Remove single quote character from forced disallowed in username
This commit is contained in:
Visman
parent
392c57f73f
commit
c258e63f36
6 changed files with 29 additions and 6 deletions
|
|
@ -94,6 +94,29 @@ EOD;
|
|||
return $this->block('content');
|
||||
}
|
||||
|
||||
/**
|
||||
* Compile echos
|
||||
*/
|
||||
protected function compileEchos(string $value): string
|
||||
{
|
||||
$value = \preg_replace_callback(
|
||||
'%(@)?\{\{!\s*(.+?)\s*!\}\}(\r?\n)?%s',
|
||||
function($matches) {
|
||||
$whitespace = empty($matches[3]) ? '' : $matches[3] . $matches[3];
|
||||
|
||||
return $matches[1]
|
||||
? \substr($matches[0], 1)
|
||||
: '<?= \\htmlspecialchars((string) '
|
||||
. $this->compileEchoDefaults($matches[2])
|
||||
. ', \\ENT_HTML5 | \\ENT_QUOTES | \\ENT_SUBSTITUTE, \'UTF-8\', false) ?>'
|
||||
. $whitespace;
|
||||
},
|
||||
$value
|
||||
);
|
||||
|
||||
return parent::compileEchos($value);
|
||||
}
|
||||
|
||||
/**
|
||||
* Отправляет HTTP заголовки
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -400,7 +400,7 @@ class Search extends Page
|
|||
|
||||
if (
|
||||
'*' !== $name
|
||||
&& \preg_match('%[@\'"<>\\/\x00-\x1F]%', $name)
|
||||
&& \preg_match('%[@"<>\\/\x00-\x1F]%', $name)
|
||||
) {
|
||||
$v->addError('The :alias is not valid format');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ class Username extends RulesValidator
|
|||
|
||||
if ($this->c->user->isAdmin) {
|
||||
$max = 190;
|
||||
$pattern = '%^[^@\'"<>\\/\x00-\x1F]+$%D';
|
||||
$pattern = '%^[^@"<>\\/\x00-\x1F]+$%D';
|
||||
} else {
|
||||
$max = $this->c->USERNAME['max'];
|
||||
$pattern = $this->c->USERNAME['phpPattern'];
|
||||
|
|
@ -51,7 +51,7 @@ class Username extends RulesValidator
|
|||
// паттерн не совпал
|
||||
} elseif (
|
||||
! \preg_match($pattern, $username)
|
||||
|| \preg_match('%[@\'"<>\\/\x00-\x1F]%', $username)
|
||||
|| \preg_match('%[@"<>\\/\x00-\x1F]%', $username)
|
||||
) {
|
||||
$v->addError('Login format');
|
||||
// идущие подряд пробелы
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>{!! \htmlspecialchars($p->pageTitle, \ENT_HTML5 | \ENT_QUOTES | \ENT_SUBSTITUTE, 'UTF-8', false) !!}</title>
|
||||
<title>{{! $p->pageTitle !}}</title>
|
||||
@foreach ($p->pageHeaders as $pageHeader)
|
||||
@if ('style' === $pageHeader['type'])
|
||||
<style>{!! $pageHeader['values'][0] !!}</style>
|
||||
|
|
|
|||
|
|
@ -63,7 +63,7 @@
|
|||
<span class="f-post-posted"><time datetime="{{ \gmdate('c', $post->posted) }}">{{ dt($post->posted) }}</time></span>
|
||||
@endif
|
||||
@if ($post->edited)
|
||||
<span class="f-post-edited" title="{{ __(['Last edit', $post->editor, dt($post->edited)]) }}"><span>{!! __('Edited') !!}</span></span>
|
||||
<span class="f-post-edited" title="{{! __(['Last edit', $post->editor, dt($post->edited)]) !}}"><span>{!! __('Edited') !!}</span></span>
|
||||
@endif
|
||||
<span class="f-post-number"><a href="{{ $post->link }}" rel="bookmark">#{{ $post->postNumber }}</a></span>
|
||||
</header>
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@
|
|||
<span class="f-post-posted"><a href="{{ $post->link }}" title="{{ __('Go to post') }}" rel="bookmark"><time datetime="{{ \gmdate('c', $post->posted) }}">{{ dt($post->posted) }}</time></a></span>
|
||||
</h3>
|
||||
@if ($post->edited)
|
||||
<span class="f-post-edited" title="{{ __(['Last edit', $post->editor, dt($post->edited)]) }}"><span>{!! __('Edited') !!}</span></span>
|
||||
<span class="f-post-edited" title="{{! __(['Last edit', $post->editor, dt($post->edited)]) !}}"><span>{!! __('Edited') !!}</span></span>
|
||||
@endif
|
||||
<span class="f-post-number">#{{ $post->postNumber }}</span>
|
||||
</header>
|
||||
|
|
|
|||
Loading…
Reference in a new issue