mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-24 20:17:58 +02:00
Code Issues Releases Wiki Activity

- fix bug within php code removal expression. Thanks to BenP for reporting it to our security tracker.

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@6189 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2006-07-17 15:06:11 +00:00
parent fa205b922d
commit 1a5e4f446a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/functions_template.php
View File

@ -86,7 +86,7 @@ class template_compile
// php is a no-no. There is a potential issue here in that non-php
// content may be removed ... however designers should use entities
// if they wish to display < and >
$match_php_tags = array('#\<\?php .*?\?\>#is', '#\<\script language="php"\>.*?\<\/script\>#is', '#\<\?.*?\?\>#s', '#\<%.*?%\>#s');
$match_php_tags = array('#\<\?php .*?\?\>#is', '#\<script language="php"\>.*?\<\/script\>#is', '#\<\?.*?\?\>#s', '#\<%.*?%\>#s');
$code = preg_replace($match_php_tags, '', $code);
// Pull out all block/statement level elements and seperate plain text