makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-27 21:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

- implemented the suggested html_entity_decode function made by david

Browse source 
- fixed string length checking by also decoding entities for the sake of checking
- used the new html_entity_decode function


git-svn-id: file:///svn/phpbb/trunk@6545 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2006-11-03 11:26:14 +00:00
parent a3bf1ed63e
commit daa3288a36
22 changed files with 140 additions and 97 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
phpBB/includes/acp/acp_ban.php
View file

@ -189,7 +189,7 @@ class acp_ban
$template->assign_block_vars('ban_reason', array( $template->assign_block_vars('ban_reason', array(
'BAN_ID' => $ban_id, 'BAN_ID' => $ban_id,
'REASON' => $reason, 'REASON' => $reason,
'A_REASON' => addslashes(html_entity_decode($reason))) 'A_REASON' => addslashes(utf8_html_entity_decode($reason)))
); );
} }
} }
@ -201,7 +201,7 @@ class acp_ban
$template->assign_block_vars('ban_give_reason', array( $template->assign_block_vars('ban_give_reason', array(
'BAN_ID' => $ban_id, 'BAN_ID' => $ban_id,
'REASON' => $reason, 'REASON' => $reason,
'A_REASON' => addslashes(html_entity_decode($reason))) 'A_REASON' => addslashes(utf8_html_entity_decode($reason)))
); );
} }
} }

8
phpBB/includes/acp/acp_email.php
View file

@ -150,15 +150,15 @@ class acp_email
$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->subject(html_entity_decode($subject)); $messenger->subject(utf8_html_entity_decode($subject));
$messenger->replyto($config['board_email']); $messenger->replyto($config['board_email']);
$messenger->set_mail_priority($priority); $messenger->set_mail_priority($priority);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'CONTACT_EMAIL' => $config['board_contact'], 'CONTACT_EMAIL' => $config['board_contact'],
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])),
'MESSAGE' => html_entity_decode($message)) 'MESSAGE' => utf8_html_entity_decode($message))
); );
if (!($messenger->send($used_method))) if (!($messenger->send($used_method)))

6
phpBB/includes/acp/acp_inactive.php
View file

@ -108,9 +108,9 @@ class acp_inactive
$messenger->im($row['user_jabber'], $row['username']); $messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'EMAIL_SIG' => $sig, 'EMAIL_SIG' => utf8_html_entity_decode($sig),
'USERNAME' => html_entity_decode($row['username']), 'USERNAME' => utf8_html_entity_decode($row['username']),
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'REGISTER_DATE' => $user->format_date($row['user_regdate']), 'REGISTER_DATE' => $user->format_date($row['user_regdate']),
'U_ACTIVATE' => "$board_url&mode=activate&u=" . $row['user_id'] . '&k=' . $row['user_actkey']) 'U_ACTIVATE' => "$board_url&mode=activate&u=" . $row['user_id'] . '&k=' . $row['user_actkey'])

2
phpBB/includes/acp/acp_language.php
View file

@ -827,7 +827,7 @@ class acp_language
// Write ISO File // Write ISO File
$iso_src = html_entity_decode($row['lang_english_name']) . "\n"; $iso_src = html_entity_decode($row['lang_english_name']) . "\n";
$iso_src .= html_entity_decode($row['lang_local_name']) . "\n"; $iso_src .= utf8_html_entity_decode($row['lang_local_name']) . "\n";
$iso_src .= html_entity_decode($row['lang_author']); $iso_src .= html_entity_decode($row['lang_author']);
$compress->add_data($iso_src, 'language/' . $row['lang_iso'] . '/iso.txt'); $compress->add_data($iso_src, 'language/' . $row['lang_iso'] . '/iso.txt');

8
phpBB/includes/acp/acp_users.php
View file

@ -305,10 +305,10 @@ class acp_users
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), 'WELCOME_MSG' => utf8_html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
'USERNAME' => html_entity_decode($user_row['username']), 'USERNAME' => utf8_html_entity_decode($user_row['username']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey") 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
); );

