• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Not a bug Custom Bb Codes - Signature restrictions problems

cclaerhout

Well-known member
#1
Class: XenForo_ControllerPublic_Account

Please read the comments inside the code:
PHP:
  /**
    * Save signature
    *
    * @return XenForo_ControllerResponse_Redirect
    */
   public function actionSignatureSave()
   {
     $this->_assertPostOnly();

     $visitor = XenForo_Visitor::getInstance();

     if (!$visitor->canEditSignature())
     {
       return $this->responseNoPermission();
     }

     $signature = $this->getHelper('Editor')->getMessageText('signature', $this->_input);
     $signature = XenForo_Helper_String::autoLinkBbCode($signature, false);

     /** @var $formatter XenForo_BbCode_Formatter_BbCode_Filter */
     $formatter = XenForo_BbCode_Formatter_Base::create('XenForo_BbCode_Formatter_BbCode_Filter');
     $formatter->configureFromSignaturePermissions($visitor->getPermissions());

     $parser = XenForo_BbCode_Parser::create($formatter);
     $signature = $parser->render($signature);
    
     if ($formatter->getDisabledTally()) /*The signature must first be parsed to get access to the disabled tally*/
     {
       $formatter->setStripDisabled(false);
       $signature = $parser->render($signature); /*The signature which now should not contain any Bb Codes is parsed again*/
     }

     if (!$formatter->validateAsSignature($signature, $visitor->getPermissions(), $errors))
     {
       /*
         The first argument, $signature, should be the signature with Bb Codes whereas the provided variable has already been parsed
         => The error "your_signature_may_not_contain_disabled_tags" will then never be displayed
       */
       return $this->responseError($errors);
     }

     $spamModel = $this->_getSpamPreventionModel();

     if ($signature && $spamModel->visitorRequiresSpamCheck())
     {
       $spamResult = $spamModel->checkMessageSpam($signature, array(), $this->_request);
       switch ($spamResult)
       {
         case XenForo_Model_SpamPrevention::RESULT_MODERATED:
         case XenForo_Model_SpamPrevention::RESULT_DENIED;
           $spamModel->logSpamTrigger('user_signature', XenForo_Visitor::getUserId());
           return $this->responseError(new XenForo_Phrase('your_content_cannot_be_submitted_try_later'));
       }
     }

     $settings = array('signature' => $signature);

     if (!$writer = $this->_saveVisitorSettings($settings, $errors))
     {
       return $this->responseError($errors);
     }

     return $this->responseRedirect(
       XenForo_ControllerResponse_Redirect::SUCCESS,
       XenForo_Link::buildPublicLink('account/signature')
     );
   }
Modification to solve the problem:
PHP:
  /**
    * Save signature
    *
    * @return XenForo_ControllerResponse_Redirect
    */
   public function actionSignatureSave()
   {
     $this->_assertPostOnly();

     $visitor = XenForo_Visitor::getInstance();

     if (!$visitor->canEditSignature())
     {
       return $this->responseNoPermission();
     }

     $signature = $this->getHelper('Editor')->getMessageText('signature', $this->_input);
     $signature = XenForo_Helper_String::autoLinkBbCode($signature, false);

     /** @var $formatter XenForo_BbCode_Formatter_BbCode_Filter */
     $formatter = XenForo_BbCode_Formatter_Base::create('XenForo_BbCode_Formatter_BbCode_Filter');
     $formatter->configureFromSignaturePermissions($visitor->getPermissions());

     $parser = XenForo_BbCode_Parser::create($formatter);
     $signatureParsed = $parser->render($signature);
    
     if ($formatter->getDisabledTally())
     {
       $formatter->setStripDisabled(false);
       $signatureParsed = $parser->render($signature);
     }

     if (!$formatter->validateAsSignature($signature, $visitor->getPermissions(), $errors))
     {
       return $this->responseError($errors);
     }

     $spamModel = $this->_getSpamPreventionModel();

     if ($signatureParsed && $spamModel->visitorRequiresSpamCheck())
     {
       $spamResult = $spamModel->checkMessageSpam($signatureParsed, array(), $this->_request);
       switch ($spamResult)
       {
         case XenForo_Model_SpamPrevention::RESULT_MODERATED:
         case XenForo_Model_SpamPrevention::RESULT_DENIED;
           $spamModel->logSpamTrigger('user_signature', XenForo_Visitor::getUserId());
           return $this->responseError(new XenForo_Phrase('your_content_cannot_be_submitted_try_later'));
       }
     }

     $settings = array('signature' => $signatureParsed);

     if (!$writer = $this->_saveVisitorSettings($settings, $errors))
     {
       return $this->responseError($errors);
     }

     return $this->responseRedirect(
       XenForo_ControllerResponse_Redirect::SUCCESS,
       XenForo_Link::buildPublicLink('account/signature')
     );
   }
($signature => $signatureParsed)


Tested with the official custom Bb Codes.

P.S: it would be nice the phrase "your_signature_may_not_contain_disabled_tags" has an argument to display which Bb Code TagName has been wrongly used.
 

Mike

XenForo developer
Staff member
#2
Can you please explain what the problem is and steps to reproduce it (and what you expect to happen)?

I think you're making an implication that the issue involves us stripping disabled BB codes automatically, but this is actually something we do intentionally -- it was mentioned in the original Have You Seen. The only case where we don't strip them is to prevent an obscure method for potentially avoiding the signature limits.
 

cclaerhout

Well-known member
#3
Then what is the purpose of the code below (class XenForo_BbCode_Formatter_BbCode_Filter) ?
PHP:
    if (!$this->_stripDisabled)
     {
       foreach ($this->_disabledTags AS $disabledTag)
       {
         if ($this->getTagTally($disabledTag))
         {
           $errors[] = new XenForo_Phrase('your_signature_may_not_contain_disabled_tags');
           break;
         }
       }
     }
It will never be used(*) with a Custom Bb Code whereas it was supposed to be (function actionSignatureSave):
PHP:
$formatter->setStripDisabled(false);
*: see the reason in my previous post.
 

cclaerhout

Well-known member
#5
Ok ! So the normal behavior is to strip in silence Bb Codes that can't be used in signature. I got it thanks. Then this thread goes to the "not a bug" category :)