From 596e9bb69df2f5d0c07c0b8201cc770bbe5253a0 Mon Sep 17 00:00:00 2001 From: Bruno Ais Date: Tue, 16 Jul 2013 21:20:22 +0100 Subject: [PATCH 1/3] [ticket/11643] generate_text_for_display on mcp/mcp_queue.php sub-task of ticket PHPBB3-11635: find and fix all bypasses of generate_text_for_* PHPBB3-11643 --- phpBB/includes/mcp/mcp_queue.php | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 24afa1f210..14490343c2 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -132,17 +132,7 @@ class mcp_queue $post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false; // Process message, leave it uncensored - $message = $post_info['post_text']; - - if ($post_info['bbcode_bitfield']) - { - include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); - $bbcode = new bbcode($post_info['bbcode_bitfield']); - $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']); - } - - $message = bbcode_nl2br($message); - $message = smiley_text($message); + $message = generate_text_for_display($post_info['message_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES, false); if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) { From f1bfbde3f5bdb9191057f28dd623dc2a3a530bf7 Mon Sep 17 00:00:00 2001 From: Bruno Ais Date: Sat, 20 Jul 2013 16:19:27 +0100 Subject: [PATCH 2/3] [ticket/11643] Fixed typo in the variable name. sub-task of ticket PHPBB3-11635: find and fix all bypasses of generate_text_for_* PHPBB3-11643 --- phpBB/includes/mcp/mcp_queue.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 14490343c2..2c95dc6a67 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -132,7 +132,7 @@ class mcp_queue $post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false; // Process message, leave it uncensored - $message = generate_text_for_display($post_info['message_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES, false); + $message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES, false); if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) { From ea6938d3e518b636529238ab9ffd5b57b1a19241 Mon Sep 17 00:00:00 2001 From: Bruno Ais Date: Thu, 1 Aug 2013 10:11:08 +0100 Subject: [PATCH 3/3] [ticket/11643] Use $parse_flags sub-task of ticket PHPBB3-11635: find and fix all bypasses of generate_text_for_* PHPBB3-11643 --- phpBB/includes/mcp/mcp_queue.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 2c95dc6a67..190fccab9a 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -132,7 +132,8 @@ class mcp_queue $post_unread = (isset($topic_tracking_info[$post_info['topic_id']]) && $post_info['post_time'] > $topic_tracking_info[$post_info['topic_id']]) ? true : false; // Process message, leave it uncensored - $message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES, false); + $parse_flags = ($post_info['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; + $message = generate_text_for_display($post_info['post_text'], $post_info['bbcode_uid'], $post_info['bbcode_bitfield'], $parse_flags, false); if ($post_info['post_attachment'] && $auth->acl_get('u_download') && $auth->acl_get('f_download', $post_info['forum_id'])) {