Chi lo desidera (e qui penso agli utenti del Modpack di Stramm) potrà applicare il patch alla vulnerabilità direttamente. Questo risolverà solamente il problema serio di sicurezza, ma non aggiornerà la galleria all'ultima versione.
Rimpiazzate la funzione bb_decode nel file include/functions.inc.php col seguente codice:
// Allow the use of a limited set of phpBB bb codes in albums and image descriptions
// Based on phpBB code
/**
* bb_decode()
*
* @param $text
* @return
**/
function bb_decode($text)
{
$text = nl2br($text);
static $bbcode_tpl = array();
static $patterns = array();
static $replacements = array();
// First: If there isn't a "[" and a "]" in the message, don't bother.
if ((strpos($text, "[") === false || strpos($text, "]") === false)) {
return $text;
}
// [b] and [/b] for bolding text.
$text = str_replace("[b]", '<b>', $text);
$text = str_replace("[/b]", '</b>', $text);
// [u] and [/u] for underlining text.
$text = str_replace("[u]", '<u>', $text);
$text = str_replace("[/u]", '</u>', $text);
// [i] and [/i] for italicizing text.
$text = str_replace("[i]", '<i>', $text);
$text = str_replace("[/i]", '</i>', $text);
// colors
$text = preg_replace("/\[color=(\#[0-9A-F]{6}|[a-z]+)\]/", '<span style="color:$1">', $text);
$text = str_replace("[/color]", '</span>', $text);
// [i] and [/i] for italicizing text.
//$text = str_replace("[i:$uid]", $bbcode_tpl['i_open'], $text);
//$text = str_replace("[/i:$uid]", $bbcode_tpl['i_close'], $text);
if (!count($bbcode_tpl)) {
// We do URLs in several different ways..
// **** WARNING *******************************************************
// The [url] tag can be used for a serious attack against your website.
// So [url] tags are no longer processed to show links.
// This simple action here is not an ideal solution but is necessary.
// Now, [url] tags are processed as follows:
// [url=link]text[/url] shows 'text' with a dummy image for the link.
// [url]link[/url] shows 'link' as plain text with a dummy image.
// The following line is the original line that processed [url]:
// $bbcode_tpl['url'] = '<span class="bblink"><a href="{URL}" rel="external">{DESCRIPTION}</a></span>';
// ********************************************************************
// See this thread on the Coppermine forum for more information:
// http://forum.coppermine-gallery.net/index.php/topic,58309.0.html
// Please read this thread carefully before deciding to process [url].
// ********************************************************************
$url_removed = '{URL}'; // put the image URL in the tooltip/mouse-over
$bbcode_tpl['url'] = '{DESCRIPTION}<img src="images/descending.gif" alt="" title="' . $url_removed . '" />';
$bbcode_tpl['email'] = '<span class="bblink"><a href="mailto:{EMAIL}">{EMAIL}</a></span>';
$bbcode_tpl['url1'] = str_replace('{URL}', '\\1\\2', $bbcode_tpl['url']);
$bbcode_tpl['url1'] = str_replace('{DESCRIPTION}', '\\1\\2', $bbcode_tpl['url1']);
$bbcode_tpl['url2'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
$bbcode_tpl['url2'] = str_replace('{DESCRIPTION}', '\\1', $bbcode_tpl['url2']);
$bbcode_tpl['url3'] = str_replace('{URL}', '\\1\\2', $bbcode_tpl['url']);
$bbcode_tpl['url3'] = str_replace('{DESCRIPTION}', '\\3', $bbcode_tpl['url3']);
$bbcode_tpl['url4'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
$bbcode_tpl['url4'] = str_replace('{DESCRIPTION}', '\\2', $bbcode_tpl['url4']);
$bbcode_tpl['email'] = str_replace('{EMAIL}', '\\1', $bbcode_tpl['email']);
// [url]xxxx://www.phpbb.com[/url] code..
$patterns[1] = "#\[url\]([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+\(\)]+)\[/url\]#si";
$replacements[1] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
$patterns[2] = "#\[url\]([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+\(\)]+)\[/url\]#si";
$replacements[2] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
$patterns[3] = "#\[url=([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+\(\)]+)\](.*?)\[/url\]#si";
$replacements[3] = $bbcode_tpl['url3'];
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
$patterns[4] = "#\[url=([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+\(\)]+)\](.*?)\[/url\]#si";
$replacements[4] = $bbcode_tpl['url4'];
// [email]user@domain.tld[/email] code..
$patterns[5] = "#\[email\]([a-z0-9\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\[/email\]#si";
$replacements[5] = $bbcode_tpl['email'];
// [img]xxxx://www.phpbb.com[/img] code..
// **** WARNING *******************************************************
// The [img] tag can be used for a serious attack against your website.
// So [img] tags are no longer processed to show the specified images.
// This simple action here is not an ideal solution but is necessary.
// Now [img] tags will show a dummy image instead as a placeholder.
// ********************************************************************
// The following line is the original line that processed [img]:
// $bbcode_tpl['img'] = '<img src="{URL}" alt="" />';
// ********************************************************************
// See this thread on the Coppermine forum for more information:
// http://forum.coppermine-gallery.net/index.php/topic,58309.0.html
// Please read this thread carefully before deciding to process [img].
// ********************************************************************
$img_removed = '{URL}'; // put the image URL in the tooltip/mouse-over
$bbcode_tpl['img'] = '<img src="images/thumbnails.gif" alt="" title="' . $img_removed . '" />';
$bbcode_tpl['img'] = str_replace('{URL}', '\\1\\2', $bbcode_tpl['img']);
$patterns[6] = "#\[img\]([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+\(\)]+)\[/img\]#si";
$replacements[6] = $bbcode_tpl['img'];
}
$text = preg_replace($patterns, $replacements, $text);
return $text;
}