Don't hotlink external links in filters which have " in front of it, to allow linking an external ressource via HTML
This commit is contained in:
Daniel Winzen
2
chat.php
2
chat.php
@ -2974,7 +2974,7 @@ function create_hotlinks(){
|
|||||||
global $U;
|
global $U;
|
||||||
//Make hotlinks for URLs, redirect through dereferrer script to prevent session leakage
|
//Make hotlinks for URLs, redirect through dereferrer script to prevent session leakage
|
||||||
// 1. all explicit schemes with whatever xxx://yyyyyyy
|
// 1. all explicit schemes with whatever xxx://yyyyyyy
|
||||||
$U['message']=preg_replace('~(\w+://[^\s<>]+)~i', "<<$1>>", $U['message']);
|
$U['message']=preg_replace('~(^|[^\w"])(\w+://[^\s<>]+)~i', "$1<<$2>>", $U['message']);
|
||||||
// 2. valid URLs without scheme:
|
// 2. valid URLs without scheme:
|
||||||
$U['message']=preg_replace('~((?:[^\s<>]*:[^\s<>]*@)?[a-z0-9\-]+(?:\.[a-z0-9\-]+)+(?::\d*)?/[^\s<>]*)(?![^<>]*>)~i', "<<$1>>", $U['message']); // server/path given
|
$U['message']=preg_replace('~((?:[^\s<>]*:[^\s<>]*@)?[a-z0-9\-]+(?:\.[a-z0-9\-]+)+(?::\d*)?/[^\s<>]*)(?![^<>]*>)~i', "<<$1>>", $U['message']); // server/path given
|
||||||
$U['message']=preg_replace('~((?:[^\s<>]*:[^\s<>]*@)?[a-z0-9\-]+(?:\.[a-z0-9\-]+)+:\d+)(?![^<>]*>)~i', "<<$1>>", $U['message']); // server:port given
|
$U['message']=preg_replace('~((?:[^\s<>]*:[^\s<>]*@)?[a-z0-9\-]+(?:\.[a-z0-9\-]+)+:\d+)(?![^<>]*>)~i', "<<$1>>", $U['message']); // server:port given
|
||||||
|
|||||||
Reference in New Issue
Block a user