Author Topic: [FIX] - includes/functions.php file (format_url function)  (Read 12425 times)

0 Members and 1 Guest are viewing this topic.

Offline thunderstrike

  • 4images Guru
  • *******
  • Posts: 2.327
    • View Profile
[FIX] - includes/functions.php file (format_url function)
« on: January 15, 2008, 04:41:34 AM »
This is VERY IMPORTANT fix :!:

Jan is code format_url function for check https:// and http:// protocol but rational chars is no check. Is say if empty, nothing is show in member profile for user_homepage field but if user enter no valid chars URL type, is still show. E.g: http://www. ... where is full URL ?  8O

So - I create fix (and include fix for check http and https). ;)

In includes/functions.php file,

find:

Code: [Select]
function format_url($url) {
  if (empty($url)) {
    return '';
  }

  if (!preg_match("/^https?:\/\//i", $url)) {
    $url = "http://".$url;
  }

  return $url;
}

replace:

Code: [Select]
function format_url($url) {
  $url = preg_replace("/[^a-z0-9\_\-\/\.\:]+/i", "", $url);
 
  if (!preg_match("/[a-z0-9]+\.[a-z0-9_-]+\.[a-z]/i", $url)) {
      return '';
  }

  if (!preg_match("/^http|https?:\/\//i", $url)) {
    $url = "http://".$url;
  }
 
  return $url;
}

After install fix:

1 - No possible for add empty URL, no valid chars or no full URL (http or https - no matter).
2 - Save ressource for member editprofile page (USERS_TABLE update SQL query). Empty result is no use action for update SQL query.

:)
« Last Edit: January 15, 2008, 05:34:02 AM by thunderstrike »
8 steps need when ask question -

- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?

Offline thunderstrike

  • 4images Guru
  • *******
  • Posts: 2.327
    • View Profile
Re: [FIX] - includes/functions.php file (format_url function)
« Reply #1 on: January 15, 2008, 05:34:17 AM »
I update fix (replace function again).
8 steps need when ask question -

- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?