[Wikidata-bugs] [Maniphest] [Commented On] T214378: Check simple format constraints (no grouping) in PHP instead of SPARQL

Ladsgroup Tue, 29 Jan 2019 12:01:09 -0800

Ladsgroup added a comment.

The only thing I can think of is security issue with preg_match. Security_checklist_for_developers says:

anything external that is used in part of regex should be escaped with preg_quote( $externalStr, $delimiter ). It puts a backslash in front of every character that is part of the regular _expression_ syntax, and escapes also the delimiter given as second parameter:
$str = preg_replace( "!" . preg_quote( $externalStr, '!' ) . "!", $replacement, $str );

TASK DETAIL

https://phabricator.wikimedia.org/T214378

EMAIL PREFERENCES

https://phabricator.wikimedia.org/settings/panel/emailpreferences/

To: Ladsgroup
Cc: Ladsgroup, Aklapper, Lucas_Werkmeister_WMDE, Nandana, Lahi, Gq86, GoranSMilovanovic, QZanden, LawExplorer, _jensen, Agabi10, Jonas, Wikidata-bugs, aude, Lydia_Pintscher, Mbch331

_______________________________________________
Wikidata-bugs mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs

[Wikidata-bugs] [Maniphest] [Commented On] T214378: Check simple format constraints (no grouping) in PHP instead of SPARQL

Reply via email to