From 10ed58b2c9db5869c7e4136b0e718d1f81706d87 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Thu, 11 Oct 2007 08:12:41 +0000 Subject: [PATCH] prevent posting empty messages with some UTF8-characters as well as fixing conversion in CVS. git-svn-id: file:///svn/phpbb/trunk@8163 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 1 + phpBB/includes/message_parser.php | 11 +++++++++-- phpBB/install/convertors/convert_phpbb20.php | 4 ++-- phpBB/install/install_convert.php | 4 ++-- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 0e9c5e7f7d..21f26ab687 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -116,6 +116,7 @@
  • [Change] Require confirm for deleting inactive users. (Bug #14641)
  • [Fix] Match custom BBCodes in the same way during first and second pass - patch provided by IBBoard (Bug #14268)
  • [Fix] Correct quote parsing if opening bracket before opening quote (Bug #14667)
    • +
  • [Fix] Clean post message for checking length to prevent posting empty messages

    • 1.ii. Changes since 3.0.RC4

    diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index e9729445f2..311c75b410 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1060,8 +1060,8 @@ class parse_message extends bbcode_firstpass $replace = array("\\1:"); $this->message = preg_replace($match, $replace, trim($this->message)); - // Message length check. -1 disables this check completely. - if ($config['max_' . $mode . '_chars']) + // Message length check. 0 disables this check completely. + if ($config['max_' . $mode . '_chars'] > 0) { $msg_len = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message)); @@ -1072,6 +1072,13 @@ class parse_message extends bbcode_firstpass } } + // Check for "empty" message + if (!utf8_clean_string($this->message)) + { + $this->warn_msg[] = $user->lang['TOO_FEW_CHARS']; + return $this->warn_msg; + } + // Prepare BBcode (just prepares some tags for better parsing) if ($allow_bbcode && strpos($this->message, '[') !== false) { diff --git a/phpBB/install/convertors/convert_phpbb20.php b/phpBB/install/convertors/convert_phpbb20.php index 406fc5068a..11b271f964 100644 --- a/phpBB/install/convertors/convert_phpbb20.php +++ b/phpBB/install/convertors/convert_phpbb20.php @@ -596,7 +596,7 @@ if (!$get_info) 'autoincrement' => 'post_id', 'query_first' => array('target', $convert->truncate_statement . POSTS_TABLE), 'execute_first' => ' - $config["max_post_chars"] = -1; + $config["max_post_chars"] = 0; $config["max_quote_depth"] = 0; ', @@ -645,7 +645,7 @@ if (!$get_info) ), 'execute_first' => ' - $config["max_post_chars"] = -1; + $config["max_post_chars"] = 0; $config["max_quote_depth"] = 0; ', diff --git a/phpBB/install/install_convert.php b/phpBB/install/install_convert.php index 99fbed0a5b..6fd5016a42 100644 --- a/phpBB/install/install_convert.php +++ b/phpBB/install/install_convert.php @@ -612,7 +612,7 @@ class install_convert extends module $config['max_quote_depth'] = 0; // @todo Need to confirm that max post length in source is <= max post length in destination or there may be interesting formatting issues - $config['max_post_chars'] = -1; + $config['max_post_chars'] = 0; // Set up a user as well. We _should_ have enough of a database here at this point to do this // and it helps for any core code we call @@ -990,7 +990,7 @@ class install_convert extends module $config['max_quote_depth'] = 0; // @todo Need to confirm that max post length in source is <= max post length in destination or there may be interesting formatting issues - $config['max_post_chars'] = -1; + $config['max_post_chars'] = 0; } $template->assign_block_vars('checks', array(