From df8f6b9460fc7ab5699eae26539254a360936202 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Wed, 23 Apr 2014 14:36:08 +0000 Subject: [PATCH] change validation of configuration to return existing validation functions, not running arbitrary ones --- admin/inc/class.uiconfig.inc.php | 9 +++++---- admin/inc/hook_config_validate.inc.php | 5 ++--- calendar/inc/class.calendar_hooks.inc.php | 2 +- setup/config.php | 2 +- setup/inc/hook_config_validate.inc.php | 12 +++++++++--- 5 files changed, 18 insertions(+), 12 deletions(-) diff --git a/admin/inc/class.uiconfig.inc.php b/admin/inc/class.uiconfig.inc.php index 6c82411289..bb4202bac1 100644 --- a/admin/inc/class.uiconfig.inc.php +++ b/admin/inc/class.uiconfig.inc.php @@ -118,12 +118,12 @@ class uiconfig if ($config) { $c->config_data[$key] = $config; - if($GLOBALS['egw_info']['server']['found_validation_hook'] && function_exists($key)) + if (in_array($key, (array)$GLOBALS['egw_info']['server']['found_validation_hook'], true) && function_exists($key)) { call_user_func($key,$config); if($GLOBALS['config_error']) { - $errors .= lang($GLOBALS['config_error']) . ' '; + $errors .= lang($GLOBALS['config_error']) . "\n"; $GLOBALS['config_error'] = False; } } @@ -134,12 +134,13 @@ class uiconfig unset($c->config_data[$key]); } } - if($GLOBALS['egw_info']['server']['found_validation_hook'] && function_exists('final_validation')) + if(in_array('final_validation', (array)$GLOBALS['egw_info']['server']['found_validation_hook']) && + function_exists('final_validation')) { final_validation($_POST['newsettings']); if($GLOBALS['config_error']) { - $errors .= lang($GLOBALS['config_error']) . ' '; + $errors .= lang($GLOBALS['config_error']) . "\n"; $GLOBALS['config_error'] = False; } unset($GLOBALS['egw_info']['server']['found_validation_hook']); diff --git a/admin/inc/hook_config_validate.inc.php b/admin/inc/hook_config_validate.inc.php index b7d7639ad9..341fb9e387 100644 --- a/admin/inc/hook_config_validate.inc.php +++ b/admin/inc/hook_config_validate.inc.php @@ -10,10 +10,9 @@ */ /* - Set a global flag to indicate this file was found by setup/config.php. - config.php will unset it after parsing the form values. + Set global flag to indicate for which config settings we have equally named validation methods */ -$GLOBALS['egw_info']['server']['found_validation_hook'] = True; +$GLOBALS['egw_info']['server']['found_validation_hook'] = array('vfs_image_dir'); /** * Check VFS dir exists and delete image map to recreate it, if vfs-image-dir changes diff --git a/calendar/inc/class.calendar_hooks.inc.php b/calendar/inc/class.calendar_hooks.inc.php index 3613b8cb6c..c0d1e11be1 100644 --- a/calendar/inc/class.calendar_hooks.inc.php +++ b/calendar/inc/class.calendar_hooks.inc.php @@ -698,7 +698,7 @@ class calendar_hooks public static function config_validate() { - $GLOBALS['egw_info']['server']['found_validation_hook'] = True; + $GLOBALS['egw_info']['server']['found_validation_hook'] = array('calendar_purge_old'); } /** diff --git a/setup/config.php b/setup/config.php index ea28469659..78be151d78 100644 --- a/setup/config.php +++ b/setup/config.php @@ -70,7 +70,7 @@ if(@get_var('submit',Array('POST')) && @$newsettings) $GLOBALS['egw_setup']->db->transaction_begin(); foreach($newsettings as $setting => $value) { - if($GLOBALS['egw_info']['server']['found_validation_hook'] && @function_exists($setting)) + if(in_array($setting, (array)$GLOBALS['egw_info']['server']['found_validation_hook']) && function_exists($setting)) { $setting($newsettings); if($GLOBALS['config_error']) diff --git a/setup/inc/hook_config_validate.inc.php b/setup/inc/hook_config_validate.inc.php index 423955a944..45c1f39c8c 100644 --- a/setup/inc/hook_config_validate.inc.php +++ b/setup/inc/hook_config_validate.inc.php @@ -11,10 +11,16 @@ */ /* - Set a global flag to indicate this file was found by setup/config.php. - config.php will unset it after parsing the form values. + Set global flag to indicate for which config settings we have equally named validation methods */ -$GLOBALS['egw_info']['server']['found_validation_hook'] = True; +$GLOBALS['egw_info']['server']['found_validation_hook'] = array( + 'vfs_storage_mode', + 'temp_dir', + 'files_dir', + 'backup_dir', + 'mcrypt_algo', + 'ldap_search_filter' +); /** * Set vfs_fstab depending from what the user selected for vfs_storage_mode