Navigation

← Previous Changeset
Next Changeset →

Changeset 846

Timestamp:

06/07/07 07:04:40 (1 year ago)

Author:

mdawaffe

Message:

varchar(255) for slugs, trim multibyte data before inserting in db. Fixes #655

Files:

trunk/bb-admin/admin-functions.php (modified) (1 diff)
trunk/bb-admin/upgrade-functions.php (modified) (3 diffs)
trunk/bb-admin/upgrade-schema.php (modified) (2 diffs)
trunk/bb-includes/default-filters.php (modified) (1 diff)
trunk/bb-includes/formatting-functions.php (modified) (5 diffs)
trunk/bb-includes/functions.php (modified) (12 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/bb-admin/admin-functions.php

r841	r846
422	422	$forum_name = apply_filters( 'bb_pre_forum_name', stripslashes($forum_name) );
423	423	$forum_desc = apply_filters( 'bb_pre_forum_desc', stripslashes($forum_desc) );
	424	$forum_name = bb_trim_for_db( $forum_name, 150 );
424	425
425	426	$forum_name = $bbdb->escape( $forum_name );

trunk/bb-admin/upgrade-functions.php

r845	r846
16	16	$bb_upgrade += bb_upgrade_190(); // Move topic_resolved to topicmeta
17	17	$bb_upgrade += bb_upgrade_200(); // Indices
	18	$bb_upgrade += bb_upgrade_210(); // Convert text slugs to varchar slugs
18	19	require_once( BBPATH . 'bb-admin/upgrade-schema.php');
19	20	bb_make_db_current();
…	…
269	270	}
270	271
	272	function bb_upgrade_process_all_slugs() {
	273	global $bbdb;
	274	// Forums
	275
	276	$ids = (array) $bbdb->get_col("SELECT forum_id, forum_name FROM $bbdb->forums ORDER BY forum_order ASC" );
	277
	278	$names = $bbdb->get_col('', 1);
	279
	280	$slugs = array();
	281	foreach ( $ids as $r => $id ) :
	282	$slug = bb_slug_sanitize( $names[$r] );
	283	$slugs[$slug][] = $id;
	284	endforeach;
	285
	286	foreach ( $slugs as $slug => $forum_ids ) :
	287	foreach ( $forum_ids as $count => $forum_id ) :
	288	if ( $count > 0 )
	289	$slug = bb_slug_increment( $slug, "-" . ( $count - 1 ) );
	290	$bbdb->query("UPDATE $bbdb->forums SET forum_slug = '$slug' WHERE forum_id = '$forum_id';");
	291	endforeach;
	292	endforeach;
	293	unset($ids, $names, $slugs, $r, $id, $slug, $forum_ids, $forum_id, $count);
	294
	295	// Topics
	296
	297	$ids = (array) $bbdb->get_col("SELECT topic_id, topic_title FROM $bbdb->topics ORDER BY topic_start_time ASC" );
	298
	299	$names = $bbdb->get_col('', 1);
	300
	301	$slugs = array();
	302	foreach ( $ids as $r => $id ) :
	303	$slug = bb_slug_sanitize( $names[$r] );
	304	$slugs[$slug][] = $id;
	305	endforeach;
	306
	307	foreach ( $slugs as $slug => $topic_ids ) :
	308	foreach ( $topic_ids as $count => $topic_id ) :
	309	if ( $count > 0 )
	310	$slug = bb_slug_increment( $slug, "-" . ( $count - 1 ) );
	311	$bbdb->query("UPDATE $bbdb->topics SET topic_slug = '$slug' WHERE topic_id = '$topic_id';");
	312	endforeach;
	313	endforeach;
	314	unset($ids, $names, $slugs, $r, $id, $slug, $topic_ids, $topic_id, $count);
	315	}
	316
271	317	// Reversibly break passwords of blocked users.
272	318	function bb_upgrade_160() {
…	…
359	405	}
360	406
361		function bb_upgrade_1000() {
362		if ( ( $dbv = bb_get_option_from_db( 'bb_db_version' ) ) && $dbv >= 788 )
363		return 0;
	407	// 210 converts text slugs to varchar(255) width slugs (upgrading from alpha version - fires before dbDelta)
	408	// 1000 Gives new slugs (upgrading from previous release - fires after dbDelta)
	409	function bb_upgrade_210() {
	410	if ( ( $dbv = bb_get_option_from_db( 'bb_db_version' ) ) && $dbv >= 846 )
	411	return 0;
	412
	413	global $bbdb;
	414
	415	$bbdb->hide_errors();
	416	if ( !$ids = $bbdb->get_var("SELECT forum_slug FROM $bbdb->forums ORDER BY forum_order ASC LIMIT 1" ) )
	417	return; // Wait till after dbDelta
	418	$bbdb->show_errors();
	419
	420	bb_upgrade_process_all_slugs();
	421
	422	bb_update_option( 'bb_db_version', 846 );
364	423
365		global $bbdb;
366
367		$forums = (array) $bbdb->get_results("SELECT forum_id, forum_name, forum_slug FROM $bbdb->forums ORDER BY forum_order ASC" );
368		foreach ($forums as $forum) {
369		$slug = bb_slug_sanitize(trim($forum->forum_name));
370		$forum_slugs[$slug][] = $forum->forum_id;
371		}
372		foreach ($forum_slugs as $slug => $forums) {
373		foreach ($forums as $count => $forum_id) {
374		if ($count > 0) {
375		$increment = '-' . ($count + 1);
376		} else {
377		$increment = null;
378		}
379		$slug .= $increment;
380		$bbdb->query("UPDATE $bbdb->forums SET forum_slug = '$slug' WHERE forum_id = $forum_id;");
381		}
382		}
383		unset($forums,$forum,$forum_slugs,$slug,$forum_id,$increment,$count);
384
385		$topics = (array) $bbdb->get_results("SELECT topic_id, topic_title, topic_slug FROM $bbdb->topics ORDER BY topic_start_time ASC" );
386		foreach ($topics as $topic) {
387		$slug = bb_slug_sanitize(trim($topic->topic_title));
388		$topic_slugs[$slug][] = $topic->topic_id;
389		}
390		foreach ($topic_slugs as $slug => $topics) {
391		foreach ($topics as $count => $topic_id) {
392		if ($count > 0) {
393		$increment = '-' . ($count + 1);
394		} else {
395		$increment = null;
396		}
397		$slug .= $increment;
398		$bbdb->query("UPDATE $bbdb->topics SET topic_slug = '$slug' WHERE topic_id = $topic_id;");
399		}
400		}
401		unset($topics,$topic,$topic_slugs,$slug,$topic_id,$increment,$count);
402
403		bb_update_option( 'bb_db_version', 788 );
	424	echo "Done adding slugs.<br />";
	425	return 1;
	426	}
	427
	428	function bb_upgrade_1000() { // Give all topics and forums slugs
	429	if ( ( $dbv = bb_get_option_from_db( 'bb_db_version' ) ) && $dbv >= 846 )
	430	return 0;
	431
	432	bb_upgrade_process_all_slugs();
	433
	434	bb_update_option( 'bb_db_version', 846 );
404	435
405	436	echo "Done adding slugs.<br />";

