From 478ba9973f88f391bba2fb5154c50261ecc66311 Mon Sep 17 00:00:00 2001 From: Lukasz Tulikowski Date: Wed, 16 Jul 2025 10:01:13 +0200 Subject: [PATCH] fix(color): enhance regex pattern for CSS color validation in getColorOpt function --- includes/functions.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/includes/functions.php b/includes/functions.php index a3e53ef6..9541e307 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -666,7 +666,12 @@ function getColorOpt() } // Define the regex pattern for valid CSS color formats - $colorPattern = "/^(#([a-fA-F0-9]{3}|[a-fA-F0-9]{6})|rgb\((\s*\d+\s*,){2}\s*\d+\s*\)|rgba\((\s*\d+\s*,){3}\s*(0|0\.\d+|1)\)|[a-zA-Z]+)$/i"; + $colorPattern = "/^(" . + "#([a-fA-F0-9]{3}|[a-fA-F0-9]{6})" . "|" . // Hex colors (#RGB or #RRGGBB) + "rgb\(\s*(?:\d{1,3}\s*,\s*){2}\d{1,3}\s*\)" . "|" . // RGB format + "rgba\(\s*(?:\d{1,3}\s*,\s*){3}\s*(0|0\.\d+|1)\s*\)" . "|" . // RGBA format + "[a-zA-Z]+" . // Named colors + ")$/i"; // Validate the color if (!preg_match($colorPattern, $color)) { @@ -1020,4 +1025,3 @@ function callbackTimeout(callable $callback, int $interval) return $result; } -