/** * @param string $name * @param string $value */ protected function addVariable($name, $value) { if(!is_string($value)) return; if(strlen($value) <= 2) return; //too short if(preg_match("/^(?P<quot>[\"']?)[^,;+\-*\/\{\}\[\]\(\)&\\|=\\\\]*(?P=quot)\$/D", $value)) return; //there is no potantially dangerous code if(preg_match("/^[,0-9_-]*\$/D", $value)) return; //there is no potantially dangerous code if($name === '$_COOKIE[__utmz]' && preg_match("/^[0-9.]++(utm[a-z]{3}=\(?([a-z\/0-1.]++|\(not provided\))\)?\|?)++\$/iD", $value)) return; //there is no potantially dangerous code, google analytics $this->variables->addVariable($name, str_replace(chr(0), "", $value)); }
/** * @param string $name * @param string $value */ protected function addVariable($name, $value) { if (!is_string($value)) { return; } if (strlen($value) <= 2) { return; } //too short if (preg_match("/^(?P<quot>[\"']?)[^`,;+\\-*\\/\\{\\}\\[\\]\\(\\)&\\|=\\\\]*(?P=quot)\$/D", $value)) { return; } //there is no potantially dangerous code if (preg_match("/^[,0-9_-]*\$/D", $value)) { return; } //there is no potantially dangerous code $this->variables->addVariable($name, str_replace(chr(0), "", $value)); }
/** * @param string $name * @param string $value */ protected function addVariable($name, $value) { if (!is_string($value)) { return; } if (strlen($value) <= 2) { return; } //too short if (preg_match("/^[^,;\\'\"+\\-*\\/\\{\\}\\[\\]\\(\\)&\\|=\\\\]*\$/D", $value)) { return; } //there is no potantially dangerous code if (preg_match("/^[,0-9_-]*\$/D", $value)) { return; } //there is no potantially dangerous code if ($name === '$_COOKIE[__utmz]' && preg_match("/^[0-9.]++(utm[a-z]{3}=\\(?([a-z\\/0-1.]++|\\(not provided\\))\\)?\\|?)++\$/iD", $value)) { return; } //there is no potantially dangerous code, google analytics $this->variables->addVariable($name, str_replace(chr(0), "", $value)); }