Markup modifiers. Fix issue #66 (public ban message lost when rebuilding post body)
This commit is contained in:
parent
4891735c49
commit
6d52c8b428
@ -1456,13 +1456,43 @@ function markup(&$body, $track_cites = false) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (preg_match_all('@<tinyboard ([\w\s]+)>(.+)</tinyboard>@', $body, $modifiers, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
|
||||||
|
$skip_chars = 0;
|
||||||
|
$body_tmp = $body;
|
||||||
|
|
||||||
|
foreach ($modifiers as $modifier) {
|
||||||
|
// preg_match_all is not multibyte-safe
|
||||||
|
foreach ($modifier as &$match) {
|
||||||
|
$match[1] = mb_strlen(substr($body_tmp, 0, $match[1]));
|
||||||
|
}
|
||||||
|
|
||||||
|
$modifier['type'] = $modifier[1][0];
|
||||||
|
$modifier['content'] = $modifier[2][0];
|
||||||
|
|
||||||
|
if ($modifier['type'] == 'ban message') {
|
||||||
|
// Public ban message
|
||||||
|
$replacement = sprintf($config['mod']['ban_message'], $modifier['content']);
|
||||||
|
} elseif (preg_match('/^escape /', $modifier['type'])) {
|
||||||
|
// Escaped (not a real modifier)
|
||||||
|
$replacement = '<tinyboard ' . substr($modifier['type'], strlen('escape ')) . '>' . $modifier['content'] . '</tinyboard>';
|
||||||
|
} else {
|
||||||
|
// Unknown
|
||||||
|
$replacement = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
$body = mb_substr_replace($body, $replacement, $modifier[0][1] + $skip_chars, mb_strlen($modifier[0][0]));
|
||||||
|
$skip_chars += mb_strlen($replacement) - mb_strlen($modifier[0][0]);
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// replace tabs with 8 spaces
|
// replace tabs with 8 spaces
|
||||||
$body = str_replace("\t", ' ', $body);
|
$body = str_replace("\t", ' ', $body);
|
||||||
|
|
||||||
$tracked_cites = array();
|
$tracked_cites = array();
|
||||||
|
|
||||||
// Cites
|
// Cites
|
||||||
if (isset($board) && preg_match_all('/(^|\s)>>(\d+?)([\s,.)?]|$)/m', $body, $cites, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
|
if (isset($board) && preg_match_all('/(^|\s)>>(\d+?)([\s,.)?]|$)/m', $body, $cites, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
|
||||||
if (count($cites[0]) > $config['max_cites']) {
|
if (count($cites[0]) > $config['max_cites']) {
|
||||||
error($config['error']['toomanycites']);
|
error($config['error']['toomanycites']);
|
||||||
}
|
}
|
||||||
@ -1561,6 +1591,10 @@ function markup(&$body, $track_cites = false) {
|
|||||||
return $tracked_cites;
|
return $tracked_cites;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function escape_markup_modifiers($string) {
|
||||||
|
return preg_replace('@<tinyboard ([\w\s]+)>(.+)</tinyboard>@', '<tinyboard escape $1>$2</tinyboard>', $string);
|
||||||
|
}
|
||||||
|
|
||||||
function utf8tohtml($utf8) {
|
function utf8tohtml($utf8) {
|
||||||
return htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8');
|
return htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8');
|
||||||
}
|
}
|
||||||
|
@ -507,6 +507,7 @@ function mod_noticeboard($page_no = 1) {
|
|||||||
if (!hasPermission($config['mod']['noticeboard_post']))
|
if (!hasPermission($config['mod']['noticeboard_post']))
|
||||||
error($config['error']['noaccess']);
|
error($config['error']['noaccess']);
|
||||||
|
|
||||||
|
$_POST['body'] = escape_markup_modifiers($_POST['body']);
|
||||||
markup($_POST['body']);
|
markup($_POST['body']);
|
||||||
|
|
||||||
$query = prepare('INSERT INTO `noticeboard` VALUES (NULL, :mod, :time, :subject, :body)');
|
$query = prepare('INSERT INTO `noticeboard` VALUES (NULL, :mod, :time, :subject, :body)');
|
||||||
@ -568,6 +569,7 @@ function mod_news($page_no = 1) {
|
|||||||
if (!hasPermission($config['mod']['news']))
|
if (!hasPermission($config['mod']['news']))
|
||||||
error($config['error']['noaccess']);
|
error($config['error']['noaccess']);
|
||||||
|
|
||||||
|
$_POST['body'] = escape_markup_modifiers($_POST['body']);
|
||||||
markup($_POST['body']);
|
markup($_POST['body']);
|
||||||
|
|
||||||
$query = prepare('INSERT INTO `news` VALUES (NULL, :name, :time, :subject, :body)');
|
$query = prepare('INSERT INTO `news` VALUES (NULL, :name, :time, :subject, :body)');
|
||||||
@ -737,6 +739,7 @@ function mod_page_ip($ip) {
|
|||||||
if (!hasPermission($config['mod']['create_notes']))
|
if (!hasPermission($config['mod']['create_notes']))
|
||||||
error($config['error']['noaccess']);
|
error($config['error']['noaccess']);
|
||||||
|
|
||||||
|
$_POST['note'] = escape_markup_modifiers($_POST['note']);
|
||||||
markup($_POST['note']);
|
markup($_POST['note']);
|
||||||
$query = prepare('INSERT INTO `ip_notes` VALUES (NULL, :ip, :mod, :time, :body)');
|
$query = prepare('INSERT INTO `ip_notes` VALUES (NULL, :ip, :mod, :time, :body)');
|
||||||
$query->bindValue(':ip', $ip);
|
$query->bindValue(':ip', $ip);
|
||||||
@ -1214,12 +1217,14 @@ function mod_ban_post($board, $delete, $post, $token = false) {
|
|||||||
if (isset($_POST['public_message'], $_POST['message'])) {
|
if (isset($_POST['public_message'], $_POST['message'])) {
|
||||||
// public ban message
|
// public ban message
|
||||||
$length_english = parse_time($_POST['length']) ? 'for ' . until(parse_time($_POST['length'])) : 'permanently';
|
$length_english = parse_time($_POST['length']) ? 'for ' . until(parse_time($_POST['length'])) : 'permanently';
|
||||||
|
$_POST['message'] = preg_replace('/[\r\n]/', '', $_POST['message']);
|
||||||
$_POST['message'] = str_replace('%length%', $length_english, $_POST['message']);
|
$_POST['message'] = str_replace('%length%', $length_english, $_POST['message']);
|
||||||
$_POST['message'] = str_replace('%LENGTH%', strtoupper($length_english), $_POST['message']);
|
$_POST['message'] = str_replace('%LENGTH%', strtoupper($length_english), $_POST['message']);
|
||||||
$query = prepare(sprintf('UPDATE `posts_%s` SET `body` = CONCAT(`body`, :body) WHERE `id` = :id', $board));
|
$query = prepare(sprintf('UPDATE `posts_%s` SET `body_nomarkup` = CONCAT(`body_nomarkup`, :body_nomarkup) WHERE `id` = :id', $board));
|
||||||
$query->bindValue(':id', $post);
|
$query->bindValue(':id', $post);
|
||||||
$query->bindValue(':body', sprintf($config['mod']['ban_message'], utf8tohtml($_POST['message'])));
|
$query->bindValue(':body_nomarkup', sprintf('<tinyboard ban message>%s</tinyboard>', $_POST['message']));
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
rebuildPost($post);
|
||||||
|
|
||||||
modLog("Attached a public ban message to post #{$post}: " . utf8tohtml($_POST['message']));
|
modLog("Attached a public ban message to post #{$post}: " . utf8tohtml($_POST['message']));
|
||||||
buildThread($thread ? $thread : $post);
|
buildThread($thread ? $thread : $post);
|
||||||
@ -1713,6 +1718,7 @@ function mod_new_pm($username) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_POST['message'])) {
|
if (isset($_POST['message'])) {
|
||||||
|
$_POST['message'] = escape_markup_modifiers($_POST['message']);
|
||||||
markup($_POST['message']);
|
markup($_POST['message']);
|
||||||
|
|
||||||
$query = prepare("INSERT INTO `pms` VALUES (NULL, :me, :id, :message, :time, 1)");
|
$query = prepare("INSERT INTO `pms` VALUES (NULL, :me, :id, :message, :time, 1)");
|
||||||
|
3
post.php
3
post.php
@ -107,7 +107,7 @@ if (isset($_POST['delete'])) {
|
|||||||
if (count($report) > $config['report_limit'])
|
if (count($report) > $config['report_limit'])
|
||||||
error($config['error']['toomanyreports']);
|
error($config['error']['toomanyreports']);
|
||||||
|
|
||||||
$reason = &$_POST['reason'];
|
$reason = escape_markup_modifiers($_POST['reason']);
|
||||||
markup($reason);
|
markup($reason);
|
||||||
|
|
||||||
foreach ($report as &$id) {
|
foreach ($report as &$id) {
|
||||||
@ -377,6 +377,7 @@ if (isset($_POST['delete'])) {
|
|||||||
error(sprintf($config['error']['toolong'], 'password'));
|
error(sprintf($config['error']['toolong'], 'password'));
|
||||||
|
|
||||||
wordfilters($post['body']);
|
wordfilters($post['body']);
|
||||||
|
$post['body'] = escape_markup_modifiers($post['body']);
|
||||||
|
|
||||||
if (mysql_version() >= 50503) {
|
if (mysql_version() >= 50503) {
|
||||||
$post['body_nomarkup'] = $post['body']; // Assume we're using the utf8mb4 charset
|
$post['body_nomarkup'] = $post['body']; // Assume we're using the utf8mb4 charset
|
||||||
|
Loading…
Reference in New Issue
Block a user