From f3f800d85b3328e5a8f90806f9d265d2702cbca5 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Rapha=C3=ABl=20Barrois?= <raphael.barrois@polytechnique.org>
Date: Thu, 4 Feb 2010 01:37:36 +0100
Subject: [PATCH] Force the list of forbidden chars
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Signed-off-by: RaphaÃ«l Barrois <raphael.barrois@polytechnique.org>
---
 include/ufbuilder.inc.php | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/include/ufbuilder.inc.php b/include/ufbuilder.inc.php
index 3f708a5..41e1cf4 100644
--- a/include/ufbuilder.inc.php
+++ b/include/ufbuilder.inc.php
@@ -236,14 +236,12 @@ abstract class UFB_Field
 // {{{ class UFBF_Text
 abstract class UFBF_Text extends UFB_Field
 {
-    private $forbiddenchars;
     private $minlength;
     private $maxlength;
 
-    public function __construct($envfield, $formtext = '', $forbiddenchars = '', $minlength = 2, $maxlength = 255)
+    public function __construct($envfield, $formtext = '', $minlength = 2, $maxlength = 255)
     {
         parent::__construct($envfield, $formtext);
-        $this->forbiddenchars = $forbiddenchars;
         $this->minlength      = $minlength;
         $this->maxlength      = $maxlength;
     }
@@ -260,7 +258,10 @@ abstract class UFBF_Text extends UFB_Field
             return $this->raise("Le champ %s est trop court (minimum {$this->minlength}).");
         } else if (strlen($this->val) > $this->maxlength) {
             return $this->raise("Le champ %s est trop long (maximum {$this->maxlength}).");
+        } else if (preg_match(":[\]\[<>{}~/Â§_`|%$^=+]|\*\*:u", $this->val)) {
+            return $this->raise('Le champ %s contient un caractÃ¨re interdit rendant la recherche impossible.');
         }
+
         return true;
     }
 }
@@ -410,7 +411,7 @@ abstract class UFBF_Mixed extends UFB_Field
 }
 // }}}
 
-// {{{ UFBF_Quick
+// {{{ class UFBF_Quick
 class UFBF_Quick extends UFB_Field
 {
     protected function check(UserFilterBuilder &$ufb)
@@ -658,7 +659,7 @@ class UFBF_Town extends UFBF_Text
     {
         $this->type = $type;
         $this->onlycurrentfield = $onlycurrentfield;
-        parent::__construct($envfield, $formtext, '', 2, 30);
+        parent::__construct($envfield, $formtext, 2, 30);
     }
 
     protected function buildUFC(UserFilterBuilder &$ufb)
-- 
2.1.4