4
phpBB/includes/auth/auth_ldap.php
View file

@ -38,7 +38,7 @@ function init_ldap()
$search = @ldap_search( $search = @ldap_search(
$ldap, $ldap,
$config['ldap_base_dn'], $config['ldap_base_dn'],
'(' . $config['ldap_uid'] . '=' . ldap_escape(html_entity_decode($user->data['username'])) . ')', '(' . $config['ldap_uid'] . '=' . ldap_escape(utf8_html_entity_decode($user->data['username'])) . ')',
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']), (empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
0, 0,
1 1
@ -98,7 +98,7 @@ function login_ldap(&$username, &$password)
$search = @ldap_search( $search = @ldap_search(
$ldap, $ldap,
$config['ldap_base_dn'], $config['ldap_base_dn'],
'(' . $config['ldap_uid'] . '=' . ldap_escape(html_entity_decode($username)) . ')', '(' . $config['ldap_uid'] . '=' . ldap_escape(utf8_html_entity_decode($username)) . ')',
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']), (empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
0, 0,
1 1

2
phpBB/includes/functions.php
View file

@ -2728,7 +2728,7 @@ function truncate_string($string, $max_length = 60, $allow_reply = true)
$string = substr($string, 4); $string = substr($string, 4);
} }
$_chars = utf8_str_split(html_entity_decode($string)); $_chars = utf8_str_split(utf8_html_entity_decode($string));
$chars = array_map('htmlspecialchars', $_chars); $chars = array_map('htmlspecialchars', $_chars);
// Now check the length ;) // Now check the length ;)

10
phpBB/includes/functions_posting.php
View file

@ -1116,11 +1116,11 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
$messenger->im($addr['jabber'], $addr['name']); $messenger->im($addr['jabber'], $addr['name']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig, 'EMAIL_SIG' => utf8_html_entity_decode($email_sig),
'SITENAME' => html_entity_decode($config['sitename']), 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'USERNAME' => html_entity_decode($addr['name']), 'USERNAME' => utf8_html_entity_decode($addr['name']),
'TOPIC_TITLE' => html_entity_decode($topic_title), 'TOPIC_TITLE' => utf8_html_entity_decode($topic_title),
'FORUM_NAME' => html_entity_decode($forum_name), 'FORUM_NAME' => utf8_html_entity_decode($forum_name),
'U_FORUM' => generate_board_url() . "/viewforum.$phpEx?f=$forum_id&e=0", 'U_FORUM' => generate_board_url() . "/viewforum.$phpEx?f=$forum_id&e=0",
'U_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t=$topic_id&e=0", 'U_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t=$topic_id&e=0",

10
phpBB/includes/functions_privmsgs.php
View file

@ -1598,11 +1598,11 @@ function pm_notification($mode, $author, $recipients, $subject, $message)
$messenger->im($addr['jabber'], $addr['name']); $messenger->im($addr['jabber'], $addr['name']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig, 'EMAIL_SIG' => utf8_html_entity_decode($email_sig),
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'SUBJECT' => html_entity_decode($subject), 'SUBJECT' => utf8_html_entity_decode($subject),
'AUTHOR_NAME' => html_entity_decode($author), 'AUTHOR_NAME' => utf8_html_entity_decode($author),
'USERNAME' => html_entity_decode($addr['name']), 'USERNAME' => utf8_html_entity_decode($addr['name']),
'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox") 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox")
); );

12
phpBB/includes/functions_user.php
View file

@ -1054,11 +1054,11 @@ function validate_string($string, $optional = false, $min = 0, $max = 0)
return false; return false;
} }
if ($min && utf8_strlen($string) < $min) if ($min && utf8_strlen(utf8_html_entity_decode($string)) < $min)
{ {
return 'TOO_SHORT'; return 'TOO_SHORT';
} }
else if ($max && utf8_strlen($string) > $max) else if ($max && utf8_strlen(utf8_html_entity_decode($string)) > $max)
{ {
return 'TOO_LONG'; return 'TOO_LONG';
} }
@ -2011,10 +2011,10 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
$messenger->im($row['user_jabber'], $row['username']); $messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig, 'EMAIL_SIG' => utf8_html_entity_decode($email_sig),
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'USERNAME' => html_entity_decode($row['username']), 'USERNAME' => utf8_html_entity_decode($row['username']),
'GROUP_NAME' => html_entity_decode($group_name), 'GROUP_NAME' => utf8_html_entity_decode($group_name),
'U_GROUP' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=membership") 'U_GROUP' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=membership")
); );

