Commits

Micah Stetson committed 3ad73c6

replace all uses of ereg with preg, fixing bug 9

Comments (0)

Files changed (19)

admin/member_fields_new.php

   if (!isset($_POST['code']) or !$_POST['code']) {
     $pageErrors['code'] = 'This is a required field.';
   }
-  if (isset($_POST['code']) && ereg('[^A-Za-z0-9_]', $_POST['code'])) {
+  if (isset($_POST['code']) && preg_match('/[^A-Za-z0-9_]/', $_POST['code'])) {
     $pageErrors['code'] = 'Code must contain only alphanumerics and underscores.';
   }
   if (!isset($_POST['description']) or !$_POST['description']) {

circ/mbr_search.php

   $searchType = $_POST["searchType"];
   $searchText = trim($_POST["searchText"]);
   # remove redundant whitespace
-  $searchText = eregi_replace("[[:space:]]+", " ", $searchText);
+  $searchText = preg_replace('/\s+/', " ", $searchText);
 
   if ($searchType == "barcodeNmbr") {
     $sType = OBIB_SEARCH_BARCODE;
   // Dates are represented internally as 'YYYY-mm-dd'
   function read_e($datestr, $ref=NULL) {
     $gotit = false;
-    if (ereg('^([0-9][0-9][0-9][0-9])-([0-9]+)-([0-9]+)$', $datestr, $m)) {
+    if (preg_match('/^([0-9][0-9][0-9][0-9])-([0-9]+)-([0-9]+)$/', $datestr, $m)) {
       # Canonical (ISO 8601)
       $year = $m[1];
       $month = $m[2];
       $day = $m[3];
       $gotit = true;
-    } elseif (ereg('^([0-9]+)[-/]([0-9]+)[-/]([0-9]+)$', $datestr, $m)) {
+    } elseif (preg_match('/^([0-9]+)[-/]([0-9]+)[-/]([0-9]+)$/', $datestr, $m)) {
       # American Style
       $year = $m[3];
       $month = $m[1];
       $day = $m[2];
       $gotit = true;
-    } elseif (ereg('^([0-9]+)\.([0-9]+)\.([0-9]+)$', $datestr, $m)) {
+    } elseif (preg_match('/^([0-9]+)\.([0-9]+)\.([0-9]+)$/', $datestr, $m)) {
       # European Style
       $year = $m[3];
       $month = $m[2];

classes/InstallQuery.php

     if (is_dir($dir)) {
       if ($dh = opendir($dir)) {
         while (($filename = readdir($dh)) !== false) {
-          if(ereg('\\.sql$', $filename)) {
+          if(preg_match('/\\.sql$/', $filename)) {
             $this->executeSqlFile($dir.'/'.$filename, $tablePrfx);
           }
         }
   }
   function &_getParent($path) {
     global $_Nav_menu;
-    if (ereg('^(.*)/([^/]*)?$', $path, $m)) {
+    if (preg_match('|^(.*)/([^/]*)?$|', $path, $m)) {
       $path = $m[1];
     } else {
       $path = "";
   
   function _loadFont($name) {
     global $PDF_font;
-    assert('ereg("^[-_/A-Za-z0-9]+\$", $name)');
+    $re = '/^[-_A-Za-z0-9]+$/'; # To avoid quoting distopia.
+    assert('preg_match($re, $name)');
     $fname = $this->_getfontpath().$name.'.php';
     $PDF_font = false;
     @include_once($fname);
       }
       $path = $a[0];
       @$query = $a[1];
-      if (!eregi('\.pdf$', $path)) {
+      if (!preg_match('/\.pdf$/i', $path)) {
         $path .= '/dummy.pdf';
         # Whatever's making this PDF had better be using only GET params
         header('Location: '.$path.'?'.$query);

classes/Params.php

       case 'order_by':
         $rawval = $val;
         $desc = ' ';
-        if (ereg('!r$', $val)) {
+        if (preg_match('/!r$/', $val)) {
           $desc = ' desc ';
           $val = substr($val, 0, -2);
         }

classes/Query.php

     return str_replace('`', '', $i);
   }
   function _numstr($n) {
-    if (ereg("^([+-]?[0-9]+(\.[0-9]*)?([Ee][0-9]+)?)", $n, $subs)) {
+    if (preg_match("/^([+-]?[0-9]+(\.[0-9]*)?([Ee][0-9]+)?)/", $n, $subs)) {
       return $subs[1];
     } else {
       return "0";

classes/Report.php

   }
   function _load_e($name, $cache) {
     $this->name = $name;
-    assert('ereg("^[-_/A-Za-z0-9]+\$", $cache["type"])');
+    $re = '/^[-_A-Za-z0-9]+$/'; # To avoid quoting distopia.
+    assert('preg_match($re, $cache["type"])');
     $fname = '../reports/defs/'.$cache['type'];
     if (is_readable($fname.'.php')) {
       $err = $this->_load_php_e($cache['type'], $fname.'.php');

font/makefont/makefont-new.php

 	//StemV
 	if(isset($fm['StdVW']))
 		$stemv=$fm['StdVW'];
-	elseif(isset($fm['Weight']) and eregi('(bold|black)',$fm['Weight']))
+	elseif(isset($fm['Weight']) and preg_match('/(bold|black)/i',$fm['Weight']))
 		$stemv=120;
 	else
 		$stemv=70;

font/makefont/makefont.php

 	//StemV
 	if(isset($fm['StdVW']))
 		$stemv=$fm['StdVW'];
-	elseif(isset($fm['Weight']) and eregi('(bold|black)',$fm['Weight']))
+	elseif(isset($fm['Weight']) and preg_match('/(bold|black)/i',$fm['Weight']))
 		$stemv=120;
 	else
 		$stemv=70;
 }
 
