[wp-trac] [WordPress Trac] #10896: preg_replace with eval modifier used in _fix_attachment_links
WordPress Trac
wp-trac at lists.automattic.com
Sat Oct 3 21:28:41 UTC 2009
#10896: preg_replace with eval modifier used in _fix_attachment_links
--------------------------+-------------------------------------------------
Reporter: westi | Owner: westi
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.9
Component: Security | Version: 2.8.4
Severity: normal | Keywords: needs-patch
--------------------------+-------------------------------------------------
Reported by BenBE1987 on #8689
This code:
{{{
$post_search[$i] = $anchor;
$post_replace[$i] = preg_replace(
"#href=(\"|')[^'\"]*\\1#e", "stripslashes( 'href=\\1'
).get_attachment_link( $id ).stripslashes( '\\1' )", $anchor );
++$i;
}}}
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10896>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list