mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-31 03:29:23 +02:00
Code Issues Releases Wiki Activity

Check for and remove other possible PHP execution tags

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@3957 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2003-04-28 15:06:34 +00:00
parent 9206fc8d12
commit 7ea6b9d8fb
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
phpBB/includes/template.php
View File

@ -273,8 +273,11 @@ class Template
// Remove any "loose" php ... we want to give admins the ability
// to switch on/off PHP for a given template. Allowing unchecked
// php is a no-no
$code = preg_replace('#\<\?php(.*?)\?\>#is', '', $code);
// php is a no-no. There is a potential issue here in that non-php
// content may be removed ... however designers should use entities
// if they wish to display < and >
$match_php_tags = array('#\<\?php .*?\?\>#is', '#\<\script language="php"\>.*?\<\/script\>#is', '#\<\?.*?\?\>#s', '#\<%.*?%\>#s');
$code = preg_replace($match_php_tags, '', $code);
// Pull out all block/statement level elements and seperate
// plain text