phpbb_dispatcher->trigger_event('core.modify_bbcode_init', compact($vars))); @@ -1258,7 +1258,7 @@ class parse_message extends bbcode_firstpass * @var bool allow_magic_url Allow magic urls switch * @var bool allow_smilies Allow smilies switch * @var bool update_this_message Update message switch - * @since 3.1-A3 + * @since 3.1.0-A3 */ $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message'); extract($phpbb_dispatcher->trigger_event('core.modify_text_for_format_display_after', compact($vars))); -- cgit v1.2.1 From b26e4dd42c434221acb488641a121e97307cb7dd Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Fri, 13 Dec 2013 10:31:04 -0800 Subject: [ticket/12060] Correctly label alpha versions in event docblocks PHPBB3-12060 --- phpBB/includes/message_parser.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 096d39b9bb..893ef83381 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -173,7 +173,7 @@ class bbcode_firstpass extends bbcode * @event core.modify_bbcode_init * @var array bbcodes The array of bbcode data for use in parsing * @var array rowset The array of bbcode data from the database - * @since 3.1.0-A3 + * @since 3.1.0-a3 */ $vars = array('bbcodes', 'rowset'); extract($phpbb_dispatcher->trigger_event('core.modify_bbcode_init', compact($vars))); @@ -1258,7 +1258,7 @@ class parse_message extends bbcode_firstpass * @var bool allow_magic_url Allow magic urls switch * @var bool allow_smilies Allow smilies switch * @var bool update_this_message Update message switch - * @since 3.1.0-A3 + * @since 3.1.0-a3 */ $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message'); extract($phpbb_dispatcher->trigger_event('core.modify_text_for_format_display_after', compact($vars))); -- cgit v1.2.1 From f0454586795de85cf1b66b6f927d18d3e9466305 Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Fri, 13 Dec 2013 17:00:06 -0800 Subject: [ticket/12060] Rename event in message parser to modify_format_display_text_after PHPBB3-12060 --- phpBB/includes/message_parser.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 893ef83381..c1229d9c77 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1251,7 +1251,7 @@ class parse_message extends bbcode_firstpass /** * Use this event to modify the text after it is parsed * - * @event core.modify_text_for_format_display_after + * @event core.modify_format_display_text_after * @var string text The text to parse * @var string uid The BBCode UID * @var bool allow_bbcode Allow BBCodes switch @@ -1261,7 +1261,7 @@ class parse_message extends bbcode_firstpass * @since 3.1.0-a3 */ $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message'); - extract($phpbb_dispatcher->trigger_event('core.modify_text_for_format_display_after', compact($vars))); + extract($phpbb_dispatcher->trigger_event('core.modify_format_display_text_after', compact($vars))); $this->message = $text; $this->bbcode_uid = $uid; -- cgit v1.2.1 From df9e782fa44f72861896b763906e26ba36e4a31f Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Mon, 16 Dec 2013 15:31:44 -0800 Subject: [ticket/12060] Remove whitespaces PHPBB3-12060 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index c1229d9c77..56abaae998 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1216,7 +1216,7 @@ class parse_message extends bbcode_firstpass function format_display($allow_bbcode, $allow_magic_url, $allow_smilies, $update_this_message = true) { global $phpbb_dispatcher; - + // If false, then the parsed message get returned but internal message not processed. if (!$update_this_message) { -- cgit v1.2.1 From 4665e3df216de474e73c5aeec56ec5cb30f280c9 Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Mon, 16 Dec 2013 23:54:55 -0800 Subject: [ticket/12060] Further clarifying new event docblocks as much as possible PHPBB3-12060 --- phpBB/includes/message_parser.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 56abaae998..080c755965 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1252,12 +1252,13 @@ class parse_message extends bbcode_firstpass * Use this event to modify the text after it is parsed * * @event core.modify_format_display_text_after - * @var string text The text to parse - * @var string uid The BBCode UID - * @var bool allow_bbcode Allow BBCodes switch - * @var bool allow_magic_url Allow magic urls switch - * @var bool allow_smilies Allow smilies switch - * @var bool update_this_message Update message switch + * @var string text The message text to parse + * @var string uid The bbcode uid + * @var bool allow_bbcode Do we allow bbcodes + * @var bool allow_magic_url Do we allow magic urls + * @var bool allow_smilies Do we allow smilies + * @var bool update_this_message Do we update the internal message + * with the parsed result * @since 3.1.0-a3 */ $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message'); -- cgit v1.2.1 From 121f2394ff92c7497f2f2a11913d02570695e8e4 Mon Sep 17 00:00:00 2001 From: Matt Friedman Date: Tue, 17 Dec 2013 18:55:59 -0800 Subject: [ticket/12060] A little less verbose cleanup of event docblocks PHPBB3-12060 --- phpBB/includes/message_parser.