1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Not a Bug Custom Bb Codes - Signature restrictions problems

Discussion in 'Resolved Bug Reports' started by cclaerhout, Feb 12, 2016.

  1. cclaerhout

    cclaerhout Well-Known Member

    Class: XenForo_ControllerPublic_Account

    Please read the comments inside the code:
    PHP:
      /**
        * Save signature
        *
        * @return XenForo_ControllerResponse_Redirect
        */
       
    public function actionSignatureSave()
       {
         
    $this->_assertPostOnly();

         
    $visitor XenForo_Visitor::getInstance();

         if (!
    $visitor->canEditSignature())
         {
           return 
    $this->responseNoPermission();
         }

         
    $signature $this->getHelper('Editor')->getMessageText('signature'$this->_input);
         
    $signature XenForo_Helper_String::autoLinkBbCode($signaturefalse);

         
    /** @var $formatter XenForo_BbCode_Formatter_BbCode_Filter */
         
    $formatter XenForo_BbCode_Formatter_Base::create('XenForo_BbCode_Formatter_BbCode_Filter');
         
    $formatter->configureFromSignaturePermissions($visitor->getPermissions());

         
    $parser XenForo_BbCode_Parser::create($formatter);
         
    $signature $parser->render($signature);
        
         if (
    $formatter->getDisabledTally()) /*The signature must first be parsed to get access to the disabled tally*/
         
    {
           
    $formatter->setStripDisabled(false);
           
    $signature $parser->render($signature); /*The signature which now should not contain any Bb Codes is parsed again*/
         
    }

         if (!
    $formatter->validateAsSignature($signature$visitor->getPermissions(), $errors))
         {
           
    /*
             The first argument, $signature, should be the signature with Bb Codes whereas the provided variable has already been parsed
             => The error "your_signature_may_not_contain_disabled_tags" will then never be displayed
           */
           
    return $this->responseError($errors);
         }

         
    $spamModel $this->_getSpamPreventionModel();

         if (
    $signature && $spamModel->visitorRequiresSpamCheck())
         {
           
    $spamResult $spamModel->checkMessageSpam($signature, array(), $this->_request);
           switch (
    $spamResult)
           {
             case 
    XenForo_Model_SpamPrevention::RESULT_MODERATED:
             case 
    XenForo_Model_SpamPrevention::RESULT_DENIED;
               
    $spamModel->logSpamTrigger('user_signature'XenForo_Visitor::getUserId());
               return 
    $this->responseError(new XenForo_Phrase('your_content_cannot_be_submitted_try_later'));
           }
         }

         
    $settings = array('signature' => $signature);

         if (!
    $writer $this->_saveVisitorSettings($settings$errors))
         {
           return 
    $this->responseError($errors);
         }

         return 
    $this->responseRedirect(
           
    XenForo_ControllerResponse_Redirect::SUCCESS,
           
    XenForo_Link::buildPublicLink('account/signature')
         );
       }
    Modification to solve the problem:
    PHP:
      /**
        * Save signature
        *
        * @return XenForo_ControllerResponse_Redirect
        */
       
    public function actionSignatureSave()
       {
         
    $this->_assertPostOnly();

         
    $visitor XenForo_Visitor::getInstance();

         if (!
    $visitor->canEditSignature())
         {
           return 
    $this->responseNoPermission();
         }

         
    $signature $this->getHelper('Editor')->getMessageText('signature'$this->_input);
         
    $signature XenForo_Helper_String::autoLinkBbCode($signaturefalse);

         
    /** @var $formatter XenForo_BbCode_Formatter_BbCode_Filter */
         
    $formatter XenForo_BbCode_Formatter_Base::create('XenForo_BbCode_Formatter_BbCode_Filter');
         
    $formatter->configureFromSignaturePermissions($visitor->getPermissions());

         
    $parser XenForo_BbCode_Parser::create($formatter);
         
    $signatureParsed $parser->render($signature);
        
         if (
    $formatter->getDisabledTally())
         {
           
    $formatter->setStripDisabled(false);
           
    $signatureParsed $parser->render($signature);
         }

         if (!
    $formatter->validateAsSignature($signature$visitor->getPermissions(), $errors))
         {
           return 
    $this->responseError($errors);
         }

         
    $spamModel $this->_getSpamPreventionModel();

         if (
    $signatureParsed && $spamModel->visitorRequiresSpamCheck())
         {
           
    $spamResult $spamModel->checkMessageSpam($signatureParsed, array(), $this->_request);
           switch (
    $spamResult)
           {
             case 
    XenForo_Model_SpamPrevention::RESULT_MODERATED:
             case 
    XenForo_Model_SpamPrevention::RESULT_DENIED;
               
    $spamModel->logSpamTrigger('user_signature'XenForo_Visitor::getUserId());
               return 
    $this->responseError(new XenForo_Phrase('your_content_cannot_be_submitted_try_later'));
           }
         }

         
    $settings = array('signature' => $signatureParsed);

         if (!
    $writer $this->_saveVisitorSettings($settings$errors))
         {
           return 
    $this->responseError($errors);
         }

         return 
    $this->responseRedirect(
           
    XenForo_ControllerResponse_Redirect::SUCCESS,
           
    XenForo_Link::buildPublicLink('account/signature')
         );
       }
    ($signature => $signatureParsed)


    Tested with the official custom Bb Codes.

    P.S: it would be nice the phrase "your_signature_may_not_contain_disabled_tags" has an argument to display which Bb Code TagName has been wrongly used.
     
    Xon likes this.
  2. Mike

    Mike XenForo Developer Staff Member

    Can you please explain what the problem is and steps to reproduce it (and what you expect to happen)?

    I think you're making an implication that the issue involves us stripping disabled BB codes automatically, but this is actually something we do intentionally -- it was mentioned in the original Have You Seen. The only case where we don't strip them is to prevent an obscure method for potentially avoiding the signature limits.
     
  3. cclaerhout

    cclaerhout Well-Known Member

    Then what is the purpose of the code below (class XenForo_BbCode_Formatter_BbCode_Filter) ?
    PHP:
        if (!$this->_stripDisabled)
         {
           foreach (
    $this->_disabledTags AS $disabledTag)
           {
             if (
    $this->getTagTally($disabledTag))
             {
               
    $errors[] = new XenForo_Phrase('your_signature_may_not_contain_disabled_tags');
               break;
             }
           }
         }
    It will never be used(*) with a Custom Bb Code whereas it was supposed to be (function actionSignatureSave):
    PHP:
    $formatter->setStripDisabled(false);
    *: see the reason in my previous post.
     
  4. Mike

    Mike XenForo Developer Staff Member

    cclaerhout likes this.
  5. cclaerhout

    cclaerhout Well-Known Member

    Ok ! So the normal behavior is to strip in silence Bb Codes that can't be used in signature. I got it thanks. Then this thread goes to the "not a bug" category :)
     
    Mike likes this.

Share This Page