phpBB

Code Changes

File: includes/message_parser.php

  Unmodified   Added   Modified   Removed
Line 390Line 390
		$in = str_replace(' ', '%20', $in);

// Checking urls

		$in = str_replace(' ', '%20', $in);

// Checking urls

		if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in))

		if (!preg_match('#^' . get_preg_expression('url_http') . '$#iu', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in))

		{
return '[img]' . $in . '[/img]';
}

		{
return '[img]' . $in . '[/img]';
}

Line 399Line 399
		if (!preg_match('#^[a-z0-9]+://#i', $in))
{
$in = 'http://' . $in;

		if (!preg_match('#^[a-z0-9]+://#i', $in))
{
$in = 'http://' . $in;

		}

if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width'])
{
$imagesize = new \FastImageSize\FastImageSize();
$size_info = $imagesize->getImageSize(htmlspecialchars_decode($in));

if ($size_info === false)
{
$error = true;
$this->warn_msg[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
}
else
{
if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $size_info['height'])
{
$error = true;
$this->warn_msg[] = $user->lang('MAX_IMG_HEIGHT_EXCEEDED', (int) $config['max_' . $this->mode . '_img_height']);
}

if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $size_info['width'])
{
$error = true;
$this->warn_msg[] = $user->lang('MAX_IMG_WIDTH_EXCEEDED', (int) $config['max_' . $this->mode . '_img_width']);
}
}

 
		}

if ($error || $this->path_in_domain($in))

		}

if ($error || $this->path_in_domain($in))

Line 705Line 679
			if ($tok == ']')
{
// if $tok is ']' the buffer holds a tag

			if ($tok == ']')
{
// if $tok is ']' the buffer holds a tag

				if (strtolower($buffer) == '/list' && sizeof($list_end_tags))

				if (strtolower($buffer) == '/list' && count($list_end_tags))

				{
// valid [/list] tag, check nesting so that we don't hit false positives

				{
// valid [/list] tag, check nesting so that we don't hit false positives

					if (sizeof($item_end_tags) && sizeof($item_end_tags) >= sizeof($list_end_tags))

					if (count($item_end_tags) && count($item_end_tags) >= count($list_end_tags))

					{
// current li tag has not been closed
$out = preg_replace('/\n?\[$/', '[', $out) . array_pop($item_end_tags) . '][';

					{
// current li tag has not been closed
$out = preg_replace('/\n?\[$/', '[', $out) . array_pop($item_end_tags) . '][';

Line 733Line 707
				}
else
{

				}
else
{

					if (($buffer == '*' || substr($buffer, -2) == '[*') && sizeof($list_end_tags))

					if (($buffer == '*' || substr($buffer, -2) == '[*') && count($list_end_tags))

					{
// the buffer holds a bullet tag and we have a [list] tag open

					{
// the buffer holds a bullet tag and we have a [list] tag open

						if (sizeof($item_end_tags) >= sizeof($list_end_tags))

						if (count($item_end_tags) >= count($list_end_tags))

						{
if (substr($buffer, -2) == '[*')
{

						{
if (substr($buffer, -2) == '[*')
{

Line 780Line 754
		while ($in);

// do we have some tags open? close them now

		while ($in);

// do we have some tags open? close them now

		if (sizeof($item_end_tags))

		if (count($item_end_tags))

		{
$out .= '[' . implode('][', $item_end_tags) . ']';
}

		{
$out .= '[' . implode('][', $item_end_tags) . ']';
}

		if (sizeof($list_end_tags))

		if (count($list_end_tags))

		{
$out .= '[' . implode('][', $list_end_tags) . ']';
}

		{
$out .= '[' . implode('][', $list_end_tags) . ']';
}

Line 835Line 809

if ($tok == ']')
{


if ($tok == ']')
{

				if (strtolower($buffer) == '/quote' && sizeof($close_tags) && substr($out, -1, 1) == '[')

				if (strtolower($buffer) == '/quote' && count($close_tags) && substr($out, -1, 1) == '[')

				{
// we have found a closing tag
$out .= array_pop($close_tags) . ']';

				{
// we have found a closing tag
$out .= array_pop($close_tags) . ']';

Line 949Line 923

$out .= $buffer;



$out .= $buffer;


		if (sizeof($close_tags))

		if (count($close_tags))

		{
$out .= '[' . implode('][', $close_tags) . ']';
}

		{
$out .= '[' . implode('][', $close_tags) . ']';
}

Line 1072Line 1046

if ($config['force_server_vars'])
{


if ($config['force_server_vars'])
{

			$check_path = $config['script_path'];

			$check_path = !empty($config['script_path']) ? $config['script_path'] : '/';

