From 71f5c9c32715b634d315f79aa11df07be2a9676c Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 18 May 2015 17:07:02 +0200 Subject: [PATCH 01/13] [ticket/13832] Use preg_replace_callback instead of /e modifier PHPBB3-13832 --- phpBB/includes/acp/acp_bbcodes.php | 4 +++- phpBB/includes/bbcode.php | 22 ++++++++++++++++++++-- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index d451b4d899..9c00e89713 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -491,7 +491,9 @@ class acp_bbcodes if (preg_match_all('/(?lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace('_', ' ', '\$1')))", $bbcode_tpl); + $bbcode_tpl = preg_replace_callback('/{L_([A-Z0-9_]+)}/', function ($match) use ($user) { + if (!empty($user->lang[$match['1']])) + { + return $user->lang[$match['1']]; + } + else + { + return ucwords(strtolower(str_replace('_', ' ', $match['1']))); + } + }, $bbcode_tpl); if (!empty($rowset[$bbcode_id]['second_pass_replace'])) { @@ -509,7 +518,16 @@ class bbcode 'email' => array('{EMAIL}' => '$1', '{DESCRIPTION}' => '$2') ); - $tpl = preg_replace('/{L_([A-Z0-9_]+)}/e', "(!empty(\$user->lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace('_', ' ', '\$1')))", $tpl); + $tpl = preg_replace_callback('/{L_([A-Z0-9_]+)}/', function ($match) use ($user) { + if (!empty($user->lang[$match['1']])) + { + return $user->lang[$match['1']]; + } + else + { + return ucwords(strtolower(str_replace('_', ' ', $match['1']))); + } + }, $tpl); if (!empty($replacements[$tpl_name])) { From 1076b562dde3cd05351baec0cc01e1ff35c7317a Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 18 May 2015 17:48:00 +0200 Subject: [PATCH 02/13] [ticket/13832] Do not use e modifier in message_parser PHPBB3-13832 --- phpBB/includes/message_parser.php | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 9fe598d7fb..0d6960a197 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -744,7 +744,9 @@ class bbcode_firstpass extends bbcode } // To let the parser not catch tokens within quote_username quotes we encode them before we start this... - $in = preg_replace('#quote="(.*?)"\]#ie', "'quote="' . str_replace(array('[', ']', '\\\"'), array('[', ']', '\"'), '\$1') . '"]'", $in); + $in = preg_replace_callback('#quote="(.*?)"\]#i', function ($match) { + return 'quote="' . str_replace(array('[', ']', '\\\"'), array('[', ']', '\"'), $match[1]) . '"]'; + }, $in); $tok = ']'; $out = '['; @@ -1518,7 +1520,9 @@ class parse_message extends bbcode_firstpass ); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); - $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); + $this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) { + return '[attachment='.($match[1] + 1).']' . $match[2] . '[/attachment]'; + }, $this->message); $this->filename_data['filecomment'] = ''; @@ -1586,7 +1590,9 @@ class parse_message extends bbcode_firstpass } unset($this->attachment_data[$index]); - $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $this->message); + $this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) use($index) { + return ($match[1] == $index) ? '' : (($match[1] > $index) ? '[attachment=' . ($match[1] - 1) . ']' . $match[2] . '[/attachment]' : $match[0]); + }, $this->message); // Reindex Array $this->attachment_data = array_values($this->attachment_data); @@ -1630,7 +1636,9 @@ class parse_message extends bbcode_firstpass ); $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data); - $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message); + $this->message = preg_replace_callback('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#', function ($match) { + return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]'; + }, $this->message); $this->filename_data['filecomment'] = ''; if (isset($this->plupload) && $this->plupload->is_active()) From 8a5c0965d34cfd7027983dd74c33f45d737012d3 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 18 May 2015 19:02:49 +0200 Subject: [PATCH 03/13] [ticket/13832] Allow callables for matching bbcodes PHPBB3-13832 --- phpBB/includes/message_parser.