makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 14:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix for bbcode issue under IE

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5362 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Graham Eames 2005-12-21 13:06:04 +00:00
parent 0473115ea4
commit 6603e4aa5f
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/docs/CHANGELOG.html
View file

@ -69,11 +69,13 @@ p,ul,td {font-size:10pt;}
<ul> <ul>
<li>[Fix] corrected index on session keys table under MS SQL</li> <li>[Fix] corrected index on session keys table under MS SQL</li>
<li>[Fix] added session keys table to backup</li> <li>[Fix] added session keys table to backup</li>
<li>[Fix] delete session keys entries when deleting user</li>
<li>[Fix] changes to support MySQL 5.0</li> <li>[Fix] changes to support MySQL 5.0</li>
<li>[Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu (cxib)</li> <li>[Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu (cxib)</li>
<li>[Fix] change truncation of username length in usercp_register.php - BFUK</li> <li>[Fix] change truncation of username length in usercp_register.php - BFUK</li>
<li>[Fix] incorrect path to avatars in admin_users.php (Bug #667)</li> <li>[Fix] incorrect path to avatars in admin_users.php (Bug #667)</li>
<li>[Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez</li> <li>[Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez</li>
<li>[Sec] fixed XSS issue in IE within the url bbcode</li>
</ul> </ul>

4
phpBB/includes/bbcode.php
View file

@ -200,11 +200,11 @@ function bbencode_second_pass($text, $uid)
$replacements[] = $bbcode_tpl['img']; $replacements[] = $bbcode_tpl['img'];
// matches a [url]xxxx://www.phpbb.com[/url] code.. // matches a [url]xxxx://www.phpbb.com[/url] code..
$patterns[] = "#\[url\]([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is"; $patterns[] = "#\[url\]([\w]+?://([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url1']; $replacements[] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix). // [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
$patterns[] = "#\[url\]((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is"; $patterns[] = "#\[url\]((www|ftp)\.([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url2']; $replacements[] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code.. // [url=xxxx://www.phpbb.com]phpBB[/url] code..