		}
else
{

		}
else
{

Line 1139Line 1113
	/**
* Init - give message here or manually
*/

	/**
* Init - give message here or manually
*/

	function parse_message($message = '')

	function __construct($message = '')

	{
// Init BBCode UID
$this->bbcode_uid = substr(base_convert(unique_id(), 16, 36), 0, BBCODE_UID_LEN);

	{
// Init BBCode UID
$this->bbcode_uid = substr(base_convert(unique_id(), 16, 36), 0, BBCODE_UID_LEN);

Line 1219Line 1193
		* @var bool		return					Do we return after the event is triggered if $warn_msg is not empty
* @var array warn_msg Array of the warning messages
* @since 3.1.2-RC1

		* @var bool		return					Do we return after the event is triggered if $warn_msg is not empty
* @var array warn_msg Array of the warning messages
* @since 3.1.2-RC1

		* @change 3.1.3-RC1 Added vars $bbcode_bitfield and $bbcode_uid

		* @changed 3.1.3-RC1 Added vars $bbcode_bitfield and $bbcode_uid

		*/
$message = $this->message;
$warn_msg = $this->warn_msg;

		*/
$message = $this->message;
$warn_msg = $this->warn_msg;

Line 1500Line 1474
			$db->sql_freeresult($result);
}


			$db->sql_freeresult($result);
}


		if (sizeof($match))

		if (count($match))

		{
if ($max_smilies)
{

		{
if ($max_smilies)
{

Line 1522Line 1496

$this->message = trim(preg_replace(explode(chr(0), '#(?<=^|[\n .])' . implode('(?![^<>]*>)#u' . chr(0) . '#(?<=^|[\n .])', $match) . '(?![^<>]*>)#u'), $replace, $this->message));
}


$this->message = trim(preg_replace(explode(chr(0), '#(?<=^|[\n .])' . implode('(?![^<>]*>)#u' . chr(0) . '#(?<=^|[\n .])', $match) . '(?![^<>]*>)#u'), $replace, $this->message));
}

 
	}

/**
* Check attachment form token depending on submit type
*
* @param \phpbb\language\language $language Language
* @param \phpbb\request\request_interface $request Request
* @param string $form_name Form name for checking form key
*
* @return bool True if form token is not needed or valid, false if needed and invalid
*/
function check_attachment_form_token(\phpbb\language\language $language, \phpbb\request\request_interface $request, $form_name)
{
$add_file = $request->is_set_post('add_file');
$delete_file = $request->is_set_post('delete_file');

if (($add_file || $delete_file) && !check_form_key($form_name))
{
$this->warn_msg[] = $language->lang('FORM_INVALID');

if ($request->is_ajax() && $this->plupload)
{
$this->plupload->emit_error(-400, 'FORM_INVALID');
}

return false;
}

return true;

	}

/**

	}

/**

Line 1530Line 1533
	function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
{
global $config, $auth, $user, $phpbb_root_path, $phpEx, $db, $request;

	function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
{
global $config, $auth, $user, $phpbb_root_path, $phpEx, $db, $request;

		global $phpbb_container;

		global $phpbb_container, $phpbb_dispatcher;


$error = array();



$error = array();


		$num_attachments = sizeof($this->attachment_data);

		$num_attachments = count($this->attachment_data);

		$this->filename_data['filecomment'] = $request->variable('filecomment', '', true);
$upload = $request->file($form_name);
$upload_file = (!empty($upload) && $upload['name'] !== 'none' && trim($upload['name']));

		$this->filename_data['filecomment'] = $request->variable('filecomment', '', true);
$upload = $request->file($form_name);
$upload_file = (!empty($upload) && $upload['name'] !== 'none' && trim($upload['name']));

Line 1571Line 1574
				$filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message);
$error = $filedata['error'];


				$filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message);
$error = $filedata['error'];


				if ($filedata['post_attach'] && !sizeof($error))

				if ($filedata['post_attach'] && !count($error))

				{
$sql_ary = array(
'physical_filename' => $filedata['physical_filename'],

				{
$sql_ary = array(
'physical_filename' => $filedata['physical_filename'],

Line 1586Line 1589
						'in_message'		=> ($is_message) ? 1 : 0,
'poster_id' => $user->data['user_id'],
);

						'in_message'		=> ($is_message) ? 1 : 0,
'poster_id' => $user->data['user_id'],
);

 

/**
* Modify attachment sql array on submit
*
* @event core.modify_attachment_sql_ary_on_submit
* @var array sql_ary Array containing SQL data
* @since 3.2.6-RC1
*/
$vars = array('sql_ary');
extract($phpbb_dispatcher->trigger_event('core.modify_attachment_sql_ary_on_submit', compact($vars)));


$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));



$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));


Line 1598Line 1611
					);

$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);

					);

$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);

 

