diff options
Diffstat (limited to 'include/smarty/libs/plugins/modifier.regex_replace.php')
| -rw-r--r-- | include/smarty/libs/plugins/modifier.regex_replace.php | 41 |
1 files changed, 24 insertions, 17 deletions
diff --git a/include/smarty/libs/plugins/modifier.regex_replace.php b/include/smarty/libs/plugins/modifier.regex_replace.php index 100b58ce4..f9fd5fa53 100644 --- a/include/smarty/libs/plugins/modifier.regex_replace.php +++ b/include/smarty/libs/plugins/modifier.regex_replace.php @@ -1,48 +1,55 @@ <?php /** * Smarty plugin + * * @package Smarty - * @subpackage plugins + * @subpackage PluginsModifier */ - /** * Smarty regex_replace modifier plugin * * Type: modifier<br> * Name: regex_replace<br> * Purpose: regular expression search/replace + * * @link http://smarty.php.net/manual/en/language.modifier.regex.replace.php * regex_replace (Smarty online manual) - * @author Monte Ohrt <monte at ohrt dot com> - * @param string - * @param string|array - * @param string|array + * @author Monte Ohrt <monte at ohrt dot com> + * @param string $string input string + * @param string|array $search regular expression(s) to search for + * @param string|array $replace string(s) that should be replaced * @return string */ function smarty_modifier_regex_replace($string, $search, $replace) { if(is_array($search)) { - foreach($search as $idx => $s) - $search[$idx] = _smarty_regex_replace_check($s); + foreach($search as $idx => $s) { + $search[$idx] = _smarty_regex_replace_check($s); + } } else { - $search = _smarty_regex_replace_check($search); - } - + $search = _smarty_regex_replace_check($search); + } return preg_replace($search, $replace, $string); } +/** + * @param string $search string(s) that should be replaced + * @return string + * @ignore + */ function _smarty_regex_replace_check($search) { - if (($pos = strpos($search,"\0")) !== false) - $search = substr($search,0,$pos); + // null-byte injection detection + // anything behind the first null-byte is ignored + if (($pos = strpos($search,"\0")) !== false) { + $search = substr($search,0,$pos); + } + // remove eval-modifier from $search if (preg_match('!([a-zA-Z\s]+)$!s', $search, $match) && (strpos($match[1], 'e') !== false)) { - /* remove eval-modifier from $search */ $search = substr($search, 0, -strlen($match[1])) . preg_replace('![e\s]+!', '', $match[1]); } return $search; } -/* vim: set expandtab: */ - -?> +?>
\ No newline at end of file |