From 2d3e76de673beb0a6727f8f562fd7c5f421d3edf Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Sat, 7 Apr 2018 13:45:22 -0700
Subject: [PATCH] Only escape if there are regexp characters
 https://github.com/webmin/usermin/issues/37

---
 filter/save.cgi | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/filter/save.cgi b/filter/save.cgi
index f6f0198a9..49240ce2a 100755
--- a/filter/save.cgi
+++ b/filter/save.cgi
@@ -85,7 +85,9 @@ else {
 		$filter->{'condheader'} =~ /^[a-zA-Z0-9\-]+$/ ||
 			&error($text{'save_econdheader'});
 		if (!$in{'condregexp'} &&
-		    $in{'condvalue'} !~ /^[a-zA-Z0-9_ ]+$/) {
+		    $in{'condvalue'} =~ /[\^\$\.\*\+\?\|\(\)\[\]\{\}\\]/) {
+			# If the user didn't ask for a regexp but there are
+			# regexp special characters, escape them
 			$in{'condvalue'} = quotemeta($in{'condvalue'});
 			}
 		if ($in{'condmode'} == 0) {