MyBB

Macai · 2007-04-28, 02:52 PM

Tikitiki Wrote:No, I used your patch

Also, are you sure $setting['value'] = ereg_replace("(\\\\*)\\\"","\\1\\1\\\"",$setting['value']); is right? Are you sure there is supposed to be two \\1 ?

I've tested it to see if it works, so it should be right.

However, I put \\1\\1 in there so that way it will turn \ into \\ before the final \", while allowing a potentially infinite number of \ in the find/replace process.

Ryan Gordon · 2007-04-28, 03:02 PM

Okey, cool, was just checking Wink

(As you can tell I'm not too good with regex)

Macai · 2007-04-28, 03:04 PM

Regex is fine. I have trouble with Perl regex sometimes myself.

It's cool. I mean, I definitely understand the motive for asking people to explain why their code is a good idea.

destroyer · 2007-04-28, 06:07 PM

[off-topic]nice presents Tiki![/offtopic]

WDZ · 2007-04-30, 08:47 AM

Eww, I don't like that patch. Toungue

It's overly complex, and doesn't address the root problem: unescaped backslashes.

With or without the patch, if I enter "blah////\\\\blah" as the bbname setting, it's written to the file as exactly that, and displayed as "blah////\\blah".

I suggest using this method instead, which will correctly escape all 3 characters that need escaping: backslashes, double quotes, and dollar signs.

$setting['value'] = addcslashes($setting['value'], '\\"$');

While you're at it, this line should be moved up, because the value copied into $mybb->settings[] shouldn't be escaped. Toungue

$mybb->settings[$setting['name']] = $setting['value'];

Ryan Gordon · 2007-04-30, 02:37 PM

blah k

Coolv · 2007-05-17, 01:56 AM

LOL. Too much root beer.

Login
Username:
Password:	Lost Password?
	Remember me