Menu
▾
▴
[Phpbb-checkins] CVS: phpBB2/includes bbcode.php,1.12,1.13
|
From: Doug K. <dou...@us...> - 2001-10-19 13:28:39
|
Update of /cvsroot/phpbb/phpBB2/includes
In directory usw-pr-cvs1:/tmp/cvs-serv29703/includes
Modified Files:
bbcode.php
Log Message:
Removing traces of global announcements and also fixing a potential security hole in bbcode. Img-based javascript is now stripped. All images have to begin with http://
Index: bbcode.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/bbcode.php,v
retrieving revision 1.12
retrieving revision 1.13
diff -C2 -r1.12 -r1.13
*** bbcode.php 2001/10/01 23:22:18 1.12
--- bbcode.php 2001/10/19 13:28:35 1.13
***************
*** 264,268 ****
// [img]image_url_here[/img] code..
! $text = preg_replace("#\[img\](.*?)\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text);
// Remove our padding from the string..
--- 264,268 ----
// [img]image_url_here[/img] code..
! $text = preg_replace("#\[img\](([a-z]+?)://([^, \n\r]+))\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text);
// Remove our padding from the string..
|