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 080c755965..b29f587385 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -168,11 +168,11 @@ class bbcode_firstpass extends bbcode $bbcodes = $this->bbcodes; /** - * Use this event to modify the bbcode data for later parsing + * Event to modify the bbcode data for later parsing * * @event core.modify_bbcode_init - * @var array bbcodes The array of bbcode data for use in parsing - * @var array rowset The array of bbcode data from the database + * @var array bbcodes Array of bbcode data for use in parsing + * @var array rowset Array of bbcode data from the database * @since 3.1.0-a3 */ $vars = array('bbcodes', 'rowset'); @@ -1249,7 +1249,7 @@ class parse_message extends bbcode_firstpass $uid = $this->bbcode_uid; /** - * Use this event to modify the text after it is parsed + * Event to modify the text after it is parsed * * @event core.modify_format_display_text_after * @var string text The message text to parse -- cgit v1.2.1 From be52a823f871682a7740ca3c8207ac7f88f181f5 Mon Sep 17 00:00:00 2001 From: Cesar G Date: Sun, 10 Nov 2013 18:27:13 -0800 Subject: [ticket/11915] Provide the attachment file size to the template. PHPBB3-11915 --- phpBB/includes/message_parser.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index b29f587385..c964e1a5e2 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1461,6 +1461,7 @@ class parse_message extends bbcode_firstpass 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment'=> $this->filename_data['filecomment'], + 'filesize' => $filedata['filesize'], ); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); @@ -1572,6 +1573,7 @@ class parse_message extends bbcode_firstpass 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment'=> $this->filename_data['filecomment'], + 'filesize' => $filedata['filesize'], ); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); @@ -1649,7 +1651,7 @@ class parse_message extends bbcode_firstpass if (sizeof($not_orphan)) { // Get the attachment data, based on the poster id... - $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment + $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment, filesize FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $db->sql_in_set('attach_id', array_keys($not_orphan)) . ' AND poster_id = ' . $check_user_id; @@ -1674,7 +1676,7 @@ class parse_message extends bbcode_firstpass // Regenerate newly uploaded attachments if (sizeof($orphan)) { - $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment + $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment, filesize FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan)) . ' AND poster_id = ' . $user->data['user_id'] . ' -- cgit v1.2.1 From 9c1cacae42d5d993a004a311089d7ac943002dc5 Mon Sep 17 00:00:00 2001 From: Cesar G Date: Wed, 27 Nov 2013 14:48:38 -0800 Subject: [ticket/11915] Provide the URL to the attachment when it's uploaded. PHPBB3-11915 --- phpBB/includes/message_parser.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index c964e1a5e2..ad6743b3a3 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1582,8 +1582,10 @@ class parse_message extends bbcode_firstpass if (isset($this->plupload) && $this->plupload->is_active()) { + $download_url = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'mode=view&id=' . $new_entry['attach_id']); + // Send the client the attachment data to maintain state - $json_response->send($this->attachment_data); + $json_response->send(array('data' => $this->attachment_data, 'download_url' => $download_url)); } } } -- cgit v1.2.1 From 89391dec089e8085f486b768ad7654f62166f4a2 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Tue, 29 Apr 2014 17:51:21 +0200 Subject: [ticket/12458] Apply Squiz.WhiteSpace.SuperfluousWhitespace.* to legacy code. * There MUST NOT be trailing whitespace at the end of lines. * There MUST NOT be whitespace before the first content of a file. * There MUST NOT be whitespace after the last content of a file. * Functions MUST NOT contain multiple empty lines in a row. PHPBB3-12458 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index ad6743b3a3..17a350bab3 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -104,7 +104,7 @@ class bbcode_firstpass extends bbcode function bbcode_init($allow_custom_bbcode = true) { global $phpbb_dispatcher; - + static $rowset; // This array holds all bbcode data. BBCodes will be processed in this -- cgit v1.2.1 From daa69ecfa97c5462835e42b1046ba91b7abe3469 Mon Sep 17 00:00:00 2001 From: Oliver Schramm Date: Tue, 29 Apr 2014 00:44:32 +0200 Subject: [ticket/12451] Split TOO_FEW_CHARS_LIMIT for plurals PHPBB3-12451 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 17a350bab3..5de925b6ae 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1137,7 +1137,7 @@ class parse_message extends bbcode_firstpass { if (!