From acd824d4324c4bee00e8aa1c2cb4c0c7123ed900 Mon Sep 17 00:00:00 2001
From: rxu <rxu@mail.ru>
Date: Wed, 10 Jun 2020 17:41:59 +0700
Subject: [PATCH 1/5] [ticket/16524] Filter out-of-bounds UTF8 characters for
 profile fields

PHPBB3-16524
---
 .../container/services_profilefield.yml       |  3 +++
 phpBB/phpbb/profilefields/manager.php         | 11 ++++++++++
 .../phpbb/profilefields/type/type_string.php  | 21 ++++++++++++++++++-
 phpBB/phpbb/profilefields/type/type_text.php  | 21 ++++++++++++++++++-
 tests/profilefields/type_string_test.php      |  2 ++
 tests/profilefields/type_url_test.php         |  2 ++
 6 files changed, 58 insertions(+), 2 deletions(-)

diff --git a/phpBB/config/default/container/services_profilefield.yml b/phpBB/config/default/container/services_profilefield.yml
index ebbd3fbf8e..c0ef5ec7e4 100644
--- a/phpBB/config/default/container/services_profilefield.yml
+++ b/phpBB/config/default/container/services_profilefield.yml
@@ -82,6 +82,7 @@ services:
     profilefields.type.string:
         class: phpbb\profilefields\type\type_string
         arguments:
+            - '@auth'
             - '@request'
             - '@template'
             - '@user'
@@ -91,6 +92,7 @@ services:
     profilefields.type.text:
         class: phpbb\profilefields\type\type_text
         arguments:
+            - '@auth'
             - '@request'
             - '@template'
             - '@user'
@@ -100,6 +102,7 @@ services:
     profilefields.type.url:
         class: phpbb\profilefields\type\type_url
         arguments:
+            - '@auth'
             - '@request'
             - '@template'
             - '@user'
diff --git a/phpBB/phpbb/profilefields/manager.php b/phpBB/phpbb/profilefields/manager.php
index 5daa61076c..5784a1212a 100644
--- a/phpBB/phpbb/profilefields/manager.php
+++ b/phpBB/phpbb/profilefields/manager.php
@@ -254,6 +254,17 @@ class manager
 			/** @var \phpbb\profilefields\type\type_interface $profile_field */
 			$profile_field = $this->type_collection[$row['field_type']];
 			$cp_data['pf_' . $row['field_ident']] = $profile_field->get_profile_field($row);
+
+			/**
+			 * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL with UCR/NCR
+			 * using their Numeric Character Reference's Hexadecimal notation.
+			 * Check the permissions for using Emojis first.
+			 */
+			if ($this->auth->acl_get('u_emoji'))
+			{
+				$cp_data['pf_' . $row['field_ident']] = utf8_encode_ucr($cp_data['pf_' . $row['field_ident']]);
+			}
+
 			$check_value = $cp_data['pf_' . $row['field_ident']];
 
 			if (($cp_result = $profile_field->validate_profile_field($check_value, $row)) !== false)
diff --git a/phpBB/phpbb/profilefields/type/type_string.php b/phpBB/phpbb/profilefields/type/type_string.php
index 8710c8c603..289d78228a 100644
--- a/phpBB/phpbb/profilefields/type/type_string.php
+++ b/phpBB/phpbb/profilefields/type/type_string.php
@@ -15,6 +15,12 @@ namespace phpbb\profilefields\type;
 
