4images Forum & Community

4images Issues / Ausgaben => Feedback & Suggestions => Topic started by: thunderstrike on January 15, 2008, 04:41:34 AM

Title: [FIX] - includes/functions.php file (format_url function)
Post by: thunderstrike on January 15, 2008, 04:41:34 AM

This is VERY IMPORTANT fix :!:

Jan is code format_url function for check https:// and http:// protocol but rational chars is no check. Is say if empty, nothing is show in member profile for user_homepage field but if user enter no valid chars URL type, is still show. E.g: http://www. ... where is full URL ?  8O

So - I create fix (and include fix for check http and https). ;)

In includes/functions.php file,

find:

Code: [Select]

function format_url($url) {
  if (empty($url)) {
    return '';
  }

  if (!preg_match("/^https?:\/\//i", $url)) {
    $url = "http://".$url;
  }

  return $url;
}

replace:

Code: [Select]

function format_url($url) {
  $url = preg_replace("/[^a-z0-9\_\-\/\.\:]+/i", "", $url);
 
  if (!preg_match("/[a-z0-9]+\.[a-z0-9_-]+\.[a-z]/i", $url)) {
      return '';
  }

  if (!preg_match("/^http|https?:\/\//i", $url)) {
    $url = "http://".$url;
  }
 
  return $url;
}

After install fix:

1 - No possible for add empty URL, no valid chars or no full URL (http or https - no matter).
2 - Save ressource for member editprofile page (USERS_TABLE update SQL query). Empty result is no use action for update SQL query.

:)

Title: Re: [FIX] - includes/functions.php file (format_url function)
Post by: thunderstrike on January 15, 2008, 05:34:17 AM

I update fix (replace function again).