22
phpBB/includes/mcp/mcp_queue.php
View file

@ -537,11 +537,11 @@ function approve_post($post_id_list, $mode)
$messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->im($post_data['user_jabber'], $post_data['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig, 'EMAIL_SIG' => utf8_html_entity_decode($email_sig),
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'USERNAME' => html_entity_decode($post_data['username']), 'USERNAME' => utf8_html_entity_decode($post_data['username']),
'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])), 'POST_SUBJECT' => utf8_html_entity_decode(censor_text($post_data['post_subject'])),
'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title'])), 'TOPIC_TITLE' => utf8_html_entity_decode(censor_text($post_data['topic_title'])),
'U_VIEW_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&e=0", 'U_VIEW_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&e=0",
'U_VIEW_POST' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&p=$post_id&e=$post_id") 'U_VIEW_POST' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&p=$post_id&e=$post_id")
@ -752,12 +752,12 @@ function disapprove_post($post_id_list, $mode)
$messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->im($post_data['user_jabber'], $post_data['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig, 'EMAIL_SIG' => utf8_html_entity_decode($email_sig),
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'USERNAME' => html_entity_decode($post_data['username']), 'USERNAME' => utf8_html_entity_decode($post_data['username']),
'REASON' => html_entity_decode($disapprove_reason), 'REASON' => utf8_html_entity_decode($disapprove_reason),
'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])), 'POST_SUBJECT' => utf8_html_entity_decode(censor_text($post_data['post_subject'])),
'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title']))) 'TOPIC_TITLE' => utf8_html_entity_decode(censor_text($post_data['topic_title'])))
); );
$messenger->send($post_data['user_notify_type']); $messenger->send($post_data['user_notify_type']);

12
phpBB/includes/mcp/mcp_reports.php
View file

@ -491,12 +491,12 @@ function close_report($post_id_list, $mode, $action)
$messenger->im($reporter['user_jabber'], $reporter['username']); $messenger->im($reporter['user_jabber'], $reporter['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig, 'EMAIL_SIG' => utf8_html_entity_decode($email_sig),
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'USERNAME' => html_entity_decode($reporter['username']), 'USERNAME' => utf8_html_entity_decode($reporter['username']),
'CLOSER_NAME' => html_entity_decode($user->data['username']), 'CLOSER_NAME' => utf8_html_entity_decode($user->data['username']),
'POST_SUBJECT' => html_entity_decode(censor_text($post_info[$post_id]['post_subject'])), 'POST_SUBJECT' => utf8_html_entity_decode(censor_text($post_info[$post_id]['post_subject'])),
'TOPIC_TITLE' => html_entity_decode(censor_text($post_info[$post_id]['topic_title']))) 'TOPIC_TITLE' => utf8_html_entity_decode(censor_text($post_info[$post_id]['topic_title'])))
); );
$messenger->send($reporter['user_notify_type']); $messenger->send($reporter['user_notify_type']);

8
phpBB/includes/message_parser.php
View file

@ -365,10 +365,10 @@ class bbcode_firstpass extends bbcode
// Having it here saves us one preg_replace per message containing [code] blocks // Having it here saves us one preg_replace per message containing [code] blocks
// Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too... // Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too...
$htm_match = get_preg_expression('bbcode_htm'); $htm_match = get_preg_expression('bbcode_htm');
$htm_match[3] = '#&\#([0-9]+);#'; // $htm_match[3] = '/&#([0-9]+);/';
unset($htm_match[4]); unset($htm_match[3], $htm_match[4]);
$htm_replace = array('\1', '\2', '\1', '&amp;#\1;'); $htm_replace = array('\1', '\2', '\1'); //, '&amp;#\1;');
$out = ''; $out = '';
@ -419,7 +419,7 @@ class bbcode_firstpass extends bbcode
} }
// Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results // Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results
$code = html_entity_decode($code); $code = utf8_html_entity_decode($code);
$code = highlight_string($code, true); $code = highlight_string($code, true);
$str_from = array('<span style="color: ', '<font color="syntax', '</font>', '<code>', '</code>','[', ']', '.', ':'); $str_from = array('<span style="color: ', '<font color="syntax', '</font>', '<code>', '</code>','[', ']', '.', ':');

6
phpBB/includes/ucp/ucp_activate.php
View file

@ -93,10 +93,10 @@ class ucp_activate
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'USERNAME' => html_entity_decode($user_row['username']), 'USERNAME' => utf8_html_entity_decode($user_row['username']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])) 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])))
); );
$messenger->send($user_row['user_notify_type']); $messenger->send($user_row['user_notify_type']);