 class type_string extends type_string_common
 {
+	/**
+	* Auth object
+	* @var \phpbb\auth\auth
+	*/
+	protected $auth;
+
 	/**
 	* Request object
 	* @var \phpbb\request\request
@@ -36,12 +42,14 @@ class type_string extends type_string_common
 	/**
 	* Construct
 	*
+	* @param	\phpbb\auth\auth			$auth		Auth object
 	* @param	\phpbb\request\request		$request	Request object
 	* @param	\phpbb\template\template	$template	Template object
 	* @param	\phpbb\user					$user		User object
 	*/
-	public function __construct(\phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
+	public function __construct(\phpbb\auth\auth $auth, \phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
 	{
+		$this->auth = $auth;
 		$this->request = $request;
 		$this->template = $template;
 		$this->user = $user;
@@ -99,6 +107,17 @@ class type_string extends type_string_common
 	*/
 	public function validate_profile_field(&$field_value, $field_data)
 	{
+		/**
+		 * Check for out-of-bounds characters that are currently
+		 * not supported by utf8_bin in MySQL if Emoji is not allowed
+		 */
+		if (!$this->auth->acl_get('u_emoji'))
+		{
+			if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $field_value))
+			{
+				return $this->user->lang('FIELD_INVALID_CHARS_INVALID', $this->get_field_name($field_data['lang_name']));
+			}
+		}
 		return $this->validate_string_profile_field('string', $field_value, $field_data);
 	}
 
diff --git a/phpBB/phpbb/profilefields/type/type_text.php b/phpBB/phpbb/profilefields/type/type_text.php
index 79ee82351a..a2e2167ac5 100644
--- a/phpBB/phpbb/profilefields/type/type_text.php
+++ b/phpBB/phpbb/profilefields/type/type_text.php
@@ -15,6 +15,12 @@ namespace phpbb\profilefields\type;
 
 class type_text extends type_string_common
 {
+	/**
+	* Auth object
+	* @var \phpbb\auth\auth
+	*/
+	protected $auth;
+
 	/**
 	* Request object
 	* @var \phpbb\request\request
@@ -36,12 +42,14 @@ class type_text extends type_string_common
 	/**
 	* Construct
 	*
+	* @param	\phpbb\auth\auth			$auth		Auth object
 	* @param	\phpbb\request\request		$request	Request object
 	* @param	\phpbb\template\template	$template	Template object
 	* @param	\phpbb\user					$user		User object
 	*/
-	public function __construct(\phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
+	public function __construct(\phpbb\auth\auth $auth, \phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
 	{
+		$this->auth = $auth;
 		$this->request = $request;
 		$this->template = $template;
 		$this->user = $user;
@@ -99,6 +107,17 @@ class type_text extends type_string_common
 	*/
 	public function validate_profile_field(&$field_value, $field_data)
 	{
+		/**
+		 * Check for out-of-bounds characters that are currently
+		 * not supported by utf8_bin in MySQL if Emoji is not allowed
+		 */
+		if (!$this->auth->acl_get('u_emoji'))
+		{
+			if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $field_value))
+			{
+				return $this->user->lang('FIELD_INVALID_CHARS_INVALID', $this->get_field_name($field_data['lang_name']));
+			}
+		}
 		return $this->validate_string_profile_field('text', $field_value, $field_data);
 	}
 
diff --git a/tests/profilefields/type_string_test.php b/tests/profilefields/type_string_test.php
index 54bb406838..d7ad16895d 100644
--- a/tests/profilefields/type_string_test.php
+++ b/tests/profilefields/type_string_test.php
@@ -26,6 +26,7 @@ class phpbb_profilefield_type_string_test extends phpbb_test_case
 	{
 		global $config, $request, $user, $cache, $phpbb_root_path, $phpEx;
 
+		$auth = new \phpbb\auth\auth();
 		$user = $this->getMock('\phpbb\user', array(), array(
 			new \phpbb\language\language(new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx)),
 			'\phpbb\datetime'
@@ -40,6 +41,7 @@ class phpbb_profilefield_type_string_test extends phpbb_test_case
 		$template = $this->getMock('\phpbb\template\template');
 
 		$this->cp = new \phpbb\profilefields\type\type_string(
+			$auth,
 			$request,
 			$template,
 			$user
diff --git a/tests/profilefields/type_url_test.php b/tests/profilefields/type_url_test.php
index 3bb5d52899..f592d1099d 100644
--- a/tests/profilefields/type_url_test.php
+++ b/tests/profilefields/type_url_test.php
@@ -30,6 +30,7 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
 	{
 		global $config, $request, $user, $cache, $phpbb_root_path, $phpEx;
 
