[UseBook-Checkins] UseBook/sources admin.php,1.4,1.5 core.php,1.5,1.6 functions.php,1.5,1.6
Status: Inactive
Brought to you by:
pc_freak
Menu
▾
▴
[UseBook-Checkins] UseBook/sources admin.php,1.4,1.5 core.php,1.5,1.6 functions.php,1.5,1.6
|
From: Vandamme S. <kid...@us...> - 2005-08-21 11:15:18
|
Update of /cvsroot/usebook/UseBook/sources In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5481/sources Modified Files: admin.php core.php functions.php Log Message: A bit of everything. Index: functions.php =================================================================== RCS file: /cvsroot/usebook/UseBook/sources/functions.php,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** functions.php 28 Jul 2005 10:16:19 -0000 1.5 --- functions.php 21 Aug 2005 11:15:07 -0000 1.6 *************** *** 42,45 **** --- 42,73 ---- } + // + // Add slashes to and trim variables + // + function slash_trim_global($global) { + + if ( is_array($global) ) { + + foreach ( $global as $key => $val ) { + + if ( is_array($val) ) { + + $global[$key] = slash_trim_global($val); + + } else { + + if ( !get_magic_quotes_gpc() ) + $val = addslashes($val); + $global[$key] = trim($val); + + } + + } + + } + + return $global; + + } class functions { *************** *** 202,214 **** function markup($string, $bbcode=true, $smilies=true, $html=false) { ! global $template, $lang; if ( !$html ) ! $string = htmlspecialchars($string); if ( $smilies ) { ! foreach ( $template->get_config('smilies') as $key => $val ) ! $string = str_replace($key, '<img src="templates/'.$this->get_config('template').'/smilies/'.$val.'" alt="'.$key.'" />', $string); } --- 230,249 ---- function markup($string, $bbcode=true, $smilies=true, $html=false) { ! global $db, $template, $lang; ! ! $string = preg_replace('#(script|about|applet|activex|chrome):#is', '\\1:', $string); ! ! // ! // Needed by some BBCode regexps and smilies ! // ! $string = ' '.$string.' '; if ( !$html ) ! $string = unhtml($string); if ( $smilies ) { ! foreach ( $template->get_config('smilies') as $pattern => $img ) ! $string = preg_replace('#([\s\]\[])'.preg_quote(unhtml($pattern), '#').'([\s\]\[])#', '\\1<img src="templates/'.$this->get_config('template').'/smilies/'.$img.'" alt="'.unhtml($pattern).'" />\\2', $string); } *************** *** 273,277 **** foreach ( $matches[1] as $oldpart ) { ! $newpart = preg_replace(array('#\[#', '#\]#'), array('[', ']'), $oldpart); $string = str_replace($oldpart, $newpart, $string); --- 308,312 ---- foreach ( $matches[1] as $oldpart ) { ! $newpart = preg_replace(array('#\[#', '#\]#', "#\n#", "#\r#"), array('[', ']', '<br />', ''), $oldpart); $string = str_replace($oldpart, $newpart, $string); *************** *** 282,291 **** // ! // Needed by some BBCode regexps // ! $string = ' '.$string.' '; // ! // All kinds of regexps // $regexps = array( --- 317,333 ---- // ! // Parse URL's and e-mail addresses // ! $ignore_chars = "^a-z0-9"; # warning, rawly included in regex! ! $string = preg_replace(array( ! "#([\s][".$ignore_chars."]*?)([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)([".$ignore_chars."]*?[\s])#is", ! "#([\s][".$ignore_chars."]*?)([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)([".$ignore_chars."]*?[\s])#is" ! ), array( ! '\\1<a href="\\2"'.$target_blank.$rel_nofollow.'>\\2</a>\\3', ! '\\1<a href="mailto:\\2">\\2</a>\\4' ! ), $string); // ! // All kinds of BBCode regexps // $regexps = array( *************** *** 295,317 **** "#\[i\](.*?)\[/i\]#is" => '<em>\\1</em>', // [u]text[/u] ! "#\[u\](.*?)\[/u\]#is" => '<em class="underline">\\1</em>', // [img]image[/img] ! "#\[img\]([\w]+?://[^ \"\n\r\t<]*?)\.(gif|png|jpe?g)\[/img\]#is" => '<img src="\\1.\\2" alt="'.$lang['UserPostedImage'].'" />', // [url]http://www.usebb.net[/url] ! "#\[url\]([\w]+?://[^ \"\n\r\t<]*?)\[/url\]#is" => '<a href="\\1"'.$target_blank.$rel_nofollow.'>\\1</a>', // [url=http://www.usebb.net]UseBB[/url] ! "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is" => '<a href="\\1"'.$target_blank.$rel_nofollow.'>\\2</a>', ! // http://www.usebb.net ! "#([\s\]\[])([\w]+?://[^ \"\n\r\t<]*?)([\s\]\[])#is" => '\\1<a href="\\2"'.$target_blank.$rel_nofollow.'>\\2</a>\\3', // [mailto]som...@no...[/mailto] "#\[mailto\]([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\[/mailto\]#is" => '<a href="mailto:\\1">\\1</a>', // [mailto=som...@no...]mail me[/mailto] "#\[mailto=([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\](.*?)\[/mailto\]#is" => '<a href="mailto:\\1">\\3</a>', - // som...