Changeset 891 for trunk


Ignore:
Timestamp:
Jan 13, 2023, 12:40:34 AM (23 months ago)
Author:
chronos
Message:
  • Fixed: HTML BBCode parser not supported for newer PHP 8.1. Replaced by simpler solution.
Location:
trunk
Files:
1 deleted
9 edited

Legend:

Unmodified
Added
Removed
  • trunk/Application/Version.php

    r888 r891  
    77
    88$Version = '1.0';
    9 $Revision = 887; // Subversion revision
     9$Revision = 891; // Subversion revision
    1010$DatabaseRevision = 887; // Database structure revision
    11 $ReleaseDate = strtotime('2022-12-27');
     11$ReleaseDate = strtotime('2023-01-13');
  • trunk/Modules/Export/Export.php

    r888 r891  
    664664
    665665'<p>Texty přebírány z projektu <a href="https://wowpreklad.zdechov.net/">wowpreklad.zdechov.net</a><br>'.
    666 '<a href="http://wowpreklad.zdechov.nets/export/?Action=View&ExportId='.$this->Id.'&Tab=0">Export '.$this->Id.'</a></p><br>'.
     666'<a href="https://wowpreklad.zdechov.nets/export/?Action=View&ExportId='.$this->Id.'&Tab=0">Export '.$this->Id.'</a></p><br>'.
    667667
    668668
  • trunk/Modules/Forum/Forum.php

    r888 r891  
    4040  function ShowBox()
    4141  {
    42     $Parser = new HTML_BBCodeParser2(array('filters' => array('Basic', 'Extended',
    43       'Images', 'Links', 'Lists', 'Email')));
    4442    $Count = 20;
    4543    $Output = '<strong><a href="'.$this->System->Link('/forum/').'">'.T('Last forum posts').':</a></strong>';
     
    5856        '<td><a href="'.$this->System->Link('/forum/?Thread='.$DbRow['Thread']).'">'.HumanDate($DbRow['Date']).'</a></td>'.
    5957        '<td><a href="'.$this->System->Link('/user/?user='.$DbRow['UserId']).'">'.$DbRow['UserName'].'</a></td>'.
    60         '<td>'.$Parser->qparse(htmlspecialchars($DbRow['Text'])).'</td>'.
     58        '<td>'.ShowBBcodes(htmlspecialchars($DbRow['Text'])).'</td>'.
    6159        '</tr>';
    6260    }
     
    7472    if (array_key_exists('a', $_POST)) $Action = $_POST['a'];
    7573      else if (array_key_exists('a', $_GET)) $Action = $_GET['a'];
    76        else $Action = '';
     74      else $Action = '';
    7775    if (array_key_exists('Edit', $_GET)) {
    7876      if (array_key_exists('text', $_POST))
    7977        $Output .= $this->Edit();
    8078      $Output .= $this->ShowEditForm();
    81 
    8279    } else
    8380    if (array_key_exists('search', $_GET))
     
    10198  {
    10299    $Output = '';
    103     $Text = $_POST['text'];
    104     $DbResult = $this->System->Database->query('UPDATE `ForumText` SET `Text`="'.$_POST['text'].'" WHERE `User` = '.$this->System->User->Id.' AND `ID` = '.$_GET['Edit']);
     100    $this->System->Database->query('UPDATE `ForumText` SET `Text`="'.$_POST['text'].'" WHERE `User` = '.$this->System->User->Id.' AND `ID` = '.$_GET['Edit']);
    105101    $Output .= ShowMessage(T('Text edited.'));
    106102    return $Output;
     
    132128  function ShowSearchForum()
    133129  {
    134     $parser = new HTML_BBCodeParser2(array('filters' => array('Basic','Extended','Images','Links','Lists','Email')));
    135     $Count = 20;
    136130    $Output = '';
    137131
     
    153147      $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.
    154148      htmlspecialchars($Line['ThreadName']).'</a><br /><strong>'.$Line['UserName'].
    155       '</strong> ('.HumanDate($Line['Date']).'): '.$parser->qparse(htmlspecialchars($Line['Text'])).'</div> ';
     149      '</strong> ('.HumanDate($Line['Date']).'): '.ShowBBcodes(htmlspecialchars($Line['Text'])).'</div> ';
    156150    $Output .= '</div>'.$PageList['Output'];
    157151    return $Output;
     
    181175    $Output = '';
    182176
    183     $Parser = new HTML_BBCodeParser2(array('filters' => array('Basic', 'Extended', 'Images', 'Links', 'Lists', 'Email')));
    184 
    185177    if (array_key_exists('search', $_GET)) $_SESSION['search'] = $_GET['search'];
    186178    else if (!array_key_exists('search', $_SESSION)) $_SESSION['search'] = '';
     
