From 9f9a649f4cde93396bdd028f130889df14587e6c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 18 Oct 2023 16:12:57 +0200 Subject: [PATCH] FIX dol_eval with function starting with ! --- htdocs/core/lib/functions.lib.php | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 115d9841934..db6e5b8c094 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -9329,10 +9329,6 @@ function isStringVarMatching($var, $regextext, $matchrule = 1) */ function verifCond($strToEvaluate) { - global $conf; // Read of const is done with getDolGlobalString() but we need $conf->currency for example - global $user, $langs; - global $leftmenu; - //print $strToEvaluate."
\n"; $rights = true; if (isset($strToEvaluate) && $strToEvaluate !== '') { @@ -9418,8 +9414,8 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1' $scheck = preg_replace('/->[a-zA-Z0-9_]+\(/', '->__METHOD__', $s); // accept parenthesis in '...->method(...' $scheck = preg_replace('/^\(/', '__PARENTHESIS__', $scheck); // accept parenthesis in '(...' $scheck = preg_replace('/\s\(/', '__PARENTHESIS__', $scheck); // accept parenthesis in '... (' - $scheck = preg_replace('/^[a-zA-Z0-9_]+\(/', '$1__FUNCTION__', $scheck); // accept parenthesis in 'function(' - $scheck = preg_replace('/\s[a-zA-Z0-9_]+\(/', '$1__FUNCTION__', $scheck); // accept parenthesis in '... function(' + $scheck = preg_replace('/^!?[a-zA-Z0-9_]+\(/', '$1__FUNCTION__', $scheck); // accept parenthesis in 'function(' and '!function(' + $scheck = preg_replace('/\s!?[a-zA-Z0-9_]+\(/', '$1__FUNCTION__', $scheck); // accept parenthesis in '... function(' and '... !function(' $scheck = preg_replace('/(\^|\')\(/', '__REGEXSTART__', $scheck); // To allow preg_match('/^(aaa|bbb)/'... or isStringVarMatching('leftmenu', '(aaa|bbb)') //print 'scheck='.$scheck." : ".strpos($scheck, '(')."\n"; if (strpos($scheck, '(') !== false) {