[Phpbb-checkins] CVS: phpBB2/includes bbcode.php,1.36.2.7,1.36.2.8 functions_post.php,1.9.2.7,1.9.2.

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phpbb/phpBB2/includes
In directory usw-pr-cvs1:/tmp/cvs-serv21627/includes

Modified Files:
      Tag: phpBB-2_0_0
	bbcode.php functions_post.php 
Log Message:
Ok, several things accomplished here...
1) Improvements to deletion of users in admin_users. 
This includes bug 166 and Sourceforge tracker task #49374.

2) Two security holes were patched, both pointed out by
Nick Cleaton <nick at cleaton dot net>.
Thanks for letting us know, Nick!

That's about it for now, and it took almost all day. :P
Bye for now!
-Doug

Index: bbcode.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/bbcode.php,v
retrieving revision 1.36.2.7
retrieving revision 1.36.2.8
diff -C2 -r1.36.2.7 -r1.36.2.8
*** bbcode.php	17 May 2002 18:22:34 -0000	1.36.2.7
--- bbcode.php	12 Jun 2002 05:33:54 -0000	1.36.2.8
***************
*** 283,287 ****

  	// [img]image_url_here[/img] code..
! 	$text = preg_replace("#\[img\](([a-z]+?)://([^ \"\n\r]+?))\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text);

  	// Remove our padding from the string..
--- 283,287 ----

  	// [img]image_url_here[/img] code..
! 	$text = preg_replace("#\[img\]([http|https]+?://)([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/img\]#si", "[img:$uid]\\1\\2[/img:$uid]", $text);

  	// Remove our padding from the string..

Index: functions_post.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/functions_post.php,v
retrieving revision 1.9.2.7
retrieving revision 1.9.2.8
diff -C2 -r1.9.2.7 -r1.9.2.8
*** functions_post.php	20 May 2002 00:21:38 -0000	1.9.2.7
--- functions_post.php	12 Jun 2002 05:33:54 -0000	1.9.2.8
***************
*** 78,82 ****
  					if ( preg_match('/^<\/?' . $match_tag . '\b/i', $hold_string) )
  					{
! 						$tagallowed = true;
  					}
  				}
--- 78,85 ----
  					if ( preg_match('/^<\/?' . $match_tag . '\b/i', $hold_string) )
  					{
! 						if ( !preg_match('/style[="](.*?)["]/i', $hold_string) )
! 						{
! 							$tagallowed = true;
! 						}
  					}
  				}

[Phpbb-checkins] CVS: phpBB2/includes bbcode.php,1.36.2.7,1.36.2.8 functions_post.php,1.9.2.7,1.9.2.

phpBB is the world's leading open source discussion forum software.

[Phpbb-checkins] CVS: phpBB2/includes bbcode.php,1.36.2.7,1.36.2.8 functions_post.php,1.9.2.7,1.9.2.8