+		$auth = new \phpbb\auth\auth();
 		$config = new \phpbb\config\config([]);
 		$cache = new phpbb_mock_cache;
 		$user = $this->getMock('\phpbb\user', array(), array(
@@ -44,6 +45,7 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
 		$template = $this->getMock('\phpbb\template\template');
 
 		$this->cp = new \phpbb\profilefields\type\type_url(
+			$auth,
 			$request,
 			$template,
 			$user

From ab3d8ade7235968eb2e56dd47cc9b2af49948e36 Mon Sep 17 00:00:00 2001
From: rxu <rxu@mail.ru>
Date: Wed, 10 Jun 2020 18:37:13 +0700
Subject: [PATCH 2/5] [ticket/16524] Add test

PHPBB3-16524
---
 tests/functional/ucp_profile_test.php | 85 +++++++++++++++++++++++++++
 1 file changed, 85 insertions(+)

diff --git a/tests/functional/ucp_profile_test.php b/tests/functional/ucp_profile_test.php
index e7abba9255..c9f335a052 100644
--- a/tests/functional/ucp_profile_test.php
+++ b/tests/functional/ucp_profile_test.php
@@ -46,4 +46,89 @@ class phpbb_functional_ucp_profile_test extends phpbb_functional_test_case
 		$this->assertEquals('phpbb_twitter', $form->get('pf_phpbb_twitter')->getValue());
 		$this->assertEquals('phpbb.youtube', $form->get('pf_phpbb_youtube')->getValue());
 	}
+
+	public function test_submitting_emoji_allowed()
+	{
+		$this->add_lang('ucp');
+		$this->login();
+
+		$crawler = self::request('GET', 'ucp.php?i=ucp_profile&mode=profile_info');
+		$this->assertContainsLang('UCP_PROFILE_PROFILE_INFO', $crawler->filter('#cp-main h2')->text());
+
+		$form = $crawler->selectButton('Submit')->form([
+			'pf_phpbb_location'	=> '😁', // grinning face with smiling eyes Emoji
+		]);
+		$crawler = self::submit($form);
+		$this->assertContainsLang('PROFILE_UPDATED', $crawler->filter('#message')->text());
+
+		$crawler = self::request('GET', 'ucp.php?i=ucp_profile&mode=profile_info');
+		$form = $crawler->selectButton('Submit')->form();
+		$this->assertEquals('😁', $form->get('pf_phpbb_location')->getValue());
+	}
+
+	public function test_submitting_emoji_disallowed()
+	{
+		$this->add_lang(['ucp', 'acp/permissions']);
+		$this->login();
+		$this->admin_login();
+
+		// Group global permissions
+		$crawler = self::request('GET', 'adm/index.php?i=acp_permissions&icat=16&mode=setting_group_global&sid=' . $this->sid);
+		$this->assertContainsLang('ACP_GROUPS_PERMISSIONS_EXPLAIN', $this->get_content());
+
+		// Select Registered users group
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form(['group_id' => [2]]);
+		$crawler = self::submit($form);
+		$this->assertContainsLang('ACL_SET', $crawler->filter('h1')->eq(1)->text());
+
+		// Globals for \phpbb\auth\auth
+		global $db, $cache;
+		$db = $this->get_db();
+		$cache = new phpbb_mock_null_cache;
+
+		$auth = new \phpbb\auth\auth;
+		// Hardcoded user_id
+		$user_data = $auth->obtain_user_data(2);
+		$auth->acl($user_data);
+		$this->assertEquals(1, $auth->acl_get('u_emoji'));
+
+		// Set u_emoji to never
+		$form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form(['setting[2][0][u_emoji]' => '0']);
+		$crawler = self::submit($form);
+		$this->assertContainsLang('AUTH_UPDATED', $crawler->text());
+
+		// check acl again
+		$auth = new \phpbb\auth\auth;
+		$user_data = $auth->obtain_user_data(2);
+		$auth->acl($user_data);
+		$this->assertEquals(0, $auth->acl_get('u_emoji'));
+
+		$crawler = self::request('GET', 'ucp.php?i=ucp_profile&mode=profile_info');
+		$this->assertContainsLang('UCP_PROFILE_PROFILE_INFO', $crawler->filter('#cp-main h2')->text());
+
+		$form = $crawler->selectButton('Submit')->form([
+			'pf_phpbb_location'	=> '😁', // grinning face with smiling eyes Emoji
+		]);
+
+		$crawler = self::submit($form);
+		$this->assertContains('The field “Location” has invalid characters.', $crawler->filter('p[class="error"]')->text());
+
+		// Set u_emoji back to Yes
+		$crawler = self::request('GET', 'adm/index.php?i=acp_permissions&icat=16&mode=setting_group_global&sid=' . $this->sid);
+		$this->assertContainsLang('ACP_GROUPS_PERMISSIONS_EXPLAIN', $this->get_content());
+		// Select Registered users group
+		$form = $crawler->selectButton($this->lang('SUBMIT'))->form(['group_id' => [2]]);
+		$crawler = self::submit($form);
+		$this->assertContainsLang('ACL_SET', $crawler->filter('h1')->eq(1)->text());
+		// Set u_emoji to never
+		$form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form(["setting[2][0][u_emoji]" => '1']);
+		$crawler = self::submit($form);
+		$this->assertContainsLang('AUTH_UPDATED', $crawler->text());
+
+		// check acl again
+		$auth = new \phpbb\auth\auth;
+		$user_data = $auth->obtain_user_data(2);
+		$auth->acl($user_data);
+		$this->assertEquals(1, $auth->acl_get('u_emoji'));
+	}
 }