/**
* Modify attachment data on submit
*
* @event core.modify_attachment_data_on_submit
* @var array attachment_data Array containing attachment data
* @since 3.2.2-RC1
*/
$attachment_data = $this->attachment_data;
$vars = array('attachment_data');
extract($phpbb_dispatcher->trigger_event('core.modify_attachment_data_on_submit', compact($vars)));
$this->attachment_data = $attachment_data;
unset($attachment_data);


					$this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) {
return '[attachment='.($match[1] + 1).']' . $match[2] . '[/attachment]';
}, $this->message);

					$this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) {
return '[attachment='.($match[1] + 1).']' . $match[2] . '[/attachment]';
}, $this->message);

Line 1621Line 1648
			}
}


			}
}


		if ($preview || $refresh || sizeof($error))

		if ($preview || $refresh || count($error))

		{
if (isset($this->plupload) && $this->plupload->is_active())
{

		{
if (isset($this->plupload) && $this->plupload->is_active())
{

Line 1692Line 1719
					$filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message);
$error = array_merge($error, $filedata['error']);


					$filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message);
$error = array_merge($error, $filedata['error']);


					if (!sizeof($error))

					if (!count($error))

					{
$sql_ary = array(
'physical_filename' => $filedata['physical_filename'],

					{
$sql_ary = array(
'physical_filename' => $filedata['physical_filename'],

Line 1707Line 1734
							'in_message'		=> ($is_message) ? 1 : 0,
'poster_id' => $user->data['user_id'],
);

							'in_message'		=> ($is_message) ? 1 : 0,
'poster_id' => $user->data['user_id'],
);

 

/**
* Modify attachment sql array on upload
*
* @event core.modify_attachment_sql_ary_on_upload
* @var array sql_ary Array containing SQL data
* @since 3.2.6-RC1
*/
$vars = array('sql_ary');
extract($phpbb_dispatcher->trigger_event('core.modify_attachment_sql_ary_on_upload', compact($vars)));


$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));



$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));


Line 1719Line 1756
						);

$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);

						);

$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);

 

/**
* Modify attachment data on upload
*
* @event core.modify_attachment_data_on_upload
* @var array attachment_data Array containing attachment data
* @since 3.2.2-RC1
*/
$attachment_data = $this->attachment_data;
$vars = array('attachment_data');
extract($phpbb_dispatcher->trigger_event('core.modify_attachment_data_on_upload', compact($vars)));
$this->attachment_data = $attachment_data;
unset($attachment_data);


						$this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) {
return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]';
}, $this->message);

						$this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) {
return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]';
}, $this->message);

Line 1774Line 1825

$check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;



$check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;


		if (!sizeof($attachment_data))

		if (!count($attachment_data))

		{
return;
}

		{
return;
}

Line 1794Line 1845
		}

// Regenerate already posted attachments

		}

// Regenerate already posted attachments

		if (sizeof($not_orphan))

		if (count($not_orphan))

		{
// Get the attachment data, based on the poster id...
$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment, filesize

		{
// Get the attachment data, based on the poster id...
$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment, filesize

Line 1814Line 1865
			$db->sql_freeresult($result);
}


			$db->sql_freeresult($result);
}


		if (sizeof($not_orphan))

		if (count($not_orphan))

		{
trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
}

// Regenerate newly uploaded attachments

		{
trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
}

// Regenerate newly uploaded attachments

		if (sizeof($orphan))

		if (count($orphan))

		{
$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment, filesize
FROM ' . ATTACHMENTS_TABLE . '

		{
$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment, filesize
FROM ' . ATTACHMENTS_TABLE . '

Line 1840Line 1891
			$db->sql_freeresult($result);
}


			$db->sql_freeresult($result);
}


		if (sizeof($orphan))

		if (count($orphan))

		{
trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
}

		{
trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
}

Line 1861Line 1912
		$tmp_message = $this->message;

$poll['poll_options'] = preg_split('/\s*?\n\s*/', trim($poll['poll_option_text']));

		$tmp_message = $this->message;

$poll['poll_options'] = preg_split('/\s*?\n\s*/', trim($poll['poll_option_text']));

		$poll['poll_options_size'] = sizeof($poll['poll_options']);

		$poll['poll_options_size'] = count($poll['poll_options']);


foreach ($poll['poll_options'] as &$poll_option)
{


foreach ($poll['poll_options'] as &$poll_option)
{

Line 1890Line 1941
			}
}


			}
}


		if (sizeof($poll['poll_options']) == 1)

		if (count($poll['poll_options']) == 1)

		{
$this->warn_msg[] = $user->lang['TOO_FEW_POLL_OPTIONS'];
}

		{
$this->warn_msg[] = $user->lang['TOO_FEW_POLL_OPTIONS'];
}