Small bug fix. (Some thanks at Jcink for helping)

git-svn-id: svn://svn.code.sf.net/p/intdb/svn/trunk@68 2b68903e-0b30-0410-9a39-a2e4f3c5be39

diff --git a/inc/members.php b/inc/members.php
index ed7c6c9..6d021a1 100644 (file)
--- a/inc/members.php
+++ b/inc/members.php
@@ -11,7 +11,7 @@
     Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
     Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
 
-    $FileInfo: members.php - Last Update: 08/02/2007 SVN 62 - Author: cooldude2k $
+    $FileInfo: members.php - Last Update: 08/05/2007 SVN 68 - Author: cooldude2k $
 */
 $File3Name = basename($_SERVER['SCRIPT_NAME']);
 if ($File3Name=="members.php"||$File3Name=="/members.php") {
@@ -643,6 +643,7 @@ $_GET['YourPost'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_GET
 $NewSignature = $_GET['YourPost'];
 $_GET['YourPost'] = preg_replace("/\t+/"," ",$_GET['YourPost']);
 $_GET['YourPost'] = preg_replace("/\s\s+/"," ",$_GET['YourPost']);
+$_GET['YourPost'] = remove_bad_entities($_GET['YourPost']);
 $Avatar = stripcslashes(htmlspecialchars($_POST['Avatar'], ENT_QUOTES));
 $Avatar = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $Avatar);
 $Avatar = @remove_spaces($Avatar);

diff --git a/inc/misc/functions.php b/inc/misc/functions.php
index 2d8dd8b..b7b3cca 100644 (file)
--- a/inc/misc/functions.php
+++ b/inc/misc/functions.php
@@ -11,7 +11,7 @@
     Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
     Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
 
-    $FileInfo: functions.php - Last Update: 08/02/2007 SVN 62 - Author: cooldude2k $
+    $FileInfo: functions.php - Last Update: 08/05/2007 SVN 68 - Author: cooldude2k $
 */
 $File3Name = basename($_SERVER['SCRIPT_NAME']);
 if ($File3Name=="functions.php"||$File3Name=="/functions.php") {
@@ -154,6 +154,9 @@ if($ReplaceType=="yes") {
 $Text = preg_replace("/".$Smile1."/i",$Smile2,$Text); }
 ++$renees; } return $Text; }
 // Remove the bad stuff
+function remove_bad_entities($Text) {
+$Text = preg_replace("/‮/isU","",$Text);
+return $Text; }
 function remove_spaces($Text) {
 $Text = preg_replace("/(^\t+|\t+$)/","",$Text);
 $Text = preg_replace("/(^\n+|\n+$)/","",$Text);
@@ -161,6 +164,7 @@ $Text = preg_replace("/(^\r+|\r+$)/","",$Text);
 $Text = preg_replace("/(\r|\n|\t)+/"," ",$Text);
 $Text = preg_replace("/\s\s+/"," ",$Text);
 $Text = preg_replace("/(^\s+|\s+$)/","",$Text);
+$Text = @remove_bad_entities($Text);
 return $Text; }
 // Fix some chars
 function fixbamps($text) {

diff --git a/inc/pm.php b/inc/pm.php
index ceaee14..33f8e73 100644 (file)
--- a/inc/pm.php
+++ b/inc/pm.php
@@ -11,7 +11,7 @@
     Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
     Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
 
-    $FileInfo: pm.php - Last Update: 08/02/2007 SVN 62 - Author: cooldude2k $
+    $FileInfo: pm.php - Last Update: 08/05/2007 SVN 68 - Author: cooldude2k $
 */
 $File3Name = basename($_SERVER['SCRIPT_NAME']);
 if ($File3Name=="pm.php"||$File3Name=="/pm.php") {
@@ -430,6 +430,7 @@ $_POST['GuestName'] = @remove_spaces($_POST['GuestName']);
 $_POST['Message'] = stripcslashes(htmlspecialchars($_POST['Message'], ENT_QUOTES));
 $_POST['Message'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['Message']);
 //$_POST['Message'] = @remove_spaces($_POST['Message']);
+$_POST['Message'] = remove_bad_entities($_POST['Message']);
 $requery = query("select * from `".$Settings['sqltable']."members` WHERE `Name`='%s'", array($_POST['SendMessageTo']));
 $reresult=mysql_query($requery);
 $renum=mysql_num_rows($reresult);

diff --git a/inc/profilemain.php b/inc/profilemain.php
index 86d74f2..6bc04a9 100644 (file)
--- a/inc/profilemain.php
+++ b/inc/profilemain.php
@@ -11,7 +11,7 @@
     Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
     Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
 
