summaryrefslogtreecommitdiff
path: root/libs/plugins
diff options
context:
space:
mode:
authorUwe.Tews <uwe.tews@localhost>2010-04-17 10:24:44 +0000
committerUwe.Tews <uwe.tews@localhost>2010-04-17 10:24:44 +0000
commitd44ffe91327a60e51955771e4803033984dba808 (patch)
tree9feefaa7d7c5777db2c74f578baa15681c6b1fe9 /libs/plugins
parent09c208eda674eeed87682813fddcb4a8fe538626 (diff)
downloadsmarty-d44ffe91327a60e51955771e4803033984dba808.tar.gz
smarty-d44ffe91327a60e51955771e4803033984dba808.tar.bz2
smarty-d44ffe91327a60e51955771e4803033984dba808.zip
- security fix in {math} plugin
Diffstat (limited to 'libs/plugins')
-rw-r--r--libs/plugins/function.math.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/libs/plugins/function.math.php b/libs/plugins/function.math.php
index d7ac9f8f..257d2fee 100644
--- a/libs/plugins/function.math.php
+++ b/libs/plugins/function.math.php
@@ -39,7 +39,7 @@ function smarty_function_math($params, $smarty, $template)
}
// match all vars in equation, make sure all are passed
- preg_match_all("!(?:0x[a-fA-F0-9]+)|([a-zA-Z][a-zA-Z0-9_]+)!",$equation, $match);
+ preg_match_all("!(?:0x[a-fA-F0-9]+)|([a-zA-Z][a-zA-Z0-9_]*)!",$equation, $match);
$allowed_funcs = array('int','abs','ceil','cos','exp','floor','log','log10',
'max','min','pi','pow','rand','round','sin','sqrt','srand','tan');
@@ -81,4 +81,4 @@ function smarty_function_math($params, $smarty, $template)
}
}
}
-?>
+?> \ No newline at end of file