From 1e76b0df0e1450c35bab6160b703d32bfb267324 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 15 Feb 2025 20:24:07 +0100
Subject: [PATCH] [ticket/17326] Use same regex in icon name validation in PHP

PHPBB-17326
---
 phpBB/includes/acp/acp_bbcodes.php    |  2 +-
 tests/functional/acp_bbcodes_test.php | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php
index ee3dffd461..723a13d1db 100644
--- a/phpBB/includes/acp/acp_bbcodes.php
+++ b/phpBB/includes/acp/acp_bbcodes.php
@@ -241,7 +241,7 @@ class acp_bbcodes
 						trigger_error($user->lang['BBCODE_FONT_ICON_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
 					}
 
-					if (!empty($bbcode_font_icon) && !preg_match('/^[\w-]+$/', $bbcode_font_icon))
+					if (!empty($bbcode_font_icon) && !preg_match('/^(?!-)(?!.*--)[a-z0-9-]+(?<!-)$/', $bbcode_font_icon))
 					{
 						trigger_error($user->lang['BBCODE_FONT_ICON_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
 					}
diff --git a/tests/functional/acp_bbcodes_test.php b/tests/functional/acp_bbcodes_test.php
index ac73091a79..dd0d356a58 100644
--- a/tests/functional/acp_bbcodes_test.php
+++ b/tests/functional/acp_bbcodes_test.php
@@ -98,6 +98,18 @@ class phpbb_functional_acp_bbcodes_test extends phpbb_functional_test_case
 				'Not a valid icon name',
 				'is invalid',
 			],
+			'icon name invalid double dash' => [
+				'[mod2="{TEXT1}"]{TEXT2}[/mod2]',
+				'<div>{TEXT1}</div><div>{TEXT2}</div>',
+				'us--er',
+				'is invalid',
+			],
+			'icon name invalid trailing dash' => [
+				'[mod2="{TEXT1}"]{TEXT2}[/mod2]',
+				'<div>{TEXT1}</div><div>{TEXT2}</div>',
+				'user-',
+				'is invalid',
+			],
 		];
 	}
 }