$message_length || $message_length < (int) $config['min_post_chars']) { - $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : $user->lang('TOO_FEW_CHARS_LIMIT', $message_length, (int) $config['min_post_chars']); + $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : ($user->lang('TOO_FEW_CHARS_CONTAINS', $message_length) . ' ' . $user->lang('TOO_FEW_CHARS_LIMIT', (int) $config['min_post_chars'])); return (!$update_this_message) ? $return_message : $this->warn_msg; } } -- cgit v1.2.1 From d7c0d604b56791481200fec2ebacb71615e303b0 Mon Sep 17 00:00:00 2001 From: Oliver Schramm Date: Tue, 29 Apr 2014 00:53:57 +0200 Subject: [ticket/12451] Split TOO_MANY_CHARS vars for plurals PHPBB3-12451 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 5de925b6ae..8b64f700d3 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1128,7 +1128,7 @@ class parse_message extends bbcode_firstpass // Maximum message length check. 0 disables this check completely. if ((int) $config['max_' . $mode . '_chars'] > 0 && $message_length > (int) $config['max_' . $mode . '_chars']) { - $this->warn_msg[] = $user->lang('TOO_MANY_CHARS_' . strtoupper($mode), $message_length, (int) $config['max_' . $mode . '_chars']); + $this->warn_msg[] = $user->lang('TOO_MANY_CHARS_' . strtoupper($mode), $message_length) . ' ' . $user->lang('TOO_MANY_CHARS_LIMIT', (int) $config['max_' . $mode . '_chars']); return (!$update_this_message) ? $return_message : $this->warn_msg; } -- cgit v1.2.1 From 1f76a95bf61669444e4f69f83494f1ddf8f7b34a Mon Sep 17 00:00:00 2001 From: Oliver Schramm Date: Fri, 2 May 2014 23:20:05 +0200 Subject: [ticket/12451] Use new line to concatenate strings PHPBB3-12451 --- phpBB/includes/message_parser.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 8b64f700d3..2578f50b27 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1128,7 +1128,7 @@ class parse_message extends bbcode_firstpass // Maximum message length check. 0 disables this check completely. if ((int) $config['max_' . $mode . '_chars'] > 0 && $message_length > (int) $config['max_' . $mode . '_chars']) { - $this->warn_msg[] = $user->lang('TOO_MANY_CHARS_' . strtoupper($mode), $message_length) . ' ' . $user->lang('TOO_MANY_CHARS_LIMIT', (int) $config['max_' . $mode . '_chars']); + $this->warn_msg[] = $user->lang('TOO_MANY_CHARS_' . strtoupper($mode), $message_length) . '
' . $user->lang('TOO_MANY_CHARS_LIMIT', (int) $config['max_' . $mode . '_chars']); return (!$update_this_message) ? $return_message : $this->warn_msg; } @@ -1137,7 +1137,7 @@ class parse_message extends bbcode_firstpass { if (!$message_length || $message_length < (int) $config['min_post_chars']) { - $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : ($user->lang('TOO_FEW_CHARS_CONTAINS', $message_length) . ' ' . $user->lang('TOO_FEW_CHARS_LIMIT', (int) $config['min_post_chars'])); + $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : ($user->lang('TOO_FEW_CHARS_CONTAINS', $message_length) . '
' . $user->lang('TOO_FEW_CHARS_LIMIT', (int) $config['min_post_chars'])); return (!$update_this_message) ? $return_message : $this->warn_msg; } } -- cgit v1.2.1 From b7fde768528a1f3e17280b728c7781c4f262e8d1 Mon Sep 17 00:00:00 2001 From: Oliver Schramm Date: Fri, 2 May 2014 23:55:30 +0200 Subject: [ticket/12451] Remove duplicated lang var PHPBB3-12451 --- phpBB/includes/message_parser.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 2578f50b27..901bafbb2e 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1128,7 +1128,7 @@ class parse_message extends bbcode_firstpass // Maximum message length check. 0 disables this check completely. if ((int) $config['max_' . $mode . '_chars'] > 0 && $message_length > (int) $config['max_' . $mode . '_chars']) { - $this->warn_msg[] = $user->lang('TOO_MANY_CHARS_' . strtoupper($mode), $message_length) . '
' . $user->lang('TOO_MANY_CHARS_LIMIT', (int) $config['max_' . $mode . '_chars']); + $this->warn_msg[] = $user->lang('CHARS_' . strtoupper($mode) . '_CONTAINS', $message_length) . '
' . $user->lang('TOO_MANY_CHARS_LIMIT', (int) $config['max_' . $mode . '_chars']); return (!$update_this_message) ? $return_message : $this->warn_msg; } @@ -1137,7 +1137,7 @@ class parse_message extends bbcode_firstpass { if (!$message_length || $message_length < (int) $config['min_post_chars']) { - $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : ($user->lang('TOO_FEW_CHARS_CONTAINS', $message_length) . '
' . $user->lang('TOO_FEW_CHARS_LIMIT', (int) $config['min_post_chars'])); + $this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : ($user->lang('CHARS_POST_CONTAINS', $message_length) . '
' . $user->lang('TOO_FEW_CHARS_LIMIT', (int) $config['min_post_chars'])); return (!$update_this_message) ? $return_message : $this->warn_msg; } } -- cgit v1.2.1 From 34c1691d7e5ccf607ee72366aa0b7b19474c71e4 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 15 May 2014 14:03:27 +0200 Subject: [ticket/12433] Use a different message when nesting of quotes is not allowed PHPBB3-12433 --- phpBB/includes/message_parser.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 901bafbb2e..8bf50b0ca3 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -776,8 +776,16 @@ class bbcode_firstpass extends bbcode // the buffer holds a valid opening tag if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth']) { - // there are too many nested quotes - $error_ary['quote_depth'] = $user->lang('QUOTE_DEPTH_EXCEEDED', (int) $config['max_quote_depth']); + if ($config['max_quote_depth'] == 1) + { + // Depth 1 - no nesting is allowed + $error_ary['quote_depth'] = $user->lang('QUOTE_NO_NESTING'); + } + else + { + // There are too many nested quotes + $error_ary['quote_depth'] = $user->lang('QUOTE_DEPTH_EXCEEDED', (int) $config['max_quote_depth']); + } $out .= $buffer . $tok; $tok = '[]'; -- cgit v1.2.1 From a759704b39fc1c1353f865a633759b1369589b67 Mon Sep 17 00:00:00 2001 From: Yuriy Rusko Date: Tue, 27 May 2014 20:18:06 +0200 Subject: [ticket/12594] Remove @package tags and update file headers PHPBB3-12594 --- phpBB/includes/message_parser.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 8bf50b0ca3..6d3907880e 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -23,7 +27,6 @@ if (!class_exists('bbcode')) /** * BBCODE FIRSTPASS * BBCODE first pass class (functions for parsing messages for db storage) -* @package phpBB3 */ class bbcode_firstpass extends bbcode { @@ -1057,7 +1060,6 @@ class bbcode_firstpass extends bbcode /** * Main message parser for posting, pm, etc. takes raw message * and parses it for attachments, bbcode and smilies -* @package phpBB3 */ class parse_message extends bbcode_firstpass { -- cgit v1.2.1 From 89f70673779f1908c8f000c5c053bb377e253254 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 9 Jun 2014 15:55:04 +0200 Subject: [ticket/11711] Inform user of unsupported characters while posting PHPBB3-11711 --- phpBB/includes/message_parser.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 6d3907880e..eed892986e 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1194,6 +1194,19 @@ class parse_message extends bbcode_firstpass } } + // Check for out-of-bounds characters that are currently + // not supported by utf8_bin + if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $this->message, $matches)) + { + $character_list = ''; + foreach ($matches[0] as $cur_match) + { + $character_list .= $cur_match . '
'; + } + $this->warn_msg[] = $user->lang('UNSUPPORTED_CHARACTERS', $character_list); + return (!$update_this_message) ? $return_message : $this->warn_msg; + } + // Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length. // The maximum length check happened before any parsings. if ($mode === 'post' && utf8_clean_string($this->message) === '') -- cgit v1.2.1 From b8151b1299c02506ffa0d665461d85e32cd4cd10 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 9 Jun 2014 18:56:13 +0200 Subject: [ticket/11711] Improve checks for unsupported characters and check subject PHPBB3-11711 --- phpBB/includes/message_parser.php | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index eed892986e..8965b50667 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1198,13 +1198,9 @@ class parse_message extends bbcode_firstpass // not supported by utf8_bin if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $this->message, $matches)) { - $character_list = ''; - foreach ($matches[0] as $cur_match) - { - $character_list .= $cur_match . '
'; - } - $this->warn_msg[] = $user->lang('UNSUPPORTED_CHARACTERS', $character_list); - return (!$update_this_message) ? $return_message : $this->warn_msg; + $character_list = implode('
', $matches[0]); + $this->warn_msg[] = $user->lang('UNSUPPORTED_CHARACTERS_MESSAGE', $character_list); + return $update_this_message ? $this->warn_msg : $return_message; } // Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length. -- cgit v1.2.1 From 5ee7f20f4ee110c2ae0b122e9efbd4fabf669581 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 10 Jun 2014 15:51:25 +0200 Subject: [ticket/11711] Improve coding and comments of character check PHPBB3-11711 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 8965b50667..9d95620e0f 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1195,7 +1195,7 @@ class parse_message extends bbcode_firstpass } // Check for out-of-bounds characters that are currently - // not supported by utf8_bin + // not supported by utf8_bin in MySQL if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $this->message, $matches)) { $character_list = implode('
