Permalink
Browse files

* Added validation to regex expressions for the word filter.

Signed-off-by: Alex <xycaleth@gmail.com>
  • Loading branch information...
1 parent c282963 commit 5bbf125f3682d5e8c0a18c4e45dd59e969b43375 @xycaleth xycaleth committed Nov 1, 2011
Showing with 28 additions and 3 deletions.
  1. +26 −1 index.php
  2. +2 −2 language.db.php
View
@@ -3229,6 +3229,19 @@ function toggle_pagination_options()
$case_sens = ( isset ($PVARS['case_sens']) ) ? $PVARS['case_sens'] : array();
$type = ( isset ($PVARS['type']) ) ? $PVARS['type'] : array();
+ for ( $i = 0; $i < $num_words; $i++ )
+ {
+ if ( isset ($del[$i]) ) continue;
+
+ if ( $type[$i] == 2 ) // regex
+ {
+ if ( @preg_match ($find[$i], '') === false )
+ {
+ trigger_error ($ind106, E_USER_WARNING);
+ }
+ }
+ }
+
if ( sizeof ($case_sens) != $num_words )
{
for ( $i = 0; $i < $num_words; $i++ )
@@ -3270,11 +3283,23 @@ function toggle_pagination_options()
}
$num_words = ( isset ($PVARS['num_words']) ) ? $PVARS['num_words'] : 0;
- $del = ( isset ($PVARS['del']) ) ? $PVARS['del'] : array();
$find = ( isset ($PVARS['find']) ) ? array_map ('single_line', $PVARS['find']) : array();
$replace = ( isset ($PVARS['replace']) ) ? array_map ('single_line', $PVARS['replace']) : array();
$case_sens = ( isset ($PVARS['case_sens']) ) ? $PVARS['case_sens'] : array();
$type = ( isset ($PVARS['type']) ) ? $PVARS['type'] : array();
+
+ for ( $i = 0; $i < 5; $i++ )
+ {
+ if ( !$find[$i] && !$replace[$i] ) continue;
+
+ if ( $type[$i] == 2 ) // regex
+ {
+ if ( @preg_match ($find[$i], '') === false )
+ {
+ trigger_error ($ind106, E_USER_WARNING);
+ }
+ }
+ }
if ( sizeof ($case_sens) != 5 )
{
View
@@ -401,7 +401,7 @@
$ind103 = 'You can only edit your own posts as a news reporter.';
$ind104 = 'Viewing News';
$ind105 = 'The server has disabled file uploading, therefore this feature in Fusion News has been disabled automatically.';
-$ind106 = 'FIX ME';
+$ind106 = 'One or more of the find fields have an invalid regex expression.';
$ind107 = 'log out';
$ind108 = 'new post';
$ind109 = 'edit posts';
@@ -427,7 +427,7 @@
$ind128 = 'News';
$ind129 = 'A category name was not entered.';
$ind130 = 'Search<br />Method*';
-$ind131 = '<p>*<b>Search Method</b> refers to the way the text is searched for.</p><dl><dt>Strict</dt><dd>Matches exact word.</dd><dt>Loose</dt><dd>Looks for partial match, e.g. if <i>ran</i> is being looked for, <i>ty<b>ran</b>t</i> will match because it contains the word.</dd><dt>Regex</dt><dd><b>For advanced users only.</b> This gives absolute control over what should words should be replaced. The Case Sensitive checkbox does not apply when using this method. <i>Note: An incorrect regular expression format will cause an error.</i></dd></dl>';
+$ind131 = '<p>*<b>Search Method</b> refers to the way the text is searched for.</p><dl><dt>Strict</dt><dd>Matches exact word.</dd><dt>Loose</dt><dd>Looks for partial match, e.g. if <i>ran</i> is being looked for, <i>ty<b>ran</b>t</i> will match because it contains the word.</dd><dt>Regex</dt><dd><b>For advanced users only.</b> This gives absolute control over what should words should be replaced. The Case Sensitive checkbox does not apply when using this method.</dd></dl>';
$ind132 = 'Banned IP List';
$ind133 = 'One line should hold a single IP. To ban a range of IPs, replace the IP octet with an asterisk (*), e.g. To ban IPs 127.0.0.1 - 127.0.255.254, input 127.0.*.*';
$ind134 = 'Edit Comments';

0 comments on commit 5bbf125

Please sign in to comment.