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 0d6960a197..0528d0b413 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -83,7 +83,14 @@ class bbcode_firstpass extends bbcode // it should not demand recompilation if (preg_match($regexp, $this->message)) { - $this->message = preg_replace($regexp, $replacement, $this->message); + if (is_callable($replacement)) + { + $this->message = preg_replace_callback($regexp, $replacement, $this->message); + } + else + { + $this->message = preg_replace($regexp, $replacement, $this->message); + } $bitfield->set($bbcode_data['bbcode_id']); } } From 2911c0168331a8f23dd8836d092d5e3fe6cac070 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 18 May 2015 19:03:25 +0200 Subject: [PATCH 04/13] [ticket/13832] Remove e modifier from bold bbcode PHPBB3-13832 --- phpBB/includes/message_parser.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 0528d0b413..e4a89b62ca 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -126,10 +126,12 @@ class bbcode_firstpass extends bbcode */ function bbcode_init($allow_custom_bbcode = true) { - global $phpbb_dispatcher; + global $phpbb_dispatcher, $bbcode_class; static $rowset; + $bbcode_class = $this; + // This array holds all bbcode data. BBCodes will be processed in this // order, so it is important to keep [code] in first position and // [quote] in second position. @@ -139,7 +141,7 @@ class bbcode_firstpass extends bbcode 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")), 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")), 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uise' => "\$this->bbcode_attachment('\$1', '\$2')")), - 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uise' => "\$this->bbcode_strong('\$1')")), + 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_strong($match[1]); })), 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uise' => "\$this->bbcode_italic('\$1')")), 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiUe' => "\$this->validate_url('\$2', ('\$3') ? '\$3' : '\$4')")), 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiUe' => "\$this->bbcode_img('\$1')")), From 1494c54803b3043ded965e9040bbd9116e4b6a53 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 18 May 2015 21:43:25 +0200 Subject: [PATCH 05/13] [ticket/13832] Do not use e modifier for bbcodes in message_parser PHPBB3-13832 --- phpBB/includes/message_parser.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index e4a89b62ca..06c3c2c9c2 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -138,19 +138,19 @@ class bbcode_firstpass extends bbcode // To parse multiline URL we enable dotall option setting only for URL text // but not for link itself, thus [url][/url] is not affected. $this->bbcodes = array( - 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uise' => "\$this->bbcode_code('\$1', '\$2')")), - 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uise' => "\$this->bbcode_quote('\$0')")), - 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uise' => "\$this->bbcode_attachment('\$1', '\$2')")), + 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_code($match[1], $match[2]); })), + 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_quote($match[0]); })), + 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_attachment($match[1], $match[2]); })), 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_strong($match[1]); })), - 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uise' => "\$this->bbcode_italic('\$1')")), - 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiUe' => "\$this->validate_url('\$2', ('\$3') ? '\$3' : '\$4')")), - 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiUe' => "\$this->bbcode_img('\$1')")), - 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uise' => "\$this->bbcode_size('\$1', '\$2')")), - 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uise' => "\$this->bbcode_color('\$1', '\$2')")), - 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uise' => "\$this->bbcode_underline('\$1')")), - 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uise' => "\$this->bbcode_parse_list('\$0')")), - 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uise' => "\$this->validate_email('\$1', '\$2')")), - 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#uie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')")) + 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_italic($match[1]); })), + 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiU' => function ($match) { global $bbcode_class; return $bbcode_class->validate_url($match[2], ($match[3]) ? $match[3] : $match[4]); })), + 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiU' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_img($match[1]); })), + 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_size($match[1], $match[2]); })), + 