', $matches[0]); -- cgit v1.2.1 From 04164affe672be6feea676fd05cf9761bf2e477a Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Fri, 20 Jun 2014 12:35:42 +0200 Subject: [ticket/12747] Drop support for Firebird PHPBB3-12747 --- phpBB/includes/message_parser.php | 6 ------ 1 file changed, 6 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 9d95620e0f..8d926ec70a 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1360,12 +1360,6 @@ class parse_message extends bbcode_firstpass ORDER BY LEN(code) DESC'; break; - case 'firebird': - $sql = 'SELECT * - FROM ' . SMILIES_TABLE . ' - ORDER BY CHAR_LENGTH(code) DESC'; - break; - // LENGTH supported by MySQL, IBM DB2, Oracle and Access for sure... default: $sql = 'SELECT * -- cgit v1.2.1 From 94a81fa01d0106f6deba6cbb9000f4c8bbbf607a Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 9 Jan 2014 23:53:19 +0100 Subject: [ticket/11148] Pass mimetype guesser to upload_attachment() function PHPBB3-11148 --- phpBB/includes/message_parser.php | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 8d926ec70a..19571d6bd3 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1082,6 +1082,12 @@ class parse_message extends bbcode_firstpass */ protected $plupload; + /** + * The mimetype guesser object used for attachment mimetypes + * @var \phpbb\mimetype\guesser + */ + protected $mimetype_guesser; + /** * Init - give message here or manually */ @@ -1560,7 +1566,7 @@ class parse_message extends bbcode_firstpass { if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_', $forum_id)) { - $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message, false, $this->plupload); + $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message, false, $this->mimetype_guesser, $this->plupload); $error = array_merge($error, $filedata['error']); if (!sizeof($error)) @@ -1792,4 +1798,17 @@ class parse_message extends bbcode_firstpass { $this->plupload = $plupload; } + + /** + * Setter function for passing the mimetype_guesser object + * + * @param \phpbb\mimetype\guesser $mimetype_guesser The mimetype_guesser + * object + * + * @return null + */ + public function set_mimetype_guesser(\phpbb\mimetype\guesser $mimetype_guesser) + { + $this->mimetype_guesser = $mimetype_guesser; + } } -- cgit v1.2.1 From a402d619b458df69ae9c336f3324b357fcd1a52a Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sat, 15 Mar 2014 12:25:33 +0100 Subject: [ticket/11148] Get rid of extra line in mimetype guesser setter doc block PHPBB3-11148 --- phpBB/includes/message_parser.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 19571d6bd3..7cee4252a3 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1802,8 +1802,7 @@ class parse_message extends bbcode_firstpass /** * Setter function for passing the mimetype_guesser object * - * @param \phpbb\mimetype\guesser $mimetype_guesser The mimetype_guesser - * object + * @param \phpbb\mimetype\guesser $mimetype_guesser The mimetype_guesser object * * @return null */ -- cgit v1.2.1 From ff6e026a403a622bd1aa498bff396a737735faed Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Thu, 26 Jun 2014 17:17:35 +0200 Subject: [ticket/12446] Unnecessary db connect inphpbb_bootstrap_enabled_exts PHPBB3-12446 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 8d926ec70a..da27d8900d 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1350,7 +1350,7 @@ class parse_message extends bbcode_firstpass // NOTE: obtain_* function? chaching the table contents? // For now setting the ttl to 10 minutes - switch ($db->sql_layer) + switch ($db->get_sql_layer()) { case 'mssql': case 'mssql_odbc': -- cgit v1.2.1 From 483af1d036aadf8bd7d3b4c76a1fe97409238547 Mon Sep 17 00:00:00 2001 From: rxu Date: Thu, 6 Nov 2014 12:25:36 +0700 Subject: [ticket/13297] Add unicode modifier to url/email regular expression patterns. PHPBB3-13297 --- phpBB/includes/message_parser.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 92ace7b585..b2b73bf3de 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -313,7 +313,7 @@ class bbcode_firstpass extends bbcode $in = str_replace(' ', '%20', $in); // Checking urls - if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in)) + if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in)) { return '[img]' . $in . '[/img]'; } @@ -381,8 +381,8 @@ class bbcode_firstpass extends bbcode $in = str_replace(' ', '%20', $in); // Make sure $in is a URL. - if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && - !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in)) + if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) && + !