+Version 2.0.6.1 (2012-11-16)\r
+ Fixed security issue with google spellchecker.\r
Version 2.0.6 (2011-09-29)\r
Fixed incorrect position of suggestion menu.\r
Fixed handling of mispelled words with no suggestions in PSpellShell engine.\r
}\r
\r
function &_getMatches($lang, $str) {\r
+ $lang = preg_replace('/[^a-z\-]/i', '', $lang); // Sanitize, remove everything but a-z or -\r
+ $str = preg_replace('/[\x00-\x1F\x7F]/', '', $str); // Sanitize, remove all control characters\r
$server = "www.google.com";\r
$port = 443;\r
$path = "/tbproxy/spell?lang=" . $lang . "&hl=en";\r