From 0ba0a9cbd310bfbf00fc5571c47119b725dd952c Mon Sep 17 00:00:00 2001
From: rxu <rxu@mail.ru>
Date: Wed, 10 Jun 2020 22:08:29 +0700
Subject: [PATCH 3/5] [ticket/16524] Adjust u_emoji permission language entry

PHPBB3-16524
---
 phpBB/language/en/acp/permissions_phpbb.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/phpBB/language/en/acp/permissions_phpbb.php b/phpBB/language/en/acp/permissions_phpbb.php
index ab8939932b..395a2d7c7f 100644
--- a/phpBB/language/en/acp/permissions_phpbb.php
+++ b/phpBB/language/en/acp/permissions_phpbb.php
@@ -79,7 +79,7 @@ $lang = array_merge($lang, array(
 	'ACL_U_SAVEDRAFTS'	=> 'Can save drafts',
 	'ACL_U_CHGCENSORS'	=> 'Can disable word censors',
 	'ACL_U_SIG'			=> 'Can use signature',
-	'ACL_U_EMOJI'		=> 'Can use emoji and rich text characters in topic title',
+	'ACL_U_EMOJI'		=> 'Can use emoji and rich text characters in topic title<br /><em>This setting also affects profile fields.</em>',
 
 	'ACL_U_SENDPM'		=> 'Can send private messages',
 	'ACL_U_MASSPM'		=> 'Can send private messages to multiple users',

From b1c6b3bc9424ffb876b35b9f89d5789daa2efa7f Mon Sep 17 00:00:00 2001
From: rxu <rxu@mail.ru>
Date: Wed, 10 Jun 2020 23:23:59 +0700
Subject: [PATCH 4/5] [ticket/16524] Minor code adjustments

PHPBB3-16524
---
 phpBB/language/en/acp/permissions_phpbb.php    | 2 +-
 phpBB/phpbb/profilefields/type/type_string.php | 2 +-
 phpBB/phpbb/profilefields/type/type_text.php   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/phpBB/language/en/acp/permissions_phpbb.php b/phpBB/language/en/acp/permissions_phpbb.php
index 395a2d7c7f..27c4c7e9ef 100644
--- a/phpBB/language/en/acp/permissions_phpbb.php
+++ b/phpBB/language/en/acp/permissions_phpbb.php
@@ -79,7 +79,7 @@ $lang = array_merge($lang, array(
 	'ACL_U_SAVEDRAFTS'	=> 'Can save drafts',
 	'ACL_U_CHGCENSORS'	=> 'Can disable word censors',
 	'ACL_U_SIG'			=> 'Can use signature',
-	'ACL_U_EMOJI'		=> 'Can use emoji and rich text characters in topic title<br /><em>This setting also affects profile fields.</em>',
+	'ACL_U_EMOJI'		=> 'Can use emoji and rich text characters in topic title<br><em>This setting also affects profile fields.</em>',
 
