T201698.patch
Ciencia_Al_Poder (Jesús Martínez Novo)
Actions

Authored By

	Ciencia_Al_Poder
	Aug 15 2018, 2:19 PM

Size

1 KB

Referenced Files

	F25204900: T201698.patch
	Aug 21 2018, 8:54 PM

Subscribers

None

T201698.patch
View Options

	diff --git a/includes/BlogPage.class.php b/includes/BlogPage.class.php
	index 71c4c79..4deeee3 100644
	--- a/includes/BlogPage.class.php
	+++ b/includes/BlogPage.class.php
	@@ -155,22 +155,18 @@ class BlogPage extends Article {

	$articleText = $this->pageContent;
	$categoryName = $wgContLang->getNsText( NS_CATEGORY );
	+ $categoryName = preg_quote( $categoryName, '/' );

	// This unbelievably weak and hacky regex is used to find out the
	// author's name from the category. See also getBlurb(), which uses a
	// similar regex.
	- $categoryName = preg_quote( $categoryName, '/' );
	- preg_match_all(
	- "/\[\[(?:(?:c\|C)ategory\|{$categoryName}):\s?" .
	- // This is an absolutely unholy, horribly hacky and otherwise
	- // less-than-ideal solution that likely works for English only
	- // Someone needs to come up with a better solution one of these
	- // days than this regex soup...
	- str_replace( ' $1', '', wfMessage( 'blog-by-user-category' )->inContentLanguage()->escaped() ) .
	- " (.*)\]\]/",
	- $articleText,
	- $matches
	- );
	+ $regexp = "/\[\[(?:(?:c\|C)ategory\|{$categoryName}):\s*" .
	+ preg_quote( wfMessage( 'blog-by-user-category' )->inContentLanguage()->plain(), '/' ) .
	+ "\s*\]\]/";
	+ // $1 will be the author name. Convert it to a capture pattern
	+ // It needs to be escaped since the message text was escaped too
	+ $regexp = str_replace( preg_quote( '$1', '/' ), '(.*)', $regexp );
	+ preg_match_all( $regexp, $articleText, $matches );
	$authors = $matches[1];

	foreach ( $authors as $author ) {

Attached To	Mode
T201698: blog-by-user-category message can potentially inject arbitrary strings and parameters when passed to preg_match_all	Attached	Detach File

This patch is obsolete. See F25204900 instead