8
phpBB/includes/ucp/ucp_groups.php
View file

@ -190,10 +190,10 @@ class ucp_groups
$messenger->im($row['user_jabber'], $row['username']); $messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig, 'EMAIL_SIG' => utf8_html_entity_decode($email_sig),
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'USERNAME' => html_entity_decode($row['username']), 'USERNAME' => utf8_html_entity_decode($row['username']),
'GROUP_NAME' => html_entity_decode($group_row[$group_id]['group_name']), 'GROUP_NAME' => utf8_html_entity_decode($group_row[$group_id]['group_name']),
'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id", 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id",
'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id") 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id")

10
phpBB/includes/ucp/ucp_profile.php
View file

@ -144,9 +144,9 @@ class ucp_profile
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'USERNAME' => html_entity_decode($username, ENT_COMPAT, 'UTF-8'), 'USERNAME' => utf8_html_entity_decode($username),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey") 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
); );
@ -180,8 +180,8 @@ class ucp_profile
$messenger->im($row['user_jabber'], $row['username']); $messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'USERNAME' => html_entity_decode($username, ENT_COMPAT, 'UTF-8'), 'USERNAME' => utf8_html_entity_decode($username),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey") 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
); );

14
phpBB/includes/ucp/ucp_register.php
View file

@ -336,11 +336,11 @@ class ucp_register
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), 'WELCOME_MSG' => utf8_html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
'USERNAME' => html_entity_decode($data['username'], ENT_COMPAT, 'UTF-8'), 'USERNAME' => utf8_html_entity_decode($data['username']),
'PASSWORD' => html_entity_decode($data['new_password']), 'PASSWORD' => html_entity_decode($data['new_password']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
); );
@ -351,7 +351,7 @@ class ucp_register
'FAX_INFO' => $config['coppa_fax'], 'FAX_INFO' => $config['coppa_fax'],
'MAIL_INFO' => $config['coppa_mail'], 'MAIL_INFO' => $config['coppa_mail'],
'EMAIL_ADDRESS' => $data['email'], 'EMAIL_ADDRESS' => $data['email'],
'SITENAME' => $config['sitename']) 'SITENAME' => utf8_html_entity_decode($config['sitename']))
); );
} }
@ -384,8 +384,8 @@ class ucp_register
$messenger->im($row['user_jabber'], $row['username']); $messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'USERNAME' => html_entity_decode($data['username'], ENT_COMPAT, 'UTF-8'), 'USERNAME' => utf8_html_entity_decode($data['username']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
); );

6
phpBB/includes/ucp/ucp_remind.php
View file

@ -69,10 +69,10 @@ class ucp_remind
$messenger->im($user_row['user_jabber'], $user_row['username']); $messenger->im($user_row['user_jabber'], $user_row['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'USERNAME' => html_entity_decode($user_row['username']), 'USERNAME' => utf8_html_entity_decode($user_row['username']),
'PASSWORD' => html_entity_decode($user_password), 'PASSWORD' => html_entity_decode($user_password),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey") 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
); );

12
phpBB/includes/ucp/ucp_resend.php
View file

@ -77,10 +77,10 @@ class ucp_resend
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), 'WELCOME_MSG' => utf8_html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
'USERNAME' => html_entity_decode($user_row['username']), 'USERNAME' => utf8_html_entity_decode($user_row['username']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])),
'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}") 'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")
); );
@ -116,8 +116,8 @@ class ucp_resend
$messenger->im($row['user_jabber'], $row['username']); $messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'USERNAME' => html_entity_decode($user_row['username']), 'USERNAME' => utf8_html_entity_decode($user_row['username']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])),
'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}") 'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")
); );

45
phpBB/includes/utf/utf_tools.php
View file

@ -8,7 +8,7 @@
* *
* @todo make sure the replacements are called correctly * @todo make sure the replacements are called correctly
* already done: strtolower, strtoupper, ucfirst, str_split, strrpos, strlen (hopefully!), strpos, substr * already done: strtolower, strtoupper, ucfirst, str_split, strrpos, strlen (hopefully!), strpos, substr
* remaining: clean_username, htmlentities (no longer needed for internal data?), htmlspecialchars (using charset), html_entity_decode (own function to reverse htmlspecialchars and not htmlentities) * remaining: clean_username, htmlentities (no longer needed for internal data?), htmlspecialchars (using charset)
* strspn, chr, ord * strspn, chr, ord
*/ */
@ -929,6 +929,9 @@ function utf8_case_fold($text, $option = 'full')
return $text; return $text;
} }
/**
* @todo needs documenting
*/
function utf8_clean_string($text) function utf8_clean_string($text)
{ {
$text = utf8_case_fold($text); $text = utf8_case_fold($text);
@ -964,4 +967,44 @@ function utf8_clean_string($text)
return $text; return $text;
} }
if (version_compare(phpversion(), '5', '>='))
{
/**
* @ignore
*/
function utf8_html_entity_decode($string, $quote_style = ENT_COMPAT)
{
return html_entity_decode($string, $quote_style, 'UTF-8');
}
}
else
{
/**
* @todo needs documenting
*/
function utf8_html_entity_decode($string, $quote_style = ENT_COMPAT)
{
static $static_table;
if ($static_table === null)
{
$static_table = array_map('utf8_encode', array_flip(get_html_translation_table(HTML_ENTITIES)));
}
$modified_table = $static_table;
if ($quote_style === ENT_QUOTES)
{
$modified_table['&#039;'] = "'";
}
if ($quote_style === ENT_NOQUOTES)
{
unset($modified_table['&quot;']);
}
return strtr($string, $modified_table);
}
}
?> ?>

