Here's a fix with my idea:
In xmlhttp.php and newreply.php, find:
$message .= "[quote='{$quoted_post['username']}' pid='{$quoted_post['pid']}' dateline='{$quoted_post['dateline']}']\n{$quoted_post['message']}\n[/quote]\n\n";
Replace with
if(my_strpos($quoted_post['username'], ']') !== false)
{
$quoted_post['username'] = '"'.$quoted_post['username'].'"';
}
$message .= "[quote={$quoted_post['username']} pid='{$quoted_post['pid']}' dateline='{$quoted_post['dateline']}']\n{$quoted_post['message']}\n[/quote]\n\n";
Will also need to patch inc/class_parser.php. There's quite a few modifications, so I'll give the functions you need to replace:
/**
* Parses quote MyCode.
*
* @param string The message to be parsed
* @param boolean Are we formatting as text?
* @return string The parsed message.
*/
function mycode_parse_quotes($message, $text_only=false)
{
global $lang, $templates, $theme, $mybb;
// Assign pattern and replace values.
$pattern = array(
"#\[quote=((?:"|\"|')?)([^\"]*?)\\1([^]]*?)?\](.*?)\[\/quote\](\r\n?|\n?)#esi",
"#\[quote\](.*?)\[\/quote\](\r\n?|\n?)#si"
);
if($text_only == false)
{
$replace = array(
"\$this->mycode_parse_post_quotes('$4','$2$3')",
"<blockquote><cite>$lang->quote</cite>$1</blockquote>\n"
);
}
else
{
$replace = array(
"\$this->mycode_parse_post_quotes('$4', '$2$3', true)",
"\n{$lang->quote}\n--\n$1\n--\n"
);
}
while(preg_match($pattern[0], $message) || preg_match($pattern[1], $message))
{
$message = preg_replace($pattern, $replace, $message);
}
if($text_only == false)
{
$find = array(
"#(\r\n*|\n*)<\/cite>(\r\n*|\n*)#",
"#(\r\n*|\n*)<\/blockquote>#"
);
$replace = array(
"</cite><br />",
"</blockquote>"
);
$message = preg_replace($find, $replace, $message);
}
return $message;
}
/**
* Parses quotes with post id and/or dateline.
*
* @param string The message to be parsed
* @param string The username to be parsed
* @param boolean Are we formatting as text?
* @return string The parsed message.
*/
function mycode_parse_post_quotes($message, $username, $text_only=false)
{
global $lang, $templates, $theme, $mybb;
$linkback = $date = "";
$message = trim($message);
$message = preg_replace("#(^<br(\s?)(\/?)>|<br(\s?)(\/?)>$)#i", "", $message);
if(!$message) return '';
$message = str_replace('\"', '"', $message);
$username = str_replace('\"', '"', $username);
$delete_quote = true;
preg_match("#\s*pid=((?:"|\"|')?)([0-9]+)\\1#i", $username, $match);
if(intval($match[2]))
{
$pid = intval($match[2]);
$url = $mybb->settings['bburl']."/".get_post_link($pid)."#pid$pid";
if(defined("IN_ARCHIVE"))
{
$linkback = " <a href=\"{$url}\">[ -> ]</a>";
}
else
{
eval("\$linkback = \" ".$templates->get("postbit_gotopost", 1, 0)."\";");
}
$username = str_replace($match[0], '', $username);
$delete_quote = false;
}
unset($match);
preg_match("#\s*dateline=((?:"|\"|')?)([0-9]+)\\1#i", $username, $match);
if(intval($match[2]))
{
if($match[2] < TIME_NOW)
{
$postdate = my_date($mybb->settings['dateformat'], intval($match[2]));
$posttime = my_date($mybb->settings['timeformat'], intval($match[2]));
$date = " ({$postdate} {$posttime})";
}
$username = str_replace($match[0], '', $username);
$delete_quote = false;
}
// at this point, the message should already by htmlspecialchar'd, but we'll remove problematic characters in case they slip through
$username = strtr($username, array('"' => '"', '<' => '<', '>' => '>'));
if($text_only)
{
return "\n".$username." $lang->wrote{$date}\n--\n{$message}\n--\n";
}
else
{
$span = "";
if(!$delete_quote)
{
$span = "<span>{$date}</span>";
}
return "<blockquote><cite>{$span}".$username." $lang->wrote{$linkback}</cite>{$message}</blockquote>\n";
}
}
