From 0c1864940c620c2c100bf4cedf4ce31658e4d34e Mon Sep 17 00:00:00 2001
From: parhamr <reid@copiousinc.com>
Date: Wed, 21 Aug 2013 12:41:44 -0700
Subject: [PATCH 1/6] Correcting $mathes typo.

---
 app/code/Mage/Core/Helper/Url.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/code/Mage/Core/Helper/Url.php b/app/code/Mage/Core/Helper/Url.php
index 83d518657293f..7891a03482311 100644
--- a/app/code/Mage/Core/Helper/Url.php
+++ b/app/code/Mage/Core/Helper/Url.php
@@ -131,8 +131,8 @@ public function addRequestParam($url, $param)
     public function removeRequestParam($url, $paramKey, $caseSensitive = false)
     {
         $regExpression = '/\\?[^#]*?(' . preg_quote($paramKey, '/') . '\\=[^#&]*&?)/' . ($caseSensitive ? '' : 'i');
-        while (preg_match($regExpression, $url, $mathes) != 0) {
-            $paramString = $mathes[1];
+        while (preg_match($regExpression, $url, $matches) != 0) {
+            $paramString = $matches[1];
             if (preg_match('/&$/', $paramString) == 0) {
                 $url = preg_replace('/(&|\\?)?' . preg_quote($paramString, '/') . '/', '', $url);
             } else {

From b3b59129b3c866ff9b2cf742909cd436d50b1ce7 Mon Sep 17 00:00:00 2001
From: parhamr <reid@copiousinc.com>
Date: Wed, 21 Aug 2013 12:46:08 -0700
Subject: [PATCH 2/6] Using triple equals for preg_match evaluation.

---
 app/code/Mage/Core/Helper/Url.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/code/Mage/Core/Helper/Url.php b/app/code/Mage/Core/Helper/Url.php
index 7891a03482311..c0a43dc967dc3 100644
--- a/app/code/Mage/Core/Helper/Url.php
+++ b/app/code/Mage/Core/Helper/Url.php
@@ -131,9 +131,9 @@ public function addRequestParam($url, $param)
     public function removeRequestParam($url, $paramKey, $caseSensitive = false)
     {
         $regExpression = '/\\?[^#]*?(' . preg_quote($paramKey, '/') . '\\=[^#&]*&?)/' . ($caseSensitive ? '' : 'i');
-        while (preg_match($regExpression, $url, $matches) != 0) {
+        while (preg_match($regExpression, $url, $matches) !== 0) {
             $paramString = $matches[1];
-            if (preg_match('/&$/', $paramString) == 0) {
+            if (preg_match('/&$/', $paramString) === 0) {
                 $url = preg_replace('/(&|\\?)?' . preg_quote($paramString, '/') . '/', '', $url);
             } else {
                 $url = str_replace($paramString, '', $url);

From cda9ea0908ae2a72083cdba83d7390baf079199c Mon Sep 17 00:00:00 2001
From: parhamr <reid@copiousinc.com>
Date: Wed, 21 Aug 2013 12:46:35 -0700
Subject: [PATCH 3/6] Replacing simple preg_match with a less expensive substr
 check.

---
 app/code/Mage/Core/Helper/Url.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/code/Mage/Core/Helper/Url.php b/app/code/Mage/Core/Helper/Url.php
index c0a43dc967dc3..520f3180245e4 100644
--- a/app/code/Mage/Core/Helper/Url.php
+++ b/app/code/Mage/Core/Helper/Url.php
@@ -133,7 +133,8 @@ public function removeRequestParam($url, $paramKey, $caseSensitive = false)
         $regExpression = '/\\?[^#]*?(' . preg_quote($paramKey, '/') . '\\=[^#&]*&?)/' . ($caseSensitive ? '' : 'i');
         while (preg_match($regExpression, $url, $matches) !== 0) {
             $paramString = $matches[1];
-            if (preg_match('/&$/', $paramString) === 0) {
+            // if ampersand is at the end of $paramString
+            if (substr($paramString, -1, 1) != '&') {
                 $url = preg_replace('/(&|\\?)?' . preg_quote($paramString, '/') . '/', '', $url);
             } else {
                 $url = str_replace($paramString, '', $url);

From a7acb13de8492035b1c1885c5282842a05a61d0f Mon Sep 17 00:00:00 2001
From: parhamr <reid@copiousinc.com>
Date: Wed, 21 Aug 2013 12:49:24 -0700
Subject: [PATCH 4/6] Replacing simple preg_match with less expensive strpos.

---
 app/code/Mage/Core/Model/Design/Package.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/code/Mage/Core/Model/Design/Package.php b/app/code/Mage/Core/Model/Design/Package.php
index 2fb3419087555..c115cd62290b2 100644
--- a/app/code/Mage/Core/Model/Design/Package.php
+++ b/app/code/Mage/Core/Model/Design/Package.php
@@ -349,7 +349,7 @@ public function getViewFile($file, array $params = array())
      */
     protected function _extractScope($file, array &$params)
     {
-        if (preg_match('/\.\//', str_replace('\\', '/', $file))) {
+        if (strpos(str_replace('\\', '/', $file), './') !== false) {
             throw new Magento_Exception("File name '{$file}' is forbidden for security reasons.");
         }
         if (false !== strpos($file, self::SCOPE_SEPARATOR)) {

From 674542cc5b43fcf918906ce37b0617a914c59111 Mon Sep 17 00:00:00 2001
From: parhamr <reid@copiousinc.com>
Date: Wed, 21 Aug 2013 12:55:39 -0700
Subject: [PATCH 5/6] Replacing simple preg_match with inexpensive substr and
 strlen.

---
 app/code/Mage/GoogleAnalytics/Block/Ga.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/code/Mage/GoogleAnalytics/Block/Ga.php b/app/code/Mage/GoogleAnalytics/Block/Ga.php
index 3f74d2a27ca3e..6e14e3dba48bc 100644
--- a/app/code/Mage/GoogleAnalytics/Block/Ga.php
+++ b/app/code/Mage/GoogleAnalytics/Block/Ga.php
@@ -57,7 +57,7 @@ public function getPageTrackingCode($accountId)
     {
         $pageName   = trim($this->getPageName());
         $optPageURL = '';
-        if ($pageName && preg_match('/^\/.*/i', $pageName)) {
+        if ($pageName && substr($pageName, 0, 1) == '/' && strlen($pageName) > 1) {
             $optPageURL = ", '{$this->jsQuoteEscape($pageName)}'";
         }
         return "

From 89524eb8e0a434e9b0d6162c8876b5ff63568424 Mon Sep 17 00:00:00 2001
From: parhamr <reid@copiousinc.com>
Date: Wed, 21 Aug 2013 13:00:10 -0700
Subject: [PATCH 6/6] Replacing simple preg_split with less expensive explode.

---
 app/code/Mage/Webhook/Controller/Webapi/Webhook.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/code/Mage/Webhook/Controller/Webapi/Webhook.php b/app/code/Mage/Webhook/Controller/Webapi/Webhook.php
index e7bcb2ecd63bb..5c6cb0969eb65 100644
--- a/app/code/Mage/Webhook/Controller/Webapi/Webhook.php
+++ b/app/code/Mage/Webhook/Controller/Webapi/Webhook.php
@@ -116,7 +116,7 @@ private function _filterTopicsByApiUser($topics, $userId)
             $readableResources = array();
             foreach ($resourceIds as $resource) {
                 if (preg_match("/\/get/", $resource)) { // TODO: Should be allowed to be anything, not just get
-                    $result = preg_split("/\//", $resource);
+                    $result = explode("/", $resource);
                     $readableResources[] = $result[0];
                 }
             }
@@ -124,7 +124,7 @@ private function _filterTopicsByApiUser($topics, $userId)
             $resultTopics = array();
             foreach($topics as $topic) {
                 $topic = str_replace("\/", "/", $topic);
-                $array = preg_split("/\//", $topic);
+                $array = explode("/", $topic);
                 if (in_array($array[0], $readableResources)) {
                     $resultTopics[] = $topic;
                 }