-    $FileInfo: profilemain.php - Last Update: 08/02/2007 SVN 62 - Author: cooldude2k $
+    $FileInfo: profilemain.php - Last Update: 08/05/2007 SVN 68 - Author: cooldude2k $
 */
 $File3Name = basename($_SERVER['SCRIPT_NAME']);
 if ($File3Name=="profilemain.php"||$File3Name=="/profilemain.php") {
@@ -120,6 +120,7 @@ if($_POST['update']=="now") {
 if($_POST['act']=="view"&&
        $_SESSION['UserGroup']!=$Settings['GuestGroup']) {
        $_POST['NotePad'] = htmlentities($_POST['NotePad'], ENT_QUOTES);
+       $_POST['NotePad'] = remove_bad_entities($_POST['NotePad']);
        $NewDay=GMTimeStamp();
        $NewIP=$_SERVER['REMOTE_ADDR'];
        $querynewskin = query("update `".$Settings['sqltable']."members` set `Notes`='%s',`LastActive`=%i,`IP`='%s' WHERE `id`=%i", array($_POST['NotePad'],$NewDay,$NewIP,$_SESSION['UserID']));
@@ -167,6 +168,7 @@ if($_POST['act']=="signature"&&
        $_POST['Signature'] = htmlentities($_POST['Signature'], ENT_QUOTES);
        $_POST['Signature'] = preg_replace("/\t+/"," ",$_POST['Signature']);
        $_POST['Signature'] = preg_replace("/\s\s+/"," ",$_POST['Signature']);
+       $_POST['Signature'] = remove_bad_entities($_POST['Signature']);
        $NewDay=GMTimeStamp();
        $NewIP=$_SERVER['REMOTE_ADDR'];
        $querynewskin = query("update `".$Settings['sqltable']."members` set `Signature`='%s',`LastActive`=%i,`IP`='%s' WHERE `id`=%i", array($_POST['Signature'],$NewDay,$NewIP,$_SESSION['UserID']));

diff --git a/inc/replys.php b/inc/replys.php
index 8b29f47..79e1c19 100644 (file)
--- a/inc/replys.php
+++ b/inc/replys.php
@@ -11,7 +11,7 @@
     Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
     Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
 
-    $FileInfo: replys.php - Last Update: 08/05/2007 SVN 67 - Author: cooldude2k $
+    $FileInfo: replys.php - Last Update: 08/05/2007 SVN 68 - Author: cooldude2k $
 */
 $File3Name = basename($_SERVER['SCRIPT_NAME']);
 if ($File3Name=="replys.php"||$File3Name=="/replys.php") {
@@ -250,6 +250,7 @@ $QuoteUserName = @remove_spaces($QuoteUserName);
 $QuoteReply = stripcslashes(htmlspecialchars($QuoteReply, ENT_QUOTES));
 $QuoteReply = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $QuoteReply);
 //$QuoteReply = @remove_spaces($QuoteReply);
+$QuoteReply = remove_bad_entities($QuoteReply);
 $QuoteDescription = str_replace("Re: ","",$QuoteDescription);
 $QuoteDescription = "Re: ".$QuoteDescription;
 $QuoteReply = $QuoteUserName.":\n("".$QuoteReply."")"; }
@@ -349,6 +350,7 @@ $_POST['GuestName'] = @remove_spaces($_POST['GuestName']);
 $_POST['ReplyPost'] = stripcslashes(htmlspecialchars($_POST['ReplyPost'], ENT_QUOTES));
 $_POST['ReplyPost'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['ReplyPost']);
 //$_POST['ReplyPost'] = @remove_spaces($_POST['ReplyPost']);
+$_POST['ReplyPost'] = remove_bad_entities($_POST['ReplyPost']);
 if ($_POST['ReplyDesc']==null) { $Error="Yes"; ?>
 <tr style="text-align: center;">
        <td style="text-align: center;"><span class="TableMessage">
@@ -548,6 +550,7 @@ $ReplyPost=mysql_result($ersresult,0,"Post");
 $ReplyPost = stripcslashes(htmlspecialchars($ReplyPost, ENT_QUOTES));
 $ReplyPost = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $ReplyPost);
 //$ReplyPost = @remove_spaces($ReplyPost);
+$ReplyPost = remove_bad_entities($ReplyPost);
 $ReplyDescription=mysql_result($ersresult,0,"Description");
 $ReplyDescription = stripcslashes(htmlspecialchars($ReplyDescription, ENT_QUOTES));
 $ReplyDescription = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $ReplyDescription);
@@ -710,6 +713,7 @@ $_POST['GuestName'] = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_P
 $_POST['GuestName'] = @remove_spaces($_POST['GuestName']);
 $_POST['ReplyPost'] = stripcslashes(htmlspecialchars($_POST['ReplyPost'], ENT_QUOTES));
 $_POST['ReplyPost'] = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['ReplyPost']);
+$_POST['ReplyPost'] = remove_bad_entities($_POST['ReplyPost']);
 if($ShowEditTopic==true) {
 $_POST['TopicName'] = stripcslashes(htmlspecialchars($_POST['TopicName'], ENT_QUOTES));
 $_POST['TopicName'] = preg_replace("/&amp;#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['TopicName']);

