From 992a1ac6848e51b8ebd1a880f605bb91b7333fb1 Mon Sep 17 00:00:00 2001
From: Rob Church <robchurch@users.mediawiki.org>
Date: Wed, 12 Apr 2006 04:59:27 +0000
Subject: [PATCH] (bug 5185) Strip out SGML comments before scanning the text
 for matches so some nutter can't circumvent the lot with a well placed <!--
 -->

---
 SpamBlacklist_body.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/SpamBlacklist_body.php b/SpamBlacklist_body.php
index ded1932b..d95612f5 100644
--- a/SpamBlacklist_body.php
+++ b/SpamBlacklist_body.php
@@ -145,6 +145,10 @@ class SpamBlacklist {
 		$regex =& $this->getRegex();
 
 		if ( $regex && $regex[0] == '/' ) {
+			# Strip SGML comments out of the markup
+			# This was being used to circumvent the filter (see bug 5185)
+			$text = preg_replace( '/<\!--.*-->/', '', $text );
+
 			# Do the match
 			wfDebug( "Checking text against regex: $regex\n" );
 			if ( preg_match( $regex, $text, $matches ) ) {