Not sure if $taboo was getting sanitized or not. Possibly an SQL injection vulnerability that allows maliciously crafted group names to inject SQL at a later date when the group CP is loaded. Unconfirmed, theoretical fix.
+ − <?php
+ − // vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4:
+ − /**
+ − * Subscript rule end renderer for Plain
+ − *
+ − * PHP versions 4 and 5
+ − *
+ − * @category Text
+ − * @package Text_Wiki
+ − * @author Bertrand Gugger <bertrand@toggg.com>
+ − * @copyright 2005 bertrand Gugger
+ − * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
+ − * @version CVS: $Id: Subscript.php,v 1.1 2005/08/15 10:09:06 toggg Exp $
+ − * @link http://pear.php.net/package/Text_Wiki
+ − */
+ −
+ − /**
+ − * This class renders subscript text in Plain.
+ − *
+ − * @category Text
+ − * @package Text_Wiki
+ − * @author Bertrand Gugger <bertrand@toggg.com>
+ − * @copyright 2005 bertrand Gugger
+ − * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
+ − * @version Release: @package_version@
+ − * @link http://pear.php.net/package/Text_Wiki
+ − */
+ − class Text_Wiki_Render_Plain_Subscript extends Text_Wiki_Render {
+ −
+ − /**
+ − *
+ − * Renders a token into text matching the requested format.
+ − *
+ − * @access public
+ − *
+ − * @param array $options The "options" portion of the token (second
+ − * element).
+ − *
+ − * @return string The text rendered from the token options.
+ − *
+ − */
+ −
+ − function token($options)
+ − {
+ − return '';
+ − }
+ − }
+ − ?>