    212204        $edit = '<a href="?Edit='.$Line['ID'].'">'.T('edit').'</a>';
    213205      } else $edit = '';
    214       $Text = str_replace("\n", '<br />', $Parser->qparse(htmlspecialchars($Line['Text'])));
     206      $Text = str_replace("\n", '<br />', ShowBBcodes(htmlspecialchars($Line['Text'])));
    215207      $Output .= '<div><span style="float:right;">'.$edit.' ('.HumanDate($Line['Date']).
    216208        ')</span><strong>'.$Line['UserName'].'</strong>: '.$Text.'  </div> ';
     
    306298  function ShowRSS()
    307299  {
    308     $parser = new HTML_BBCodeParser2(array('filters' => array('Basic','Extended','Images','Links','Lists','Email')));
    309 
    310300    $Items = array();
    311301    $TitleLength = 50;
     
    322312        'Title' => htmlspecialchars($DbRow['ThreadText']).' - '.$DbRow['UserName'].': ',
    323313        'Link' => 'http://'.$this->System->Config['Web']['Host'].$this->System->Link('/forum/?Thread='.$DbRow['Thread']),
    324         'Description' => $parser->qparse(htmlspecialchars($DbRow['Text'])),
     314        'Description' => ShowBBcodes(htmlspecialchars($DbRow['Text'])),
    325315        'Time' => $DbRow['UnixDate'],
    326316      );
  • trunk/Modules/Log/Log.php

    r888 r891  
    9191      (
    9292        'Title' => $LogType['Name'].' ('.$Line['UserName'].', '.$Line['IP'].')',
    93         'Link' => 'http://'.$this->System->Config['Web']['Host'].$this->System->Link('/log/'),
     93        'Link' => 'https://'.$this->System->Config['Web']['Host'].$this->System->Link('/log/'),
    9494        'Description' => $LogType['Name'].': '.$Line['Text'].' ('.$Line['UserName'].
    9595          ', '.$Line['IP'].', '.HumanDate($Line['Date']).')',
     
    101101    (
    102102      'Title' => $this->System->Config['Web']['Title'].' - '.T('Logs'),
    103       'Link' => 'http://'.$this->System->Config['Web']['Host'].$this->System->Link('/'),
     103      'Link' => 'https://'.$this->System->Config['Web']['Host'].$this->System->Link('/'),
    104104      'Description' => $this->System->Config['Web']['Description'],
    105105      'WebmasterEmail' => $this->System->Config['Web']['AdminEmail'],
  • trunk/Modules/News/News.php

    r888 r891  
    165165     (
    166166       'Title' => $DbRow['Title'],
    167        'Link' =>  'http://'.$this->System->Config['Web']['Host'].$this->System->Link('/news/?a=item&amp;i='.$DbRow['Id']),
     167       'Link' =>  'https://'.$this->System->Config['Web']['Host'].$this->System->Link('/news/?a=item&amp;i='.$DbRow['Id']),
    168168       'Description' => $DbRow['Text'].' ('.$DbRow['Name'].')',
    169169       'Time' => $DbRow['UnixTime'],
     
    173173    (
    174174      'Title' => $this->System->Config['Web']['Title'].' - '.T('System changes'),
    175       'Link' => 'http://'.$this->System->Config['Web']['Host'].$this->System->Link('/news/'),
     175      'Link' => 'https://'.$this->System->Config['Web']['Host'].$this->System->Link('/news/'),
    176176      'Description' => $this->System->Config['Web']['Description'],
    177177      'WebmasterEmail' => $this->System->Config['Web']['AdminEmail'],
  • trunk/Modules/Referrer/Referrer.php

    r888 r891  
    7777  function ShowList()
    7878  {
    79     $Banner = '<a href="http://'.$this->System->Config['Web']['Host'].$this->System->Link('/').'">'.
    80       '<img src="http://'.$this->System->Config['Web']['Host'].$this->System->Link('/banners/wowpreklad_big.jpg').'" '.
     79    $Banner = '<a href="https://'.$this->System->Config['Web']['Host'].$this->System->Link('/').'">'.
     80      '<img src="https://'.$this->System->Config['Web']['Host'].$this->System->Link('/banners/wowpreklad_big.jpg').'" '.
    8181      'alt="wowpreklad" title="Otevřený projekt překládání celé hry World of Warcraft" '.
    8282      'class="banner" height="60" width="468" /></a>';
    8383
    84     $BannerSmall = '<a href="http://'.$this->System->Config['Web']['Host'].$this->System->Link('/').'">'.
    85       '<img src="http://'.$this->System->Config['Web']['Host'].$this->System->Link('/banners/wowpreklad_small.jpg').'" '.
     84    $BannerSmall = '<a href="https://'.$this->System->Config['Web']['Host'].$this->System->Link('/').'">'.
     85      '<img src="https://'.$this->System->Config['Web']['Host'].$this->System->Link('/banners/wowpreklad_small.jpg').'" '.
    8686      'alt="wowpreklad" title="Otevřený projekt překládání celé hry World of Warcraft" '.
    8787      'class="banner" height="31" width="88" /></a>';
  • trunk/Modules/ShoutBox/ShoutBox.php

