From c52af0da6d7ab5090b1bb7d921a91e830bb53fff Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 25 Jun 2007 15:02:46 +0000 Subject: [PATCH] * (bug 10338) Enforce signature length limit in Unicode characters instead of bytes Uses mb_strlen(), which we already have a fallback function for if mbstring extension isn't present. --- RELEASE-NOTES | 2 ++ includes/DefaultSettings.php | 2 +- includes/Parser.php | 2 +- includes/SpecialPreferences.php | 12 ++++++------ 4 files changed, 10 insertions(+), 8 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 3f60cb47be..08d50dfe89 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -101,6 +101,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN enabled by default. * Added option to install to MyISAM * (bug 9250) Remove hardcoded minimum image name length of three characters +* (bug 10338) Enforce signature length limit in Unicode characters instead of bytes + == Bugfixes since 1.10 == diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index ea83f64694..5a81b71ff1 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -857,7 +857,7 @@ $wgRedirectSources = false; $wgShowIPinHeader = true; # For non-logged in users $wgMaxNameChars = 255; # Maximum number of bytes in username -$wgMaxSigChars = 255; # Maximum number of bytes in signature +$wgMaxSigChars = 255; # Maximum number of Unicode characters in signature $wgMaxArticleSize = 2048; # Maximum article size in kilobytes $wgExtraSubtitle = ''; diff --git a/includes/Parser.php b/includes/Parser.php index 4f4fdf091d..50f9ac1e70 100644 --- a/includes/Parser.php +++ b/includes/Parser.php @@ -3812,7 +3812,7 @@ class Parser $nickname = $user->getOption( 'nickname' ); $nickname = $nickname === '' ? $username : $nickname; - if( strlen( $nickname ) > $wgMaxSigChars ) { + if( mb_strlen( $nickname ) > $wgMaxSigChars ) { $nickname = $username; wfDebug( __METHOD__ . ": $username has overlong signature.\n" ); } elseif( $user->getBoolOption( 'fancysig' ) !== false ) { diff --git a/includes/SpecialPreferences.php b/includes/SpecialPreferences.php index 49c562de82..f80e6b590b 100644 --- a/includes/SpecialPreferences.php +++ b/includes/SpecialPreferences.php @@ -242,7 +242,7 @@ class PreferencesForm { # Validate the signature and clean it up as needed global $wgMaxSigChars; - if( strlen( $this->mNick ) > $wgMaxSigChars ) { + if( mb_strlen( $this->mNick ) > $wgMaxSigChars ) { global $wgLang; $this->mainPrefsForm( 'error', wfMsg( 'badsiglength', $wgLang->formatNum( $wgMaxSigChars ) ) ); @@ -610,7 +610,7 @@ class PreferencesForm { } global $wgParser, $wgMaxSigChars; - if( strlen( $this->mNick ) > $wgMaxSigChars ) { + if( mb_strlen( $this->mNick ) > $wgMaxSigChars ) { $invalidSig = $this->tableRow( ' ', Xml::element( 'span', array( 'class' => 'error' ), @@ -632,10 +632,10 @@ class PreferencesForm { Xml::input( 'wpNick', 25, $this->mNick, array( 'id' => 'wpNick', - // Note: $wgMaxSigChars is currently enforced in UTF-8 bytes, - // but 'maxlength' attribute is enforced in characters. - // It's still possible to put in an overlong string - // 'legitimately' by typing non-ASCII chars. + // Note: $wgMaxSigChars is enforced in Unicode characters, + // both on the backend and now in the browser. + // Badly-behaved requests may still try to submit + // an overlong string, however. 'maxlength' => $wgMaxSigChars ) ) ) . $invalidSig . -- 2.20.1