From 6ff1db3534ee72db410bc80f0b68c275c322040e Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Tue, 22 May 2012 13:51:30 +0000
Subject: [PATCH] * Preferences all apps: add validation for vfs files and
 directories to give user immediate feedback about wrong or non vfs pathes

---
 .../inc/class.addressbook_hooks.inc.php       |  4 +-
 calendar/inc/class.calendar_hooks.inc.php     |  4 +-
 .../inc/class.filemanager_hooks.inc.php       |  4 +-
 infolog/inc/class.infolog_hooks.inc.php       |  4 +-
 phpgwapi/inc/class.egw_vfs.inc.php            |  7 ++-
 preferences/inc/class.bosettings.inc.php      | 53 +++++++++++++++----
 preferences/inc/class.uisettings.inc.php      | 31 +++++++++--
 preferences/lang/egw_de.lang                  |  2 +
 preferences/lang/egw_en.lang                  |  2 +
 timesheet/inc/class.timesheet_hooks.inc.php   |  4 +-
 10 files changed, 91 insertions(+), 24 deletions(-)

diff --git a/addressbook/inc/class.addressbook_hooks.inc.php b/addressbook/inc/class.addressbook_hooks.inc.php
index 0805aad50e..f1e67032c2 100644
--- a/addressbook/inc/class.addressbook_hooks.inc.php
+++ b/addressbook/inc/class.addressbook_hooks.inc.php
@@ -251,7 +251,7 @@ class addressbook_hooks
 			$link = egw::link('/index.php','menuaction=addressbook.addressbook_merge.show_replacements');
 
 			$settings['default_document'] = array(
-				'type'   => 'input',
+				'type'   => 'vfs_file',
 				'size'   => 60,
 				'label'  => 'Default document to insert contacts',
 				'name'   => 'default_document',
@@ -263,7 +263,7 @@ class addressbook_hooks
 				'admin'  => False,
 			);
 			$settings['document_dir'] = array(
-				'type'   => 'input',
+				'type'   => 'vfs_dirs',
 				'size'   => 60,
 				'label'  => 'Directory with documents to insert contacts',
 				'name'   => 'document_dir',
diff --git a/calendar/inc/class.calendar_hooks.inc.php b/calendar/inc/class.calendar_hooks.inc.php
index fd31dd2c08..a257e561a9 100644
--- a/calendar/inc/class.calendar_hooks.inc.php
+++ b/calendar/inc/class.calendar_hooks.inc.php
@@ -608,7 +608,7 @@ class calendar_hooks
 			$link = egw::link('/index.php','menuaction=calendar.calendar_merge.show_replacements');
 
 			$settings['default_document'] = array(
-				'type'   => 'input',
+				'type'   => 'vfs_file',
 				'size'   => 60,
 				'label'  => 'Default document to insert entries',
 				'name'   => 'default_document',
@@ -620,7 +620,7 @@ class calendar_hooks
 				'admin'  => False,
 			);
 			$settings['document_dir'] = array(
-				'type'   => 'input',
+				'type'   => 'vfs_dirs',
 				'size'   => 60,
 				'label'  => 'Directory with documents to insert entries',
 				'name'   => 'document_dir',
diff --git a/filemanager/inc/class.filemanager_hooks.inc.php b/filemanager/inc/class.filemanager_hooks.inc.php
index 1f063d1e10..f6daee5ce4 100644
--- a/filemanager/inc/class.filemanager_hooks.inc.php
+++ b/filemanager/inc/class.filemanager_hooks.inc.php
@@ -215,7 +215,7 @@ class filemanager_hooks
 		$link = egw::link('/index.php','menuaction=filemanager.filemanager_merge.show_replacements');
 
 		$settings['default_document'] = array(
-			'type'   => 'input',
+			'type'   => 'vfs_file',
 			'size'   => 60,
 			'label'  => 'Default document to insert entries',
 			'name'   => 'default_document',
@@ -227,7 +227,7 @@ class filemanager_hooks
 			'admin'  => False,
 		);
 		$settings['document_dir'] = array(
-			'type'   => 'input',
+			'type'   => 'vfs_dirs',
 			'size'   => 60,
 			'label'  => 'Directory with documents to insert entries',
 			'name'   => 'document_dir',
diff --git a/infolog/inc/class.infolog_hooks.inc.php b/infolog/inc/class.infolog_hooks.inc.php
index 069c77d54d..dca9d27277 100644
--- a/infolog/inc/class.infolog_hooks.inc.php
+++ b/infolog/inc/class.infolog_hooks.inc.php
@@ -387,7 +387,7 @@ class infolog_hooks
 			$link = egw::link('/index.php','menuaction=infolog.infolog_merge.show_replacements');
 
