From nobunobu @ users.sourceforge.jp Mon Jan 1 02:37:49 2007 From: nobunobu @ users.sourceforge.jp (NobuNobu) Date: Mon, 1 Jan 2007 02:37:49 +0900 Subject: [xoops-cvslog 6079] CVS update: xoops2jp/html/kernel Message-ID: <20061231173749.A0DDF2AC083@users.sourceforge.jp> Index: xoops2jp/html/kernel/group.php diff -u xoops2jp/html/kernel/group.php:1.2.8.4 xoops2jp/html/kernel/group.php:1.2.8.4.2.1 --- xoops2jp/html/kernel/group.php:1.2.8.4 Tue May 16 22:25:07 2006 +++ xoops2jp/html/kernel/group.php Mon Jan 1 02:37:49 2007 @@ -1,5 +1,5 @@ db->prefix('groups_users_link') . ' WHERE groupid='.intval($groupid); @@ -448,7 +448,7 @@ /** * @see getUsersByGroup */ - function getUsersByNoGroup($groupid, $limit=0, $start=0) + function &getUsersByNoGroup($groupid, $limit=0, $start=0) { $ret = array(); Index: xoops2jp/html/kernel/member.php diff -u xoops2jp/html/kernel/member.php:1.2.8.7 xoops2jp/html/kernel/member.php:1.2.8.7.2.1 --- xoops2jp/html/kernel/member.php:1.2.8.7 Sun Apr 23 00:53:00 2006 +++ xoops2jp/html/kernel/member.php Mon Jan 1 02:37:49 2007 @@ -1,5 +1,5 @@ _mHandler->getUsersByGroup($group_id, $limit, $start); if (!$asobject) { @@ -351,7 +351,7 @@ /** * @see getUsersByGroup */ - function getUsersByNoGroup($group_id, $asobject = false, $limit = 0, $start = 0) + function &getUsersByNoGroup($group_id, $asobject = false, $limit = 0, $start = 0) { $user_ids =& $this->_mHandler->getUsersByNoGroup($group_id, $limit, $start); if (!$asobject) { @@ -410,7 +410,7 @@ } /** - * logs in a user with an nd5 encrypted password + * logs in a user with an md5 encrypted password * * @param string $uname username * @param string $md5pwd password encrypted with md5 From nobunobu @ users.sourceforge.jp Wed Jan 3 23:56:07 2007 From: nobunobu @ users.sourceforge.jp (NobuNobu) Date: Wed, 3 Jan 2007 23:56:07 +0900 Subject: [xoops-cvslog 6080] CVS update: xoops2jp/html/class Message-ID: <20070103145607.3B42F2AC0AD@users.sourceforge.jp> Index: xoops2jp/html/class/module.textsanitizer.php diff -u xoops2jp/html/class/module.textsanitizer.php:1.2.8.9.2.3 xoops2jp/html/class/module.textsanitizer.php:1.2.8.9.2.4 --- xoops2jp/html/class/module.textsanitizer.php:1.2.8.9.2.3 Sat Dec 9 23:11:48 2006 +++ xoops2jp/html/class/module.textsanitizer.php Wed Jan 3 23:56:07 2007 @@ -1,5 +1,5 @@ checkUrlString($matches[2])) { + return $matches[0]; + } else { + return ""; + } + } + + /** + * Checks if invalid strings are included in URL + * + * @param string $text + * @return bool + */ + function checkUrlString($text) + { + // Check control code + if (preg_match("/[\\0-\\31]/", $text)) { + return false; + } + // check black pattern(deprecated) + return !preg_match("/^(javascript|vbscript|about):/i", $text); + } + + /** * Convert linebreaks to tags * * @param string $text @@ -244,6 +275,30 @@ } /** + * Filters textarea data for display + * (This method makes overhead but needed for compatibility) + * + * @param string $text + * @param bool $html allow html? + * @param bool $smiley allow smileys? + * @param bool $xcode allow xoopscode? + * @param bool $image allow inline images? + * @param bool $br convert linebreaks? + * @return string + **/ + + function _ToShowTarea($text, $html = 0, $smiley = 1, $xcode = 1, $image = 1, $br = 1) { + $text = $this->codePreConv($text, $xcode); + if ($html != 1) $text = $this->htmlSpecialChars($text); + $text = $this->makeClickable($text); + if ($smiley != 0) $text = $this->smiley($text); + if ($xcode != 0) $text = $this->xoopsCodeDecode($text, $image); + if ($br != 0) $text = $this->nl2Br($text); + $text = $this->codeConv($text, $xcode, $image); + return $text; + } + + /** * Filters textarea form data in DB for display * * @param string $text @@ -256,7 +311,7 @@ **/ function &displayTarea(&$text, $html = 0, $smiley = 1, $xcode = 1, $image = 1, $br = 1) { - $text = $this->mTextFilter->ToShowTarea($text, $html, $smiley, $xcode, $image, $br, true); + $text = $this->_ToShowTarea($text, $html, $smiley, $xcode, $image, $br); return $text; } @@ -274,7 +329,7 @@ function &previewTarea(&$text, $html = 0, $smiley = 1, $xcode = 1, $image = 1, $br = 1) { $text =& $this->stripSlashesGPC($text); - $text = $this->mTextFilter->ToShowTarea($text, $html, $smiley, $xcode, $image, $br, true); + $text = $this->_ToShowTarea($text, $html, $smiley, $xcode, $image, $br); return $text; } @@ -337,14 +392,14 @@ */ function sanitizeForDisplay($text, $allowhtml = 0, $smiley = 1, $bbcode = 1) { - $text = $this->mTextFilter->ToShowTarea($text, $allowhtml, $smiley, $bbcode, 1, 1, true); + $text = $this->_ToShowTarea($text, $allowhtml, $smiley, $bbcode, 1, 1); return $text; } function sanitizeForPreview($text, $allowhtml = 0, $smiley = 1, $bbcode = 1) { $text = $this->oopsStripSlashesGPC($text); - $text = $this->mTextFilter->ToShowTarea($text, $allowhtml, $smiley, $bbcode, 1, 1, true); + $text = $this->_ToShowTarea($text, $allowhtml, $smiley, $bbcode, 1, 1); return $text; } From nobunobu @ users.sourceforge.jp Thu Jan 4 23:05:26 2007 From: nobunobu @ users.sourceforge.jp (NobuNobu) Date: Thu, 4 Jan 2007 23:05:26 +0900 Subject: [xoops-cvslog 6081] CVS update: xoops2jp/html/modules/legacy/admin/actions Message-ID: <20070104140526.07DEB2AC21C@users.sourceforge.jp> Index: xoops2jp/html/modules/legacy/admin/actions/HelpAction.class.php diff -u xoops2jp/html/modules/legacy/admin/actions/HelpAction.class.php:1.1.2.4 xoops2jp/html/modules/legacy/admin/actions/HelpAction.class.php:1.1.2.5 --- xoops2jp/html/modules/legacy/admin/actions/HelpAction.class.php:1.1.2.4 Thu Nov 9 15:11:30 2006 +++ xoops2jp/html/modules/legacy/admin/actions/HelpAction.class.php Thu Jan 4 23:05:25 2007 @@ -1,7 +1,7 @@ mModuleObject =& $moduleHandler->getByDirname($this->_mDirname); - $language =& $controller->mRoot->mContext->getXoopsConfig('language'); + $language = $controller->mRoot->mContext->getXoopsConfig('language'); // // TODO We must change the following lines to ActionForm. From nobunobu @ users.sourceforge.jp Sun Jan 7 00:30:44 2007 From: nobunobu @ users.sourceforge.jp (NobuNobu) Date: Sun, 7 Jan 2007 00:30:44 +0900 Subject: [xoops-cvslog 6082] CVS update: xoops2jp/html/modules/legacy/admin/templates Message-ID: <20070106153044.02D942AC101@users.sourceforge.jp> Index: xoops2jp/html/modules/legacy/admin/templates/comment_list.html diff -u xoops2jp/html/modules/legacy/admin/templates/comment_list.html:1.1.2.5 xoops2jp/html/modules/legacy/admin/templates/comment_list.html:1.1.2.6 --- xoops2jp/html/modules/legacy/admin/templates/comment_list.html:1.1.2.5 Fri Nov 10 20:29:15 2006 +++ xoops2jp/html/modules/legacy/admin/templates/comment_list.html Sun Jan 7 00:30:43 2007 @@ -9,7 +9,7 @@