@no... - "#([\s\]\[])([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)([\s\]\[])#is" => '\\1<a href="mailto:\\2">\\2</a>\\4', // [color=red]text[/color] ! "#\[color=(.*?)\](.*?)\[/color\]#is" => '<span style="color:\\1">\\2</span>', // [size=14]text[/size] ! "#\[size=(.*?)\](.*?)\[/size\]#is" => '<span style="font-size:\\1pt">\\2</span>', // [google=keyword]text[/google] "#\[google=(.*?)\](.*?)\[/google\]#is" => '<a href="http://www.google.com/search?q=\\1"'.$target_blank.$rel_nofollow.'>\\2</a>', --- 337,359 ---- "#\[i\](.*?)\[/i\]#is" => '<em>\\1</em>', // [u]text[/u] ! "#\[u\](.*?)\[/u\]#is" => '<u>\\1</u>', ! // [s]text[/s] ! "#\[s\](.*?)\[/s\]#is" => '<del>\\1</del>', // [img]image[/img] ! "#\[img\]([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\.(gif|png|jpe?g)\[/img\]#is" => '<img src="\\1.\\2" alt="'.$lang['UserPostedImage'].'" />', // [url]http://www.usebb.net[/url] ! "#\[url\]([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is" => '<a href="\\1"'.$target_blank.$rel_nofollow.'>\\1</a>', // [url=http://www.usebb.net]UseBB[/url] ! "#\[url=([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\](.*?)\[/url\]#is" => '<a href="\\1"'.$target_blank.$rel_nofollow.'>\\2</a>', // [mailto]som...@no...[/mailto] "#\[mailto\]([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\[/mailto\]#is" => '<a href="mailto:\\1">\\1</a>', // [mailto=som...@no...]mail me[/mailto] "#\[mailto=([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\](.*?)\[/mailto\]#is" => '<a href="mailto:\\1">\\3</a>', // [color=red]text[/color] ! "#\[color=([\#a-z0-9]+)\](.*?)\[/color\]#is" => '<span style="color:\\1">\\2</span>', ! // [size=999]too big text[/size] ! "#\[size=([0-9]{3,})\](.*?)\[/size\]#is" => '\\2', // [size=14]text[/size] ! "#\[size=([0-9]*?)\](.*?)\[/size\]#is" => '<span style="font-size:\\1pt">\\2</span>', // [google=keyword]text[/google] "#\[google=(.*?)\](.*?)\[/google\]#is" => '<a href="http://www.google.com/search?q=\\1"'.$target_blank.$rel_nofollow.'>\\2</a>', *************** *** 332,347 **** $string = preg_replace("#\[quote=(.*?)\](.*?)\[/quote\]#is", sprintf($template->get_config('quote_format'), sprintf($lang['Wrote'], '\\1'), '\\2'), $string); - $string = trim($string); - } if ( !$html ) { ! $string = str_replace("\n", "<br />", $string); $string = str_replace("\r", "", $string); } ! return $string; } --- 374,387 ---- $string = preg_replace("#\[quote=(.*?)\](.*?)\[/quote\]#is", sprintf($template->get_config('quote_format'), sprintf($lang['Wrote'], '\\1'), '\\2'), $string); } if ( !$html ) { ! $string = str_replace("\n", "<br />\n", $string); $string = str_replace("\r", "", $string); } ! return trim($string); } Index: admin.php =================================================================== RCS file: /cvsroot/usebook/UseBook/sources/admin.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** admin.php 18 Jun 2005 12:29:20 -0000 1.4 --- admin.php 21 Aug 2005 11:15:06 -0000 1.5 *************** *** 108,114 **** // Login // ! function login($username, $password, $db=false) { ! ! global $db; if ( !empty($this->admins[$username]) && $this->admins[$username] == $password ) { --- 108,112 ---- // Login // ! function login($username, $password) { if ( !empty($this->admins[$username]) && $this->admins[$username] == $password ) { Index: core.php =================================================================== RCS file: /cvsroot/usebook/UseBook/sources/core.php,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** core.php 28 Jul 2005 10:16:19 -0000 1.5 --- core.php 21 Aug 2005 11:15:07 -0000 1.6 *************** *** 67,75 **** define('TABLE_PREFIX', $database['prefix']); define('COOKIE_PREFIX', $config['cookie_prefix']); ! define('USEBOOK_VERSION', '0.3-CVS'); define('USER_PREG', '#^[A-Za-z0-9_\-]+$#'); define('EMAIL_PREG', '#^[a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+$#'); define('WEB_PREG', '#^[\w]+?://[^ \"\n\r\t<]*?$#i'); define('IMG_PREG', '#^[\w]+?://[^ \"\n\r\t<]*?\.(gif|png|jpe?g)$#i'); // --- 67,83 ---- define('TABLE_PREFIX', $database['prefix']); define('COOKIE_PREFIX', $config['cookie_prefix']); ! define('USEBOOK_VERSION', '0.4-CVS'); define('USER_PREG', '#^[A-Za-z0-9_\-]+$#'); define('EMAIL_PREG', '#^[a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+$#'); define('WEB_PREG', '#^[\w]+?://[^ \"\n\r\t<]*?$#i'); define('IMG_PREG', '#^[\w]+?://[^ \"\n\r\t<]*?\.(gif|png|jpe?g)$#i'); + + // + // Add slashes and trim get, post and cookie variables + // + $_GET = slash_trim_global($_GET); + $_POST = slash_trim_global($_POST); + $_COOKIE = slash_trim_global($_COOKIE); + $_REQUEST = slash_trim_global($_REQUEST); // |