change validation of configuration to return existing validation functions, not running arbitrary ones

This commit is contained in:
Ralf Becker 2014-04-23 14:56:05 +00:00
parent 88da213321
commit 7ba88106e2
3 changed files with 191 additions and 3 deletions

View File

@ -118,7 +118,7 @@
if ($config) if ($config)
{ {
$c->config_data[$key] = $config; $c->config_data[$key] = $config;
if($GLOBALS['egw_info']['server']['found_validation_hook'] && function_exists($key)) if (in_array($key, (array)$GLOBALS['egw_info']['server']['found_validation_hook'], true) && function_exists($key))
{ {
call_user_func($key,$config); call_user_func($key,$config);
if($GLOBALS['config_error']) if($GLOBALS['config_error'])
@ -134,7 +134,7 @@
unset($c->config_data[$key]); unset($c->config_data[$key]);
} }
} }
if($GLOBALS['egw_info']['server']['found_validation_hook'] && function_exists('final_validation')) if(in_array('final_validation', (array)$GLOBALS['egw_info']['server']['found_validation_hook']) && function_exists('final_validation'))
{ {
final_validation($_POST['newsettings']); final_validation($_POST['newsettings']);
if($GLOBALS['config_error']) if($GLOBALS['config_error'])

View File

@ -70,7 +70,7 @@ if(@get_var('submit',Array('POST')) && @$newsettings)
$GLOBALS['egw_setup']->db->transaction_begin(); $GLOBALS['egw_setup']->db->transaction_begin();
foreach($newsettings as $setting => $value) foreach($newsettings as $setting => $value)
{ {
if($GLOBALS['egw_info']['server']['found_validation_hook'] && @function_exists($setting)) if(in_array($setting, (array)$GLOBALS['egw_info']['server']['found_validation_hook']) && function_exists($setting))
{ {
$setting($newsettings); $setting($newsettings);
if($GLOBALS['config_error']) if($GLOBALS['config_error'])

View File

@ -0,0 +1,188 @@
<?php
/**
* Setup
*
* @link http://www.egroupware.org
* @package setup
* @author Miles Lott <milos@groupwhere.org>
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
* @version $Id$
*/
/*
Set global flag to indicate for which config settings we have equally named validation methods
*/
$GLOBALS['egw_info']['server']['found_validation_hook'] = array(
'vfs_storage_mode',
'temp_dir',
'files_dir',
'backup_dir',
'mcrypt_algo',
'ldap_search_filter'
);
/**
* Set vfs_fstab depending from what the user selected for vfs_storage_mode
*
* @param array $settings
*/
function vfs_storage_mode($settings)
{
switch($settings['vfs_storage_mode'])
{
case 'fs':
config::save_value('vfs_fstab','','phpgwapi');
break;
case 'db':
config::save_value('vfs_fstab',serialize(array(
'/' => 'sqlfs://$host/?storage=db',
'/apps' => 'links://$host/apps?storage=db',
)),'phpgwapi');
break;
}
}
function mail_server($settings)
{
if (!$settings['smtp_server'])
{
$GLOBALS['config_error'] = lang('Missing or uncomplete mailserver configuration');
}
if (@file_exists('../emailadmin/inc/class.emailadmin_bo.inc.php') && $GLOBALS['egw_setup']->table_exist(array('egw_emailadmin')))
{
$emailadmin = new emailadmin_bo(-1,false); // false=no session stuff
if (is_object($emailadmin))
{
$emailadmin->setDefaultProfile($settings);
}
}
}
function temp_dir($settings)
{
if (!setup_detection::check_dir($settings['temp_dir'],$error_msg))
{
$GLOBALS['config_error'] = lang("Your temporary directory '%1' %2",$settings['temp_dir'],$error_msg);
}
}
function files_dir($settings)
{
if ($settings['file_repository'] == 'sql' && $settings['file_store_contents'] == 'filesystem' &&
!setup_detection::check_dir($settings['files_dir'],$error_msg,true))
{
$GLOBALS['config_error'] = lang("Your files directory '%1' %2",$settings['files_dir'],$error_msg);
}
}
function backup_dir(&$settings)
{
if (@is_writeable($settings['files_dir']) && !$settings['backup_dir'] && $settings['file_store_contents'] == 'filesystem')
{
$settings['backup_dir'] = $settings['files_dir'].'/db_backup';
}
if (!setup_detection::check_dir($settings['backup_dir'],$error_msg,true))
{
$GLOBALS['config_error'] = lang("Your backup directory '%1' %2",$settings['backup_dir'],$error_msg);
}
}
function _mcrypt_test_module_mode($module,$mode)
{
/* Data */
$key = 'this is a very long key, even too long for the cipher';
$plain_text = 'very important data';
/* Open module, and create IV */
if(!$GLOBALS['td'] = @mcrypt_module_open($module, '',$mode, ''))
{
@mcrypt_module_close($GLOBALS['td']);
return False;
}
$key = substr($key, 0, mcrypt_enc_get_key_size($GLOBALS['td']));
$iv_size = mcrypt_enc_get_iv_size($GLOBALS['td']);
$iv = @mcrypt_create_iv($iv_size, MCRYPT_RAND);
/* Initialize encryption handle */
if(mcrypt_generic_init($GLOBALS['td'], $key, $iv) != -1)
{
/* Encrypt data */
$c_t = mcrypt_generic($GLOBALS['td'], $plain_text);
mcrypt_generic_deinit($GLOBALS['td']);
// close the module
mcrypt_module_close($GLOBALS['td']);
/* Reinitialize buffers for decryption */
/* Open module */
$GLOBALS['td'] = mcrypt_module_open($module, '', $mode, '');
$key = substr($key, 0, mcrypt_enc_get_key_size($GLOBALS['td']));
mcrypt_generic_init($GLOBALS['td'], $key, $iv);
$p_t = mdecrypt_generic($GLOBALS['td'], $c_t);
/* Clean up */
mcrypt_generic_deinit($GLOBALS['td']);
mcrypt_module_close($GLOBALS['td']);
}
else
{
@mcrypt_module_close($GLOBALS['td']);
}
return rtrim($p_t) === $plain_text;
}
/* run a self-test through every listed cipher and mode - from robert at peakepro dot com (php.net manual) */
function mcrypt_check_sanity()
{
$modes = mcrypt_list_modes();
$algorithms = mcrypt_list_algorithms();
foreach($algorithms as $cipher)
{
if(mcrypt_module_self_test($cipher))
{
$GLOBALS['ciphers'][$cipher] = array();
foreach($modes as $mode)
{
if(_mcrypt_test_module_mode($cipher,$mode))
{
$result = True;
}
else
{
$result = False;
}
@$GLOBALS['ciphers'][$cipher][$mode] = $result;
}
}
}
ksort($GLOBALS['ciphers']);
/* _debug_array($GLOBALS['ciphers']); */
}
function mcrypt_algo($settings)
{
/* _debug_array($settings);exit; */
if(@function_exists('mcrypt_list_modes'))
{
mcrypt_check_sanity();
if(!@$GLOBALS['ciphers'][$settings['mcrypt_algo']][$settings['mcrypt_mode']])
{
$GLOBALS['config_error'] = lang('Invalid Mcrypt Algorithm/Mode combination');
}
}
}
/**
* Add bracket around the ldap_search_filter, if admin forgot it
*
* @param array $settings
*/
function ldap_search_filter(&$settings)
{
$filter =& $settings['ldap_search_filter'];
if ($filter && $filter{0} != '(') $filter = '('.$filter.')';
}