From 09ae9456b9d9f42828103061100c97d3e09c1609 Mon Sep 17 00:00:00 2001 From: Sascha Greuel Date: Sun, 30 Aug 2015 14:44:00 +0200 Subject: [PATCH] Escaped delimiter in validationPattern --- wcfsetup/install/files/lib/system/bbcode/BBCodeParser.class.php | 2 +- .../install/files/lib/system/option/OptionHandler.class.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/wcfsetup/install/files/lib/system/bbcode/BBCodeParser.class.php b/wcfsetup/install/files/lib/system/bbcode/BBCodeParser.class.php index d1f662ee3c..b187c82cd4 100644 --- a/wcfsetup/install/files/lib/system/bbcode/BBCodeParser.class.php +++ b/wcfsetup/install/files/lib/system/bbcode/BBCodeParser.class.php @@ -235,7 +235,7 @@ class BBCodeParser extends SingletonFactory { protected function isValidTagAttribute(array $tagAttributes, BBCodeAttribute $definedTagAttribute) { if ($definedTagAttribute->validationPattern && isset($tagAttributes[$definedTagAttribute->attributeNo])) { // validate attribute - if (!preg_match('~'.$definedTagAttribute->validationPattern.'~i', $tagAttributes[$definedTagAttribute->attributeNo])) { + if (!preg_match('~'.str_replace('~', '\~', $definedTagAttribute->validationPattern).'~i', $tagAttributes[$definedTagAttribute->attributeNo])) { return false; } } diff --git a/wcfsetup/install/files/lib/system/option/OptionHandler.class.php b/wcfsetup/install/files/lib/system/option/OptionHandler.class.php index 0328fdeba9..4ddc3fcdbc 100644 --- a/wcfsetup/install/files/lib/system/option/OptionHandler.class.php +++ b/wcfsetup/install/files/lib/system/option/OptionHandler.class.php @@ -302,7 +302,7 @@ class OptionHandler implements IOptionHandler { // validate with pattern if ($option->validationPattern) { - if (!preg_match('~'.$option->validationPattern.'~', $this->optionValues[$option->optionName])) { + if (!preg_match('~'.str_replace('~', '\~', $option->validationPattern).'~', $this->optionValues[$option->optionName])) { throw new UserInputException($option->optionName, 'validationFailed'); } } -- 2.20.1