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_color($match[1], $match[2]); })), + 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_underline($match[1]); })), + 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_parse_list($match[0]); })), + 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->validate_email($match[1], $match[2]); })), + 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ui' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_flash($match[1], $match[2], $match[3]); })) ); // Zero the parsed items array From 579658461115de68aa05c34b0dfd6744a40d0f10 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 19 May 2015 14:15:37 +0200 Subject: [PATCH 06/13] [ticket/13832] Fix code sniffer errors in message_parser.php PHPBB3-13832 --- phpBB/includes/message_parser.php | 78 +++++++++++++++++++++++++------ 1 file changed, 65 insertions(+), 13 deletions(-) diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 06c3c2c9c2..d40c71c2a9 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -138,19 +138,71 @@ class bbcode_firstpass extends bbcode // To parse multiline URL we enable dotall option setting only for URL text // but not for link itself, thus [url][/url] is not affected. $this->bbcodes = array( - 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_code($match[1], $match[2]); })), - 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_quote($match[0]); })), - 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_attachment($match[1], $match[2]); })), - 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_strong($match[1]); })), - 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_italic($match[1]); })), - 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiU' => function ($match) { global $bbcode_class; return $bbcode_class->validate_url($match[2], ($match[3]) ? $match[3] : $match[4]); })), - 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiU' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_img($match[1]); })), - 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_size($match[1], $match[2]); })), - 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_color($match[1], $match[2]); })), - 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_underline($match[1]); })), - 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_parse_list($match[0]); })), - 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uis' => function ($match) { global $bbcode_class; return $bbcode_class->validate_email($match[1], $match[2]); })), - 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ui' => function ($match) { global $bbcode_class; return $bbcode_class->bbcode_flash($match[1], $match[2], $match[3]); })) + 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_code($match[1], $match[2]); + } + )), + 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_quote($match[0]); + } + )), + 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_attachment($match[1], $match[2]); + } + )), + 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_strong($match[1]); + } + )), + 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_italic($match[1]); + } + )), + 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](?(1)((?s).*(?-s))|(.*))\[/url\]#uiU' => function ($match) use($bbcode_class) + { + return $bbcode_class->validate_url($match[2], ($match[3]) ? $match[3] : $match[4]); + } + )), + 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#uiU' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_img($match[1]); + } + )), + 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_size($match[1], $match[2]); + } + )), + 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_color($match[1], $match[2]); + } + )), + 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_underline($match[1]); + } + )), + 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]|disc|circle|square))?].