[Bug 20008] New: Glossary: Escaping forward slashes for PCRE functions

bugzilla-daemon Thu, 30 Jul 2009 05:17:34 -0700

https://bugzilla.wikimedia.org/show_bug.cgi?id=20008


           Summary: Glossary: Escaping forward slashes for PCRE functions
           Product: MediaWiki extensions
           Version: any
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: critical
          Priority: Normal
         Component: General/Unknown
        AssignedTo: [email protected]
        ReportedBy: [email protected]


From
http://www.mediawiki.org/wiki/Extension:Glossary#Escaping_forward_slashes_for_PCRE_functions

On line 82 within the glossaryParseThisNode function, the following code
exists:

    $texts = preg_split('/\b(' . preg_quote($term) . 's?)\b/iu',
$node->textContent, -1, PREG_SPLIT_DELIM_CAPTURE);

preg_quote() is meant to escape special regular expression characters from
glossary terms. However by default it will not escape the forward slash
character that has special meaning in PCRE regular expression functions. You
will therefore need to change line 82 to:

    $texts = preg_split('/\b(' . preg_quote($term, '/') . 's?)\b/iu',
$node->textContent, -1, PREG_SPLIT_DELIM_CAPTURE);

Without this fix, glossary terms containing a forward slash may cause a lot of
rendering errors that make your MediaWiki installation unusable.


-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.

_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 20008] New: Glossary: Escaping forward slashes for PCRE functions

Reply via email to