4
phpBB/install/install_install.php
View file

@ -1624,10 +1624,10 @@ class install_install extends module
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'USERNAME' => html_entity_decode($admin_name), 'USERNAME' => utf8_html_entity_decode($admin_name),
'PASSWORD' => html_entity_decode($admin_pass1), 'PASSWORD' => html_entity_decode($admin_pass1),
'U_BOARD' => generate_board_url(), 'U_BOARD' => generate_board_url(),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])) 'EMAIL_SIG' => utf8_html_entity_decode(str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])))
); );
$messenger->send(NOTIFY_EMAIL); $messenger->send(NOTIFY_EMAIL);

24
phpBB/memberlist.php
View file

@ -298,17 +298,17 @@ switch ($mode)
$messenger = new messenger(false); $messenger = new messenger(false);
$messenger->template('profile_send_im', $row['user_lang']); $messenger->template('profile_send_im', $row['user_lang']);
$messenger->subject(html_entity_decode($subject)); $messenger->subject(utf8_html_entity_decode($subject));
$messenger->replyto($user->data['user_email']); $messenger->replyto($user->data['user_email']);
$messenger->im($row['user_jabber'], $row['username']); $messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'BOARD_EMAIL' => $config['board_contact'], 'BOARD_EMAIL' => $config['board_contact'],
'FROM_USERNAME' => html_entity_decode($user->data['username']), 'FROM_USERNAME' => utf8_html_entity_decode($user->data['username']),
'TO_USERNAME' => html_entity_decode($row['username']), 'TO_USERNAME' => utf8_html_entity_decode($row['username']),
'MESSAGE' => html_entity_decode($message)) 'MESSAGE' => utf8_html_entity_decode($message))
); );
$messenger->send(NOTIFY_IM); $messenger->send(NOTIFY_IM);
@ -728,7 +728,7 @@ switch ($mode)
if ($user_id) if ($user_id)
{ {
$messenger->subject(html_entity_decode($subject)); $messenger->subject(utf8_html_entity_decode($subject));
$messenger->im($row['user_jabber'], $row['username']); $messenger->im($row['user_jabber'], $row['username']);
$notify_type = $row['user_notify_type']; $notify_type = $row['user_notify_type'];
} }
@ -743,17 +743,17 @@ switch ($mode)
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array( $messenger->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => utf8_html_entity_decode($config['sitename']),
'BOARD_EMAIL' => $config['board_contact'], 'BOARD_EMAIL' => $config['board_contact'],
'TO_USERNAME' => html_entity_decode($row['to_name']), 'TO_USERNAME' => utf8_html_entity_decode($row['to_name']),
'FROM_USERNAME' => html_entity_decode($user->data['username']), 'FROM_USERNAME' => utf8_html_entity_decode($user->data['username']),
'MESSAGE' => html_entity_decode($message)) 'MESSAGE' => utf8_html_entity_decode($message))
); );
if ($topic_id) if ($topic_id)
{ {
$messenger->assign_vars(array( $messenger->assign_vars(array(
'TOPIC_NAME' => html_entity_decode($row['topic_title']), 'TOPIC_NAME' => utf8_html_entity_decode($row['topic_title']),
'U_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=" . $row['forum_id'] . "&t=$topic_id") 'U_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=" . $row['forum_id'] . "&t=$topic_id")
); );
} }
@ -1111,7 +1111,7 @@ switch ($mode)
continue; continue;
} }
$params[] = $key . '=' . urlencode(htmlspecialchars($var)); $params[] = urlencode($key) . '=' . urlencode(htmlspecialchars($var));
} }
} }