From 36a04a44bad15d9ce80ae32ca1d228ca82ed6ffe Mon Sep 17 00:00:00 2001
From: ovclas <ovclas@gmail.com>
Date: Fri, 30 Nov 2012 01:17:15 +0000
Subject: [PATCH] Webshell defence and version up

git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.2@12332 201d5d3c-b55e-5fd7-737f-ddc643e51545
---
 classes/context/Context.class.php | 6 +++---
 config/config.inc.php             | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php
index 6a0226e4f..831ad2728 100644
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@@ -117,10 +117,10 @@ class Context {
 	 * Pattern for request vars check
 	 * @var array
 	 */
-	var $pattern = array(
+	var $patterns = array(
 			'/<\?/iUsm',
 			'/<\%/iUsm',
-			'/<script(\s|\S)*language[\s]*=("|\')php("|\')(\s|\S)*/iUsm'
+			'/<script(\s|\S)*language[\s]*=[\s]*("|\')?[\s]*php[\s]*("|\')?(\s|\S)*/iUsm'
 			);
 	/**
 	 * Check init
@@ -837,7 +837,7 @@ class Context {
 	{
 		if(is_string($val))
 		{
-			foreach($this->pattern as $pattern)
+			foreach($this->patterns as $pattern)
 			{
 				$result = preg_match($pattern, $val);
 				if($result)
diff --git a/config/config.inc.php b/config/config.inc.php
index 9b9b46293..c3aea16a8 100644
--- a/config/config.inc.php
+++ b/config/config.inc.php
@@ -14,7 +14,7 @@
      * Display XE's full version
      * Even The file should be revised when releasing altough no change is made
      */
-	define('__XE_VERSION__', '1.5.3.6');
+	define('__XE_VERSION__', '1.5.3.7');
 
 	/**
 	 * @deprecated __ZBXE_VERSION__ will be removed. Use __XE_VERSION__ instead.