Compilation failed when edit a role

[GoogleCodeExporter]

What steps will reproduce the problem?
1. open page : role -> edit a role
2. input the roles's description, and click save button.
3. then the error displayed

What is the expected output? What do you see instead?
PHP Error
描述

preg_match() [<a href='function.preg-match'>function.preg-match</a>]: 
Compilation failed: missing terminating ] for character class at offset 30
源文件

D:\htdocs\pcwcrm\protected\modules\rights\components\RAuthorizer.php(436)

00424:         // Loop through the language constructs.
00425:         foreach( $languageConstructs as $lc )
00426:             if( preg_match('/'.$lc.'\ *\(?\ *[\"\']+/', $code)>0 )
00427:                 return null; // Language construct found, not safe for 
eval.
00428: 
00429:         // Get a list of all defined functions
00430:         $definedFunctions = get_defined_functions();
00431:         $functions = array_merge($definedFunctions['internal'], 
$definedFunctions['user']);
00432: 
00433:         // Loop through the functions and check the code for function 
calls.
00434:         // Append a '(' to the functions to avoid confusion between e.g. 
array() and array_merge().
00435:         foreach( $functions as $f )
00436: if( preg_match('/'.$f.'\ *\({1}/', $code)>0 )
00437:                 return null; // Function call found, not safe for eval.
00438: 
00439:         // Evaluate the safer code
00440:         $result = @eval($code);
00441: 
00442:         // Return the evaluated code or null if the result was false.
00443:         return $result!==false ? $result : null;
00444:     }
00445: 
00446:     /**
00447:     * @return RAuthManager the authorization manager.
00448:     */

堆栈追踪

#0 D:\htdocs\pcwcrm\protected\modules\rights\components\RAuthorizer.php(436): 
preg_match()
#1 D:\htdocs\pcwcrm\protected\modules\rights\components\RAuthorizer.php(80): 
RAuthorizer->sanitizeExpression()
#2 
D:\htdocs\pcwcrm\protected\modules\rights\controllers\AuthItemController.php(303
): RAuthorizer->updateAuthItem()
#3 D:\htdocs\yii-trunk\framework\web\actions\CInlineAction.php(57): 
AuthItemController->actionUpdate()
#4 D:\htdocs\yii-trunk\framework\web\CController.php(300): CInlineAction->run()
#5 D:\htdocs\yii-trunk\framework\web\filters\CFilterChain.php(133): 
AuthItemController->runAction()
#6 D:\htdocs\yii-trunk\framework\web\filters\CFilter.php(41): 
CFilterChain->run()
#7 D:\htdocs\yii-trunk\framework\web\CController.php(1084): 
CAccessControlFilter->filter()
#8 D:\htdocs\yii-trunk\framework\web\filters\CInlineFilter.php(59): 
AuthItemController->filterAccessControl()
#9 D:\htdocs\yii-trunk\framework\web\filters\CFilterChain.php(130): 
CInlineFilter->filter()
#10 D:\htdocs\yii-trunk\framework\web\CController.php(283): CFilterChain->run()
#11 D:\htdocs\yii-trunk\framework\web\CController.php(257): 
AuthItemController->runActionWithFilters()
#12 D:\htdocs\yii-trunk\framework\web\CWebApplication.php(324): 
AuthItemController->run()
#13 D:\htdocs\yii-trunk\framework\web\CWebApplication.php(121): 
ExtApplication->runController()
#14 D:\htdocs\pcwcrm\protected\components\ExtApplication.php(64): 
ExtApplication->processRequest()
#15 D:\htdocs\yii-trunk\framework\base\CApplication.php(135): 
ExtApplication->processRequest()
#16 D:\htdocs\pcwcrm\index.php(14): ExtApplication->run()

What version of the product are you using? On what operating system?
Yii1.1.5, rights 1.2

Original issue reported on code.google.com by wangyong...@gmail.com on 10 Jan 2011 at 8:22

[GoogleCodeExporter]

Hello wangyong,

It seems that the problem is in your business rule, could you please tell me 
what you put as the business rule if you entered one so that I can try to 
figure out what the problem is.

Thanks in advance.

Original comment by Christof...@gmail.com on 10 Jan 2011 at 9:45

• Changed state: Accepted

[GoogleCodeExporter]

Hi: My business rule is blank.

Original comment by wangyong...@gmail.com on 11 Jan 2011 at 6:18

[GoogleCodeExporter]

I found where the problem is, I enabled Zend Optimizer, so the 
get_defined_functions() returned some functions which name is unreadable, and 
the preg_match can not execute normally, You can test it.

Original comment by wangyong...@gmail.com on 12 Jan 2011 at 7:04

[GoogleCodeExporter]

check this page: 
http://www.justskins.com/forums/39670-new-get_defined_functions-returns-58267.ht
ml

Original comment by wangyong...@gmail.com on 12 Jan 2011 at 7:07

[GoogleCodeExporter]

Hello wangyong,

I read the page you linked me but I didn't find anything useful there except 
that the get_defined_functions() returns invalid values when using the Zend 
Optimizer.

Do you have a suggestion for how to fix this?

Original comment by Christof...@gmail.com on 12 Jan 2011 at 8:07

• Added labels: Priority-Low
• Removed labels: Priority-Medium

[GoogleCodeExporter]

Exact same problem here. Any fix yet?
Thanks.

Original comment by rodrigo....@gmail.com on 18 Jan 2011 at 7:33

[GoogleCodeExporter]

I think we could check the function name before perform preg_match, if the name 
contains invalid chars, ignore it.

Original comment by wangyong...@gmail.com on 19 Jan 2011 at 9:54

[GoogleCodeExporter]

I will see what can be done about this as soon as I have time.

Original comment by Christof...@gmail.com on 6 Feb 2011 at 11:38

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

when using the Zend, the function  preg_match('/'.$f.'\ *\({1}/', $code)    
passed names like uer1qc[<lm*ujhb0
which is why the error occurs.
you must either exclude such functions from scanning, or escape special 
characters using the preg_quote.

foreach( $functions as $f ) 
    if( preg_match('/'.preg_quote($f).'\ *\({1}/', $code)>0 )
        return null; // Function call found, not safe for eval.

Original comment by vasilyev...@gmail.com on 30 Nov 2011 at 4:12

[GoogleCodeExporter]

sory must be preg_quote($f, "/")

Original comment by vasilyev...@gmail.com on 30 Nov 2011 at 4:16