 	'ACL_U_SENDPM'		=> 'Can send private messages',
 	'ACL_U_MASSPM'		=> 'Can send private messages to multiple users',
diff --git a/phpBB/phpbb/profilefields/type/type_string.php b/phpBB/phpbb/profilefields/type/type_string.php
index 289d78228a..382f66c12a 100644
--- a/phpBB/phpbb/profilefields/type/type_string.php
+++ b/phpBB/phpbb/profilefields/type/type_string.php
@@ -109,7 +109,7 @@ class type_string extends type_string_common
 	{
 		/**
 		 * Check for out-of-bounds characters that are currently
-		 * not supported by utf8_bin in MySQL if Emoji is not allowed
+		 * not supported by utf8_bin in MySQL if Emoji are not allowed
 		 */
 		if (!$this->auth->acl_get('u_emoji'))
 		{
diff --git a/phpBB/phpbb/profilefields/type/type_text.php b/phpBB/phpbb/profilefields/type/type_text.php
index a2e2167ac5..3b58d6b3e5 100644
--- a/phpBB/phpbb/profilefields/type/type_text.php
+++ b/phpBB/phpbb/profilefields/type/type_text.php
@@ -109,7 +109,7 @@ class type_text extends type_string_common
 	{
 		/**
 		 * Check for out-of-bounds characters that are currently
-		 * not supported by utf8_bin in MySQL if Emoji is not allowed
+		 * not supported by utf8_bin in MySQL if Emoji are not allowed
 		 */
 		if (!$this->auth->acl_get('u_emoji'))
 		{

From befab4f3c10bc7899d4bd039777b0365a0782434 Mon Sep 17 00:00:00 2001
From: rxu <rxu@mail.ru>
Date: Fri, 19 Jun 2020 17:22:34 +0700
Subject: [PATCH 5/5] [ticket/16524] Remove u_emoji permission checks

PHPBB3-16524
---
 .../container/services_profilefield.yml       |  3 -
 phpBB/language/en/acp/permissions_phpbb.php   |  2 +-
 phpBB/phpbb/profilefields/manager.php         | 10 +--
 .../phpbb/profilefields/type/type_string.php  | 21 +-----
 phpBB/phpbb/profilefields/type/type_text.php  | 21 +-----
 tests/functional/ucp_profile_test.php         | 68 +------------------
 tests/profilefields/type_string_test.php      |  2 -
 tests/profilefields/type_url_test.php         |  2 -
 8 files changed, 7 insertions(+), 122 deletions(-)

diff --git a/phpBB/config/default/container/services_profilefield.yml b/phpBB/config/default/container/services_profilefield.yml
index c0ef5ec7e4..ebbd3fbf8e 100644
--- a/phpBB/config/default/container/services_profilefield.yml
+++ b/phpBB/config/default/container/services_profilefield.yml
@@ -82,7 +82,6 @@ services:
     profilefields.type.string:
         class: phpbb\profilefields\type\type_string
         arguments:
-            - '@auth'
             - '@request'
             - '@template'
             - '@user'
@@ -92,7 +91,6 @@ services:
     profilefields.type.text:
         class: phpbb\profilefields\type\type_text
         arguments:
-            - '@auth'
             - '@request'
             - '@template'
             - '@user'
@@ -102,7 +100,6 @@ services:
     profilefields.type.url:
         class: phpbb\profilefields\type\type_url
         arguments:
-            - '@auth'
             - '@request'
             - '@template'
             - '@user'
diff --git a/phpBB/language/en/acp/permissions_phpbb.php b/phpBB/language/en/acp/permissions_phpbb.php
index 27c4c7e9ef..ab8939932b 100644
--- a/phpBB/language/en/acp/permissions_phpbb.php
+++ b/phpBB/language/en/acp/permissions_phpbb.php
@@ -79,7 +79,7 @@ $lang = array_merge($lang, array(
 	'ACL_U_SAVEDRAFTS'	=> 'Can save drafts',
 	'ACL_U_CHGCENSORS'	=> 'Can disable word censors',
 	'ACL_U_SIG'			=> 'Can use signature',
-	'ACL_U_EMOJI'		=> 'Can use emoji and rich text characters in topic title<br><em>This setting also affects profile fields.</em>',
+	'ACL_U_EMOJI'		=> 'Can use emoji and rich text characters in topic title',
 
