Escaped delimiter in validationPattern
authorSascha Greuel <sascha@softcreatr.de>
Sun, 30 Aug 2015 12:44:00 +0000 (14:44 +0200)
committerSascha Greuel <sascha@softcreatr.de>
Sun, 30 Aug 2015 12:44:00 +0000 (14:44 +0200)
wcfsetup/install/files/lib/system/bbcode/BBCodeParser.class.php
wcfsetup/install/files/lib/system/option/OptionHandler.class.php

index d1f662ee3c97adb274b5630e56be9c526c66ff31..b187c82cd470a09809358c023b3bf6072e5061d6 100644 (file)
@@ -235,7 +235,7 @@ class BBCodeParser extends SingletonFactory {
        protected function isValidTagAttribute(array $tagAttributes, BBCodeAttribute $definedTagAttribute) {
                if ($definedTagAttribute->validationPattern && isset($tagAttributes[$definedTagAttribute->attributeNo])) {
                        // validate attribute
-                       if (!preg_match('~'.$definedTagAttribute->validationPattern.'~i', $tagAttributes[$definedTagAttribute->attributeNo])) {
+                       if (!preg_match('~'.str_replace('~', '\~', $definedTagAttribute->validationPattern).'~i', $tagAttributes[$definedTagAttribute->attributeNo])) {
                                return false;
                        }
                }
index 0328fdeba9eb16d4a1baad10adc0185d80fa10c0..4ddc3fcdbcc550378217126ddec410cd4c344f5b 100644 (file)
@@ -302,7 +302,7 @@ class OptionHandler implements IOptionHandler {
                
                // validate with pattern
                if ($option->validationPattern) {
-                       if (!preg_match('~'.$option->validationPattern.'~', $this->optionValues[$option->optionName])) {
+                       if (!preg_match('~'.str_replace('~', '\~', $option->validationPattern).'~', $this->optionValues[$option->optionName])) {
                                throw new UserInputException($option->optionName, 'validationFailed');
                        }
                }