diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2006-07-17 15:06:11 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2006-07-17 15:06:11 +0000 |
| commit | 1a5e4f446a681b9dbf02951445bb1e2088bd435a (patch) | |
| tree | 6d119d364b9a8c0da45b11813af327460c6b506c /phpBB/includes/functions_template.php | |
| parent | fa205b922dcfa09bab26b6cf9d406d2afe1a0518 (diff) | |
| download | forums-1a5e4f446a681b9dbf02951445bb1e2088bd435a.tar forums-1a5e4f446a681b9dbf02951445bb1e2088bd435a.tar.gz forums-1a5e4f446a681b9dbf02951445bb1e2088bd435a.tar.bz2 forums-1a5e4f446a681b9dbf02951445bb1e2088bd435a.tar.xz forums-1a5e4f446a681b9dbf02951445bb1e2088bd435a.zip | |
- fix bug within php code removal expression. Thanks to BenP for reporting it to our security tracker.
git-svn-id: file:///svn/phpbb/trunk@6189 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/functions_template.php')
| -rw-r--r-- | phpBB/includes/functions_template.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/includes/functions_template.php b/phpBB/includes/functions_template.php index f566cce1cd..55cb9b1e1a 100644 --- a/phpBB/includes/functions_template.php +++ b/phpBB/includes/functions_template.php @@ -86,7 +86,7 @@ class template_compile // php is a no-no. There is a potential issue here in that non-php // content may be removed ... however designers should use entities // if they wish to display < and > - $match_php_tags = array('#\<\?php .*?\?\>#is', '#\<\script language="php"\>.*?\<\/script\>#is', '#\<\?.*?\?\>#s', '#\<%.*?%\>#s'); + $match_php_tags = array('#\<\?php .*?\?\>#is', '#\<script language="php"\>.*?\<\/script\>#is', '#\<\?.*?\?\>#s', '#\<%.*?%\>#s'); $code = preg_replace($match_php_tags, '', $code); // Pull out all block/statement level elements and seperate plain text |