diff options
| author | alecpl <alec@alec.pl> | 2009-01-19 08:18:10 +0000 |
|---|---|---|
| committer | alecpl <alec@alec.pl> | 2009-01-19 08:18:10 +0000 |
| commit | 478c7c63d8487cf33fa160fade161625176c93d3 (patch) | |
| tree | 1d5fc96fbc4ba1dede58c0dbb7a8b6bd3147356a | |
| parent | b7c1685b2dc98cad4acdbc04d5383b204b4d9c83 (diff) | |
- Secure vcard export by getting rid of preg's 'e' modifier use (#1485689)
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | program/include/rcube_vcard.php | 6 |
2 files changed, 6 insertions, 1 deletions
@@ -4,6 +4,7 @@ CHANGELOG RoundCube Webmail 2009/01/18 (alec) ---------- - Fix problems with backslash as IMAP hierarchy delimiter (#1484467) +- Secure vcard export by getting rid of preg's 'e' modifier use (#1485689) 2009/01/15 (alec) ---------- diff --git a/program/include/rcube_vcard.php b/program/include/rcube_vcard.php index 3e93e97e9..1c0c38335 100644 --- a/program/include/rcube_vcard.php +++ b/program/include/rcube_vcard.php @@ -226,10 +226,14 @@ class rcube_vcard return $vcard; } + private static function rfc2425_fold_callback($matches) + { + return ":\n ".rtrim(chunk_split($matches[1], 72, "\n ")); + } private static function rfc2425_fold($val) { - return preg_replace('/:([^\n]{72,})/e', '":\n ".rtrim(chunk_split("\\1", 72, "\n "))', $val) . "\n"; + return preg_replace_callback('/:([^\n]{72,})/', 'self::rfc2425_fold_callback', $val) . "\n"; } |