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in)) { return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]'; } @@ -973,9 +973,9 @@ class bbcode_firstpass extends bbcode $url = str_replace(' ', '%20', $url); // Checking urls - if (preg_match('#^' . get_preg_expression('url') . '$#i', $url) || - preg_match('#^' . get_preg_expression('www_url') . '$#i', $url) || - preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#i', $url)) + if (preg_match('#^' . get_preg_expression('url') . '$#iu', $url) || + preg_match('#^' . get_preg_expression('www_url') . '$#iu', $url) || + preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#iu', $url)) { $valid = true; } -- cgit v1.2.1 From 1e867ce52b1f3354e963b83c7d48f592bbd583e9 Mon Sep 17 00:00:00 2001 From: rxu Date: Thu, 6 Nov 2014 10:53:19 +0700 Subject: [ticket/13294] Add function parse() core event for additional message checks Add core event to the function parse() in includes/message_parser.php to allow additional handling message before parsing (i.e. perform custom message checks, cleanup etc.). PHPBB3-13294 --- phpBB/includes/message_parser.php | 45 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 92ace7b585..bc996cf275 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1103,7 +1103,7 @@ class parse_message extends bbcode_firstpass */ function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post') { - global $config, $db, $user; + global $config, $db, $user, $phpbb_dispatcher; $this->mode = $mode; @@ -1158,6 +1158,49 @@ class parse_message extends bbcode_firstpass } } + /** + * This event can be used for additional message checks/cleanup before parsing + * + * @event core.message_parser_check_message + * @var bool allow_bbcode Do we allow BBCodes + * @var bool allow_magic_url Do we allow magic urls + * @var bool allow_smilies Do we allow smilies + * @var bool allow_img_bbcode Do we allow image BBCode + * @var bool allow_flash_bbcode Do we allow flash BBCode + * @var bool allow_quote_bbcode Do we allow quote BBCode + * @var bool allow_url_bbcode Do we allow url BBCode + * @var bool update_this_message Do we alter the parsed message + * @var string mode Posting mode + * @var string message The message text to parse + * @var bool return Do we return after the event is triggered if $warn_msg is not empty + * @var array warn_msg Array of the warning messages + * @since 3.1.2-RC1 + */ + $message = $this->message; + $warn_msg = $this->warn_msg; + $return = false; + $vars = array( + 'allow_bbcode', + 'allow_magic_url', + 'allow_smilies', + 'allow_img_bbcode', + 'allow_flash_bbcode', + 'allow_quote_bbcode', + 'allow_url_bbcode', + 'update_this_message', + 'mode', + 'message', + 'return', + 'warn_msg', + ); + extract($phpbb_dispatcher->trigger_event('core.message_parser_check_message', compact($vars))); + $this->message = $message; + $this->warn_msg = $warn_msg; + if ($return && !empty($this->warn_msg)) + { + return (!$update_this_message) ? $return_message : $this->warn_msg; + } + // Prepare BBcode (just prepares some tags for better parsing) if ($allow_bbcode && strpos($this->message, '[') !== false) { -- cgit v1.2.1 From a8c62e707af0971a62b7601f4ac6ea46f57b16c2 Mon Sep 17 00:00:00 2001 From: rxu Date: Tue, 25 Nov 2014 22:16:30 +0700 Subject: [ticket/12926] Support for IDN (IRI) Add international domain name support for URLs. PHPBB3-12926 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 12ef94c07a..07fe969ce2 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -313,7 +313,7 @@ class bbcode_firstpass extends bbcode $in = str_replace(' ', '%20', $in); // Checking urls - if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in)) + if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in)) { return '[img]' . $in . '[/img]'; } -- cgit v1.2.1 From 2532583765017697f979a36268a42bb3b5bdbfdb Mon Sep 17 00:00:00 2001 From: Oliver Schramm Date: Mon, 5 Jan 2015 22:15:56 +0100 Subject: [ticket/13466] Add bitfield and uid to event core.message_parser_check_message PHPBB3-13466 --- phpBB/includes/message_parser.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 12ef94c07a..9a67473cf9 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1172,13 +1172,18 @@ class parse_message extends bbcode_firstpass * @var bool update_this_message Do we alter the parsed message * @var string mode Posting mode * @var string message The message text to parse + * @var string bbcode_bitfield The bbcode_bitfield before parsing + * @var string bbcode_uid The bbcode_uid before parsing * @var bool return Do we return after the event is triggered if $warn_msg is not empty * @var array warn_msg Array of the warning messages * @since 3.1.2-RC1 + * @change 3.1.3-RC1 Added vars $bbcode_bitfield and $bbcode_uid */ $message = $this->message; $warn_msg = $this->warn_msg; $return = false; + $bbcode_bitfield = $this->bbcode_bitfield; + $bbcode_uid = $this->bbcode_uid; $vars = array( 'allow_bbcode', 'allow_magic_url', @@ -1190,12 +1195,16 @@ class parse_message extends bbcode_firstpass 'update_this_message', 'mode', 'message', + 'bbcode_bitfield', + 'bbcode_uid', 'return', 'warn_msg', ); extract($phpbb_dispatcher->trigger_event('core.message_parser_check_message', compact($vars))); $this->message = $message; $this->warn_msg = $warn_msg; + $this->bbcode_bitfield = $bbcode_bitfield; + $this->bbcode_uid = $bbcode_uid; if ($return && !empty($this->warn_msg)) { return (!