makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

stripslash email messages + remove  's from usernames, email addresses

Browse source 
git-svn-id: file:///svn/phpbb/trunk@1444 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2001-11-26 01:27:00 +00:00
parent adb6ff9f58
commit 5f01741bc4
1 changed files with 16 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
phpBB/profile.php
View file

@ -470,10 +470,11 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
if( $mode == "editprofile" ) if( $mode == "editprofile" )
{ {
$user_id = intval($HTTP_POST_VARS['user_id']); $user_id = intval($HTTP_POST_VARS['user_id']);
$current_email = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['current_email']))); $current_email = trim(strip_tags(htmlspecialchars(str_replace(" ", " ",$HTTP_POST_VARS['current_email']))));
} }
$username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags($HTTP_POST_VARS['username'])) : "";
$email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : ""; $username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags(str_replace(" ", " ", $HTTP_POST_VARS['username']))) : "";
$email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars(str_replace(" ", " ",$HTTP_POST_VARS['email'])))) : "";
$password_current = (!empty($HTTP_POST_VARS['cur_password'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['cur_password']))) : ""; $password_current = (!empty($HTTP_POST_VARS['cur_password'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['cur_password']))) : "";
$password = (!empty($HTTP_POST_VARS['new_password'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['new_password']))) : ""; $password = (!empty($HTTP_POST_VARS['new_password'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['new_password']))) : "";
@ -774,16 +775,19 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
} }
else else
{ {
$l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
$error = true; $error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Avatar_imagesize'] : $lang['Avatar_imagesize']; $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
} }
} }
} }
else else
{ {
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
$error = true; $error = true;
$error_filesize = $lang['Avatar_filesize'] . " " . round($board_config['avatar_filesize'] / 1024) . " " . $lang['kB']; $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $error_filesize : $error_filesize;
} }
} }
else else
@ -1112,13 +1116,13 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
$emailer->use_template($email_template); $emailer->use_template($email_template);
$emailer->email_address($email); $emailer->email_address($email);
$emailer->set_subject($lang['Welcome_subject']); $emailer->set_subject(sprintf($lang['Welcome_subject'], $board_config['sitename']));
$emailer->extra_headers($email_headers); $emailer->extra_headers($email_headers);
if( $coppa ) if( $coppa )
{ {
$emailer->assign_vars(array( $emailer->assign_vars(array(
"WELCOME_MSG" => $lang['Welcome_subject'], "WELCOME_MSG" => sprintf($lang['Welcome_subject'], $board_config['sitename']),
"USERNAME" => $username, "USERNAME" => $username,
"PASSWORD" => $password_confirm, "PASSWORD" => $password_confirm,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
@ -1140,7 +1144,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
else else
{ {
$emailer->assign_vars(array( $emailer->assign_vars(array(
"WELCOME_MSG" => $lang['Welcome_subject'], "WELCOME_MSG" => sprintf($lang['Welcome_subject'], $board_config['sitename']),
"USERNAME" => $username, "USERNAME" => $username,
"PASSWORD" => $password_confirm, "PASSWORD" => $password_confirm,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
@ -1160,7 +1164,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
$emailer->extra_headers($email_headers); $emailer->extra_headers($email_headers);
$emailer->assign_vars(array( $emailer->assign_vars(array(
"WELCOME_MSG" => $lang['Welcome_subject'], "WELCOME_MSG" => sprintf($lang['Welcome_subject'], $board_config['sitename']),
"USERNAME" => $username, "USERNAME" => $username,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
@ -1861,7 +1865,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
if( !empty($HTTP_POST_VARS['subject']) ) if( !empty($HTTP_POST_VARS['subject']) )
{ {
$subject = trim(strip_tags($HTTP_POST_VARS['subject'])); $subject = trim(strip_tags(stripslashes($HTTP_POST_VARS['subject'])));
} }
else else
{ {
@ -1871,7 +1875,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
if( !empty($HTTP_POST_VARS['message']) ) if( !empty($HTTP_POST_VARS['message']) )
{ {
$message = trim(strip_tags($HTTP_POST_VARS['message'])); $message = trim(strip_tags(stripslashes($HTTP_POST_VARS['message'])));
} }
else else
{ {