smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-09 12:54:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix problem with /e security check on arrays using regex_replace

Browse Source
This commit is contained in:
monte.ohrt
2008-08-06 17:07:15 +00:00
parent f9891ce80c
commit 380e0d0d6b
1 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
libs/plugins/modifier.regex_replace.php
View File

@@ -21,6 +21,18 @@
* @return string * @return string
*/ */
function smarty_modifier_regex_replace($string, $search, $replace) function smarty_modifier_regex_replace($string, $search, $replace)
{
if(is_array($search)) {
foreach($search as $idx => $s)
$search[$idx] = _smarty_regex_replace_check($s);
} else {
$search = _smarty_regex_replace_check($search);
}
return preg_replace($search, $replace, $string);
}
function _smarty_regex_replace_check($search)
{ {
if (($pos = strpos($search,"\0")) !== false) if (($pos = strpos($search,"\0")) !== false)
$search = substr($search,0,$pos); $search = substr($search,0,$pos);
@@ -28,8 +40,7 @@ function smarty_modifier_regex_replace($string, $search, $replace)
/* remove eval-modifier from $search */ /* remove eval-modifier from $search */
$search = substr($search, 0, -strlen($match[1])) . preg_replace('![e\s]+!', '', $match[1]); $search = substr($search, 0, -strlen($match[1])) . preg_replace('![e\s]+!', '', $match[1]);
} }
return $search;
return preg_replace($search, $replace, $string);
} }
/* vim: set expandtab: */ /* vim: set expandtab: */