@robocoder opened this Issue on November 17th 2010 Contributor

see: #1822

there may also be a security issue since there are reports that php code is exposed when a preg_* function fails internally; e.g., backtrack limit

also, differences in PCRE versions may lead to compatibility issues

Files to review:

  • core/AssetManager.php: preg_replace_callback()
  • ViewDataTable/GenerateGraphHTML.php: preg_match()
  • core/SmartyPlugins/outputfilter.cachebuster.php: preg_replace()
  • core/SmartyPlugins/outputfilter.ajaxcdn.php: preg_replace()
  • core/SmartyPlugins/modifier.stripeol.php: preg_replace()
  • libs/Smarty/plugins/outputfilter.trimwhitespace.php: preg_replace()

In some cases, preg* functions can be replaced by faster str* functions, e.g.,

  • plugins/SEO/RankChecker.php:
@mattab commented on January 7th 2011 Member

vote for closing this one?

This Issue was closed on February 17th 2011
Powered by GitHub Issue Mirror