trunk/bb-admin/upgrade-schema.php

r845	r846
5	5	forum_id int(10) NOT NULL auto_increment,
6	6	forum_name varchar(150) NOT NULL default '',
7		forum_slug ~~text~~ NOT NULL default '',
	7	forum_slug varchar(255) NOT NULL default '',
8	8	forum_desc text NOT NULL,
9	9	forum_parent int(10) NOT NULL default '0',
…	…
32	32	topic_id bigint(20) NOT NULL auto_increment,
33	33	topic_title varchar(100) NOT NULL default '',
34		topic_slug ~~text~~ NOT NULL default '',
	34	topic_slug varchar(255) NOT NULL default '',
35	35	topic_poster bigint(20) NOT NULL default '0',
36	36	topic_poster_name varchar(40) NOT NULL default 'Anonymous',

trunk/bb-includes/default-filters.php

r841	r846
38	38	add_filter('edit_text', 'trim', 15);
39	39
40		add_filter('pre_create_tag', 'bb_pre_create_tag_utf8' );
41
42		add_filter('pre_sanitize_with_dashes', 'bb_pre_sanitize_with_dashes_utf8' );
	40	add_filter('pre_sanitize_with_dashes', 'bb_pre_sanitize_with_dashes_utf8', 10, 3 );
43	41
44	42	add_filter('get_user_link', 'bb_fix_link');