diff --git a/inc/topics.php b/inc/topics.php
index aef5601..4bce08d 100644 (file)
--- a/inc/topics.php
+++ b/inc/topics.php
@@ -11,7 +11,7 @@
     Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
     Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
 
-    $FileInfo: topics.php - Last Update: 08/05/2007 SVN 67 - Author: cooldude2k $
+    $FileInfo: topics.php - Last Update: 08/05/2007 SVN 68 - Author: cooldude2k $
 */
 $File3Name = basename($_SERVER['SCRIPT_NAME']);
 if ($File3Name=="topics.php"||$File3Name=="/topics.php") {
@@ -322,6 +322,7 @@ $_POST['GuestName'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_P
 $_POST['GuestName'] = @remove_spaces($_POST['GuestName']);
 $_POST['TopicPost'] = stripcslashes(htmlspecialchars($_POST['TopicPost'], ENT_QUOTES));
 $_POST['TopicPost'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['TopicPost']);
+$_POST['TopicPost'] = remove_bad_entities($_POST['TopicPost']);
 //$_POST['TopicPost'] = @remove_spaces($_POST['TopicPost']);
 if ($_POST['TopicName']==null) { $Error="Yes"; ?>
 <tr style="text-align: center;">

diff --git a/inc/versioninfo.php b/inc/versioninfo.php
index 768b84e..3b30576 100644 (file)
--- a/inc/versioninfo.php
+++ b/inc/versioninfo.php
@@ -11,7 +11,7 @@
     Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/
     Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/
 
-    $FileInfo: versioninfo.php - Last Update: 08/05/2007 SVN 67 - Author: cooldude2k $
+    $FileInfo: versioninfo.php - Last Update: 08/05/2007 SVN 68 - Author: cooldude2k $
 */
 $File3Name = basename($_SERVER['SCRIPT_NAME']);
 if ($File3Name=="versioninfo.php"||$File3Name=="/versioninfo.php") {
@@ -27,7 +27,7 @@ function version_info($proname,$subver,$ver,$supver,$reltype,$svnver,$showsvn) {
        return $return_var; }
 // Version number and date stuff. :P
 $VER1[0] = 0; $VER1[1] = 1; $VER1[2] = 8; $VERFull[1] = $VER1[0].".".$VER1[1].".".$VER1[2];
-$VER2[0] = "Pre-Alpha"; $VER2[1] = "PA"; $VER2[2] = "SVN"; $SubVerN = 67; $RName = "iDB"; $SFName = "IntDB";
+$VER2[0] = "Pre-Alpha"; $VER2[1] = "PA"; $VER2[2] = "SVN"; $SubVerN = 68; $RName = "iDB"; $SFName = "IntDB";
 $SVNDay[0] = 08; $SVNDay[1] = 05; $SVNDay[2] = 2007; $SVNDay[3] = $SVNDay[0]."/".$SVNDay[1]."/".$SVNDay[2];
 $VerInfo['iDB_Ver'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[1],$SubVerN,false);
 $VerInfo['iDB_Ver_SVN'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[1],$SubVerN,true);