
CTAPbIu_MABP - 2006-08-18 13:16:24
Your class is good but have two serious weakness
first one is javascript vulnerability like this
$bbcode->add_tag(array('Name'=>'link','HasParam'=>true,'HtmlBegin'=>'<a href="%%P%%">','HtmlEnd'=>'</a>'));
parse line
[link=http://phpclasses.org/?"<SCRIPT LANGUAGE=JavaScript>alert('lol')</script> alt="]A link[/link]<br />
and you will have a nice alert
and the second is unable to parse some code like [link]http://phpclasses.org/[/link]
PS sorry for my bad english....