| Index: trunk/extensions/InputBox/InputBox.classes.php |
| — | — | @@ -510,7 +510,28 @@ |
| 511 | 511 | // Validate the width; make sure it's a valid, positive integer |
| 512 | 512 | $this->mWidth = intval( $this->mWidth <= 0 ? 50 : $this->mWidth ); |
| 513 | 513 | |
| | 514 | + // Validate background color |
| | 515 | + if ( !$this->isValidColor( $this->mBGColor ) ) { |
| | 516 | + $this->mBGColor = 'transparent'; |
| | 517 | + } |
| 514 | 518 | wfProfileOut( __METHOD__ ); |
| 515 | 519 | } |
| 516 | 520 | |
| | 521 | + /** |
| | 522 | + * Do a security check on the bgcolor parameter |
| | 523 | + */ |
| | 524 | + public function isValidColor( $color ) { |
| | 525 | + $regex = <<<REGEX |
| | 526 | + /^ ( |
| | 527 | + [a-zA-Z]* | # color names |
| | 528 | + \# [0-9a-f]{3} | # short hexadecimal |
| | 529 | + \# [0-9a-f]{6} | # long hexadecimal |
| | 530 | + rgb \s* \( \s* ( |
| | 531 | + \d+ \s* , \s* \d+ \s* , \s* \d+ | # rgb integer |
| | 532 | + [0-9.]+% \s* , \s* [0-9.]+% \s* , \s* [0-9.]+% # rgb percent |
| | 533 | + ) \s* \) |
| | 534 | + ) $ /xi |
| | 535 | +REGEX; |
| | 536 | + return (bool) preg_match( $regex, $color ); |
| | 537 | + } |
| 517 | 538 | } |