*\[/list]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_parse_list($match[0]); + } + )), + 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#uis' => function ($match) use($bbcode_class) + { + return $bbcode_class->validate_email($match[1], $match[2]); + } + )), + 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ui' => function ($match) use($bbcode_class) + { + return $bbcode_class->bbcode_flash($match[1], $match[2], $match[3]); + } + )) ); // Zero the parsed items array From a430fef05bcf034b790a2603879ada90fa5d1b71 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 19 May 2015 16:29:10 +0200 Subject: [PATCH 07/13] [ticket/13832] Use preg_replace_callback in acp_bbcodes PHPBB3-13832 --- phpBB/includes/acp/acp_bbcodes.php | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index 9c00e89713..0cfe791ad7 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -558,10 +558,18 @@ class acp_bbcodes trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } - $fp_match = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $fp_match); - $fp_replace = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $fp_replace); - $sp_match = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $sp_match); - $sp_replace = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $sp_replace); + $fp_match = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) { + return strtolower($match[0]); + }, $fp_match); + $fp_replace = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) { + return strtolower($match[0]); + }, $fp_replace); + $sp_match = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) { + return strtolower($match[0]); + }, $sp_match); + $sp_replace = preg_replace_callback('#\[/?' . $bbcode_search . '#i', function ($match) { + return strtolower($match[0]); + }, $sp_replace); return array( 'bbcode_tag' => $bbcode_tag, From 3106195cddec48ec779282d03f2c54c88fc66511 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 19 May 2015 16:29:50 +0200 Subject: [PATCH 08/13] [ticket/13832] Use preg_replace_callback in bbcode class PHPBB3-13832 --- phpBB/includes/bbcode.php | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index dce9966efd..0c9869fe25 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -110,7 +110,18 @@ class bbcode $undid_bbcode_specialchars = true; } - $message = preg_replace($preg['search'], $preg['replace'], $message); + foreach ($preg['search'] as $key => $search) + { + if (is_callable($preg['replace'][$key])) + { + $message = preg_replace_callback($search, $preg['replace'][$key], $message); + } + else + { + $message = preg_replace($search, $preg['replace'][$key], $message); + } + } + $preg = array('search' => array(), 'replace' => array()); } } @@ -212,7 +223,9 @@ class bbcode '[/quote:$uid]' => $this->bbcode_tpl('quote_close', $bbcode_id) ), 'preg' => array( - '#\[quote(?:="(.*?)")?:$uid\]((?!\[quote(?:=".*?")?:$uid\]).)?#ise' => "\$this->bbcode_second_pass_quote('\$1', '\$2')" + '#\[quote(?:="(.*?)")?:$uid\]((?!\[quote(?:=".*?")?:$uid\]).)?#is' => function ($match) { + return $this->bbcode_second_pass_quote($match[1], $match[2]); + }, ) ); break; @@ -291,7 +304,9 @@ class bbcode case 8: $this->bbcode_cache[$bbcode_id] = array( 'preg' => array( - '#\[code(?:=([a-z]+))?:$uid\](.*?)\[/code:$uid\]#ise' => "\$this->bbcode_second_pass_code('\$1', '\$2')", + '#\[code(?:=([a-z]+))?:$uid\](.*?)\[/code:$uid\]#is' => function ($match) { + return $this->bbcode_second_pass_code($match[1], $match[2]); + }, ) ); break; @@ -301,7 +316,9 @@ class bbcode 'preg' => array( '#(\[\/?(list|\*):[mou]?:?$uid\])[\n]{1}#' => "\$1", '#(\[list=([^\[]+):$uid\])[\n]{1}#' => "\$1", - '#\[list=([^\[]+):$uid\]#e' => "\$this->bbcode_list('\$1')", + '#\[list=([^\[]+):$uid\]#' => function ($match) { + return $this->bbcode_list($match[1]); + }, ), 'str' => array( '[list:$uid]' => $this->bbcode_tpl('ulist_open_default', $bbcode_id), From e8602d4203132502cba0e5bf4bc17a8e0e4281ed Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 19 May 2015 16:30:52 +0200 Subject: [PATCH 09/13] [ticket/13832] Use preg_replace_callback in ucp_pm_options PHPBB3-13832 --- phpBB/includes/ucp/ucp_pm_options.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index 9c21971bf8..1faec590aa 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -507,7 +507,9 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit $rule_lang = $action_lang = $check_lang = array(); // Build all three language arrays - preg_replace('#^((RULE|ACTION|CHECK)_([A-Z0-9_]+))$#e', "\${strtolower('\\2') . '_lang'}[constant('\\1')] = \$user->lang['PM_\\2']['\\3']", array_keys(get_defined_constants())); + preg_replace_callback('#^((RULE|ACTION|CHECK)_([A-Z0-9_]+))$#', function ($match) use(&$rule_lang, &$action_lang, &$check_lang, $user) { + ${strtolower($match[2]) . '_lang'}[constant($match[1])] = $user->lang['PM_' . $match[2]][$match[3]]; + } , array_keys(get_defined_constants())); /* Rule Ordering: From 358c634153bd5fc5fe6a80a2c129e70adb107093 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 19 May 2015 17:26:01 +0200 Subject: [PATCH 