$update_this_message) ? $return_message : $this->warn_msg; -- cgit v1.2.1 From 3521e74939866e237d69b0251abc1ecd939276dd Mon Sep 17 00:00:00 2001 From: rxu Date: Sat, 4 Apr 2015 19:39:45 +0700 Subject: [ticket/13743] Add $phpbb_root_path and $phpEx definitions in message_parser.php message_parser.php performs include of bbcode.php at the very start using $phpbb_root_path and $phpEx vars, so there's a possibility those can be undefined at that point, especially when message_parser.php is being included in event listener or another extension file where $phpbb_root_path and $phpEx don't exist. This can be fixed by adding the appropriate vars definitions. PHPBB3-13743 --- phpBB/includes/message_parser.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 04a2726d22..63e027cd66 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -21,6 +21,19 @@ if (!defined('IN_PHPBB')) if (!class_exists('bbcode')) { + // The following lines are for extensions which include message_parser.php + // while $phpbb_root_path and $phpEx are out of the script scope + // which may lead to the 'Undefined variable' and 'failed to open stream' errors + if (!isset($phpbb_root_path)) + { + global $phpbb_root_path; + } + + if (!isset($phpEx)) + { + global $phpEx; + } + include($phpbb_root_path . 'includes/bbcode.' . $phpEx); } -- cgit v1.2.1 From aa1b427e45024b94f06d11f6a6ac4e1d602cb03e Mon Sep 17 00:00:00 2001 From: rxu Date: Mon, 23 Feb 2015 20:49:46 +0700 Subject: [ticket/13648] Allow extensions using custom bbcode validation methods PHPBB3-13648 --- phpBB/includes/message_parser.php | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 63e027cd66..42ca9bf09d 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -128,6 +128,9 @@ class bbcode_firstpass extends bbcode // [quote] in second position. // To parse multiline URL we enable dotall option setting only for URL text // but not for link itself, thus [url][/url] is not affected. + // + // To perform custom validation in extension, use $this->validate_bbcode_by_extension() + // method which accepts variable number of parameters $this->bbcodes = array( 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")), 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")), @@ -1875,4 +1878,36 @@ class parse_message extends bbcode_firstpass { $this->mimetype_guesser = $mimetype_guesser; } + + /** + * Function to perform custom bbcode validation by extensions + * can be used in bbcode_init() to assign regexp replacement + * Example: 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->validate_bbcode_by_extension('\$1')") + * + * Accepts variable number of parameters + * + * @return mixed Validation result + */ + public function validate_bbcode_by_extension() + { + global $phpbb_dispatcher; + + $return = false; + $params_array = func_get_args(); + + /** + * Event to validate bbcode with the custom validating methods + * provided by extensions + * + * @event core.validate_bbcode_by_extension + * @var array params_array Array with the function parameters + * @var mixed return Validation result to return + * + * @since 3.1.5-RC1 + */ + $vars = array('params_array', 'return'); + extract($phpbb_dispatcher->trigger_event('core.validate_bbcode_by_extension', compact($vars))); + + return $return; + } } -- cgit v1.2.1 From 817db2f13526842e04aeabe4fcd6d809dce2d0a2 Mon Sep 17 00:00:00 2001 From: JoshyPHP Date: Sat, 30 May 2015 01:02:12 +0200 Subject: [ticket/13880] Automatically remove quotes that are nested too deep PHPBB3-13880 --- phpBB/includes/message_parser.php | 72 +++++++++++++++++++++++++++------------ 1 file changed, 50 insertions(+), 22 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 42ca9bf09d..6f462b7a9e 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -791,28 +791,6 @@ class bbcode_firstpass extends bbcode else if (preg_match('#^quote(?:="(.*?)")?$#is', $buffer, $m) && substr($out, -1, 1) == '[') { $this->parsed_items['quote']++; - - // the buffer holds a valid opening tag - if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth']) - { - if ($config['max_quote_depth'] == 1) - { - // Depth 1 - no nesting is allowed - $error_ary['quote_depth'] = $user->lang('QUOTE_NO_NESTING'); - } - else - { - // There are too many nested quotes - $error_ary['quote_depth'] = $user->lang('QUOTE_DEPTH_EXCEEDED', (int) $config['max_quote_depth']); - } - - $out .= $buffer . $tok; - $tok = '[]'; - $buffer = ''; - - continue; - } - array_push($close_tags, '/quote:' . $this->bbcode_uid); if (isset($m[1]) && $m[1]) @@ -1277,6 +1255,12 @@ class parse_message extends bbcode_firstpass return $update_this_message ? $this->warn_msg : $return_message; } + // Remove quotes that are nested too deep + if ($config['max_quote_depth'] > 0) + { + $this->remove_nested_quotes($config['max_quote_depth']); + } + // Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length. // The maximum length check happened before any parsings. if ($mode === 'post' && utf8_clean_string($this->message) === '') @@ -1855,6 +1839,50 @@ class parse_message extends bbcode_firstpass $poll['poll_max_options'] = ($poll['poll_max_options'] < 1) ? 