 	'ACL_U_SENDPM'		=> 'Can send private messages',
 	'ACL_U_MASSPM'		=> 'Can send private messages to multiple users',
diff --git a/phpBB/phpbb/profilefields/manager.php b/phpBB/phpbb/profilefields/manager.php
index 5784a1212a..8af2fe12ad 100644
--- a/phpBB/phpbb/profilefields/manager.php
+++ b/phpBB/phpbb/profilefields/manager.php
@@ -256,14 +256,10 @@ class manager
 			$cp_data['pf_' . $row['field_ident']] = $profile_field->get_profile_field($row);
 
 			/**
-			 * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL with UCR/NCR
-			 * using their Numeric Character Reference's Hexadecimal notation.
-			 * Check the permissions for using Emojis first.
+			 * Replace Emoji and other 4bit UTF-8 chars not allowed by MySQL
+			 * with their Numeric Character Reference's Hexadecimal notation.
 			 */
-			if ($this->auth->acl_get('u_emoji'))
-			{
-				$cp_data['pf_' . $row['field_ident']] = utf8_encode_ucr($cp_data['pf_' . $row['field_ident']]);
-			}
+			$cp_data['pf_' . $row['field_ident']] = utf8_encode_ucr($cp_data['pf_' . $row['field_ident']]);
 
 			$check_value = $cp_data['pf_' . $row['field_ident']];
 
diff --git a/phpBB/phpbb/profilefields/type/type_string.php b/phpBB/phpbb/profilefields/type/type_string.php
index 382f66c12a..8710c8c603 100644
--- a/phpBB/phpbb/profilefields/type/type_string.php
+++ b/phpBB/phpbb/profilefields/type/type_string.php
@@ -15,12 +15,6 @@ namespace phpbb\profilefields\type;
 
 class type_string extends type_string_common
 {
-	/**
-	* Auth object
-	* @var \phpbb\auth\auth
-	*/
-	protected $auth;
-
 	/**
 	* Request object
 	* @var \phpbb\request\request
@@ -42,14 +36,12 @@ class type_string extends type_string_common
 	/**
 	* Construct
 	*
-	* @param	\phpbb\auth\auth			$auth		Auth object
 	* @param	\phpbb\request\request		$request	Request object
 	* @param	\phpbb\template\template	$template	Template object
 	* @param	\phpbb\user					$user		User object
 	*/
-	public function __construct(\phpbb\auth\auth $auth, \phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
+	public function __construct(\phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
 	{
-		$this->auth = $auth;
 		$this->request = $request;
 		$this->template = $template;
 		$this->user = $user;
@@ -107,17 +99,6 @@ class type_string extends type_string_common
 	*/
 	public function validate_profile_field(&$field_value, $field_data)
 	{
-		/**
-		 * Check for out-of-bounds characters that are currently
-		 * not supported by utf8_bin in MySQL if Emoji are not allowed
-		 */
-		if (!$this->auth->acl_get('u_emoji'))
-		{
-			if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $field_value))
-			{
-				return $this->user->lang('FIELD_INVALID_CHARS_INVALID', $this->get_field_name($field_data['lang_name']));
-			}
-		}
 		return $this->validate_string_profile_field('string', $field_value, $field_data);
 	}
 
diff --git a/phpBB/phpbb/profilefields/type/type_text.php b/phpBB/phpbb/profilefields/type/type_text.php
index 3b58d6b3e5..79ee82351a 100644
--- a/phpBB/phpbb/profilefields/type/type_text.php
+++ b/phpBB/phpbb/profilefields/type/type_text.php
@@ -15,12 +15,6 @@ namespace phpbb\profilefields\type;
 
 class type_text extends type_string_common
 {
-	/**
-	* Auth object
-	* @var \phpbb\auth\auth
-	*/
-	protected $auth;
-
 	/**
 	* Request object
 	* @var \phpbb\request\request
@@ -42,14 +36,12 @@ class type_text extends type_string_common
 	/**
 	* Construct
 	*
-	* @param	\phpbb\auth\auth			$auth		Auth object
 	* @param	\phpbb\request\request		$request	Request object
 	* @param	\phpbb\template\template	$template	Template object
 	* @param	\phpbb\user					$user		User object
 	*/
-	public function __construct(\phpbb\auth\auth $auth, \phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
+	public function __construct(\phpbb\request\request $request, \phpbb\template\template $template, \phpbb\user $user)
 	{
-		$this->auth = $auth;
 		$this->request = $request;
 		$this->template = $template;
 		$this->user = $user;
@@ -107,17 +99,6 @@ class type_text extends type_string_common
 	*/
 	public function validate_profile_field(&$field_value, $field_data)
 	{
-		/**
-		 * Check for out-of-bounds characters that are currently
-		 * not supported by utf8_bin in MySQL if Emoji are not allowed
-		 */
-		if (!$this->auth->acl_get('u_emoji'))
-		{
-			if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $field_value))
-			{
-				return $this->user->lang('FIELD_INVALID_CHARS_INVALID', $this->get_field_name($field_data['lang_name']));
-			}
-		}
 		return $this->validate_string_profile_field('text', $field_value, $field_data);
 	}
 
diff --git a/tests/functional/ucp_profile_test.php b/tests/functional/ucp_profile_test.php
index c9f335a052..60e455e980 100644
--- a/tests/functional/ucp_profile_test.php
+++ b/tests/functional/ucp_profile_test.php
@@ -47,7 +47,7 @@ class phpbb_functional_ucp_profile_test extends phpbb_functional_test_case
 		$this->assertEquals('phpbb.youtube', $form->get('pf_phpbb_youtube')->getValue());
 	}
 
