From 7ea6b9d8fb367db324a67fb8230832b8fc500c3b Mon Sep 17 00:00:00 2001
From: "Paul S. Owen" <psotfx@users.sourceforge.net>
Date: Mon, 28 Apr 2003 15:06:34 +0000
Subject: [PATCH] Check for and remove other possible PHP execution tags

git-svn-id: file:///svn/phpbb/trunk@3957 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/template.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/phpBB/includes/template.php b/phpBB/includes/template.php
index bcdb2e00f7..4ca701ff9f 100644
--- a/phpBB/includes/template.php
+++ b/phpBB/includes/template.php
@@ -273,8 +273,11 @@ class Template
 
 		// Remove any "loose" php ... we want to give admins the ability
 		// to switch on/off PHP for a given template. Allowing unchecked
-		// php is a no-no
-		$code = preg_replace('#\<\?php(.*?)\?\>#is', '', $code);
+		// php is a no-no. There is a potential issue here in that non-php
+		// content may be removed ... however designers should use entities 
+		// if they wish to display < and >
+		$match_php_tags = array('#\<\?php .*?\?\>#is', '#\<\script language="php"\>.*?\<\/script\>#is', '#\<\?.*?\?\>#s', '#\<%.*?%\>#s');
+		$code = preg_replace($match_php_tags, '', $code);
 
 		// Pull out all block/statement level elements and seperate
 		// plain text