Xaraya / Postnuke CVS Notices - Message

Note: this list is kept only as a demonstration for CVSNotice. For the latest CVS notices, see the Xaraya and Postnuke sites

Directory filter : [ all ] / postnuke_official / html / modules / messages [ view in CVS ]

Date	Directory [filter]	File(s) [view]	Author [filter]
28 Jul 2002 18:24:51	postnuke_official/html/modules/messages	bbcode.lib.php,1.22.2.1,1.22.2.2	Andreas Krapohl
	fix for javascript-injection within [img] tag

Update of /home/cvsroot/postnuke_official/html/modules/messages
In directory ns7.hostnuke.net:/tmp/cvs-serv2764/postnuke_official/html/modules/messages

Modified Files:
      Tag: PostNuke_71
	bbcode.lib.php 
Log Message:
fix for javascript-injection within [img] tag


Index: bbcode.lib.php
===================================================================
RCS file: /home/cvsroot/postnuke_official/html/modules/messages/Attic/bbcode.lib.php,v
retrieving revision 1.22.2.1
retrieving revision 1.22.2.2
diff -C2 -d -r1.22.2.1 -r1.22.2.2
*** bbcode.lib.php	23 Mar 2002 11:21:21 -0000	1.22.2.1
--- bbcode.lib.php	28 Jul 2002 18:24:49 -0000	1.22.2.2
***************
*** 29,33 ****
  
  		// Undo [img]
! 		$message = preg_replace("#<!-- BBCode Start --><IMG SRC=\"(.*?)\"><!-- BBCode End -->#s", "[img]\\1[/img]", $message);
  
  		// Undo lists (unordered/ordered)
--- 29,34 ----
  
  		// Undo [img]
! 		$message = preg_replace("#<!-- BBCode Start --><IMG SRC=\"http://(.*?)\"><!-- BBCode End -->#s", "[img]http://\\1[/img]", $message);
! 		//$message = preg_replace("#<!-- BBCode Start --><IMG SRC=\"(.*?)\"><!-- BBCode End -->#s", "[img]\\1[/img]", $message);
  
  		// Undo lists (unordered/ordered)
***************
*** 89,93 ****
  
  	// [img]image_url_here[/img] code..
! 	$message = preg_replace("#\[img\](.*?)\[/img\]#si", "<!-- BBCode Start --><IMG SRC=\"\\1\"><!-- BBCode End -->", $message);
  
  	// unordered list code..
--- 90,96 ----
  
  	// [img]image_url_here[/img] code..
! 	$message = preg_replace("#\[img\](http://)?(.*?)\[/img\]#si", "<!-- BBCode Start --><IMG SRC=\"http://\\2\"><!-- BBCode End -->", $message);
! 	// $message = preg_replace("#\[img\](.*?)\[/img\]#si", "<!-- BBCode Start --><IMG SRC=\"\\1\"><!-- BBCode End -->", $message);
! 
  
  	// unordered list code..

View Statistics - Next Notice - Previous Notice