diocloid/LinkTitles
1
0
Fork 0
mirror of https://github.com/diocloid/LinkTitles.git synced 2025-07-13 09:49:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Prevent crashes due to regexp compilation errors

Browse Source 
Page titles are now properly escaped using preg_quote() to prevent regexp
compilation errors if the title contains characters with special meanings in
regular expressions.
This commit is contained in:
Daniel Kraus
2013-08-09 17:34:01 +02:00
parent 3bf0ddfe17
commit 9d414d0e5e
4 changed files with 12 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
LinkTitles.body.php
View File

@ -184,15 +184,19 @@
// see http://stackoverflow.com/questions/10672286 // see http://stackoverflow.com/questions/10672286
$arr = preg_split( $delimiter, $text, -1, PREG_SPLIT_DELIM_CAPTURE ); $arr = preg_split( $delimiter, $text, -1, PREG_SPLIT_DELIM_CAPTURE );
// Escape certain special characters in the page title to prevent
// regexp compilation errors
$escapedTitle = preg_quote(LinkTitles::$safeTitle, '/');
// Depending on the global configuration setting $wgCapitalLinks, // Depending on the global configuration setting $wgCapitalLinks,
// the title has to be searched for either in a strictly case-sensitive // the title has to be searched for either in a strictly case-sensitive
// way, or in a 'fuzzy' way where the first letter of the title may // way, or in a 'fuzzy' way where the first letter of the title may
// be either case. // be either case.
if ( $wgCapitalLinks ) { if ( $wgCapitalLinks ) {
$searchTerm = '((?i)' . LinkTitles::$safeTitle[0] . '(?-i)' . $searchTerm = '((?i)' . $escapedTitle[0] . '(?-i)' .
substr(LinkTitles::$safeTitle, 1) . ')'; substr($escapedTitle, 1) . ')';
} else { } else {
$searchTerm = '(' . LinkTitles::$safeTitle . ')'; $searchTerm = '(' . $escapedTitle . ')';
} }
for ( $i = 0; $i < count( $arr ); $i+=2 ) { for ( $i = 0; $i < count( $arr ); $i+=2 ) {
@ -218,7 +222,7 @@
for ( $i = 0; $i < count( $arr ); $i+=2 ) { for ( $i = 0; $i < count( $arr ); $i+=2 ) {
// even indexes will point to text that is not enclosed by brackets // even indexes will point to text that is not enclosed by brackets
$arr[$i] = preg_replace_callback( '/(?<![\:\.\@\/\?\&])' . $arr[$i] = preg_replace_callback( '/(?<![\:\.\@\/\?\&])' .
$wordStartDelim . '(' . LinkTitles::$safeTitle . ')' . $wordStartDelim . '(' . $escapedTitle . ')' .
$wordEndDelim . '/i', $callBack, $arr[$i], $limit, $count ); $wordEndDelim . '/i', $callBack, $arr[$i], $limit, $count );
if (( $limit >= 0 ) && ( $count > 0 )) { if (( $limit >= 0 ) && ( $count > 0 )) {
break; break;

2
LinkTitles.php
View File

@ -49,7 +49,7 @@
'name' => 'LinkTitles', 'name' => 'LinkTitles',
'author' => '[https://www.mediawiki.org/wiki/User:Bovender Daniel Kraus]', 'author' => '[https://www.mediawiki.org/wiki/User:Bovender Daniel Kraus]',
'url' => 'https://www.mediawiki.org/wiki/Extension:LinkTitles', 'url' => 'https://www.mediawiki.org/wiki/Extension:LinkTitles',
'version' => '2.2.1', 'version' => '2.2.2',
'descriptionmsg' => 'linktitles-desc' 'descriptionmsg' => 'linktitles-desc'
); );

3
NEWS
View File

@ -1,3 +1,6 @@
LinkTitles 2.2.2: 2013-08-09
* Prevent crashes due to special characters in page titles.
LinkTitles 2.2.1: 2013-07-22 LinkTitles 2.2.1: 2013-07-22
* Make the extension work with sqlite databases. * Make the extension work with sqlite databases.

BIN
release/LinkTitles-2.2.2.tar.gz Normal file
View File

Binary file not shown.