1 : (($poll['poll_max_options'] > $config['max_poll_options']) ? $config['max_poll_options'] : $poll['poll_max_options']); } + /** + * Remove nested quotes at given depth in current parsed message + * + * @param integer $max_depth Depth limit + * @return null + */ + public function remove_nested_quotes($max_depth) + { + // Capture all [quote] and [/quote] tags + preg_match_all('(\\[/?quote(?:=[^]]+)?:' . $this->bbcode_uid . '\\])', $this->message, $matches, PREG_OFFSET_CAPTURE); + + // Iterate over the quote tags to mark the ranges that must be removed + $depth = 0; + $ranges = array(); + $start_pos = 0; + foreach ($matches[0] as $match) + { + if ($match[0][1] === '/') + { + --$depth; + if ($depth == $max_depth) + { + $end_pos = $match[1] + strlen($match[0]); + $length = $end_pos - $start_pos; + $ranges[] = array($start_pos, $length); + } + } + else + { + ++$depth; + if ($depth == $max_depth + 1) + { + $start_pos = $match[1]; + } + } + } + + foreach (array_reverse($ranges) as $range) + { + list($start_pos, $length) = $range; + $this->message = substr_replace($this->message, '', $start_pos, $length); + } + } + /** * Setter function for passing the plupload object * -- cgit v1.2.1 From ae2237f640c5f08924b01e780d9549dddcb1b7da Mon Sep 17 00:00:00 2001 From: JoshyPHP Date: Sat, 27 Jun 2015 04:25:54 +0200 Subject: [ticket/13880] Replaced the quote regexp to allow brackets This matches the regexp used in bbcode::bbcode_cache_init() PHPBB3-13880 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 6f462b7a9e..8b3d8d9fd5 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1848,7 +1848,7 @@ class parse_message extends bbcode_firstpass public function remove_nested_quotes($max_depth) { // Capture all [quote] and [/quote] tags - preg_match_all('(\\[/?quote(?:=[^]]+)?:' . $this->bbcode_uid . '\\])', $this->message, $matches, PREG_OFFSET_CAPTURE); + preg_match_all('(\\[/?quote(?:="(.*?)")?:' . $this->bbcode_uid . '\\])', $this->message, $matches, PREG_OFFSET_CAPTURE); // Iterate over the quote tags to mark the ranges that must be removed $depth = 0; -- cgit v1.2.1 From 9e467a4e4a9a39b941b340481e7c0ff4d6dc7a9a Mon Sep 17 00:00:00 2001 From: rxu Date: Thu, 6 Aug 2015 03:51:48 +0700 Subject: [ticket/14072] Add core event to the function format_display() PHPBB3-14072 --- phpBB/includes/message_parser.php | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 8b3d8d9fd5..e63f6b822b 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1301,6 +1301,29 @@ class parse_message extends bbcode_firstpass $return_message = &$this->message; } + $text = $this->message; + $uid = $this->bbcode_uid; + + /** + * Event to modify the text before it is parsed + * + * @event core.modify_format_display_text_before + * @var string text The message text to parse + * @var string uid The bbcode uid + * @var bool allow_bbcode Do we allow bbcodes + * @var bool allow_magic_url Do we allow magic urls + * @var bool allow_smilies Do we allow smilies + * @var bool update_this_message Do we update the internal message + * with the parsed result + * @since 3.1.6-RC1 + */ + $vars = array('text', 'uid', 'allow_bbcode', 'allow_magic_url', 'allow_smilies', 'update_this_message'); + extract($phpbb_dispatcher->trigger_event('core.modify_format_display_text_before', compact($vars))); + + $this->message = $text; + $this->bbcode_uid = $uid; + unset($text, $uid); + if ($this->message_status == 'plain') { // Force updating message - of course. -- cgit v1.2.1 From 0b3951cb815986abfe5645387091d49982c138b9 Mon Sep 17 00:00:00 2001 From: Daniel Sinn Date: Thu, 29 Sep 2016 14:43:36 -0400 Subject: [ticket/14802] Empty/blank lines should not be additional poll options PHPBB3-14802 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index e63f6b822b..16b65fb83e 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1822,7 +1822,7 @@ class parse_message extends bbcode_firstpass $this->message = $poll['poll_title']; $this->bbcode_bitfield = $bbcode_bitfield; - $poll['poll_options'] = explode("\n", trim($poll['poll_option_text'])); + $poll['poll_options'] = preg_split('/\s*?\n\s*/', trim($poll['poll_option_text'])); $poll['poll_options_size'] = sizeof($poll['poll_options']); if (!$poll['poll_title'] && $poll['poll_options_size']) -- cgit v1.2.1 From 779758f2195f87868da3694b5ffd00adee1be0b3 Mon Sep 17 00:00:00 2001 From: Jakub Senko Date: Sun, 4 Dec 2016 17:30:42 +0100 Subject: [ticket/13429] Replace @change with @changed PHPBB3-13429 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 16b65fb83e..bbd5e84233 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1171,7 +1171,7 @@ class parse_message extends bbcode_firstpass * @var bool return Do we return after the event is triggered if $warn_msg is not empty * @var array warn_msg Array of the warning messages * @since 3.1.2-RC1 - * @change 3.1.3-RC1 Added vars $bbcode_bitfield and $bbcode_uid + * @changed 3.1.3-RC1 Added vars $bbcode_bitfield and $bbcode_uid */ $message = $this->message; $warn_msg = $this->warn_msg; -- cgit v1.2.1