From 850ccd65fd197234053d882287adb92c117abc39 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= <timwolla@arcor.de>
Date: Mon, 11 Mar 2013 15:28:51 +0100
Subject: [PATCH] Check for allowed BBCodes

Closes #18
---
 file/lib/data/message/MessageAction.class.php | 6 ++++++
 option.xml                                    | 6 ------
 userGroupOption.xml                           | 5 +++++
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/file/lib/data/message/MessageAction.class.php b/file/lib/data/message/MessageAction.class.php
index 9f0816b..5c33e09 100644
--- a/file/lib/data/message/MessageAction.class.php
+++ b/file/lib/data/message/MessageAction.class.php
@@ -52,6 +52,12 @@ public function validateSend() {
 		// validate text
 		if (strlen($this->parameters['text']) > CHAT_MAX_LENGTH) throw new UserInputException('text', 'tooLong');
 		
+		// search for disallowed bbcodes
+		$disallowedBBCodes = \wcf\system\bbcode\BBCodeParser::getInstance()->validateBBCodes($this->parameters['text'], explode(',', WCF::getSession()->getPermission('user.chat.allowedBBCodes')));
+		if (!empty($disallowedBBCodes)) {
+			throw new UserInputException('text', WCF::getLanguage()->getDynamicVariable('wcf.message.error.disallowedBBCodes', array('disallowedBBCodes' => $disallowedBBCodes)));
+		}
+		
 		// search for censored words
 		if (ENABLE_CENSORSHIP) {
 			$result = \wcf\system\message\censorship\Censorship::getInstance()->test($this->parameters['text']);
diff --git a/option.xml b/option.xml
index 2a88897..aa1181f 100644
--- a/option.xml
+++ b/option.xml
@@ -37,12 +37,6 @@
 				<defaultvalue>1</defaultvalue>
 				<showorder>5</showorder>
 			</option>
-			<option name="chat_enable_bbcodes">
-				<categoryname>chat.general</categoryname>
-				<optiontype>boolean</optiontype>
-				<defaultvalue>1</defaultvalue>
-				<showorder>6</showorder>
-			</option>
 			<option name="chat_max_length">
 				<categoryname>chat.general</categoryname>
 				<optiontype>integer</optiontype>
diff --git a/userGroupOption.xml b/userGroupOption.xml
index 6df4727..4b70089 100644
--- a/userGroupOption.xml
+++ b/userGroupOption.xml
@@ -32,6 +32,11 @@
 				<defaultvalue>0</defaultvalue>
 				<admindefaultvalue>0</admindefaultvalue>
 			</option>
+			<option name="user.chat.allowedBBCodes">
+				<categoryname>user.chat</categoryname>
+				<optiontype>BBCodeSelect</optiontype>
+				<defaultvalue>none</defaultvalue>
+			</option>
 			<option name="mod.chat.canAlwaysEnter">
 				<categoryname>mod.chat</categoryname>
 				<optiontype>boolean</optiontype>