Answer the question
In order to leave comments, you need to log in
What to do with preg replace in PHP?
There is a store on CMS Webasyst. Tested antivirus Virusdie , and received a notification that there is a vulnerability.
The line is suspicious:
$language_iso2 = preg_replace('/^([\w])/e',"strtoupper('\\1')",$language->iso2);
if(!$language_iso2){
$language = LanguagesManager::getCurrentLanguage();
/*@var $language Language*/
if(in_array(strtolower($language->iso2),array('en','ru','nl','de','lv','es'))){
$language_iso2 = preg_replace('/^([\w])/e',"strtoupper('\\1')",$language->iso2);
}
}
/published/SC/html/scripts/modules/payment/class.chronopay.php
Answer the question
In order to leave comments, you need to log in
Flag "e" - is considered deprecated, they say there may be security problems.
Use preg_replace_callback.
$language_iso2 = preg_replace_callback(
'/^([\w])/e',
function($m) {
return strtoupper($m[1]);
},
$language->iso2
);
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question