From 9798f043fcc853e3af8691e6f97bbecc5b2dd834 Mon Sep 17 00:00:00 2001
From: Tim Starling <tstarling@users.mediawiki.org>
Date: Wed, 7 Jan 2004 08:17:19 +0000
Subject: [PATCH] Fix security flaw in parser -- $unique in input text

---
 includes/OutputPage.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/includes/OutputPage.php b/includes/OutputPage.php
index c1a91be594..70ea4f20ca 100644
--- a/includes/OutputPage.php
+++ b/includes/OutputPage.php
@@ -140,7 +140,12 @@ class OutputPage {
 		$stripped = "";
 		$stripped2 = "";
 		$stripped3 = "";
-
+		
+		# Replace any instances of the placeholders
+		$text = str_replace( $unique, '$unique', $text );
+		$text = str_replace( $unique2, '$unique2', $text );
+		$text = str_replace( $unique3, '$unique3', $text );
+		
 		global $wgEnableParserCache;
 		$use_parser_cache = 
 			$wgEnableParserCache && $action == "view" &&
@@ -153,7 +158,7 @@ class OutputPage {
 				return;
 			}
 		}
-
+		
 		while ( "" != $text ) {
 			$p = preg_split( "/<\\s*nowiki\\s*>/i", $text, 2 );
 			$stripped .= $p[0];
-- 
2.20.1