[ticket/11711] Inform user of unsupported characters while posting

PHPBB3-11711

phpBB/includes/message_parser.php

@@ -1194,6 +1194,19 @@ class parse_message extends bbcode_firstpass
 			}
 		}
 
+		// Check for out-of-bounds characters that are currently
+		// not supported by utf8_bin
+		if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $this->message, $matches))
+		{
+			$character_list = '';
+			foreach ($matches[0] as $cur_match)
+			{
+				$character_list .= $cur_match . '<br />';
+			}
+			$this->warn_msg[] = $user->lang('UNSUPPORTED_CHARACTERS', $character_list);
+			return (!$update_this_message) ? $return_message : $this->warn_msg;
+		}
+
 		// Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length.
 		// The maximum length check happened before any parsings.
 		if ($mode === 'post' && utf8_clean_string($this->message) === '')

phpBB/language/en/posting.php

@@ -256,6 +256,7 @@ $lang = array_merge($lang, array(
 
 	'UNAUTHORISED_BBCODE'		=> 'You cannot use certain BBCodes: %s.',
 	'UNGLOBALISE_EXPLAIN'		=> 'To switch this topic back from being global to a normal topic, you need to select the forum you wish this topic to be displayed.',
+	'UNSUPPORTED_CHARACTERS'	=> 'Your message contains the following unsupported characters:<br />%s',
 	'UPDATE_COMMENT'			=> 'Update comment',
 	'URL_INVALID'				=> 'The URL you specified is invalid.',
 	'URL_NOT_FOUND'				=> 'The file specified could not be found.',

tests/functional/posting_test.php

@@ -36,4 +36,42 @@ class phpbb_functional_posting_test extends phpbb_functional_test_case
 		$crawler = self::request('GET', "posting.php?mode=quote&f=2&t={$post2['topic_id']}&p={$post2['post_id']}&sid={$this->sid}");
 		$this->assertContains('This is a test post posted by the testing framework.', $crawler->filter('html')->text());
 	}
+
+	public function test_unsupported_characters()
+	{
+		$this->login();
+
+		$this->add_lang('posting');
+
+		$crawler = self::request('GET', "posting.php?mode=reply&f=2&t=1&sid={$this->sid}");
+
+		$form = $crawler->selectButton('Submit')->form();
+
+		$hidden_fields = array(
+			$crawler->filter('[type="hidden"]')->each(function ($node, $i) {
+				return array('name' => $node->attr('name'), 'value' => $node->attr('value'));
+			}),
+		);
+
+		foreach ($hidden_fields as $fields)
+		{
+			foreach($fields as $field)
+			{
+				$form_data[$field['name']] = $field['value'];
+			}
+		}
+
+		// Bypass time restriction that said that if the lastclick time (i.e. time when the form was opened)
+		// is not at least 2 seconds before submission, cancel the form
+		$form_data['lastclick'] = 0;
+
+		$form_data += array(
+			'subject'		=> 'Unsupported characters',
+			'message'		=> 'This is a test with these weird characters: 👅👅👅',
+			'post'			=> true,
+		);
+		$crawler = self::request('POST', "posting.php?mode=reply&f=2&t=1&sid={$this->sid}", $form_data);
+
+		$this->assertContains('Your message contains the following unsupported characters', $crawler->text());
+	}
 }