 			$settings['default_document'] = array(
-				'type'   => 'input',
+				'type'   => 'vfs_file',
 				'size'   => 60,
 				'label'  => 'Default document to insert entries',
 				'name'   => 'default_document',
@@ -399,7 +399,7 @@ class infolog_hooks
 				'admin'  => False,
 			);
 			$settings['document_dir'] = array(
-				'type'   => 'input',
+				'type'   => 'vfs_dirs',
 				'size'   => 60,
 				'label'  => 'Directory with documents to insert entries',
 				'name'   => 'document_dir',
diff --git a/phpgwapi/inc/class.egw_vfs.inc.php b/phpgwapi/inc/class.egw_vfs.inc.php
index f887eef94b..cf6d993bbe 100644
--- a/phpgwapi/inc/class.egw_vfs.inc.php
+++ b/phpgwapi/inc/class.egw_vfs.inc.php
@@ -477,8 +477,11 @@ class egw_vfs extends vfs_stream_wrapper
 		$result = array();
 		foreach($base as $path)
 		{
-			if (!$url) $path = egw_vfs::PREFIX . $path;
-
+			if (!$url)
+			{
+				if ($path[0] != '/' || !egw_vfs::stat($path)) continue;
+				$path = egw_vfs::PREFIX . $path;
+			}
 			if (!isset($options['remove']))
 			{
 				$options['remove'] = count($base) == 1 ? count(explode('/',$path))-3+(int)(substr($path,-1)!='/') : 0;
diff --git a/preferences/inc/class.bosettings.inc.php b/preferences/inc/class.bosettings.inc.php
index 8c9cfcf363..a4e8340399 100644
--- a/preferences/inc/class.bosettings.inc.php
+++ b/preferences/inc/class.bosettings.inc.php
@@ -209,19 +209,54 @@
 			{
 				if(isset($value) && $value != '' && $value != '**NULL**')
 				{
-					if(is_array($value) && !isset($value['pw']))
+					if (get_magic_quotes_gpc())
 					{
-						$value = implode(',',$value);	// multiselect
+						$value = is_array($value) ? array_map('stripslashes',$value) : stripslashes($value);
 					}
-					elseif(is_array($value))
+					if (is_array($value))
 					{
-						$value = $value['pw'];
-						if(empty($value))
+						if (isset($value['pw']))
 						{
-							continue;	// dont write empty password-fields
+							$value = $value['pw'];
+							if(empty($value))
+							{
+								continue;	// dont write empty password-fields
+							}
+						}
+						elseif(isset($value[$type='vfs_file']) || isset($value[$type='vfs_dir']) || isset($value[$type='vfs_dirs']))
+						{
+							$value = $value[$type];
+							if ($value === '')
+							{
+								// empty is always allowed
+							}
+							elseif ($type == 'vfs_file')
+							{
+								if ($value[0] != '/' || !egw_vfs::stat($value))
+								{
+									$error = lang('%1 is no existing vfs file!',htmlspecialchars($value));
+								}
+							}
+							else
+							{
+								// split multiple comma or whitespace separated directories
+								// to still allow space or comma in dirnames, we also use the trailing slash of all pathes to split
+								foreach($type == 'vfs_dir' ? array($value) : preg_split('/[,\s]+\//', $value) as $n => $dir)
+								{
+									if ($n) $dir = '/'.$dir;	// re-adding trailing slash removed by split
+									if ($dir[0] != '/' || !egw_vfs::stat($dir) || !egw_vfs::is_dir($dir))
+									{
+										$error .= ($error ? ' ' : '').lang('%1 is no existing vfs directory!',$dir);
+									}
+								}
+							}
+						}
+						else
+						{
+							$value = implode(',',$value);	// multiselect
 						}
 					}
-					$prefs[$var] = get_magic_quotes_gpc() ? stripslashes($value) : $value;
+					$prefs[$var] = $value;
 
 					if(is_array($notifies) && isset($notifies[$var]))	// need to translate the key-words back
 					{
@@ -243,14 +278,14 @@
 			// if you return something else than False, it is treated as an error-msg and
 			// displayed to the user (the prefs are not saved)
 			//
-			if($error = $GLOBALS['egw']->hooks->single(array(
+			if(($error .= $GLOBALS['egw']->hooks->single(array(
 				'location' => 'verify_settings',
 				'prefs'    => $repository[$appname],
 				'prefix'   => $prefix,
 				'type'     => $type
 				),
 				$appname
-			))
+			)))
 			{
 				return $error;
 			}
diff --git a/preferences/inc/class.uisettings.inc.php b/preferences/inc/class.uisettings.inc.php
index 2ea671ebd8..b6b365393e 100755
--- a/preferences/inc/class.uisettings.inc.php
+++ b/preferences/inc/class.uisettings.inc.php
@@ -258,6 +258,17 @@ class uisettings
 						$valarray['run_lang']
 					);
 					break;
+				case 'vfs_file':
+				case 'vfs_dir':
+				case 'vfs_dirs':
+					$this->create_vfs_box(
+						$valarray['type'],
+						$valarray['label'],
+						$valarray['name'],
+						$valarray['help'],
+						$valarray['run_lang']
+					);
+					break;
 				case 'select':
 				case 'multiselect':
 					$this->create_select_box(
@@ -409,6 +420,18 @@ class uisettings
 			$help,'',$size,$max_size,'password',$run_lang);
 	}
 
