Page MenuHomePhabricator
Create Task
Maniphest T37128

Forward slashes in template/form names cause error: patch for suggested fix attached
Closed, ResolvedPublic
Actions

Description

Author: spam

Description:
Currently, forward slashes within template or form names will make semantic forms behave in an unexpected mannor. I encountered this with the preg_replace code around lines 1430-1460 of SF_FormPrinter.php, but there are many instances of code throughout where the forward slash is used as a delimiter without escaping forward slashes in variables included in the expression.

This patch replaces all preg delimiters with the varaible $preg_delim, which has been set to :, a less common character for mediawiki titles & pages, but could easily be changed to anything else if a conflict is found.

An alternative to this proposed patch could be to always escape forward slashes in any preg expressions which contain variable data, however that has a potentially high processing cost. This is a simpler solution but not without flaws, it currently assumes the % will not be used within a variable expression - potentially as dangerous as assuming / will not be used, but it does at least introduce a means to quickly change all regular expressions to use a different delimiter.

Version: unspecified
Severity: major

Details

Reference
bz35128

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 12:12 AM
bzimport added a project: MediaWiki-extensions-Page_Forms.
bzimport set Reference to bz35128.
bzimport created this task.Mar 10 2012, 2:28 PM
bzimport added a comment.Mar 10 2012, 2:28 PM

spam wrote:

Patch to replace / delimiter with a variable $preg_delim

Attached:

varible_preg_delimiter.patch6 KBDownload

bzimport added a comment.Mar 10 2012, 6:26 PM

sumanah wrote:

Thanks for the patch, Andru.

MarkAHershberger added a comment.Mar 15 2012, 12:45 AM

changing to "new" since this has a patch

Yaron_Koren added a comment.Dec 24 2013, 8:19 PM

I believe this was fixed at some point (by escaping characters - the "slow" way); and I can't reproduce it now. I'm marking this as "fixed".

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL