aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb/search
diff options
context:
space:
mode:
authorDerky <derky@phpbb.com>2019-04-26 00:52:43 +0200
committerDerky <derky@phpbb.com>2019-04-26 00:54:14 +0200
commit8a73eb5f0ff912454e6479539f972081e54baa1c (patch)
tree1d9dd94f087f06170368a2e3b3dc259f01d7acf2 /phpBB/phpbb/search
parentfd195fba210c8625e968ef5553e61864747c8d44 (diff)
downloadforums-8a73eb5f0ff912454e6479539f972081e54baa1c.tar
forums-8a73eb5f0ff912454e6479539f972081e54baa1c.tar.gz
forums-8a73eb5f0ff912454e6479539f972081e54baa1c.tar.bz2
forums-8a73eb5f0ff912454e6479539f972081e54baa1c.tar.xz
forums-8a73eb5f0ff912454e6479539f972081e54baa1c.zip
[ticket/security/235] Use whitespace instead of word boundary regex to remove wildcards
This fixes removing the wildcard in the following search query: *.test SECURITY-235
Diffstat (limited to 'phpBB/phpbb/search')
-rw-r--r--phpBB/phpbb/search/fulltext_native.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/phpbb/search/fulltext_native.php b/phpBB/phpbb/search/fulltext_native.php
index 478fe5616d..1925623b80 100644
--- a/phpBB/phpbb/search/fulltext_native.php
+++ b/phpBB/phpbb/search/fulltext_native.php
@@ -306,7 +306,7 @@ class fulltext_native extends \phpbb\search\base
}
// Remove non trailing wildcards from each word to prevent a full table scan (it's now using the database index)
- $match = '#\*(?!$)\b#';
+ $match = '#\*(?!$|\s)#';
$replace = '$1';
$keywords = preg_replace($match, $replace, $keywords);