From abfcd484bfb030e0ddbc2e0a459f9e2d20c92b24 Mon Sep 17 00:00:00 2001
From: ovclas <ovclas@gmail.com>
Date: Tue, 26 Jun 2012 01:27:56 +0000
Subject: [PATCH] XSS Defense, 1.5.2.6 version up

git-svn-id: http://xe-core.googlecode.com/svn/trunk@10796 201d5d3c-b55e-5fd7-737f-ddc643e51545
---
 config/config.inc.php | 2 +-
 config/func.inc.php   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/config.inc.php b/config/config.inc.php
index 7d40acd2c..f6d77f31e 100644
--- a/config/config.inc.php
+++ b/config/config.inc.php
@@ -13,7 +13,7 @@
      * @brief display XE's full version
      * Even The file should be revised when releasing altough no change is made
      **/
-	define('__XE_VERSION__', '1.5.2.5');
+	define('__XE_VERSION__', '1.5.2.6');
     define('__ZBXE_VERSION__', __XE_VERSION__); // deprecated : __ZBXE_VERSION__ will be removed. Use __XE_VERSION__ instead.
 
     /**
diff --git a/config/func.inc.php b/config/func.inc.php
index 19c0cd544..89264df4a 100644
--- a/config/func.inc.php
+++ b/config/func.inc.php
@@ -686,7 +686,7 @@
      **/
     function removeHackTag($content) {
         // change the specific tags to the common texts
-        $content = preg_replace('@<(\/?(?:html|body|head|title|meta|base|link|script|style|applet|iframe)[\s>])@i', '&lt;$1', $content);
+        $content = preg_replace('@<(\/?(?:html|body|head|title|meta|base|link|script|style|applet|iframe)(/*)[\w\s>])@i', '&lt;$1', $content);
 
         /**
          * Remove codes to abuse the admin session in src by tags of imaages and video postings