Skip to content

Commit

Permalink
Ensures fix_utf8mb4 has been applied to strings before saving to db
Browse files Browse the repository at this point in the history 
Signed-off-by: Jon Stovell <jonstovell@gmail.com>
  • Loading branch information
@Sesquipedalian
Sesquipedalian committed May 11, 2024
1 parent 18e24e9 commit e50372e
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 7 deletions.
12 changes: 7 additions & 5 deletions Sources/Load.php
View file
Expand Up @@ -115,11 +115,13 @@ function reloadSettings()
{
return (string) $string;
};
$fix_utf8mb4 = function($string) use ($utf8, $smcFunc)
$smcFunc['fix_utf8mb4'] = function($string) use ($utf8, $smcFunc)
{
if (!$utf8 || $smcFunc['db_mb4'])
return $string;

$string = (string) $string;

$i = 0;
$len = strlen($string);
$new_string = '';
Expand Down Expand Up @@ -162,11 +164,11 @@ function reloadSettings()
$num = $string[0] === 'x' ? hexdec(substr($string, 1)) : (int) $string;
return $num < 0x20 || $num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF) || $num === 0x202E || $num === 0x202D ? '' : '&#' . $num . ';';
},
'htmlspecialchars' => function($string, $quote_style = ENT_COMPAT, $charset = 'ISO-8859-1') use ($ent_check, $utf8, $fix_utf8mb4, &$smcFunc)
'htmlspecialchars' => function($string, $quote_style = ENT_COMPAT, $charset = 'ISO-8859-1') use ($ent_check, $utf8, &$smcFunc)
{
$string = $smcFunc['normalize']($string);

return $fix_utf8mb4($ent_check(htmlspecialchars($string, $quote_style, $utf8 ? 'UTF-8' : $charset)));
return $smcFunc['fix_utf8mb4']($ent_check(htmlspecialchars($string, $quote_style, $utf8 ? 'UTF-8' : $charset)));
},
'htmltrim' => function($string) use ($utf8, $ent_check)
{
Expand Down Expand Up @@ -234,7 +236,7 @@ function reloadSettings()
{
return $smcFunc['convert_case']($string, 'ucwords');
},
'convert_case' => function($string, $case, $simple = false, $form = 'c') use (&$smcFunc, $utf8, $ent_check, $fix_utf8mb4, $sourcedir)
'convert_case' => function($string, $case, $simple = false, $form = 'c') use (&$smcFunc, $utf8, $ent_check, $sourcedir)
{
if (!$utf8)
{
Expand Down Expand Up @@ -295,7 +297,7 @@ function reloadSettings()
}
}

return $fix_utf8mb4($string);
return $smcFunc['fix_utf8mb4']($string);
},
'json_decode' => 'smf_json_decode',
'json_encode' => 'json_encode',
Expand Down
4 changes: 2 additions & 2 deletions Sources/Subs-Db-mysql.php
View file
Expand Up @@ -212,7 +212,7 @@ function smf_db_replacement__callback($matches)

case 'string':
case 'text':
return sprintf('\'%1$s\'', mysqli_real_escape_string($connection, $replacement));
return sprintf('\'%1$s\'', mysqli_real_escape_string($connection, isset($smcFunc['fix_utf8mb4']) ? $smcFunc['fix_utf8mb4']($replacement) : $replacement));
break;

case 'array_int':
Expand Down Expand Up @@ -243,7 +243,7 @@ function smf_db_replacement__callback($matches)
smf_db_error_backtrace('Database error, given array of string values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__);

foreach ($replacement as $key => $value)
$replacement[$key] = sprintf('\'%1$s\'', mysqli_real_escape_string($connection, $value));
$replacement[$key] = sprintf('\'%1$s\'', mysqli_real_escape_string($connection, isset($smcFunc['fix_utf8mb4']) ? $smcFunc['fix_utf8mb4']($value) : $value));

return implode(', ', $replacement);
}
Expand Down

0 comments on commit e50372e

Please sign in to comment.