Fix a bug introduced when we patched the "disallowed global data"

security check. Not sure why the patch worked for some and not for others, but this should resolve it either way. Fixes ticket #1123.
gallery · Apr 11, 2010 · c9edb94 · c9edb94
1 parent 2657d08
commit c9edb94
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 1 deletion.
diff --git a/modules/gallery/libraries/MY_Input.php b/modules/gallery/libraries/MY_Input.php
@@ -26,6 +26,6 @@ class Input extends Input_Core {
    * @return  string
    */
   public function clean_input_keys($str) {
-    return preg_replace('#^[\pL0-9:_.-]++$#uD', '_', $str);
+    return preg_replace('#[^a-zA-Z0-9:_.-]+#', '_', $str);
   }
 }
diff --git a/modules/gallery/tests/Input_Library_Test.php b/modules/gallery/tests/Input_Library_Test.php
@@ -0,0 +1,25 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class Input_Library_Test extends Gallery_Unit_Test_Case {
+  function clean_input_keys_test() {
+    $input = Input::instance();
+    $this->assert_same("foo_bar", $input->clean_input_keys("foo|bar"));
+  }
+}