makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Check for and remove other possible PHP execution tags

Browse source 
git-svn-id: file:///svn/phpbb/trunk@3957 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2003-04-28 15:06:34 +00:00
parent 9206fc8d12
commit 7ea6b9d8fb
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
phpBB/includes/template.php
View file

@ -273,8 +273,11 @@ class Template
// Remove any "loose" php ... we want to give admins the ability // Remove any "loose" php ... we want to give admins the ability
// to switch on/off PHP for a given template. Allowing unchecked // to switch on/off PHP for a given template. Allowing unchecked
// php is a no-no // php is a no-no. There is a potential issue here in that non-php
$code = preg_replace('#\<\?php(.*?)\?\>#is', '', $code); // content may be removed ... however designers should use entities
// if they wish to display < and >
$match_php_tags = array('#\<\?php .*?\?\>#is', '#\<\script language="php"\>.*?\<\/script\>#is', '#\<\?.*?\?\>#s', '#\<%.*?%\>#s');
$code = preg_replace($match_php_tags, '', $code);
// Pull out all block/statement level elements and seperate // Pull out all block/statement level elements and seperate
// plain text // plain text