diff options
| author |   Graham Eames <grahamje@users.sourceforge.net> | 2006-01-28 14:56:51 +0000 |
|---|---|---|
| committer | Graham Eames <grahamje@users.sourceforge.net> | 2006-01-28 14:56:51 +0000 |
| commit | 3c54fa68e5b30bb2781e4ee4707b9fc9663f4cd8 (patch) | |
| tree | 2b84f0203edbc201184538920f4005ca6eb03f96 | |
| parent | Correct an error message in the changed code (diff) | |
| download | phpbb-3c54fa68e5b30bb2781e4ee4707b9fc9663f4cd8.tar.gz phpbb-3c54fa68e5b30bb2781e4ee4707b9fc9663f4cd8.tar.bz2 phpbb-3c54fa68e5b30bb2781e4ee4707b9fc9663f4cd8.zip | |
Explicitly intval the poll option id's
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5506 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/includes/functions_post.php | 8 | ||||
| -rw-r--r-- | phpBB/posting.php | 2 |
2 files changed, 5 insertions, 5 deletions
diff --git a/phpBB/includes/functions_post.php b/phpBB/includes/functions_post.php index 25add77cb6..3c92edf065 100644 --- a/phpBB/includes/functions_post.php +++ b/phpBB/includes/functions_post.php @@ -46,7 +46,7 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid if ($html_on) { - $message = addslashes(preg_replace_callback('/<\/?(\w+)((?:\s+\w+=(?:"[^"]*"|\'[^\']*\'|`[^`]*`|[^\'"`]*?))*)\s*?\/?>/', 'clean_html', stripslashes($message))); + $message = addslashes(preg_replace_callback('/<\/?(\w+)((?:[\W]+\w+\s*=\s*(?:"[^"]*"|\'[^\']*\'|`[^`]*`|.*?))*)\s*?\/?>/', 'clean_html', stripslashes($message))); } else { @@ -137,7 +137,7 @@ function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, $option_text = trim($option_text); if (!empty($option_text)) { - $temp_option_text[$option_id] = htmlspecialchars($option_text); + $temp_option_text[intval($option_id)] = htmlspecialchars($option_text); } } $option_text = $temp_option_text; @@ -819,12 +819,12 @@ function clean_html($tag) { // Get all the elements of a tag so that they can be checked in turn $matches = array(); - preg_match_all('/\s+(\w+)=("[^"]*"|\'[^\']*\'|`[^`]*`|[^\'"`]*)/', $tag[2], $matches); + preg_match_all('/[\W]+(\w+)\s*=\s*("[^"]*"|\'[^\']*\'|`[^`]*`|[^\'"`]*)/', $tag[2], $matches); foreach ($matches[1] as $key => $value) { // Remove any attributes which are not allowed - if (preg_match($disallowed_attributes, strtolower($value)) || preg_match('/(?!["\'`])[^0-9a-zA-Z\\x2D\\x2E\\x3A\\x5F]+(?!["\'`])/', $matches[2][$key])) + if (preg_match($disallowed_attributes, strtolower($value)) || (!preg_match('/([\'`"]).*\\1/', $matches[2][$key]) && preg_match('/[^0-9a-zA-Z\\x2D\\x2E\\\x3A\\x5F]+/', $matches[2][$key]))) { continue; } diff --git a/phpBB/posting.php b/phpBB/posting.php index 213c91fc3c..9237a7d46f 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -627,7 +627,7 @@ if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' ) } else if ( !empty($option_text) ) { - $poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text))); + $poll_options[intval($option_id)] = htmlspecialchars(trim(stripslashes($option_text))); } } } |