4images Forum & Community
4images Issues / Ausgaben => Feedback & Suggestions => Topic started by: thunderstrike on January 15, 2008, 04:41:34 AM
-
This is VERY IMPORTANT fix :!:
Jan is code format_url function for check https:// and http:// protocol but rational chars is no check. Is say if empty, nothing is show in member profile for user_homepage field but if user enter no valid chars URL type, is still show. E.g: http://www. ... where is full URL ? 8O
So - I create fix (and include fix for check http and https). ;)
In includes/functions.php file,
find:
function format_url($url) {
if (empty($url)) {
return '';
}
if (!preg_match("/^https?:\/\//i", $url)) {
$url = "http://".$url;
}
return $url;
}
replace:
function format_url($url) {
$url = preg_replace("/[^a-z0-9\_\-\/\.\:]+/i", "", $url);
if (!preg_match("/[a-z0-9]+\.[a-z0-9_-]+\.[a-z]/i", $url)) {
return '';
}
if (!preg_match("/^http|https?:\/\//i", $url)) {
$url = "http://".$url;
}
return $url;
}
After install fix:
1 - No possible for add empty URL, no valid chars or no full URL (http or https - no matter).
2 - Save ressource for member editprofile page (USERS_TABLE update SQL query). Empty result is no use action for update SQL query.
:)
-
I update fix (replace function again).