Check for allowed BBCodes

Closes #18

file/lib/data/message/MessageAction.class.php

@@ -52,6 +52,12 @@ public function validateSend() {
 		// validate text
 		if (strlen($this->parameters['text']) > CHAT_MAX_LENGTH) throw new UserInputException('text', 'tooLong');
 		
+		// search for disallowed bbcodes
+		$disallowedBBCodes = \wcf\system\bbcode\BBCodeParser::getInstance()->validateBBCodes($this->parameters['text'], explode(',', WCF::getSession()->getPermission('user.chat.allowedBBCodes')));
+		if (!empty($disallowedBBCodes)) {
+			throw new UserInputException('text', WCF::getLanguage()->getDynamicVariable('wcf.message.error.disallowedBBCodes', array('disallowedBBCodes' => $disallowedBBCodes)));
+		}
+		
 		// search for censored words
 		if (ENABLE_CENSORSHIP) {
 			$result = \wcf\system\message\censorship\Censorship::getInstance()->test($this->parameters['text']);

option.xml

@@ -37,12 +37,6 @@
 				<defaultvalue>1</defaultvalue>
 				<showorder>5</showorder>
 			</option>
-			<option name="chat_enable_bbcodes">
-				<categoryname>chat.general</categoryname>
-				<optiontype>boolean</optiontype>
-				<defaultvalue>1</defaultvalue>
-				<showorder>6</showorder>
-			</option>
 			<option name="chat_max_length">
 				<categoryname>chat.general</categoryname>
 				<optiontype>integer</optiontype>

userGroupOption.xml

@@ -32,6 +32,11 @@
 				<defaultvalue>0</defaultvalue>
 				<admindefaultvalue>0</admindefaultvalue>
 			</option>
+			<option name="user.chat.allowedBBCodes">
+				<categoryname>user.chat</categoryname>
+				<optiontype>BBCodeSelect</optiontype>
+				<defaultvalue>none</defaultvalue>
+			</option>
 			<option name="mod.chat.canAlwaysEnter">
 				<categoryname>mod.chat</categoryname>
 				<optiontype>boolean</optiontype>