museum-digital/MD_STD
32
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Improve sanitization of color inputs

Browse Source
This commit is contained in:
Joshua Ramon Enslin 2021-01-30 22:56:00 +01:00
parent 89e06769f1
commit 7a252c6bfa
Signed by: jrenslin
GPG Key ID: 46016F84501B70AE
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
MD_STD_IN.php
View File

@ -98,7 +98,9 @@ final class MD_STD_IN {
FILTER_SANITIZE_STRING,
FILTER_FLAG_NO_ENCODE_QUOTES);
if (!(preg_match('/^[a-zA-Z0-9]{3}$/', $output)) && !(preg_match('/^[a-zA-Z0-9]{6}$/', $output))) {
if ($output === false
|| ((preg_match('/^[a-zA-Z0-9]{3}$/', $output)) === false && (preg_match('/^[a-zA-Z0-9]{6}$/', $output)) === false)
) {
throw new MDInvalidColorCode("Invalid color code provided: " . $output);
}