Skip to content


Review use of preg_* functions on long strings #1827

robocoder opened this Issue · 1 comment

2 participants


see: #1822

there may also be a security issue since there are reports that php code is exposed when a preg_* function fails internally; e.g., backtrack limit

also, differences in PCRE versions may lead to compatibility issues

Files to review:

  • core/AssetManager.php: preg_replace_callback()
  • ViewDataTable/GenerateGraphHTML.php: preg_match()
  • core/SmartyPlugins/outputfilter.cachebuster.php: preg_replace()
  • core/SmartyPlugins/outputfilter.ajaxcdn.php: preg_replace()
  • core/SmartyPlugins/modifier.stripeol.php: preg_replace()
  • libs/Smarty/plugins/outputfilter.trimwhitespace.php: preg_replace()

In some cases, preg_* functions can be replaced by faster str_* functions, e.g.,

  • plugins/SEO/RankChecker.php:
Piwik Open Source Analytics member

vote for closing this one?

@robocoder robocoder added this to the Piwik 1.2 milestone
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.