From 65d5d1d6910d14a2e98894ab9a5e4b7453934c88 Mon Sep 17 00:00:00 2001
From: renato <renato@rezo.net>
Date: Fri, 18 May 2007 16:11:35 +0000
Subject: [PATCH] better regex to avoid js injections. It did not avoid a js
 injection when passing 3,5,7,... '\' inside var_recherche

---
 ecrire/inc/surligne.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ecrire/inc/surligne.php b/ecrire/inc/surligne.php
index 3bc4bf5dcf..1e47848e7f 100644
--- a/ecrire/inc/surligne.php
+++ b/ecrire/inc/surligne.php
@@ -41,7 +41,7 @@ function surligner_mots($page) {
     
   $ref = $_SERVER['HTTP_REFERER'];
   //avoid a js injection
-  $surcharge_surligne = preg_replace(",(?<!\\\\)',","\'",$_GET["var_recherche"]);
+  $surcharge_surligne = preg_replace(",(?:\\\\{2})*(?:\\\\)',","\'",$_GET["var_recherche"]);
   foreach($surlignejs_engines as $engine) 
     if($surcharge_surligne || (preg_match($engine[0],$ref) && preg_match($engine[1],$ref))) { 
       //good referrer found or var_recherche is not null
-- 
GitLab