r11947 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r11946‎ \| r11947 \| r11948 >
Date:	11:09, 4 December 2005
Author:	vibber
Status:	old
Tags:
Comment:	* (bug 4165) Correct validation for user language selection (data taint)
Modified paths:	/branches/REL1_5/phase3/includes/Setup.php (modified) (history)

Diff [purge]

Index: branches/REL1_5/phase3/includes/Setup.php
—	—	@@ -217,7 +217,7 @@
218	218	if ($wgLanguageCode == '')
219	219	$wgLanguageCode = $wgUser->getOption('language');
220	220	# Validate $wgLanguageCode, which will soon be sent to an eval()
221		~~-if( empty( $wgLanguageCode ) \|\| preg_match( '/^[^a-z-]*$/', $wgLanguageCode ) ) {~~
	221	+if( empty( $wgLanguageCode ) \|\| !preg_match( '/^[a-z]+(-[a-z]+)?$/', $wgLanguageCode ) ) {
222	222	$wgLanguageCode = $wgContLanguageCode;
223	223	}
224	224

Follow-up revisions

Revision	Commit summary	Author	Date
r11948	* (bug 4165) Correct validation for user language selection (data taint)	vibber	11:14, 4 December 2005

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r11946	* (bug 4165) Correct validation for user language selection (data taint)	vibber	10:53, 4 December 2005

Status & tagging log

01:58, 13 October 2010 😂 (talk | contribs) changed the status of r11947 [removed: new added: old]