X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/9c40b4d36daed9e28e48a5fe9205c32557195a4b..312084b5d95c21feb519ff03decf948420e1f6fa:/wp-includes/classes.php

diff --git a/wp-includes/classes.php b/wp-includes/classes.php
index 29c37535..d290bbaa 100644
--- a/wp-includes/classes.php
+++ b/wp-includes/classes.php
@@ -216,7 +216,7 @@ class WP {
 					$query = preg_replace("!^.+\?!", '', $query);
 
 					// Substitute the substring matches into the query.
-					eval("@\$query = \"" . addslashes($query) . "\";");
+					$query = addslashes(WP_MatchesMapRegex::apply($query, $matches));
 
 					$this->matched_query = $query;
 
@@ -1592,4 +1592,94 @@ class WP_Ajax_Response {
 	}
 }
 
+/**
+ * Helper class to remove the need to use eval to replace $matches[] in query strings.
+ *
+ * @since 2.9.0
+ */
+class WP_MatchesMapRegex {
+	/**
+	 * store for matches
+	 *
+	 * @access private
+	 * @var array
+	 */
+	var $_matches;
+
+	/**
+	 * store for mapping result
+	 *
+	 * @access public
+	 * @var string
+	 */
+	var $output;
+
+	/**
+	 * subject to perform mapping on (query string containing $matches[] references
+	 *
+	 * @access private
+	 * @var string
+	 */
+	var $_subject;
+
+	/**
+	 * regexp pattern to match $matches[] references
+	 *
+	 * @var string
+	 */
+	var $_pattern = '(\$matches\[[1-9]+[0-9]*\])'; // magic number
+
+	/**
+	 * constructor
+	 *
+	 * @param string $subject subject if regex
+	 * @param array  $matches data to use in map
+	 * @return self
+	 */
+	function WP_MatchesMapRegex($subject, $matches) {
+		$this->_subject = $subject;
+		$this->_matches = $matches;
+		$this->output = $this->_map();
+	}
+
+	/**
+	 * Substitute substring matches in subject.
+	 *
+	 * static helper function to ease use
+	 *
+	 * @access public
+	 * @param string $subject subject
+	 * @param array  $matches data used for subsitution
+	 * @return string
+	 */
+	function apply($subject, $matches) {
+		$oSelf =& new WP_MatchesMapRegex($subject, $matches);
+		return $oSelf->output;
+	}
+
+	/**
+	 * do the actual mapping
+	 *
+	 * @access private
+	 * @return string
+	 */
+	function _map() {
+		$callback = array(&$this, 'callback');
+		return preg_replace_callback($this->_pattern, $callback, $this->_subject);
+	}
+
+	/**
+	 * preg_replace_callback hook
+	 *
+	 * @access public
+	 * @param  array $matches preg_replace regexp matches
+	 * @return string
+	 */
+	function callback($matches) {
+		$index = intval(substr($matches[0], 9, -1));
+		return ( isset( $this->_matches[$index] ) ? $this->_matches[$index] : '' );
+	}
+
+}
+
 ?>