aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
authorthe_systech <the_systech@users.sourceforge.net>2002-04-24 15:00:33 +0000
committerthe_systech <the_systech@users.sourceforge.net>2002-04-24 15:00:33 +0000
commit559dff21b7eb18188c4022efa2e0bb5ddc7de784 (patch)
tree639a9388b0bce3bb1f79d70d0f2cee26f795df5a /phpBB/includes
parent13866059524537d10467d51e085b94182422e614 (diff)
downloadforums-559dff21b7eb18188c4022efa2e0bb5ddc7de784.tar
forums-559dff21b7eb18188c4022efa2e0bb5ddc7de784.tar.gz
forums-559dff21b7eb18188c4022efa2e0bb5ddc7de784.tar.bz2
forums-559dff21b7eb18188c4022efa2e0bb5ddc7de784.tar.xz
forums-559dff21b7eb18188c4022efa2e0bb5ddc7de784.zip
Fix for "security vulnerability" in img tag
git-svn-id: file:///svn/phpbb/trunk@2544 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/bbcode.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php
index 7084a34622..90583de35a 100644
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@@ -282,7 +282,7 @@ function bbencode_first_pass($text, $uid)
$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text);
// [img]image_url_here[/img] code..
- $text = preg_replace("#\[img\](([a-z]+?)://([^ \n\r]+?))\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text);
+ $text = preg_replace("#\[img\](([a-z]+?)://([^ \"\n\r]+?))\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text);
// Remove our padding from the string..
$text = substr($text, 1);
@@ -771,4 +771,4 @@ function smiley_sort($a, $b)
}
-?> \ No newline at end of file
+?>
generated by cgit v1.2.1 (git 2.21.0) at 2024-11-15 01:47:07 +0000