Parse error: syntax error, unexpected ',', expecting ')' in /var/www/.../modules/search404/search404.module

Yes, I have seen the issue.

And no, no fix.

try this fix (too lazy to roll patch):

replace the following function

/**
 * Replacement for search_get_keys
 * WARNING: This function can potentially return dangerous
 *              potential SQL inject/XSS
 * data. Return must be sanatized before use.
 */
function search404_get_keys() {
  // Abort query on certain extensions, e.g: gif jpg jpeg png
  $extensions = preg_split('/\s+/', variable_get('search404_ignore_query', 'gif jpg jpeg bmp png'));
  $extensions = trim(implode('|', $extensions));
  if (!empty($extensions) && preg_match("/\.($extensions)$/", $_REQUEST['destination'])) {
    return false;
  }
  $keys = $_REQUEST['destination'];
  $misc_var = variable_get('search404_regex', '');
  if (!empty($misc_var)) {
  	$keys = preg_grep($misc_var, $keys);
  	$keys = $keys[0];
  }
  // Ingore certain extensions from query
  $extensions = preg_split('/\s+/', variable_get('search404_ignore_extensions', 'htm html php'));
  $extensions = trim(implode('|', $extensions));
  if (!empty($extensions)) {
     $keys = preg_replace("/\.($extensions)$/", '', $keys);
  }

  $keys = preg_split('/['. PREG_CLASS_SEARCH_EXCLUDE .']+/u', $keys);

  // Ignore certain words
  $keys = array_diff($keys, explode(' ', variable_get('search404_ignore', 'and or the')));

  $modifier = variable_get('search404_use_or', false) ? ' OR ' : ' ';
  $keys = trim(implode($modifier, $keys));
  return $keys;
}

I just changed a couple of lines in the middle. The original error was due to misuse of the variable_get function. Another error would occur for the same reason once the first one was fixed. At least, it seems to work for me now.

forgot to update the drop downs...

Just confirming that this patch fixed the error for me. One question:

 * WARNING: This function can potentially return dangerous
*              potential SQL inject/XSS
* data. Return must be sanatized before use.

Pretty new to drupal. Is there something additional I need to modify (to "sanitize") in this module?

Now that you mention it, perhaps each key should be run through either check_url() or check_plain(). one would probably do that by adding this just before $modifier = ...

foreach ($keys as $a => $b) {
  $keys[$a] = check_plain($b);
}

or something like that. I haven't tested it yet.

hmm I think I'll remove this module for now. I like what it does but if it carries a potential risk then it's not for me. Thanks for the help anyway.

Hi all,
The error has been fixed and updated in the next version.
Cheers
zyxware

This is just a friendly hint. It's a common practice on drupal.org to set the status to 'fixed' and then the drupal-issue-bot-script-thingie automatically changes the status to 'closed' after a week. This is to avoid a duplicate issues of recent fixes and shows that maintainer actually fixes things.

Thanks for the effort you put into this module!

The bot takes two weeks. But yes, that is the standard here on d.o.

Thanks for the reminder. Will keep that in mind in the future.