From 1c3f543a8db5ad72d559843eadcc6a3994dcf473 Mon Sep 17 00:00:00 2001 From: alec Date: Mon, 19 Jan 2009 08:18:10 +0000 Subject: - Secure vcard export by getting rid of preg's 'e' modifier use (#1485689) git-svn-id: https://svn.roundcube.net/trunk@2241 208e9e7b-5314-0410-a742-e7e81cd9613c --- roundcubemail/program/include/rcube_vcard.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'roundcubemail/program/include') diff --git a/roundcubemail/program/include/rcube_vcard.php b/roundcubemail/program/include/rcube_vcard.php index 3e93e97e9..1c0c38335 100644 --- a/roundcubemail/program/include/rcube_vcard.php +++ b/roundcubemail/program/include/rcube_vcard.php @@ -226,10 +226,14 @@ class rcube_vcard return $vcard; } + private static function rfc2425_fold_callback($matches) + { + return ":\n ".rtrim(chunk_split($matches[1], 72, "\n ")); + } private static function rfc2425_fold($val) { - return preg_replace('/:([^\n]{72,})/e', '":\n ".rtrim(chunk_split("\\1", 72, "\n "))', $val) . "\n"; + return preg_replace_callback('/:([^\n]{72,})/', 'self::rfc2425_fold_callback', $val) . "\n"; } -- cgit v1.2.3