10/13] [ticket/13832] Remove unused global from bbcode_init() PHPBB3-13832 --- phpBB/includes/message_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index d40c71c2a9..208690c146 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -126,7 +126,7 @@ class bbcode_firstpass extends bbcode */ function bbcode_init($allow_custom_bbcode = true) { - global $phpbb_dispatcher, $bbcode_class; + global $phpbb_dispatcher; static $rowset; From 91cace06a5b8d0d2b2446429ec404acda0f42e5b Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Wed, 20 May 2015 08:59:19 +0200 Subject: [PATCH 11/13] [ticket/13832] Resolve minor coding issues PHPBB3-13832 --- phpBB/includes/bbcode.php | 18 ++---------------- phpBB/includes/ucp/ucp_pm_options.php | 2 +- 2 files changed, 3 insertions(+), 17 deletions(-) diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index 0c9869fe25..ac5b3e6390 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -403,14 +403,7 @@ class bbcode // Replace {L_*} lang strings $bbcode_tpl = preg_replace_callback('/{L_([A-Z0-9_]+)}/', function ($match) use ($user) { - if (!empty($user->lang[$match['1']])) - { - return $user->lang[$match['1']]; - } - else - { - return ucwords(strtolower(str_replace('_', ' ', $match['1']))); - } + return (!empty($user->lang[$match[1]])) ? $user->lang($match[1]) : ucwords(strtolower(str_replace('_', ' ', $match[1]))); }, $bbcode_tpl); if (!empty($rowset[$bbcode_id]['second_pass_replace'])) @@ -536,14 +529,7 @@ class bbcode ); $tpl = preg_replace_callback('/{L_([A-Z0-9_]+)}/', function ($match) use ($user) { - if (!empty($user->lang[$match['1']])) - { - return $user->lang[$match['1']]; - } - else - { - return ucwords(strtolower(str_replace('_', ' ', $match['1']))); - } + return (!empty($user->lang[$match[1]])) ? $user->lang($match[1]) : ucwords(strtolower(str_replace('_', ' ', $match[1]))); }, $tpl); if (!empty($replacements[$tpl_name])) diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index 1faec590aa..b674a457c1 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -509,7 +509,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit // Build all three language arrays preg_replace_callback('#^((RULE|ACTION|CHECK)_([A-Z0-9_]+))$#', function ($match) use(&$rule_lang, &$action_lang, &$check_lang, $user) { ${strtolower($match[2]) . '_lang'}[constant($match[1])] = $user->lang['PM_' . $match[2]][$match[3]]; - } , array_keys(get_defined_constants())); + }, array_keys(get_defined_constants())); /* Rule Ordering: From 0e5d1decbf64eb1192c0ad697c38f368e8f970e7 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Wed, 20 May 2015 09:03:59 +0200 Subject: [PATCH 12/13] [ticket/13832] Use preg_replace_callback in check_flash_bbcodes PHPBB3-13832 --- phpBB/develop/check_flash_bbcodes.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/phpBB/develop/check_flash_bbcodes.php b/phpBB/develop/check_flash_bbcodes.php index 6e1b415bb6..2a54724aaa 100644 --- a/phpBB/develop/check_flash_bbcodes.php +++ b/phpBB/develop/check_flash_bbcodes.php @@ -140,8 +140,13 @@ function html_entity_decode_utf8($string) static $trans_tbl; // replace numeric entities - $string = preg_replace('~&#x([0-9a-f]+);~ei', 'code2utf8(hexdec("\\1"))', $string); + $string = preg_replace_callback('~&#x([0-9a-f]+);~i', function ($match) { + return code2utf8(hexdec($match[1])); + }, $string); $string = preg_replace('~&#([0-9]+);~e', 'code2utf8(\\1)', $string); + $string = preg_replace_callback('~&#([0-9]+);~', function ($match) { + return code2utf8($match[1]); + }, $string); // replace literal entities if (!isset($trans_tbl)) From c30e0610e938b40a8c04463d2b8de5a64ee59210 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 28 May 2015 10:30:36 +0200 Subject: [PATCH 13/13] [ticket/13832] Remove remnant of /e modifier code in check_flash_bbcodes PHPBB3-13832 --- phpBB/develop/check_flash_bbcodes.php | 1 - 1 file changed, 1 deletion(-) diff --git a/phpBB/develop/check_flash_bbcodes.php b/phpBB/develop/check_flash_bbcodes.php index 2a54724aaa..5dc112bfc0 100644 --- a/phpBB/develop/check_flash_bbcodes.php +++ b/phpBB/develop/check_flash_bbcodes.php @@ -143,7 +143,6 @@ function html_entity_decode_utf8($string) $string = preg_replace_callback('~&#x([0-9a-f]+);~i', function ($match) { return code2utf8(hexdec($match[1])); }, $string); - $string = preg_replace('~&#([0-9]+);~e', 'code2utf8(\\1)', $string); $string = preg_replace_callback('~&#([0-9]+);~', function ($match) { return code2utf8($match[1]); }, $string);