From 98187303d77c41fa94430fa1302f071041c58bfc Mon Sep 17 00:00:00 2001 From: czaks Date: Sat, 27 Jul 2013 01:38:03 -0400 Subject: [PATCH 1/4] categories theme: fix title displaying twice, put boardlist there instead --- templates/themes/categories/news.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/themes/categories/news.html b/templates/themes/categories/news.html index 9c7d8340..93eb5b72 100644 --- a/templates/themes/categories/news.html +++ b/templates/themes/categories/news.html @@ -7,7 +7,7 @@ -

{{ settings.title }}

+ {{ boardlist.top }}

{{ settings.title }}

{{ settings.subtitle }}
From cea7881749e85b4ba5c8444e738d42a27d91244f Mon Sep 17 00:00:00 2001 From: czaks Date: Sat, 27 Jul 2013 01:43:09 -0400 Subject: [PATCH 2/4] categories theme: i18n some strings --- templates/themes/categories/news.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/templates/themes/categories/news.html b/templates/themes/categories/news.html index 93eb5b72..b3bea2b1 100644 --- a/templates/themes/categories/news.html +++ b/templates/themes/categories/news.html @@ -15,16 +15,16 @@
{% if news|count == 0 %} -

(No news to show.)

+

{% trans %}(No news to show.){% endtrans %}

{% else %} {% for entry in news %}

{% if entry.subject %} {{ entry.subject }} {% else %} - no subject + {% trans %}no subject{% endtrans %} {% endif %} - — by {{ entry.name }} at {{ entry.time|date(config.post_date) }} + — {% trans %}by{% endtrans %} {{ entry.name }} {% trans %}at{% endtrans %} {{ entry.time|date(config.post_date) }}

{{ entry.body }}

{% endfor %} From 57c8e4ee7cea126e68ade4913c57a46f06d1a2b0 Mon Sep 17 00:00:00 2001 From: Michael Foster Date: Sun, 28 Jul 2013 20:33:26 -0400 Subject: [PATCH 3/4] Strip combining characters from Unicode strings (eg. Zalgo) --- inc/config.php | 2 ++ inc/functions.php | 48 ++++++++++++++++++++++++++++++++++++++++++++++- post.php | 9 ++++++++- 3 files changed, 57 insertions(+), 2 deletions(-) diff --git a/inc/config.php b/inc/config.php index 98e127b3..d7580a8b 100644 --- a/inc/config.php +++ b/inc/config.php @@ -282,6 +282,8 @@ $config['strip_superfluous_returns'] = true; // Require an image for threads? $config['force_image_op'] = true; + // Strip combining characters from Unicode strings (eg. "Zalgo") + $config['strip_combining_chars'] = true; // Max body length $config['max_body'] = 1800; diff --git a/inc/functions.php b/inc/functions.php index b5660664..9d398002 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -1526,7 +1526,53 @@ function utf8tohtml($utf8) { return htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8'); } -function buildThread($id, $return=false, $mod=false) { +function ordutf8($string, &$offset) { + $code = ord(substr($string, $offset,1)); + if ($code >= 128) { // otherwise 0xxxxxxx + if ($code < 224) + $bytesnumber = 2; // 110xxxxx + else if ($code < 240) + $bytesnumber = 3; // 1110xxxx + else if ($code < 248) + $bytesnumber = 4; // 11110xxx + $codetemp = $code - 192 - ($bytesnumber > 2 ? 32 : 0) - ($bytesnumber > 3 ? 16 : 0); + for ($i = 2; $i <= $bytesnumber; $i++) { + $offset ++; + $code2 = ord(substr($string, $offset, 1)) - 128; //10xxxxxx + $codetemp = $codetemp*64 + $code2; + } + $code = $codetemp; + } + $offset += 1; + if ($offset >= strlen($string)) + $offset = -1; + return $code; +} + +function strip_combining_chars($str) { + $chars = preg_split('//u', $str, -1, PREG_SPLIT_NO_EMPTY); + $str = ''; + foreach ($chars as $char) { + $ord = ordutf8($char, $o = 0); + + if ($ord >= 768 && $ord <= 879) + continue; + + if ($ord >= 7616 && $ord <= 7679) + continue; + + if ($ord >= 8400 && $ord <= 8447) + continue; + + if ($ord >= 65056 && $ord <= 65071) + continue; + + $str .= $char; + } + return $str; +} + +function buildThread($id, $return = false, $mod = false) { global $board, $config; $id = round($id); diff --git a/post.php b/post.php index 4e3a1a9f..6855fe14 100644 --- a/post.php +++ b/post.php @@ -357,6 +357,13 @@ if (isset($_POST['delete'])) { $post['thumb'] = $board['dir'] . $config['dir']['thumb'] . $post['file_id'] . '.' . ($config['thumb_ext'] ? $config['thumb_ext'] : $post['extension']); } + if ($config['strip_combining_chars']) { + $post['name'] = strip_combining_chars($post['name']); + $post['email'] = strip_combining_chars($post['email']); + $post['subject'] = strip_combining_chars($post['name']); + $post['body'] = strip_combining_chars($post['body']); + } + // Check string lengths if (mb_strlen($post['name']) > 35) error(sprintf($config['error']['toolong'], 'name')); @@ -368,7 +375,7 @@ if (isset($_POST['delete'])) { error($config['error']['toolong_body']); if (mb_strlen($post['password']) > 20) error(sprintf($config['error']['toolong'], 'password')); - + wordfilters($post['body']); $post['body_nomarkup'] = $post['body']; From bd8bd3c02e6cb8e130058649e646a8c8071d3386 Mon Sep 17 00:00:00 2001 From: Michael Foster Date: Sun, 28 Jul 2013 20:46:00 -0400 Subject: [PATCH 4/4] Fix for last commit --- inc/functions.php | 5 +++-- post.php | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/inc/functions.php b/inc/functions.php index 9d398002..2915e1b6 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -1552,8 +1552,9 @@ function ordutf8($string, &$offset) { function strip_combining_chars($str) { $chars = preg_split('//u', $str, -1, PREG_SPLIT_NO_EMPTY); $str = ''; - foreach ($chars as $char) { - $ord = ordutf8($char, $o = 0); + foreach ($chars as $char) { + $o = 0; + $ord = ordutf8($char, $o); if ($ord >= 768 && $ord <= 879) continue; diff --git a/post.php b/post.php index 6855fe14..ad045b66 100644 --- a/post.php +++ b/post.php @@ -360,7 +360,7 @@ if (isset($_POST['delete'])) { if ($config['strip_combining_chars']) { $post['name'] = strip_combining_chars($post['name']); $post['email'] = strip_combining_chars($post['email']); - $post['subject'] = strip_combining_chars($post['name']); + $post['subject'] = strip_combining_chars($post['subject']); $post['body'] = strip_combining_chars($post['body']); }