From b1ed926b6759ccd343fc9d43c60f51f6b25db670 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Fri, 01 Aug 2014 03:41:24 -0400
Subject: [PATCH] Improved input validation

---
 interface/web/admin/language_edit.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/interface/web/admin/language_edit.php b/interface/web/admin/language_edit.php
index fda70a6..8199244 100644
--- a/interface/web/admin/language_edit.php
+++ b/interface/web/admin/language_edit.php
@@ -57,7 +57,7 @@
 	$file_content = "<?php\n";
 	foreach($_POST['records'] as $key => $val) {
 		$val = stripslashes($val);
-		$val = str_replace('"', '\"', $val);
+		$val = preg_replace('/(^|[^\\\\])((\\\\\\\\)*)"/', '$1$2\\"', $val);
 		$val = str_replace('$', '', $val);
 		$file_content .= '$wb['."'$key'".'] = "'.$val.'";'."\n";
 		$msg = 'File saved.';

--
Gitblit v1.9.1