githubFork/roundcubemail.git - Solinfo Gitblit

githubFork / roundcubemail

Roundcubemail devel

parent: f790b443 | patch | commit | show whitespace

Escape user input values when used in eval()

Thomas Bruederli

2013-05-01 c2e1ab4765ea69112791df3607faadf1bbf8b9c9

Escape user input values when used in eval()

1 files modified

program/lib/Roundcube/rcube_ldap.php

14 ●●●●● patch | view | raw | blame | history

 program/lib/Roundcube/rcube_ldap.php

@@ -1403,13 +1403,15 @@

        foreach ((array)$this->prop['autovalues'] as $lf => $templ) {
            if (empty($attrs[$lf])) {
                if (strpos($templ, '(') !== false) {
                    // replace {attr} placeholders with (escaped!) attribute values to be safely eval'd
                    $code = preg_replace('/\{\w+\}/', '', strtr($templ, array_map('addslashes', $attrvals)));
                    $attrs[$lf] = eval("return ($code);");
                }
                else {
                // replace {attr} placeholders with concrete attribute values
                $templ = preg_replace('/\{\w+\}/', '', strtr($templ, $attrvals));

                if (strpos($templ, '(') !== false)
                    $attrs[$lf] = eval("return ($templ);");
                else
                    $attrs[$lf] = $templ;
                    $attrs[$lf] = preg_replace('/\{\w+\}/', '', strtr($templ, $attrvals));
                }
            }
        }
    }