    r888 r891  
    150150      (
    151151          'Title' => $DbRow['UserName'].': '.$Title,
    152           'Link' =>  'http://'.$this->System->Config['Web']['Host'].$this->System->Link('/shoutbox/'),
     152          'Link' =>  'https://'.$this->System->Config['Web']['Host'].$this->System->Link('/shoutbox/'),
    153153          'Description' => $DbRow['Text'],
    154154          'Time' => $DbRow['UnixDate'],
     
    158158    (
    159159      'Title' => $this->System->Config['Web']['Title'].' - '.T('Shoutbox'),
    160       'Link' => 'http://'.$this->System->Config['Web']['Host'].$this->System->Link('/shoutbox/'),
     160      'Link' => 'https://'.$this->System->Config['Web']['Host'].$this->System->Link('/shoutbox/'),
    161161      'Description' => $this->System->Config['Web']['Description'],
    162162      'WebmasterEmail' => $this->System->Config['Web']['AdminEmail'],
  • trunk/Modules/User/Profile.php

    r888 r891  
    120120  function ShowLastForum()
    121121  {
    122     $parser = new HTML_BBCodeParser2(array('filters' => array('Basic','Extended','Images','Links','Lists','Email')));
    123122    $Count = 20;
    124123    $Output = '<strong>'.T('Latest forum posts').':</strong>';
     
    132131    while ($Line = $DbResult->fetch_assoc())
    133132      $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.htmlspecialchars($Line['ThreadName']).'</a><br />'.
    134         '<strong>'.$Line['UserName'].'</strong> ('.HumanDate($Line['Date']).'): '.$parser->qparse(htmlspecialchars($Line['Text'])).'</div> ';
     133        '<strong>'.$Line['UserName'].'</strong> ('.HumanDate($Line['Date']).'): '.ShowBBcodes(htmlspecialchars($Line['Text'])).'</div> ';
    135134    $Output .= '</div>';
    136135    return $Output;
  • trunk/includes/Global.php

    r888 r891  
    1010include_once(dirname(__FILE__).'/../Application/UpdateTrace.php');
    1111include_once(dirname(__FILE__).'/PageEdit.php');
    12 require_once(dirname(__FILE__).'/../HTML/BBCodeParser2.php');
    1312
    1413// Back compatibility, will be removed
     
    134133  $DbRow = $DbResult->fetch_assoc();
    135134  $lang = $DbRow['Code'];
    136   $url = 'http://translate.google.cz/?sl=en&tl='.$lang.'&text='.$text;
     135  $url = 'https://translate.google.cz/?sl=en&tl='.$lang.'&text='.$text;
    137136
    138137  error_reporting(E_ALL ^ E_WARNING);
     
    786785    else return $_SERVER['PHP_SELF'];
    787786}
     787
     788function ShowBBcodes($text)
     789{
     790    // NOTE : I had to update this sample code with below line to prevent obvious attacks as pointed out by many users.
     791    // Always ensure that user inputs are scanned and filtered properly.
     792    $text  = htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
     793
     794    // BBcode array
     795    $find = array(
     796      '~\[b\](.*?)\[/b\]~s',
     797      '~\[i\](.*?)\[/i\]~s',
     798      '~\[u\](.*?)\[/u\]~s',
     799      '~\[quote\](.*?)\[/quote\]~s',
     800      '~\[size=(.*?)\](.*?)\[/size\]~s',
     801      '~\[color=(.*?)\](.*?)\[/color\]~s',
     802      '~\[url\]((?:ftp|https?)://.*?)\[/url\]~s',
     803      '~\[img\](https?://.*?\.(?:jpg|jpeg|gif|png|bmp))\[/img\]~s'
     804    );
     805
     806    // HTML tags to replace BBcode
     807    $replace = array(
     808      '<b>$1</b>',
     809      '<i>$1</i>',
     810      '<span style="text-decoration:underline;">$1</span>',
     811      '<pre>$1</'.'pre>',
     812      '<span style="font-size:$1px;">$2</span>',
     813      '<span style="color:$1;">$2</span>',
     814      '<a href="$1">$1</a>',
     815      '<img src="$1" alt="" />'
     816    );
     817
     818    // Replacing the BBcodes with corresponding HTML tags
     819    return preg_replace($find, $replace, $text);
     820}
Note: See TracChangeset for help on using the changeset viewer.