Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[F] A bug, and a solution
#11
Tikitiki Wrote:No, I used your patch

Also, are you sure $setting['value'] = ereg_replace("(\\\\*)\\\"","\\1\\1\\\"",$setting['value']); is right? Are you sure there is supposed to be two \\1 ?
I've tested it to see if it works, so it should be right.

However, I put \\1\\1 in there so that way it will turn \ into \\ before the final \", while allowing a potentially infinite number of \ in the find/replace process.
--Macai

Join the Dragon's Eye Guild! http://dragonseyeguild.net
#12
Okey, cool, was just checking Wink

(As you can tell I'm not too good with regex)
#13
Regex is fine. I have trouble with Perl regex sometimes myself.

It's cool. I mean, I definitely understand the motive for asking people to explain why their code is a good idea.
--Macai

Join the Dragon's Eye Guild! http://dragonseyeguild.net
#14
[off-topic]nice presents Tiki![/offtopic]
[Image: destroyerjf8.jpg]

Give us your feedback about MyBB in this thread and become listed on the MyBB website.
#15
Eww, I don't like that patch. Toungue It's overly complex, and doesn't address the root problem: unescaped backslashes.

With or without the patch, if I enter "blah////\\\\blah" as the bbname setting, it's written to the file as exactly that, and displayed as "blah////\\blah".

I suggest using this method instead, which will correctly escape all 3 characters that need escaping: backslashes, double quotes, and dollar signs.

PHP Code:
$setting['value'] = addcslashes($setting['value'], '\\"$'); 

While you're at it, this line should be moved up, because the value copied into $mybb->settings[] shouldn't be escaped. Toungue

PHP Code:
$mybb->settings[$setting['name']] = $setting['value']; 
#16
blah k
#17
LOL. Too much root beer.


Forum Jump:


Users browsing this thread: 1 Guest(s)