-	public function test_submitting_emoji_allowed()
+	public function test_submitting_emoji()
 	{
 		$this->add_lang('ucp');
 		$this->login();
@@ -65,70 +65,4 @@ class phpbb_functional_ucp_profile_test extends phpbb_functional_test_case
 		$form = $crawler->selectButton('Submit')->form();
 		$this->assertEquals('😁', $form->get('pf_phpbb_location')->getValue());
 	}
-
-	public function test_submitting_emoji_disallowed()
-	{
-		$this->add_lang(['ucp', 'acp/permissions']);
-		$this->login();
-		$this->admin_login();
-
-		// Group global permissions
-		$crawler = self::request('GET', 'adm/index.php?i=acp_permissions&icat=16&mode=setting_group_global&sid=' . $this->sid);
-		$this->assertContainsLang('ACP_GROUPS_PERMISSIONS_EXPLAIN', $this->get_content());
-
-		// Select Registered users group
-		$form = $crawler->selectButton($this->lang('SUBMIT'))->form(['group_id' => [2]]);
-		$crawler = self::submit($form);
-		$this->assertContainsLang('ACL_SET', $crawler->filter('h1')->eq(1)->text());
-
-		// Globals for \phpbb\auth\auth
-		global $db, $cache;
-		$db = $this->get_db();
-		$cache = new phpbb_mock_null_cache;
-
-		$auth = new \phpbb\auth\auth;
-		// Hardcoded user_id
-		$user_data = $auth->obtain_user_data(2);
-		$auth->acl($user_data);
-		$this->assertEquals(1, $auth->acl_get('u_emoji'));
-
-		// Set u_emoji to never
-		$form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form(['setting[2][0][u_emoji]' => '0']);
-		$crawler = self::submit($form);
-		$this->assertContainsLang('AUTH_UPDATED', $crawler->text());
-
-		// check acl again
-		$auth = new \phpbb\auth\auth;
-		$user_data = $auth->obtain_user_data(2);
-		$auth->acl($user_data);
-		$this->assertEquals(0, $auth->acl_get('u_emoji'));
-
-		$crawler = self::request('GET', 'ucp.php?i=ucp_profile&mode=profile_info');
-		$this->assertContainsLang('UCP_PROFILE_PROFILE_INFO', $crawler->filter('#cp-main h2')->text());
-
-		$form = $crawler->selectButton('Submit')->form([
-			'pf_phpbb_location'	=> '😁', // grinning face with smiling eyes Emoji
-		]);
-
-		$crawler = self::submit($form);
-		$this->assertContains('The field “Location” has invalid characters.', $crawler->filter('p[class="error"]')->text());
-
-		// Set u_emoji back to Yes
-		$crawler = self::request('GET', 'adm/index.php?i=acp_permissions&icat=16&mode=setting_group_global&sid=' . $this->sid);
-		$this->assertContainsLang('ACP_GROUPS_PERMISSIONS_EXPLAIN', $this->get_content());
-		// Select Registered users group
-		$form = $crawler->selectButton($this->lang('SUBMIT'))->form(['group_id' => [2]]);
-		$crawler = self::submit($form);
-		$this->assertContainsLang('ACL_SET', $crawler->filter('h1')->eq(1)->text());
-		// Set u_emoji to never
-		$form = $crawler->selectButton($this->lang('APPLY_PERMISSIONS'))->form(["setting[2][0][u_emoji]" => '1']);
-		$crawler = self::submit($form);
-		$this->assertContainsLang('AUTH_UPDATED', $crawler->text());
-
-		// check acl again
-		$auth = new \phpbb\auth\auth;
-		$user_data = $auth->obtain_user_data(2);
-		$auth->acl($user_data);
-		$this->assertEquals(1, $auth->acl_get('u_emoji'));
-	}
 }
diff --git a/tests/profilefields/type_string_test.php b/tests/profilefields/type_string_test.php
index d7ad16895d..54bb406838 100644
--- a/tests/profilefields/type_string_test.php
+++ b/tests/profilefields/type_string_test.php
@@ -26,7 +26,6 @@ class phpbb_profilefield_type_string_test extends phpbb_test_case
 	{
 		global $config, $request, $user, $cache, $phpbb_root_path, $phpEx;
 
-		$auth = new \phpbb\auth\auth();
 		$user = $this->getMock('\phpbb\user', array(), array(
 			new \phpbb\language\language(new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx)),
 			'\phpbb\datetime'
@@ -41,7 +40,6 @@ class phpbb_profilefield_type_string_test extends phpbb_test_case
 		$template = $this->getMock('\phpbb\template\template');
 
 		$this->cp = new \phpbb\profilefields\type\type_string(
-			$auth,
 			$request,
 			$template,
 			$user
diff --git a/tests/profilefields/type_url_test.php b/tests/profilefields/type_url_test.php
index f592d1099d..3bb5d52899 100644
--- a/tests/profilefields/type_url_test.php
+++ b/tests/profilefields/type_url_test.php
@@ -30,7 +30,6 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
 	{
 		global $config, $request, $user, $cache, $phpbb_root_path, $phpEx;
 
-		$auth = new \phpbb\auth\auth();
 		$config = new \phpbb\config\config([]);
 		$cache = new phpbb_mock_cache;
 		$user = $this->getMock('\phpbb\user', array(), array(
@@ -45,7 +44,6 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
 		$template = $this->getMock('\phpbb\template\template');
 
 		$this->cp = new \phpbb\profilefields\type\type_url(
-			$auth,
 			$request,
 			$template,
 			$user