trunk/bb-includes/formatting-functions.php

r839	r846
122	122	}
123	123
	124	function bb_trim_for_db( $string, $length ) {
	125	if ( seems_utf8( $string ) )
	126	$_string = bb_utf8_cut( $string, $length );
	127	return apply_filters( 'bb_trim_for_db', $_string, $string, $length );
	128	}
	129
124	130	// Reduce utf8 string to $length in single byte character equivalents without breaking multibyte characters
125		function bb_utf8_cut( $utf8_string, $length ) {
	131	function bb_utf8_cut( $utf8_string, $length = 0 ) {
	132	if ( $length < 1 )
	133	return $utf8_string;
	134
126	135	$unicode = '';
127	136	$chars = array();
…	…
154	163	}
155	164
156		function bb_tag_sanitize( $tag ) {
	165	function bb_encoded_utf8_cut( $encoded, $length = 0 ) {
	166	if ( $length < 1 )
	167	return $encoded;
	168
	169	$r = '';
	170	$values = preg_split( '/(%[0-9a-f]{2})/i', $encoded, -1, PREG_SPLIT_DELIM_CAPTURE \| PREG_SPLIT_NO_EMPTY );;
	171
	172	for ($i = 0; $i < count( $values ); $i += $num_octets ) {
	173	$num_octets = 1;
	174	if ( '%' != $values[$i][0] ) {
	175	$r .= $values[$i];
	176	if ( $length && strlen($r) > $length )
	177	return substr($r, 0, $length);
	178	} else {
	179	$value = hexdec(substr($values[$i], 1));
	180
	181	if ( 1 == $num_octets )
	182	$num_octets = $value < 224 ? 2 : 3;
	183
	184	if ( $length && ( strlen($r) + $num_octets * 3 ) > $length )
	185	return $r;
	186
	187	$r .= $values[$i] . $values[$i + 1];
	188	if ( 3 == $num_octets )
	189	$r .= $values[$i + 2];
	190	}
	191	}
	192
	193	return $r;
	194	}
	195
	196	function bb_tag_sanitize( $tag, $length = 200 ) {
157	197	$_tag = $tag;
158		return apply_filters( 'bb_tag_sanitize', bb_sanitize_with_dashes( $tag ~~), $_tag~~ );
159		}
160
161		function bb_slug_sanitize( $slug ) {
	198	return apply_filters( 'bb_tag_sanitize', bb_sanitize_with_dashes( $tag, $length ), $_tag, $length );
	199	}
	200
	201	function bb_slug_sanitize( $slug, $length = 255 ) {
162	202	$_slug = $slug;
163		return apply_filters( 'bb_slug_sanitize', ~~sanitize_with_dashes( $slug ), $_slug~~ );
164		}
165
166		function bb_sanitize_with_dashes( $text, $length = 200 ) { // Multibyte aware
	203	return apply_filters( 'bb_slug_sanitize', bb_sanitize_with_dashes( $slug, $length ), $_slug, $length );
	204	}
	205
	206	function bb_sanitize_with_dashes( $text, $length = 0 ) { // Multibyte aware
167	207	$_text = $text;
168	208	$text = trim($text);
169	209	$text = strip_tags($text);
170
171	210	// Preserve escaped octets.
172	211	$text = preg_replace('\|%([a-fA-F0-9][a-fA-F0-9])\|', '---$1---', $text);
…	…
176	215	$text = preg_replace('\|---([a-fA-F0-9][a-fA-F0-9])---\|', '%$1', $text);
177	216
178		$text = apply_filters( 'pre_sanitize_with_dashes', $text, $_text );
	217	$text = apply_filters( 'pre_sanitize_with_dashes', $text, $_text, $length );
179	218
180	219	$text = strtolower($text);
…	…
187	226	}
188	227
189		function bb_pre_sanitize_with_dashes_utf8( $text ) {
	228	function bb_pre_sanitize_with_dashes_utf8( $text, $_text = '', $length = 0 ) {
190	229	$text = remove_accents($text);
191	230
…	…
193	232	if ( function_exists('mb_strtolower') )
194	233	$text = mb_strtolower($text, 'UTF-8');
195		$text = utf8_uri_encode( $text );
196		}
	234	$text = utf8_uri_encode( $text, $length );
	235	}
	236
197	237	return $text;
198	238	}

