Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[quote date] and [time] need sanity checks #7768

Open
m4z opened this issue Jun 14, 2023 · 0 comments
Open

[quote date] and [time] need sanity checks #7768

m4z opened this issue Jun 14, 2023 · 0 comments
Labels
BBC

Comments

@m4z
Copy link

m4z commented Jun 14, 2023

Description

[quote date=N]...[/quote] and[time]N[/time] with huge N, when hitting the preview button in quick preview, can cause 500s ([quote] does this) or break the (quick) preview ([time] does this). (I haven't tested the full preview, posting, or viewing such a post.)

I can't currently access the PHP error message, will provide that later (but it's probably some overflow message).

Reported here: https://www.simplemachines.org/community/index.php?topic=585036.msg4145882#new

Steps to reproduce

  1. Post [quote date] with a 20-digit number, hit preview. Witness a 500 error.
  2. Post [time] with a 20-digit number, hit preview. Preview won't show, just display "Fetching preview..." indefinitely.

Environment (complete as necessary)

  • Version/Git revision: 2.1.4
  • Database Type: any?
  • Database Version: any?
  • PHP Version: any?

Additional information/references

Quick fix for is to limit to 18 characters (or less), that gives us a 10-digit year.
@sbulen sbulen added the BBC label Jul 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
BBC
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@m4z @sbulen