Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

fix realemail/fakeemail/homepage stuff

  • Loading branch information...
commit 3eaf7b0a4a3559b5c74275ce97654b3a83741ed9 1 parent aec4899
@pudge pudge authored
View
15 Slash.pm
@@ -42,7 +42,7 @@ BEGIN {
require Exporter;
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS %I $CRLF);
- $VERSION = '1.0.6';
+ $VERSION = '1.0.7';
@ISA = 'Exporter';
@EXPORT = qw(
sqlSelectMany sqlSelect sqlSelectHash sqlSelectAll approveTag
@@ -58,7 +58,7 @@ BEGIN {
getDateFormat dispComment getDateOffset linkComment redirect
insertFormkey getFormkeyId checkSubmission checkTimesPosted
updateFormkeyId formSuccess formAbuse formFailure errorMessage
- fixurl fixparam
+ fixurl fixparam chopEntity
);
$CRLF = "\015\012";
}
@@ -1225,7 +1225,8 @@ sub stripByMode {
$str =~ s/>//g;
} elsif ($fmode eq 'attribute') {
- $str =~ s/"//g;
+ $str =~ s/"/"/g;
+ $str =~ s/'/'/g;
} else {
$str = stripBadHtml($str);
@@ -1364,6 +1365,14 @@ sub approveTag {
}
########################################################
+sub chopEntity {
+ my($text, $length) = @_;
+ $text = substr($text, 0, $length) if $length;
+ $text =~ s/&#?[a-zA-Z0-9]*$//;
+ return $text;
+}
+
+########################################################
sub fixparam {
fixurl($_[0], 1);
}
View
2  portald
@@ -262,7 +262,7 @@ sub getRDF {
return;
}
- $d =~ s/&(?!(?:[a-zA-Z0-9]+|#\d+);)/&/g; #s/&/&/g;
+ $d =~ s/&(?!#?[a-zA-Z0-9]+;)/&/g; #s/&/&/g;
$p->parse($d) or portaldLog("$bid did not parse properly");
setblock($bid, "$str$other");
};
View
7 public_html/users.pl
@@ -26,6 +26,7 @@
use strict;
use lib '../';
use vars '%I';
+use Email::Valid;
use Slash;
#################################################################
@@ -777,9 +778,9 @@ sub saveUser {
# stripByMode _after_ fitting sig into schema, 120 chars
$I{F}{sig} = stripByMode(substr($I{F}{sig}, 0, 120), 'html');
- $I{F}{fakeemail} = stripByMode($I{F}{fakeemail});
+ $I{F}{fakeemail} = chopEntity(stripByMode($I{F}{fakeemail}, 'attribute'), 50);
$I{F}{homepage} = "" if $I{F}{homepage} eq "http://";
- $I{F}{homepage} = stripByMode($I{F}{homepage});
+ $I{F}{homepage} = fixurl($I{F}{homepage});
# for the users table
my $H = {
@@ -799,7 +800,7 @@ sub saveUser {
"nickname=" . $I{dbh}->quote($name));
if ($oldEmail ne $I{F}{realemail}) {
- $H->{realemail} = $I{F}{realemail};
+ $H->{realemail} = chopEntity(stripByMode($I{F}{realemail}, 'attribute'), 50);
print "\nNotifying $oldEmail of the change to their account.<BR>\n";
sendEmail($oldEmail, "$I{sitename} user email change for $name", <<EOT);
View
7 themes/slashcode/htdocs/users.pl
@@ -26,6 +26,7 @@
use strict;
use lib '../';
use vars '%I';
+use Email::Valid;
use Slash;
#################################################################
@@ -777,9 +778,9 @@ sub saveUser {
# stripByMode _after_ fitting sig into schema, 120 chars
$I{F}{sig} = stripByMode(substr($I{F}{sig}, 0, 120), 'html');
- $I{F}{fakeemail} = stripByMode($I{F}{fakeemail});
+ $I{F}{fakeemail} = chopEntity(stripByMode($I{F}{fakeemail}, 'attribute'), 50);
$I{F}{homepage} = "" if $I{F}{homepage} eq "http://";
- $I{F}{homepage} = stripByMode($I{F}{homepage});
+ $I{F}{homepage} = fixurl($I{F}{homepage});
# for the users table
my $H = {
@@ -799,7 +800,7 @@ sub saveUser {
"nickname=" . $I{dbh}->quote($name));
if ($oldEmail ne $I{F}{realemail}) {
- $H->{realemail} = $I{F}{realemail};
+ $H->{realemail} = chopEntity(stripByMode($I{F}{realemail}, 'attribute'), 50);
print "\nNotifying $oldEmail of the change to their account.<BR>\n";
sendEmail($oldEmail, "$I{sitename} user email change for $name", <<EOT);
Please sign in to comment.
Something went wrong with that request. Please try again.