+	function create_vfs_box($type,$label_name,$preference_name,$help='',$default='',$size='',$run_lang=True)
+	{
+		$_appname = $this->check_app();
+		if($this->is_forced_value($_appname,$preference_name))
+		{
+			return True;
+		}
+		//echo "<p>create_input_box('$label_name', '$preference_name][$type', '$help', '$default', '', '', '', $run_lang, '$def_text')</p>\n";
+		$this->create_input_box($label_name,$preference_name.']['.$type,
+			$help,$default,$size,'','',$run_lang,$def_text);
+	}
+
 	function create_color_box($label,$name,$default='',$help='',$run_lang=True)
 	{
 		if($GLOBALS['type'] == 'user')
@@ -437,14 +460,16 @@ class uisettings
 			$options .= " max='$maxsize'";
 		}
 
-		if(isset($this->bo->prefs[$name]) || $GLOBALS['type'] != 'user')
+		// remove appended type (eg. "][vfs_file") bevor looking up current value
+		$_name = preg_replace('/\]\[.*$/','',$name);
+		if(substr($name, -4) != '][pw' && isset($this->bo->prefs[$_name]) || $GLOBALS['type'] != 'user')
 		{
-			$default = $this->bo->prefs[$name];
+			$default = $this->bo->prefs[$_name];
 		}
 
 		if($GLOBALS['type'] == 'user' && empty($def_text))
 		{
-			$def_text = !$GLOBALS['egw']->preferences->user[$_appname][$name] ? $GLOBALS['egw']->preferences->data[$_appname][$name] : $GLOBALS['egw']->preferences->default[$_appname][$name];
+			$def_text = $GLOBALS['egw']->preferences->default[$_appname][$_name];
 
 			if(isset($this->notifies[$name]))	// translate the substitution names
 			{
diff --git a/preferences/lang/egw_de.lang b/preferences/lang/egw_de.lang
index b958660c28..196151a387 100644
--- a/preferences/lang/egw_de.lang
+++ b/preferences/lang/egw_de.lang
@@ -1,5 +1,7 @@
 %1 - preferences	preferences	de	%1 - Einstellungen
 %1 hours	preferences	de	%1 Stunden
+%1 is no existing vfs directory!	preferences	de	Das VFS Verzeichnis %1 existiert nicht!
+%1 is no existing vfs file!	preferences	de	Die VFS Datei %1 existiert nicht!
 12 hour	preferences	de	12 Stunden
 24 hour	preferences	de	24 Stunden
 a template defines the layout of egroupware and it contains icons for each application.	preferences	de	Die Benutzeroberfläche definiert das Layout von eGroupWare und enthält die Icons (Symbole) der Anwendungen.
diff --git a/preferences/lang/egw_en.lang b/preferences/lang/egw_en.lang
index ee1d4145b4..07a2bc0236 100644
--- a/preferences/lang/egw_en.lang
+++ b/preferences/lang/egw_en.lang
@@ -1,5 +1,7 @@
 %1 - preferences	preferences	en	%1 - Preferences
 %1 hours	preferences	en	%1 hour
+%1 is no existing vfs directory!	preferences	en	%1 is no existing vfs directory!
+%1 is no existing vfs file!	preferences	en	%1 is no existing vfs file!
 12 hour	preferences	en	12 hour
 24 hour	preferences	en	24 hour
 a template defines the layout of egroupware and it contains icons for each application.	preferences	en	A template defines the layout of EGroupware and it contains icons for each application.
diff --git a/timesheet/inc/class.timesheet_hooks.inc.php b/timesheet/inc/class.timesheet_hooks.inc.php
index 16954b2ece..2db8a1298d 100644
--- a/timesheet/inc/class.timesheet_hooks.inc.php
+++ b/timesheet/inc/class.timesheet_hooks.inc.php
@@ -172,7 +172,7 @@ class timesheet_hooks
 			$link = egw::link('/index.php','menuaction=timesheet.timesheet_merge.show_replacements');
 
 			$settings['default_document'] = array(
-				'type'   => 'input',
+				'type'   => 'vfs_file',
 				'size'   => 60,
 				'label'  => 'Default document to insert entries',
 				'name'   => 'default_document',
@@ -184,7 +184,7 @@ class timesheet_hooks
 				'admin'  => False,
 			);
 			$settings['document_dir'] = array(
-				'type'   => 'input',
+				'type'   => 'vfs_dirs',
 				'size'   => 60,
 				'label'  => 'Directory with documents to insert entries',
 				'name'   => 'document_dir',