From b66e0fcd34d3209ca86059d1737125699a726a7d Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Sun, 25 Feb 2007 22:09:53 +0000 Subject: - fix htmlspecialchars handling in search (search backends get specialchared input, and should return specialchared output), current backends strip entities anyway [includes Bug #8156] - allow cancelling search index creation/removal - custom CSS class name input too short [Bug #8328] - give an error message if a password wasn't convertable (special characters in non-standard encoding) - moved still_on_time to functions.php, used by acp_search and converter, might be useful for MODs (or complex cron scripts) - do not allow empty passwords on login - add sids to local URLs in posts (this was a really terrible bug to fix ;-)) [Bug #7892] - ignore invalid HTTP_X_FORWARDED_FOR headers (just use REMOTE_ADDR if invalid) [Bug #8314] - changed forum listing code on search page and acp_attachments [Bug #6658] - search indexing uses still_on_time(), smaller batch size (1000) and meta_refresh() instead of redirect(), this should solve a few problems [Bugs #8034, #8270] - made password requirement language strings clearer - ALPHA is not meant to be alphanumric [Bug #7764] - display bug in firefox on linux making the pagination wrap on search results page (caused by  ) git-svn-id: file:///svn/phpbb/trunk@7076 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/message_parser.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'phpBB/includes/message_parser.php') diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index d358ec8f48..e2f3a2b271 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -366,9 +366,9 @@ class bbcode_firstpass extends bbcode // Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too... $htm_match = get_preg_expression('bbcode_htm'); // $htm_match[3] = '/&#([0-9]+);/'; - unset($htm_match[3], $htm_match[4]); + unset($htm_match[4], $htm_match[5]); - $htm_replace = array('\1', '\2', '\1'); //, '&#\1;'); + $htm_replace = array('\1', '\1', '\2', '\1'); //, '&#\1;'); $out = ''; @@ -848,7 +848,9 @@ class bbcode_firstpass extends bbcode // Is this a link to somewhere inside this board? If so then remove the session id from the url if (strpos($url, generate_board_url()) !== false && strpos($url, 'sid=') !== false) { - $url = preg_replace('/(&|\?)sid=[0-9a-f]{32}/', '\1', $url); + $url = preg_replace('/(&|\?)sid=[0-9a-f]{32}&/', '\1', $url); + $url = preg_replace('/(&|\?)sid=[0-9a-f]{32}$/', '', $url); + $url = append_sid($url); } return ($var1) ? '[url=' . $this->bbcode_specialchars($url) . ':' . $this->bbcode_uid . ']' . $var2 . '[/url:' . $this->bbcode_uid . ']' : '[url:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($url) . '[/url:' . $this->bbcode_uid . ']'; -- cgit v1.2.1