Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[F] A bug, and a solution
Tikitiki Wrote:No, I used your patch

Also, are you sure $setting['value'] = ereg_replace("(\\\\*)\\\"","\\1\\1\\\"",$setting['value']); is right? Are you sure there is supposed to be two \\1 ?
I've tested it to see if it works, so it should be right.

However, I put \\1\\1 in there so that way it will turn \ into \\ before the final \", while allowing a potentially infinite number of \ in the find/replace process.

Join the Dragon's Eye Guild!
Okey, cool, was just checking Wink

(As you can tell I'm not too good with regex)
Regex is fine. I have trouble with Perl regex sometimes myself.

It's cool. I mean, I definitely understand the motive for asking people to explain why their code is a good idea.

Join the Dragon's Eye Guild!
[off-topic]nice presents Tiki![/offtopic]
[Image: destroyerjf8.jpg]

Give us your feedback about MyBB in this thread and become listed on the MyBB website.
Eww, I don't like that patch. Toungue It's overly complex, and doesn't address the root problem: unescaped backslashes.

With or without the patch, if I enter "blah////\\\\blah" as the bbname setting, it's written to the file as exactly that, and displayed as "blah////\\blah".

I suggest using this method instead, which will correctly escape all 3 characters that need escaping: backslashes, double quotes, and dollar signs.

$setting['value'] = addcslashes($setting['value'], '\\"$');

While you're at it, this line should be moved up, because the value copied into $mybb->settings[] shouldn't be escaped. Toungue

$mybb->settings[$setting['name']] = $setting['value'];
blah k
LOL. Too much root beer.

Forum Jump:

Users browsing this thread: 1 Guest(s)