Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-10 19:41:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix phpv8

Browse Source
This commit is contained in:
Laurent Destailleur
2021-03-14 16:44:11 +01:00
parent 4965ce8768
commit c2a86e71be
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/lib/functions.lib.php
View File

@@ -1013,7 +1013,7 @@ function dol_sanitizeUrl($stringtoclean, $type = 1)
// We should use dol_string_nounprintableascii but function is not yet loaded/available
$stringtoclean = preg_replace('/[\x00-\x1F\x7F]/u', '', $stringtoclean); // /u operator makes UTF8 valid characters being ignored so are not included into the replace
// We clean html comments because some hacks try to obfuscate evil strings by inserting HTML comments. Example: on<!-- -->error=alert(1)
$val = preg_replace('/<!--[^>]*-->/', '', $val);
$stringtoclean = preg_replace('/<!--[^>]*-->/', '', $stringtoclean);
$stringtoclean = str_replace('\\', '/', $stringtoclean);
$stringtoclean = str_replace(array(':', '@'), '', $stringtoclean);