 /*******************************************************************************
-* $fontfile : chemin du fichier TTF (ou cha�ne vide si pas d'incorporation)    *
+* $fontfile : chemin du fichier TTF (ou cha�ne vide si pas d'incorporation)    *
 * $afmfile :  chemin du fichier AFM                                            *
-* $enc :      encodage (ou cha�ne vide si la police est symbolique)            *
+* $enc :      encodage (ou cha�ne vide si la police est symbolique)            *
 * $patch :    patch optionnel pour l'encodage                                  *
 * $type :     type de la police si $fontfile est vide                          *
 *******************************************************************************/

install/header.php

 </head>
 <body bgcolor="#ffffff" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" marginheight="0" marginwidth="0" <?php
   if (isset($focus_form_name) && ($focus_form_name != "")) {
-    if (ereg('^[a-zA-Z0-9_]+$', $focus_form_name)
-        && ereg('^[a-zA-Z0-9_]+$', $focus_form_field)) {
+    if (preg_match('/^[a-zA-Z0-9_]+$/', $focus_form_name)
+        && preg_match('/^[a-zA-Z0-9_]+$/', $focus_form_field)) {
       echo 'onLoad="self.focus();document.'.$focus_form_name.".".$focus_form_field.'.focus()"';
     }
   } ?> >

install/install.php

   $installTestData = false;
   
   if (isset($_POST['locale'])) {
-    if (!ereg('^[-_a-zA-Z0-9]+$', $_POST['locale'])) {
+    if (!preg_match('/^[-_a-zA-Z0-9]+$/', $_POST['locale'])) {
       Fatal::internalError("Bad locale name.");
     }
     $locale = $_POST['locale'];

shared/biblio_search.php

   }
   $searchText = trim($_POST["searchText"]);
   # remove redundant whitespace
-  $searchText = eregi_replace("[[:space:]]+", " ", $searchText);
+  $searchText = preg_replace('/\s+/', " ", $searchText);
   if ($searchType == "barcodeNmbr") {
     $sType = OBIB_SEARCH_BARCODE;
     $words[] = $searchText;

shared/header.php

  * See the file COPYRIGHT.html for more details.
  */
  
- if (ereg('[^a-zA-Z0-9_]', $tab)) {
+ if (preg_match('/[^a-zA-Z0-9_]/', $tab)) {
    Fatal::internalError("Possible security violation: bad tab name");
    exit(); # just in case
  }

shared/header_opac.php

 </head>
 <body bgcolor="<?php echo H(OBIB_PRIMARY_BG);?>" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" marginheight="0" marginwidth="0" <?php
   if (isset($focus_form_name) && ($focus_form_name != "")) {
-    if (ereg('^[a-zA-Z0-9_]+$', $focus_form_name)
-        && ereg('^[a-zA-Z0-9_]+$', $focus_form_field)) {
+    if (preg_match('/^[a-zA-Z0-9_]+$/', $focus_form_name)
+        && preg_match('/^[a-zA-Z0-9_]+$/', $focus_form_field)) {
       echo 'onLoad="self.focus();document.'.$focus_form_name.".".$focus_form_field.'.focus()"';
     }
   } ?> >

shared/header_top.php

 </head>
 <body bgcolor="<?php echo H(OBIB_PRIMARY_BG);?>" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" marginheight="0" marginwidth="0" <?php
   if (isset($focus_form_name) && ($focus_form_name != "")) {
-    if (ereg('^[a-zA-Z0-9_]+$', $focus_form_name)
-        && ereg('^[a-zA-Z0-9_]+$', $focus_form_field)) {
+    if (preg_match('/^[a-zA-Z0-9_]+$/', $focus_form_name)
+        && preg_match('/^[a-zA-Z0-9_]+$/', $focus_form_field)) {
       echo 'onLoad="self.focus();document.'.$focus_form_name.".".$focus_form_field.'.focus()"';
     }
   } ?> >
   } else {
     $page = "contents";
   }
-  if (ereg('^[a-zA-Z0-9_]+$', $page)) {
+  if (preg_match('/^[a-zA-Z0-9_]+$/', $page)) {
     include("../locale/".OBIB_LOCALE."/help/".$page.".php");
   }
   include("../shared/help_footer.php");

shared/layout.php

     require_once("../shared/logincheck.php");
   }
   
-  assert('ereg("^[-_A-Za-z0-9]+\$", $_REQUEST["name"])');
+  $re = '/^[-_A-Za-z0-9]+$/'; # To avoid quoting distopia.
+  assert('preg_match($re, $_REQUEST["name"])');
   $filename = '../layouts/'.$_REQUEST["name"].'.php';
   if (!is_readable($filename)) {
     $filename = '../layouts/default/'.$_REQUEST["name"].'.php';