I dont know where this thread came from but...
On Mon, Mar 06, 2006 at 12:33:32PM -0700, J_K9 wrote:
> ...
> -------CODE-------
> <?php
>
> $text = $_REQUEST['text'];
>
> echo '<br /><br />';
>
> $translate_array = array(
> ...
> '<a href="' => '[url=',
> '</a>' => '[/url]',
> ...
> );
>
> $find_array= array_keys($translate_array);
so consider:
$find_array = array('<a href="', '</a>');
>
> $replace_array= array_values($translate_array);
And:
$replace_array = array('[url=', '[/url]');
>
> $text= preg_replace($find_array, $replace_array, $text); // Line 41
You will have an error here. complaining about 'no closing <' from
PCRE.
Now If you fix the preg_replace() so it works, so instead you have:
$find_array = array('#<a href="#i', '#</a>#i');
And someone has defined:
<a href="mylink.html">foo</a>
of course this doesn't take into consideration of:
<a href = "mylink.html">qaz</a>
<a href=mylink.html>qaz</a>
<a target="_top" href=mylink.html>qaz</a>
etc..
$text= preg_replace($find_array, $replace_array, $text); // Line 41
The code may work.
>
>
> echo '<textarea name="output">' . "$text" . '</textarea>';
Now if we consider where $text is from, the user entered the data.
So it can be any text they want. If I was to request your page
like:
script.php?text=%3C%2Ftextarea%3E%3Cscript%3Ealert%28%27hello%27%29%3B%3C%2Fscript%3E
You will be outputing:
<textarea></textarea><script>alert('hello');</script></textarea>
This isn't good.
--
cat .signature: No such file or directory
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