trunk/bb-includes/functions.php

r845	r846
1	1	<?php
2
3	2	/* INIT */
4	3
…	…
173	172	global $bbdb, $bb_cache;
174	173	$title = apply_filters('pre_topic_title', $title, false);
175		$~~slug = bb_slug_sanitize($title~~);
176		$~~existing_slugs = $bbdb->get_col("SELECT topic_slug FROM $bbdb->topics WHERE topic_slug LIKE '$slug%'"~~);
177		~~if ($existing_slugs) {~~
178		$slug = bb_slug_increment($~~slug, $existing_slugs~~);
179		}
	174	$title = bb_trim_for_db( $title, 150 );
	175	$slug = $_slug = bb_slug_sanitize($title);
	176	while ( $existing_slug = $bbdb->get_var("SELECT topic_slug FROM $bbdb->topics WHERE topic_slug = '$slug'") )
	177	$slug = bb_slug_increment($_slug, $existing_slug);
	178
180	179	$forum = (int) $forum;
181	180	$now = bb_current_time('mysql');
…	…
748	747	$tag = apply_filters( 'pre_create_tag', $tag );
749	748
750		$raw_tag = ~~$tag~~;
	749	$raw_tag = bb_trim_for_db( $tag, 50 );
751	750	$tag = bb_tag_sanitize( $tag );
752	751
…	…
759	758	do_action('bb_tag_created', $raw_tag, $bbdb->insert_id);
760	759	return $bbdb->insert_id;
761		}
762
763		~~function bb_pre_create_tag_utf8( $tag ) {~~
764		~~if ( seems_utf8( $tag ) )~~
765		~~$tag = bb_utf8_cut( $tag, 50 ); // Should match raw_tag column width in DB schema~~
766		~~return $tag;~~
767	760	}
768	761
…	…
1189	1182	break;
1190	1183	case 'bb_db_version' :
1191		return '845'; // Don't filter
	1184	return '846'; // Don't filter
1192	1185	break;
1193	1186	case 'html_type' :
…	…
1548	1541	$path = preg_replace("#$bbpath#",'',$path,1);
1549	1542	$url = explode('/',$path);
1550		return ~~$url[$level]~~;
	1543	return urldecode($url[$level]);
1551	1544	}
1552	1545
…	…
1577	1570	else
1578	1571	$permalink = get_path();
	1572	$_original_piece = $permalink;
1579	1573
1580	1574	do_action( 'pre_permalink', $permalink );
…	…
1611	1605	else
1612	1606	$permalink = get_path();
	1607	$_original_piece = $permalink;
1613	1608	if ( !$user = bb_get_user( $permalink ) )
1614	1609	bb_die(__('User not found.'));
…	…
1637	1632	else
1638	1633	$permalink = get_path();
	1634	$_original_piece = $permalink;
1639	1635	if ( !$permalink )
1640	1636	$permalink = get_tag_page_link();
…	…
1649	1645	if ( isset($_GET['view']) )
1650	1646	$permalink = $_GET['view'];
1651		else $permalink = get_path();
	1647	else
	1648	$permalink = get_path();
	1649	$_original_piece = $permalink;
1652	1650	global $view;
1653	1651	$view = $permalink;
…	…
1688	1686	echo "</td></tr>\n</table>";
1689	1687	else :
1690		if ( $check != $uri ) {
	1688	if ( $check != $uri && $check != str_replace(urlencode($_original_piece), $_original_piece, $uri) ) {
1691	1689	wp_redirect( $permalink );
1692	1690	exit;
…	…
2133	2131	/* Slugs */
2134	2132
2135		function bb_slug_increment($slug, $all_slugs) {
2136		$all_slugs = preg_grep('/^' . $slug . '(\-[0-9]+)?$/', $all_slugs);
2137		if (!count($all_slugs)) {
2138		return $slug;
2139		}
2140
2141		natsort($all_slugs);
2142		$all_slugs = array_reverse($all_slugs);
2143		if ($slug == $all_slugs[0]) {
2144		$last_slug_number = 1;
2145		} else {
2146		$last_slug_number = (integer) str_replace($slug . '-', '', $all_slugs[0]);
2147		}
2148		return $slug . '-' . ($last_slug_number + 1);
2149		}
2150
2151		function bb_get_id_from_slug($table, $slug) {
	2133	function bb_slug_increment( $slug, $existing_slug, $slug_length = 255 ) {
	2134	if ( preg_match('/^.*-([0-9]+)$/', $existing_slug, $m) )
	2135	$number = (int) $m[1] + 1;
	2136	else
	2137	$number = 1;
	2138
	2139	$r = bb_encoded_utf8_cut( $slug, $slug_length - 1 - strlen($number) );
	2140	return apply_filters( 'bb_slug_increment', "$r-$number", $slug, $existing_slug, $slug_length );
	2141	}
	2142
	2143	function bb_get_id_from_slug( $table, $slug, $slug_length = 255 ) {
2152	2144	global $bbdb;
2153	2145	$tablename = $table . 's';
2154		$slug = bb_slug_sanitize($slug);
2155		$result = $bbdb->get_var("SELECT ${table}_id FROM {$bbdb->$tablename} WHERE ${table}_slug = '$slug'");
2156		return $result;
	2146	$r = false;
	2147	// Look for new style equiv of old style slug
	2148	$_slug = bb_slug_sanitize( $slug );
	2149	if ( strlen($_slug) > $slug_length && preg_match('/^.*-([0-9]+)$/', $_slug, $m) ) {
	2150	$_slug = bb_encoded_utf8_cut( $_slug, $slug_length - 1 - strlen($number) );
	2151	$number = (int) $m[1];
	2152	$r = $bbdb->get_var("SELECT ${table}_id FROM {$bbdb->$tablename} WHERE ${table}_slug = '$_slug-$number'");
	2153	}
	2154	if ( !$r ) {
	2155	$_slug = bb_slug_sanitize($slug);
	2156	$r = $bbdb->get_var("SELECT ${table}_id FROM {$bbdb->$tablename} WHERE ${table}_slug = '$_slug'");
	2157	}
	2158	return $r;
2157	2159	}
2158	2160

Download in other formats: