From d307a4fbbb89710c21bbf8a6d231811e4d1e7af3 Mon Sep 17 00:00:00 2001 From: garvinhicking Date: Fri, 28 Sep 2007 07:46:34 +0000 Subject: [PATCH] Use str_replace for matching searchwords, thanks to Dietrich Raisin --- docs/NEWS | 4 ++++ include/functions_entries.inc.php | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/NEWS b/docs/NEWS index a6ce40e..51ebd0f 100644 --- a/docs/NEWS +++ b/docs/NEWS @@ -3,6 +3,10 @@ Version 1.3 () ------------------------------------------------------------------------ + * Highlighting searched words in entries now uses str_replace instead + of slower and possibly insecure preg_replace(). Thanks to + Dietrich Raisin! + * New plugin API method "parseTemplate($filename)" to allow a sidebar- or event-plugin to fetch+display a smarty template. (garvinhicking) diff --git a/include/functions_entries.inc.php b/include/functions_entries.inc.php index 44e3188..3258f63 100644 --- a/include/functions_entries.inc.php +++ b/include/functions_entries.inc.php @@ -970,7 +970,7 @@ function serendipity_printEntries($entries, $extended = 0, $preview = false, $sm $searchterms = explode($searchterms, ' '); foreach($searchterms as $searchdx => $searchterm) { $searchclass = "foundterm foundterm".$searchdx; - $entry['body'] = preg_replace('/('.$searchterm.')/mi', '\1', $entry['body']); + $entry['body'] = str_replace($searchterm, '' . $searchterm . '', $entry['body']); } } -- 2.39.5