diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2009-10-28 15:10:32 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2009-10-28 15:10:32 +0000 |
| commit | 87e717ae8782b5d3a26ecc3d4fee3268fdadf6cb (patch) | |
| tree | 8ad3da90edc0dbe1a567aaf6e5f9afa0773ca783 /phpBB/includes/functions_admin.php | |
| parent | df5fa06035cd86f6441edcdecb5b18c0caba27f0 (diff) | |
| download | forums-87e717ae8782b5d3a26ecc3d4fee3268fdadf6cb.tar forums-87e717ae8782b5d3a26ecc3d4fee3268fdadf6cb.tar.gz forums-87e717ae8782b5d3a26ecc3d4fee3268fdadf6cb.tar.bz2 forums-87e717ae8782b5d3a26ecc3d4fee3268fdadf6cb.tar.xz forums-87e717ae8782b5d3a26ecc3d4fee3268fdadf6cb.zip | |
Fix Bug #53245 - Correct regular expression escaping and only splitting keywords on space and "|"
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10240 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/functions_admin.php')
| -rw-r--r-- | phpBB/includes/functions_admin.php | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index c0db64dbfb..92dcf60ee0 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2549,17 +2549,24 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id return; } - $keywords = preg_split('#[\s+\-|*()]+#u', utf8_strtolower(preg_quote($keywords, '#')), 0, PREG_SPLIT_NO_EMPTY); + // Use no preg_quote for $keywords because this would lead to sole backslashes being added + // We also use an OR connection here for spaces and the | string. Currently, regex is not supported for searching (but may come later). + $keywords = preg_split('#[\s|]+#u', utf8_strtolower($keywords), 0, PREG_SPLIT_NO_EMPTY); $sql_keywords = ''; if (!empty($keywords)) { - $keywords_pattern = '#' . implode('|', $keywords) . '#ui'; + $keywords_pattern = array(); + + // Build pattern and keywords... for ($i = 0, $num_keywords = sizeof($keywords); $i < $num_keywords; $i++) { + $keywords_pattern[] = preg_quote($keywords[$i], '#'); $keywords[$i] = $db->sql_like_expression($db->any_char . $keywords[$i] . $db->any_char); } + $keywords_pattern = '#' . implode('|', $keywords_pattern) . '#ui'; + $operations = array(); foreach ($user->lang as $key => $value) { |